SlideShare ist ein Scribd-Unternehmen logo

Lecture 2: Components of IT Infrastructure and Cyber Security Threats

Als PPTX, PDF herunterladen
M
MuhammadRehan856177

The document discusses components of IT infrastructure, including network components, security terms, and threats and prevention methods. It defines network interface cards, hubs, switches, routers, and their functions. It also explains common security terms like authentication, malware, firewalls, and encryption. Regarding threats, it outlines phishing, ransomware, database exposure, and others. Prevention methods include two-factor authentication, software updates, limited access, and secure connections.

Daten & Analysen
1 von 12
Lecture 2 Components of IT Infrastructure Author: Muhammad Rehan
Objective • Revision of basic security terms, threat, threat agent, vulnerability, Risk etc • Virtual Operating System and Environment, installation • Computer network, Network components, • Protocols, IP Address. Transport Layer, Network Layer • Organizational Infrastructure and loopholes Understanding of common cyber security threats and risks
Security Terms Authentication: The process of identifying a user’s identity, making sure that they can have access to the system and/or files. This can be accomplished either by a password, retina scan, or fingerprint scan, sometimes even a combination of the above. Botnet: A combination of the words “robot” and “network”, a botnet is a network of computers that have been infected with a virus, and now are working continuously in order to create security breaches. Data Breach: The result of a hacker successfully breaking into a system, gaining control of its network and exposing its data. DDoS: The acronym stands for Distributed Denial of Service and is a favorite Black Hat tool. Using multiple hosts and users, hackers bombard a website with a tidal wave of requests to such an extent that it locks up the system and forces it to temporarily shut down. Domain: A series of computers and associated peripherals (routers, printers, scanners), that are all connected as one entity. Encryption: Coding used to protect your information from hackers. Think of it like the code cipher used to send a top-secret coded spy message. Exploit: A means of attack on a computer system, either a series of commands, malicious software, or piece of infected data.
Security Terms … Firewall: Any technology, be it software or hardware, used to keep intruders out. Hacker, Black Hat: Any hacker who attempts to gain unauthorized access to a system with the intent to cause mischief, damage, or theft. They can be motivated by greed, a political agenda Hacker, White Hat: A hacker who is invited to test out computer systems and servers, looking for vulnerabilities, for the purposes of informing the host of where security needs to be buffed up. Malware: A portmanteau of “malicious” and “software”, describing a wide variety of bad software used to infect and/or damage a system. Ransomware, worms, viruses, and trojans are all considered malware. It most often delivered via spam emails. Man in the Middle Attack: An attack on the “middleman”, in this case, defined as the Wi-Fi system that connects users to the Internet. Hackers who commit Man in the Middle Attacks can break the Wi-Fi’s encryption and use this as a means of stealing your personal data because they’re now in the system. Phishing: A scam where a hacker poses as a legitimate business or organization (especially credit card companies, banks, charities, Internet providers, other utilities) in order to fool the victim into giving them sensitive personal information or inducing them to click a link or attachment that ends up delivering malware.
Security Terms … Ransomware: A form of malware that hijacks your system and encrypts your files, denying you access to them until you send money to unlock everything. Spoofing: When a hacker changes the IP address of an email so that it seems to come from a trusted source. Spyware: A form of malware used by hackers to spy on you and your computer activities. Trojan Horse: Yet another form of malware, this one a misleading computer program that looks innocent, but in fact allows the hacker into your system via a back door, allowing them to control your computer. Virus: Malware which changes, corrupts, or destroys information, and is then passed on to other systems. VPN: An acronym standing for Virtual Private Network, a VPN is a method of connecting a series of computers and devices in a private encrypted network, with each user’s IP address being replaced by the VPN’s IP address. Users get Internet anonymity, making it difficult for hackers to attack. Worm: Malware that can reproduce itself for the purposes of spreading itself to other computers in the network. Particularly nasty, worms can either be simply a means of slowing down a system by eating up resources, or by committing exploits such as installing back doors or stealing data.
Security threats for business • Phishing • SMS-Based Phishing • PDF Scams • Malware & Ransomware • Database exposure • Credential Stuffing • Accidental Sharing • Man-In-The-Middle
How to prevent threats Phishing: • First, watch for unusual emails and instant messages. They may start with unusual wording such as “Dear Customer” instead of using your name, have bad grammar, or have a generic signature. • Second, be cautious in clicking links or giving sensitive information, even if it appears legitimate. If in doubt, directly contact the source to make sure they sent the message. • And third, install anti-phishing toolbars on internet browsers. These toolbars alert you to sites containing phishing information. SMS-Based Phishing: • First, never open a link in a text message. Most banks and businesses do not ask for information via SMS message - they call or mail you. • Second, watch for misspellings or generic language. Like email phishing, smishing often contains generic language like “Dear Customer, “Sir,” or “Madam.” • And third, if you think the message is legitimate, call the business directly or go to your online account to give the information. This ensures no valuable data falls into the wrong hands.
How to prevent threats … PDF Scams: • First, train your employees to watch for generic or unusual email addresses. For example, if someone gets bank statements through email, ensure the sender’s email address is from the bank and not a generic address. • Second, watch for unusual and generic headings. Instead of using your name, PDF scams often use generic terms like “Sir” or “Madam.” • And third, make sure you have updated and secure virus protection on your computers and network. If someone happens to open up a PDF scam, having security in place goes a long way in protecting your business and alerting your IT department. Malware & Ransomware: • First, make sure you keep all your computer software and hardware updated. Outdated software, drivers, and other plugins are common security vulnerabilities. If you have an IT service provider, check with them to make sure this is happening on your servers. • Second, enable click-to-play plugins to keep Flash or Java from running unless you click a link. This reduces the risk of running malware programs with Flash or Java. • And third, removing old software, sometimes referred to as Legacy Apps, reduces risk. For example, if your computer has Windows 10, but you run programs designed for Windows 7, these are considered Legacy Apps and may be a security risk. Your software company should be able to give you an updated program designed for Windows 10.
How to prevent threats … Database exposure: • First, if you have a private server, keep the physical hardware in a secure and locked room. This helps prevent theft if your building is robbed, and it keeps unauthorized personnel from accessing it with a portable hard drive. • Second, make sure you have a database firewall and web application firewall. A locked door protects your physical server and hardware, and firewalls protect your server on the internet. • Third, keep access to the server limited. Each person with a login to the server is a potential leak, so the fewer logins, the better. • And fourth, encrypt the data on the server and keep a regular backup. Credential Stuffing: • First, implement 2-Factor Authentication for account logins. This requires an email or phone verification along with the standard username and password. • Second, use different passwords for every account and program your employee’s access. If one account is hacked, the hacker will not have access to more accounts with the same password. • And third, never share passwords with other people. If you have a shared account for some reason, always give the password verbally, never through electronic communication.
How to prevent threats … Accidental Sharing: • First, limit the number of employees who have access to data. The more people who have access to information, the higher the chance for human error in sharing the data. • And second, implement user activity monitoring software. This allows you to track and discover if your data is in danger. It also provides solutions to prevent accidental sharing. Man-In-The-Middle: • First, avoid WiFi connections that are not secure. If you have employees working remotely, don’t allow them to access sensitive company data over public WiFi networks. • Second, make sure your employees do not interact with websites that are not secure. If a URL is not a secure website, it will only show “HTTP” instead of “HTTPS” in front of the URL. The browser should also show an alert that the URL is not secure. If this happens, leave the site immediately. • And third, make sure that your internet connections and internet devices are always updated with the latest security updates. Having outdated software or unsecured internet portals creates potential access points for MITM hackers.
Computer Network Components Computer network components are the major parts which are needed to install the software. Some important network components are NIC, switch, cable, hub, router, and modem. NIC: • NIC stands for network interface card. • NIC is a hardware component used to connect a computer with another computer onto a network • It can support a transfer rate of 10,100 to 1000 Mb/s. • The MAC address or physical address is encoded on the network card chip which is assigned by the IEEE to identify a network card uniquely. The MAC address is stored in the PROM (Programmable read-only memory). Two types of NIC: • Wired NIC • Wireless NIC
Computer Network Components … Hub: A Hub is a hardware device that divides the network connection among multiple devices. When computer requests for some information from a network, it first sends the request to the Hub through cable. Switch: A switch is a hardware device that connects multiple devices on a computer network. A Switch contains more advanced features than Hub. The Switch contains the updated table that decides where the data is transmitted or not. Switch delivers the message to the correct destination based on the physical address present in the incoming message. Router: A router is a hardware device which is used to connect a LAN with an internet connection. It is used to receive, analyze and forward the incoming packets to another network. • A router works in a Layer 3 (Network layer) of the OSI Reference model. • A router forwards the packet based on the information available in the routing table. • It determines the best path from the available paths for the transmission of the packet.

Empfohlen

Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0Adebisi Tolulope
 
Information security
Information securityInformation security
Information securityLaxmiprasad Bansod
 
Cyber-Security-CIT good for 1st year engineering students
Cyber-Security-CIT good for 1st year engineering studentsCyber-Security-CIT good for 1st year engineering students
Cyber-Security-CIT good for 1st year engineering studentsDrPraveenKumar37
 
Computer Secutity.
Computer Secutity.Computer Secutity.
Computer Secutity.angelaag98
 
Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Secure: Handout for small business leaders on "How to be Secure" Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Secure: Handout for small business leaders on "How to be Secure" Frontier Small Business
 
Computer security
Computer securityComputer security
Computer securityEktaVaswani2
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity TrainingWindstoneHealth
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacyHaider Ali Malik
 

Empfohlen

Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0Adebisi Tolulope
 
Information security
Information securityInformation security
Information securityLaxmiprasad Bansod
 
Cyber-Security-CIT good for 1st year engineering students
Cyber-Security-CIT good for 1st year engineering studentsCyber-Security-CIT good for 1st year engineering students
Cyber-Security-CIT good for 1st year engineering studentsDrPraveenKumar37
 
Computer Secutity.
Computer Secutity.Computer Secutity.
Computer Secutity.angelaag98
 
Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Secure: Handout for small business leaders on "How to be Secure" Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Secure: Handout for small business leaders on "How to be Secure" Frontier Small Business
 
Computer security
Computer securityComputer security
Computer securityEktaVaswani2
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity TrainingWindstoneHealth
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacyHaider Ali Malik
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptxJoselitoJMebolos
 
2nd Class PPT.pptx
2nd Class PPT.pptx2nd Class PPT.pptx
2nd Class PPT.pptxSibyJames1
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxKirti Verma
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and youArt Ocain
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”tunzida045
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”tunzida045
 
Cyber crime & security
Cyber crime & security Cyber crime & security
Cyber crime & security aravindanvaithilinga
 
Computing safety
Computing safetyComputing safety
Computing safetyBrulius
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks ShellyAdeel Khurram
 
Data security
Data security Data security
Data security Laura Breese
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeSalma Zafar
 
Cyber Crime and Security
Cyber Crime and Security Cyber Crime and Security
Cyber Crime and Security Sanguine_Eva
 
Internet security
Internet securityInternet security
Internet securityat1211
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingSyed Irshad Ali
 
E Commerce security
E Commerce securityE Commerce security
E Commerce securityMayank Kashyap
 
Cyber-Security-.ppt
Cyber-Security-.pptCyber-Security-.ppt
Cyber-Security-.pptkarthikvcyber
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxJenetSilence
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingWilliam Mann
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacyArdit Meti
 
Cyber-Security.ppt
Cyber-Security.pptCyber-Security.ppt
Cyber-Security.pptSeniorGaming
 
Lecture 10.pptx
Lecture 10.pptxLecture 10.pptx
Lecture 10.pptxMuhammadRehan856177
 
Event Programming JavaScript
Event Programming JavaScriptEvent Programming JavaScript
Event Programming JavaScriptMuhammadRehan856177
 

Weitere ähnliche Inhalte

Ähnlich wie Lecture 2: Components of IT Infrastructure and Cyber Security Threats

2nd Class PPT.pptx
2nd Class PPT.pptx2nd Class PPT.pptx
2nd Class PPT.pptxSibyJames1
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxKirti Verma
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and youArt Ocain
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”tunzida045
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”tunzida045
 
Computing safety
Computing safetyComputing safety
Computing safetyBrulius
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks ShellyAdeel Khurram
 
Cyber Crime and Security
Cyber Crime and Security Cyber Crime and Security
Cyber Crime and Security Sanguine_Eva
 
Internet security
Internet securityInternet security
Internet securityat1211
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxJenetSilence
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingWilliam Mann
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacyArdit Meti
 
Cyber-Security.ppt
Cyber-Security.pptCyber-Security.ppt
Cyber-Security.pptSeniorGaming
 

Ähnlich wie Lecture 2: Components of IT Infrastructure and Cyber Security Threats (20)

Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
 
2nd Class PPT.pptx
2nd Class PPT.pptx2nd Class PPT.pptx
2nd Class PPT.pptx
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptx
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and you
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
 
