Instructor’s Manual Materials to Accompany
COMPUTER SECURITY FUNDAMENTALS
CHAPTER 1
INTRODUCTION TO COMPUTER SECURITY
CHAPTER 1 OBJECTIVES
When students finish reading this chapter, they will be able to:
• Identify the top threats to a computer network: intrusion, denial-of-service attacks, and malware.
• Assess the likelihood of an attack on your personal computer and network.
• Define key terms such as cracker, sneaker, firewall, and authentication.
• Compare and contrast perimeter and layered approaches to network security.
• Use online resources to secure your network.
CHAPTER OVERVIEW
This chapter, as well as the entire textbook, acquaints students with the actual threats posed to a network. It also
gives a high-level overview of the entire book, introduces topics, and references what chapters have more detailed
information. This chapter introduces students to some major terms, techniques, and resources of network security.
The major sections in this chapter are
1. How Seriously Should You Take Threats to Network Security? Realistically assessing the risks to your
2. Identifying Types of Threats. Covers the common threats to a computer: malware, intrusions, and denial-
of-service attacks.
4. How Do Legal Issues Impact Network Security? Covers laws on privacy and security and their impact
5. Online Security Resources. Some major security organizations are presented here with links to their sites.
CHAPTER OUTLINE
I. Chapter 1 Objectives
II. Introduction
III. How Seriously Should You Take Threats to Network Security?
IV. Identifying Types of Threats
Malware
Compromising System Security
Denial-of-Service Attacks
Web Attacks
Session Hijacking
DNS Poisoning
V. Assessing the Likelihood of an Attack on Your Network
VI. Basic Security Terminology
Hacker Slang
Professional Terms
VII. Concepts and Approaches
CIA Triangle
VIII. How Do Legal Issues Impact Network Security?
IX. Online Security Resources
CERT
Microsoft Security Advisor
F-Secure
SANS Institute
X. Summary
XI. Test Your Skills
XII. Exercises
XIII. Projects
KEY TERMS
Audit A check of systems security. This usually includes a review of documents, procedures, and system
configurations.
Authentication The process to verify that a user is authorized to access a given resource. This is part of the logon
system.
Black hat hackers Hackers with malicious intent; synonymous with cracker.
CIA Triangle: Confidentiality, Integrity, and Availability.
Cookie A small file containing information from a Web site.
Cracker One who breaks into a system to do something malicious, illegal, or harmful. A hacker with malicious
intent; synonymous with black hat hacker.
Denial-of-service (DoS) An attack that prevents legitimate users from accessing a resource.
Ethical hacker A person who hacks into systems to accomplish some goal that he feels is ethically valid.
Firewall A device or software that provides a barrier between your machine or network and the rest of the world.
Gray hat hackers Hackers who normally behave legally, but who may, for certain reasons and in limited
situations, conduct illegal activities, usually for reasons they feel are ethically compelling.
Hacker A person who tries to learn about a system by examining it in detail and reverse-engineering it.
Hacking The process to attempt to learn about a system by examining it and often exploiting flaws. This usually
involves attempts to compromise the target system in some way.
Malware Any software that has a malicious purpose, such as a virus or Trojan horse.
Proxy server A machine or software that hides all internal network IP addresses from the outside world. It
provides a point of contact between a private network and the Internet.
Reactive security Security that simply acts after something has gone wrong.
Script kiddy A hacker term for a person who claims much greater hacking skill than he actually has.
Sneaker Someone who attempts to compromise a system to assess its vulnerability.
Social engineering Using interpersonal skills to extract information about a computer system and its security.
Spyware Software that monitors computer use.
Trojan horse Software that appears to have a valid and benign purpose but actually has another nefarious
purpose.
Virus Software that is self-replicating and spreads like a biological virus.
TEACHING NOTES
I. How Seriously Should You Take Threats to Network Security?
Teaching Tips: Have students assess the risk on their home computers using the formula in the In
Practice callout box (p. 5). Lead students in a discussion on how valuable they believe their data is to someone
else.
II. Identifying Types of Threats
Teaching Tips: Lead students in a discussion about why someone would write malware, break into a
system, or deny access to another system.
III. Basic Security Terminology
Teaching Tips: As with any occupation, security personnel need to understand the language used by
people in the field. In this case, there are two basic cultures. There are those that exploit systems and those that
protect systems; each may use words a little differently. Also mention to students that because this is an extremely
fast-changing field, new words are continuously invented. Words such as phishing and blue snarfing are recent
additions.
Teaching Tips: Ask students: “Who should grant permission for a sneaker to test the security of a
system? Would it be the system administrator, the head of the IT department, or a CEO? How would a sneaker
prove she has the authorization to break in?”
Teaching Tips: Not all IT security issues have technological solutions. IT Security is about one-third
technology, one-third business, and one-third sociology. Social engineering is by far the tool of choice for most
crackers. You can obtain an ID and password faster, easier, and with less risk over the phone than by using a
computer. See whether any student has ever overheard a conversation in which someone has revealed a password.
