CS401 Study Guide

This study guide will help you get ready for the final exam. It discusses the key topics in each unit, walks through the learning outcomes, and lists important vocabulary terms. It is not meant to replace the course materials!

Unit 8: Security

8a. Discuss and identify types of security threats

  • Describe some security threats operating systems face.

Here is a list of some common security threats to operating systems:

Denial of Service (DOS) – A DOS attack is one that prevents authorized users from using a necessary and needed computing system for legitimate and legal reasons. A DOS attack floods the computing system with unnecessary requests which prevent real legitimate requests from accessing the computing system.

Logic Bomb – A logic bomb is malicious code that appears normal, but only executes for nefarious purposes when certain conditions are met. 

Port Scanning – Port scanning allows hackers to detect system vulnerabilities so they can attack the system, such as via an open port that should not be open, i.e. an unlocked door. 

Trap Door – A trap door is a defect in the computer code that allows malicious actors to exploit the flaw and gain access to valuable information.

Trojan Horse – A Trojan Horse traps and stores user login credentials, to send to malicious hackers who can use them to log in by impersonating the real and authorized user. 

Virus – A computer virus, like a biological virus, replicates itself over and over again to spread to other computers. Computer viruses can disrupt computing operations by modifying or deleting user files and crashing the system.

Worm – A computer worm is a standalone malware computer program that replicates itself over and over again to spread to other computers. A worm will use the machine as a host to scan and infect other computers. Like a virus, computer worms can disrupt computing operations by modifying or deleting user files and crashing the system.

The difference between a worm and a virus is that a worm operates more or less independently of other files, whereas a virus depends on a host program to spread itself.

Review these security threats in Security IntroductionProtection and Security, and Security.

 

8b. Describe various types of malware

  • Describe some types of malware that can affect operating systems?

Malware is software designed to infiltrate or damage a computer system without the owner's informed consent. Different types of malware exist, are written by different coders, execute differently, and may be variants of other existing malware. These days, the primary incentive for this type of fraud is financial and disruptive. Professional criminals continue to extort money from companies, organizations, and individuals, large and small.

In addition to the security threats described above, some additional types of malware include:

Adware – Software that automatically displays or downloads advertising material when the user is online.

Backdoor – a feature or defect of a computer system that allows fraudsters to access data surreptitiously.

Bots and Botnets – a computer that is compromised so fraudsters can control it remotely. Cybercriminals use bots to launch attacks on other computers and often create networks of controlled computers, known as botnets.

Browser Hijacker – a type of malware that modifies the web browser's settings without their permission and allows fraudsters to display unwanted advertising on the user's website. 

Code Design Bug – a mistake or error made to the program's source code, design, or operating system.

Crimeware – malware designed to carry out or facilitate illegal online activity.

Cryptojacking – malware that mines a user's computer for cryptocurrencies, such as Bitcoin.

Fileless Malware – malware that exists exclusively in computer memory, such as RAM.

Grayware – software that resides in a "gray area" between malware and legitimate conventional software. For example, grayware might track your online behavior or send a barrage of pop-up windows. Grayware is not only annoying, but it can affect computer performance and expose it to security risks.

Hybrid or Combo Malware – a combination of two or more different types of malware, such as a Trojan horse or worm attached to adware or malware.

Keylogger – malware that records every keystroke the user makes, so fraudsters can access passwords and other confidential information.

Malicious Mobile Apps – malware designed to target mobile devices, such as smartphones and tablets, to access private data.

Malvertising – the use of online advertising to spread malware. Malvertising typically injects malicious or malware-laden ads into legitimate online advertising networks and webpages.

RAM Scraper – malware that scans the memory of digital devices, such as point-of-sale systems so fraudsters can collect personal data, credit card, and personal identification numbers.

Ransomware – malware that threatens to publish the victim's data or perpetually block access to it until a ransom is paid.

Rogue Security Software – malware that misleads users into believing a virus exists on their computer and tries to convince them to pay for a fake malware removal tool that actually installs malware onto their computer.

Rootkits – a collection of computer software designed to allow fraudsters to access a user's computer by masking itself as another type of software.

Social Engineering or Phishing – a range of techniques designed to trick people into giving fraudsters their personal data, such as usernames, passwords, and credit card numbers, by disguising themselves as a trustworthy entity.

Spyware – software that enables fraudsters to obtain data from a computer user's activities by transmitting data covertly from their hard drive.

Review these types of malware in Malware: Viruses and Worms and Bots and Botnets.

 

8c. Explain basic security techniques

  • Name some security techniques used to protect operating systems?

OS security refers to specified steps or measures used to protect the OS from malware, threats, viruses, worms, and other remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited, or deleted if OS security is compromised.

Some common security techniques include:

  1. Performing regular OS patch updates;
  2. Installing updated antivirus engines and software;
  3. Scrutinizing all incoming and outgoing network traffic through a firewall;
  4. Creating secure accounts with required privileges only (i.e., user management);

Since security requires taking additional time and effort, it is frequently seen to be a burden. It is not a one-and-done, rather, it is an attitude. Good, basic security is like good hygiene. You could even call the basics of information security, security hygiene. Physical and information security are bound together inseparably since both are critical.

For example, it is terribly important to take the time to update software, which typically includes the latest security software fixes. Installing antivirus software that scans incoming bits for patterns known to be malware signatures is key. In addition, users should only allow computing activity that is necessary and close all "open doors" that do not need to be open. Good identity and access management is critical.

Review this material in ProtectionSecurity StrategiesSecurity Techniques, and Guide to Intrusion Detection and Prevention Systems.

 

Unit 8 Vocabulary

  • Adware
  • Backdoor
  • Bots and botnets
  • Browser hijacker
  • Code design bug
  • Crimeware
  • Cryptojacking
  • Fileless malware
  • Grayware
  • Hacker
  • Hybrid malware
  • Keylogger
  • Malicious mobile apps
  • Malvertising
  • Malware
  • Phishing
  • Ram scraper
  • Ransomware
  • Rogue security software