Cyber crime & security
Cyber crime & security Cyber crime & security
Cyber crime & security
 
Computing safety
Computing safetyComputing safety
Computing safety
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks Shelly
 
Data security
Data security Data security
Data security
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber Crime and Security
Cyber Crime and Security Cyber Crime and Security
Cyber Crime and Security
 
Internet security
Internet securityInternet security
Internet security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
E Commerce security
E Commerce securityE Commerce security
E Commerce security
 
Cyber-Security-.ppt
Cyber-Security-.pptCyber-Security-.ppt
Cyber-Security-.ppt
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptx
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
 
Cyber-Security.ppt
Cyber-Security.pptCyber-Security.ppt
Cyber-Security.ppt
 

Mehr von MuhammadRehan856177

Introduction to JavaScript (1).ppt
Introduction to JavaScript (1).pptIntroduction to JavaScript (1).ppt
Introduction to JavaScript (1).pptMuhammadRehan856177
 

Mehr von MuhammadRehan856177 (10)

Lecture 10.pptx
Lecture 10.pptxLecture 10.pptx
Lecture 10.pptx
 
Event Programming JavaScript
Event Programming JavaScriptEvent Programming JavaScript
Event Programming JavaScript
 
Intrusion .ppt
Intrusion .pptIntrusion .ppt
Intrusion .ppt
 
Botnets Attacks.pptx
Botnets Attacks.pptxBotnets Attacks.pptx
Botnets Attacks.pptx
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 
Lecture 3.pptx
Lecture 3.pptxLecture 3.pptx
Lecture 3.pptx
 
Lecture 2.ppt
Lecture 2.pptLecture 2.ppt
Lecture 2.ppt
 
Introduction to JavaScript (1).ppt
Introduction to JavaScript (1).pptIntroduction to JavaScript (1).ppt
Introduction to JavaScript (1).ppt
 
3. HTML Forms.ppt
3. HTML Forms.ppt3. HTML Forms.ppt
3. HTML Forms.ppt
 
2. HTML Tables.ppt
2. HTML Tables.ppt2. HTML Tables.ppt
2. HTML Tables.ppt
 

Kürzlich hochgeladen

Invezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signalsInvezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signalsInvezz1
 
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxSmarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxolyaivanovalion
 
100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptxAnupama Kate
 
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAroojKhan71
 
BigBuy dropshipping via API with DroFx.pptx
BigBuy dropshipping via API with DroFx.pptxBigBuy dropshipping via API with DroFx.pptx
BigBuy dropshipping via API with DroFx.pptxolyaivanovalion
 
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Callshivangimorya083
 
Introduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxIntroduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxfirstjob4
 
Carero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxCarero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxolyaivanovalion
 
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Delhi Call girls
 
Midocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxMidocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxolyaivanovalion
 
CebaBaby dropshipping via API with DroFX.pptx
CebaBaby dropshipping via API with DroFX.pptxCebaBaby dropshipping via API with DroFX.pptx
CebaBaby dropshipping via API with DroFX.pptxolyaivanovalion
 
定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一
定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一
定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一ffjhghh
 
Low Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service Bhilai
Low Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service BhilaiLow Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service Bhilai
Low Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service BhilaiSuhani Kapoor
 
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxMature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxolyaivanovalion
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysismanisha194592
 

Kürzlich hochgeladen (20)

Invezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signalsInvezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signals
 
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptxSmarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptx
 
100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx
 
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
 
Sampling (random) method and Non random.ppt
Sampling (random) method and Non random.pptSampling (random) method and Non random.ppt
Sampling (random) method and Non random.ppt
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
 
BigBuy dropshipping via API with DroFx.pptx
BigBuy dropshipping via API with DroFx.pptxBigBuy dropshipping via API with DroFx.pptx
BigBuy dropshipping via API with DroFx.pptx
 
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
 
Introduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxIntroduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptx
 
Carero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptxCarero dropshipping via API with DroFx.pptx
Carero dropshipping via API with DroFx.pptx
 
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
 
Midocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxMidocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFx
 
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in KishangarhDelhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
 
CebaBaby dropshipping via API with DroFX.pptx
CebaBaby dropshipping via API with DroFX.pptxCebaBaby dropshipping via API with DroFX.pptx
CebaBaby dropshipping via API with DroFX.pptx
 
定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一
定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一
定制英国白金汉大学毕业证(UCB毕业证书) 成绩单原版一比一
 
Low Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service Bhilai
Low Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service BhilaiLow Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service Bhilai
Low Rate Call Girls Bhilai Anika 8250192130 Independent Escort Service Bhilai
 
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxMature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptx
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysis
 

Lecture 2: Components of IT Infrastructure and Cyber Security Threats

  • 1. Lecture 2 Components of IT Infrastructure Author: Muhammad Rehan
  • 2. Objective • Revision of basic security terms, threat, threat agent, vulnerability, Risk etc • Virtual Operating System and Environment, installation • Computer network, Network components, • Protocols, IP Address. Transport Layer, Network Layer • Organizational Infrastructure and loopholes Understanding of common cyber security threats and risks
  • 3. Security Terms Authentication: The process of identifying a user’s identity, making sure that they can have access to the system and/or files. This can be accomplished either by a password, retina scan, or fingerprint scan, sometimes even a combination of the above. Botnet: A combination of the words “robot” and “network”, a botnet is a network of computers that have been infected with a virus, and now are working continuously in order to create security breaches. Data Breach: The result of a hacker successfully breaking into a system, gaining control of its network and exposing its data. DDoS: The acronym stands for Distributed Denial of Service and is a favorite Black Hat tool. Using multiple hosts and users, hackers bombard a website with a tidal wave of requests to such an extent that it locks up the system and forces it to temporarily shut down. Domain: A series of computers and associated peripherals (routers, printers, scanners), that are all connected as one entity. Encryption: Coding used to protect your information from hackers. Think of it like the code cipher used to send a top-secret coded spy message. Exploit: A means of attack on a computer system, either a series of commands, malicious software, or piece of infected data.
  • 4. Security Terms … Firewall: Any technology, be it software or hardware, used to keep intruders out. Hacker, Black Hat: Any hacker who attempts to gain unauthorized access to a system with the intent to cause mischief, damage, or theft. They can be motivated by greed, a political agenda Hacker, White Hat: A hacker who is invited to test out computer systems and servers, looking for vulnerabilities, for the purposes of informing the host of where security needs to be buffed up. Malware: A portmanteau of “malicious” and “software”, describing a wide variety of bad software used to infect and/or damage a system. Ransomware, worms, viruses, and trojans are all considered malware. It most often delivered via spam emails. Man in the Middle Attack: An attack on the “middleman”, in this case, defined as the Wi-Fi system that connects users to the Internet. Hackers who commit Man in the Middle Attacks can break the Wi-Fi’s encryption and use this as a means of stealing your personal data because they’re now in the system. Phishing: A scam where a hacker poses as a legitimate business or organization (especially credit card companies, banks, charities, Internet providers, other utilities) in order to fool the victim into giving them sensitive personal information or inducing them to click a link or attachment that ends up delivering malware.
  • 5. Security Terms … Ransomware: A form of malware that hijacks your system and encrypts your files, denying you access to them until you send money to unlock everything. Spoofing: When a hacker changes the IP address of an email so that it seems to come from a trusted source. Spyware: A form of malware used by hackers to spy on you and your computer activities. Trojan Horse: Yet another form of malware, this one a misleading computer program that looks innocent, but in fact allows the hacker into your system via a back door, allowing them to control your computer. Virus: Malware which changes, corrupts, or destroys information, and is then passed on to other systems. VPN: An acronym standing for Virtual Private Network, a VPN is a method of connecting a series of computers and devices in a private encrypted network, with each user’s IP address being replaced by the VPN’s IP address. Users get Internet anonymity, making it difficult for hackers to attack. Worm: Malware that can reproduce itself for the purposes of spreading itself to other computers in the network. Particularly nasty, worms can either be simply a means of slowing down a system by eating up resources, or by committing exploits such as installing back doors or stealing data.
  • 6. Security threats for business • Phishing • SMS-Based Phishing • PDF Scams • Malware & Ransomware • Database exposure • Credential Stuffing • Accidental Sharing • Man-In-The-Middle
  • 7. How to prevent threats Phishing: • First, watch for unusual emails and instant messages. They may start with unusual wording such as “Dear Customer” instead of using your name, have bad grammar, or have a generic signature. • Second, be cautious in clicking links or giving sensitive information, even if it appears legitimate. If in doubt, directly contact the source to make sure they sent the message. • And third, install anti-phishing toolbars on internet browsers. These toolbars alert you to sites containing phishing information. SMS-Based Phishing: • First, never open a link in a text message. Most banks and businesses do not ask for information via SMS message - they call or mail you. • Second, watch for misspellings or generic language. Like email phishing, smishing often contains generic language like “Dear Customer, “Sir,” or “Madam.” • And third, if you think the message is legitimate, call the business directly or go to your online account to give the information. This ensures no valuable data falls into the wrong hands.