IV. Concepts and Approaches
Teaching Tips: Good security has different layers of access. Use the example of a bank safety deposit
box. What layers of security do you need to go through to get to items stored in your safety deposit box? The
doors to the bank building have locks. The lobby may have armed guards. The vault has a big lock on it. Each
drawer of a safety deposit box also has two key locks—you have one key and the bank has the other. How do
layers improve security?
V. How Do Legal Issues Impact Network Security?
Teaching Tips: Let students understand that IT security needs to protect systems not only from hackers,
but also from untrained users, disgruntled employees, and lawyers. Lawsuits can damage a company faster than
PROJECTS/EXERCISES
I. Discussion Questions
A. Discussion Question 1
Is there such a thing as an ethical reason for unauthorized access to a computer system?
B. Discussion Question 2
Who is legally responsible for leaks of credit card numbers you have used online?
II. Web Projects
A. Web Project 1
Have students go to the CERT statistics site at www.cert.org/stats/cert_stats.html to see
how vulnerabilities are growing. Have them chart the number of incident reports for 10 years.
This project can further students’ understanding of the increasing threats to network security.
Year Incidents
1988 6
1989 132
1992 733
1993 1,334
1994 2,340
1995 2,412
1999 9,859
2000 21,756
2001 56,658
B. Web Project2
Kevin Mitnick is a well-known “hacker” from the 1980s. He used social engineering as
well as technical knowledge to break into many systems. Look up the history of Kevin Mitnick
using a search tool like Google and first find out what he used more, technology or social
engineering. Second, find out if he was caught, convicted, or served time. Third, look at his
security company at http://www.mitnicksecurity.com/. After reading his history, would you hire
him as a security consultant?
C. Web Project3
Phreaking One type of specialty hacking involves breaking into telephone systems. This
subspecialty in the 1980s of hacking was referred to as phreaking. Find articles on phone
phreaking and look up a device called “the blue box.” What does this device do? Does it still
work on today’s phone system? What is the significance of 2600? And who is “Cap’n Crunch?” A
good place to start is http://www.telephonetribute.com/phonephreaking.html.
D. Web Project4
CERT National Cyber Alert System Cyber Security Alerts provides timely information
about current security issues, vulnerabilities, and exploits. At http://www.us-
cert.gov/cas/index.html you can subscribe to one of two mailing lists, technical and nontechnical.
Join one of the mailing lists to see what type of security information you can receive from CERT
by email.
WEB RESOURCES
• http://www.cert.org The Computer Emergency Response Team site; a respected security resource
• http://www.microsoft.com/security/default.msp The Microsoft Security Advisor Web site, with
Microsoft-specific security information
CHAPTER REVIEW/ANSWERS TO TEST YOUR SKILLS
Multiple Choice
1. One extreme viewpoint about computer security is
2. Before you can formulate a defense for a network, you need
3. Which of the following is not one of the three major classes of threats?
4. A computer virus is any
5. Spyware is
6. What is malware?
When a hacking technique uses persuasion and deception to get a person to provide information to help
them compromise security, this is referred to as
7. What is the most common threat on the Internet?
According to a 2002 survey of 223 computer professionals prepared by the Computer Security Institute,
which of the following was cited as an issue by more of the respondents?
8. What is the second most common attack on computer systems?
9. What is a sneaker?
10. What is the term for hacking a phone system?
11. An intrusion detection system is an example of
12. Which of the following is the most basic security activity?
13. The three approaches to security are
14. The most desirable approach to security is one that is
15. The following type of privacy law affects computer security:
16. Which of the following is the best definition of “sensitive information”?
17. The first computer incident–response team is affiliated with what university?
© 2012 Pearson, Inc.
9
B
18. A major resource for detailed information on a computer virus is the
Exercises
EXERCISE 1.1: HOW MANY VIRUS ATTACKS HAVE OCCURRED THIS MONTH?
EXERCISE 1.2: LEARNING ABOUT COOKIES AS SPYWARE
EXERCISE 1.3: HACKER TERMINOLOGY
In this exercise, the student uses an online dictionary to define some hacker terms.
b) grok: Means to understand, usually in a global sense. Connotes intimate and exhaustive
c) Red Book: Has several meanings depending upon the users and the context. The first meaning of
Red Book is as an informal name for one of the three standard references about PostScript
(“PostScript Language Reference Manual,” Adobe Systems; or its 1990 second edition.) The
d) wank: Used much as hack is elsewhere, the computer hacker’s term wank can be used as a noun
denoting a clever technique or person, or the result of such cleverness. May describe (negatively)
© 2012 Pearson, Inc.
10
program, or algorithm). Conversations can also get wanky when there are too many wanks
involved. Considered an extremely rude term in Europe.
EXERCISE 1.4: LEARNING ABOUT THE LAW
EXERCISE 1.5: USING SECURITY RESOURCES
Projects
PROJECT1.1: LEARNING ABOUT A VIRUS
PROJECT 1.2: CONSIDERING THE LAW (A GROUP PROJECT)
PROJECT 1.3: RECOMMENDING SECURITY
Case Study
The successful student will notice that in this case study, the network administrator did handle all the essentials,
including protecting against virus attacks and enabling a firewall. The removal of Internet access from employee
machines was the single-most significant factor in preventing virus outbreaks. Students might recommend any of
the following:
