New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here

ISAT 316-940 Information Assurance 1

by: Jacob Notetaker

ISAT 316-940 Information Assurance 1 ISAT-316-940

Jacob Notetaker

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Week 3 of Information Assurance studied at Southern Illinois University Fall 2016. These notes include Chapter 3 of the book and week 3 lecture. Enjoy!
Information Assurance I
Dr. Leslie Fife
Class Notes
information, Technology, information technology, computers, Ethical, hacking, Networking, Southern, Illinois
25 ?




Popular in Information Assurance I

Popular in Information technology

This 5 page Class Notes was uploaded by Jacob Notetaker on Saturday September 10, 2016. The Class Notes belongs to ISAT-316-940 at Southern Illinois University Carbondale taught by Dr. Leslie Fife in Fall 2016. Since its upload, it has received 9 views. For similar materials see Information Assurance I in Information technology at Southern Illinois University Carbondale.


Reviews for ISAT 316-940 Information Assurance 1


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 09/10/16
Chapter 3 Book and Lecture Notes Saturday, September 10, 2016 1:51 PM BOOK NOTES for "Hands on Ethical Hacking and Network Defense" Chapter Description: Being aware of attacks an intruder can make on your network is vital. An attack could be anything from unauthorized access to stealing resources and destroying information. BOTH an understanding of Computer Security and Network Security is necessary to properly defend from such attacks. Chapter Purpose: • Describe different types of malicious softwareand their damage. • Describe methods of protecting against attacks. • Describe the types of network attacks. • Identify physical security attacks and vulnerabilities. Part 1 - Malicious Software Definitions: ○ Malware - is malicious software like a virus, worm,or Trojan program introduced into a network for the purpose of destroying or corrupting data. ○ Virus - a program that attaches itself to a file or another program. ○ Virus Signature File - A database of code that gives the antivirus software the ability to match and notify users of an infected file. ○ Macro Virus - A virus that is encoded as a macro (a single instruction that expands automatically into a set of instructions to perform a particular task) in programs that support a macro programming language such as visual basic. ○ Worm - A program that replicates and propagates itself without having to attach itself to a host. ○ Trojan Programs - An attack disguised as a useful program that allows instigators to gain access to a networkor system. ○ Backdoors/Rootkits- Programs that give attackers a means of regaining access to the attacked computer later. ○ Spyware - Malicious software that sends informationfrom the infected computer to the person who initiated the software. ○ Adware - Similar to Spyware except the goal of it is to send buying habit info to advertisersso they can display relevant ads on their computer. Viruses  A virus by definition is a malicious program that attaches itself to something else. Key word ATTACH.  A virus does not stand on its own.  After the program the virus is attached to is opened, it does whatever the designer programmed it to.  Usually used in ploys that use whatevermeans to get the user to open or run the file with the virus.  There is NO foolproofmethod to preventing viruses from attaching themselvesto computers.  There is NO foolproofmethod to preventing viruses from attaching themselvesto computers.  Many viruses can have a 64 bit encoding measure to shrink the size of the file, making it less suspicious to someusers as well as fitting in the file size limitations of an email.  Antivirus software. ○ Cannot keep up because new viruses are made every day. ○ They work by comparing programming signatures of code and matching them to a database. If there is a match the software notifies the user of an infected file. ○ Updating a virus signature file on a daily basis is crucial to networkand computer security. ○ Usually use automatic updates every day.  Here is a table that identifies major viruses over history: Macro Viruses  A small (and relatively harmless) virus that attaches to a word document and performsa sequence of actions when opened.  Very easy to make and requires little programming knowledge to make.  Easy for antivirus programs to detect. Worms  Malicious program similar to a virus but DOES NOT require a file to attach itself to.  Multiplies and replicates itself to cause heavy damage to multiple systems.  Think of it as a smart virus. It feeds itself and reproduces in variations. Trojan Programs  As the name suggests, it is an attack disguised as something friendly but actually gives the attacker a means of gaining access to a network or system.  Comes with a backdoor or rootkit that allows the attacker to regain access later. ○ Rootkitcreated after the attack and is hidden in OS tools making it nearly impossible to detect.  Back Orifice is a commontrojan program that allows attackersto gain full control of a computer. Spyware  Malicious software that steals informationand sends it to the attacker. ○ Passwords,financial info, pins, etc.  Security specialists need to make users known that this is possible and happens.  Security specialists need to make users known that this is possible and happens.  Comes in the form of just about any type of program and users are unaware of their presence. Adware  Similar to spyware except it sends the user's purchasing habits to web browsers.  Uses info to display ads relevant to user.  Slows down a computer it's running on. Part 2 - Protecting Against Malware Attacks Educating Your Users  The most effectiveapproach to defending a networkand its systemsis educating their users of the dangers of malicious attacks. ○ Monthly emails with updates.  Remind users to update antivirus software regularly.  Be sure your antivirus software includes antispyware and antiadware. Avoiding Fear Tactics  Using fear tactics to users is not only unethical but also against the OSSTMM's Rules of Engagement.  Make it known to users that they should follow companypolicy instead.  Build their knowledge on the subject instead. Part 3 - Intruder Attacks on Networks and Computers Definitions: ○ Attack - Any attemptby an unauthorized person to access, damage, or use networkresources and computer systems. ○ Network Security - Field concerned with the security of computersor devices that are part of a network infrastructure. ○ Computer Security - Field concerning securing a standalone computer that's NOT part of a network infrastructure. ○ Denial of Service Attack (DoS) - An attacks that removesthe ability of users to access network resources. ○ Distributed Denial of Service Attack (DDoS) - An attack launched against a host from multiple servers or workstations. ○ Buffer OverflowAttack - An attack in which a programmerfinds a vulnerability in poorly written code that doesn't check for a defined amount of memoryspaced used. ○ Ping of Death Attack - An attack that involvesa packet that exceeds the allowed amount thus crashing the system or network. Denial of Service Attacks (DoS)  Preventsaccess and use of network resources.  Some don't even involve computers. Physically breaking down systemsor devices and also constitute as a DoS. ○ Physically breaking down systemsor devices and also constitute as a DoS.  Understanding how various DoS attacks work is essential for testing and securing a networkor system. Distributed Denial of Service Attacks (DDoS)  A DoS that is launched from multiple servers.  A networkcan be flooded with billions of packets.  Multiple users can be involved. ○ Some users can be unaware they are even involvedand their server is only being used by the attacker. Buffer OverflowAttacks  Programmerwrites code that overflowsmemoryin system.  Can only work in systemswithout memorydefined constrictions.  The trick is to fill it with code that actually executes commands. Ping of Death Attacks  The attacker sends a packet that exceeds the limit allowed.  This causes it to crash or freeze. Session Hijacking  An attacker joins a TCP session and makes each party think they are the other party.  Beyond the scope of this book. Part 4 - Addressing Physical Security Definitions: ○ Keyloggers - An attack that captures keystrokesused on a computer. Keyloggers  Hardware devices or software that is used to capture or record what is entered into a computer.  Software keyloggersact like trojans that are loaded onto a computer.  Hardware keyloggersare small devices inserted into a computer.  Both are useful in penetration tests. Behind LockedDoors  Physical locks to server roomsand offices are also necessary to protect from intruders. ○ Rotary locks ○ Key-cards ○ Dead Bolts  It isn't unheard of for some organizations to spend up to $10,000on a lock. LECTURE NOTES for Week 3 **This week, the lecture and presentationcovered the objectives already discussed in chapter 3 of the book. of the book. The followingobjectives were discussed: • Different types of malicious software. • Different methodsof protectingagainst malicious attacks • Different types of Network attacks • Being able to identifyphysical security attacks and vulnerabilities Summary • Malicious attacks are legitimate threatsto companies and industries and a knowledge of them is vital to a proper defense. ○ Malware ○ Viruses ○ Macro Viruses ○ Worms ○ Trojan Programs ○ Spyware ○ Adware • Protectingagainst malware attacks. ○ Educating users is the best defense. ○ Updating your antivirus software regularly is necessary. ○ Avoiding fear tactics is a good move when preparing others against attacks. • Attacks can occur against network infrastructuresand standalone computers ○ Can be penetratedby both inside and outside attackers • Denial of Service attacks are common • DistributedDenial of Service attacks. • Buffer Overflow • Ping of Death • Session Hijacking • Keyloggers • Monitor Computer System • Physical Security • It is everyone's responsibilityto maintain a secure environment.


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"

Anthony Lee UC Santa Barbara

"I bought an awesome study guide, which helped me get an A in my Math 34B class this quarter!"

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"

Parker Thompson 500 Startups

"It's a great way for students to improve their educational experience and it seemed like a product that everybody wants, so all the people participating are winning."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.