  • 8. How to prevent threats … PDF Scams: • First, train your employees to watch for generic or unusual email addresses. For example, if someone gets bank statements through email, ensure the sender’s email address is from the bank and not a generic address. • Second, watch for unusual and generic headings. Instead of using your name, PDF scams often use generic terms like “Sir” or “Madam.” • And third, make sure you have updated and secure virus protection on your computers and network. If someone happens to open up a PDF scam, having security in place goes a long way in protecting your business and alerting your IT department. Malware & Ransomware: • First, make sure you keep all your computer software and hardware updated. Outdated software, drivers, and other plugins are common security vulnerabilities. If you have an IT service provider, check with them to make sure this is happening on your servers. • Second, enable click-to-play plugins to keep Flash or Java from running unless you click a link. This reduces the risk of running malware programs with Flash or Java. • And third, removing old software, sometimes referred to as Legacy Apps, reduces risk. For example, if your computer has Windows 10, but you run programs designed for Windows 7, these are considered Legacy Apps and may be a security risk. Your software company should be able to give you an updated program designed for Windows 10.
  • 9. How to prevent threats … Database exposure: • First, if you have a private server, keep the physical hardware in a secure and locked room. This helps prevent theft if your building is robbed, and it keeps unauthorized personnel from accessing it with a portable hard drive. • Second, make sure you have a database firewall and web application firewall. A locked door protects your physical server and hardware, and firewalls protect your server on the internet. • Third, keep access to the server limited. Each person with a login to the server is a potential leak, so the fewer logins, the better. • And fourth, encrypt the data on the server and keep a regular backup. Credential Stuffing: • First, implement 2-Factor Authentication for account logins. This requires an email or phone verification along with the standard username and password. • Second, use different passwords for every account and program your employee’s access. If one account is hacked, the hacker will not have access to more accounts with the same password. • And third, never share passwords with other people. If you have a shared account for some reason, always give the password verbally, never through electronic communication.
  • 10. How to prevent threats … Accidental Sharing: • First, limit the number of employees who have access to data. The more people who have access to information, the higher the chance for human error in sharing the data. • And second, implement user activity monitoring software. This allows you to track and discover if your data is in danger. It also provides solutions to prevent accidental sharing. Man-In-The-Middle: • First, avoid WiFi connections that are not secure. If you have employees working remotely, don’t allow them to access sensitive company data over public WiFi networks. • Second, make sure your employees do not interact with websites that are not secure. If a URL is not a secure website, it will only show “HTTP” instead of “HTTPS” in front of the URL. The browser should also show an alert that the URL is not secure. If this happens, leave the site immediately. • And third, make sure that your internet connections and internet devices are always updated with the latest security updates. Having outdated software or unsecured internet portals creates potential access points for MITM hackers.
  • 11. Computer Network Components Computer network components are the major parts which are needed to install the software. Some important network components are NIC, switch, cable, hub, router, and modem. NIC: • NIC stands for network interface card. • NIC is a hardware component used to connect a computer with another computer onto a network • It can support a transfer rate of 10,100 to 1000 Mb/s. • The MAC address or physical address is encoded on the network card chip which is assigned by the IEEE to identify a network card uniquely. The MAC address is stored in the PROM (Programmable read-only memory). Two types of NIC: • Wired NIC • Wireless NIC
  • 12. Computer Network Components … Hub: A Hub is a hardware device that divides the network connection among multiple devices. When computer requests for some information from a network, it first sends the request to the Hub through cable. Switch: A switch is a hardware device that connects multiple devices on a computer network. A Switch contains more advanced features than Hub. The Switch contains the updated table that decides where the data is transmitted or not. Switch delivers the message to the correct destination based on the physical address present in the incoming message. Router: A router is a hardware device which is used to connect a LAN with an internet connection. It is used to receive, analyze and forward the incoming packets to another network. • A router works in a Layer 3 (Network layer) of the OSI Reference model. • A router forwards the packet based on the information available in the routing table. • It determines the best path from the available paths for the transmission of the packet.