Instructor’s Manual Materials to Accompany
COMPUTER SECURITY FUNDAMENTALS
CHAPTER 1
INTRODUCTION TO COMPUTER SECURITY
Chapter 1 objectives
When students finish reading this chapter, they will be able to:
Identify the top threats to a computer network: intrusion, denial-of-service attacks, and malware.
Assess the likelihood of an attack on your personal computer and network.
Define key terms such as cracker, sneaker, firewall, and authentication.
Compare and contrast perimeter and layered approaches to network security.
Use online resources to secure your network.
chapter overview
This chapter, as well as the entire textbook, acquaints students with the actual threats posed to a network.
It also gives a high-level overview of the entire book, introduces topics, and references what chapters have
more detailed information. This chapter introduces students to some major terms, techniques, and
resources of network security.
The major sections in this chapter are
1. How Seriously Should You Take Threats to Network Security? Realistically assessing the risks to
your computer network.
2. Identifying Types of Threats. Covers the common threats to a computer: malware, intrusions, and
denial-of-service attacks.
3. Basic Security Terminology. Presented here are definitions of the people, devices, activities, and basic
paradigms involved in network security.
4. How Do Legal Issues Impact Network Security? Covers laws on privacy and security and their
impact on organizations.
5. Online Security Resources. Some major security organizations are presented here with links to their
sites.
chapter outline
I. Chapter 1 Objectives
II. Introduction
III. How Seriously Should You Take Threats to Network Security?
IV. Identifying Types of Threats
, Malware
Compromising System Security
Denial-of-Service Attacks
Web Attacks
Session Hijacking
DNS Poisoning
V. Assessing the Likelihood of an Attack on Your Network
VI. Basic Security Terminology
Hacker Slang
Professional Terms
VII. Concepts and Approaches
CIA Triangle
VIII. How Do Legal Issues Impact Network Security?
IX. Online Security Resources
CERT
Microsoft Security Advisor
F-Secure
SANS Institute
X. Summary
XI. Test Your Skills
XII. Exercises
XIII. Projects
key terms
Audit A check of systems security. This usually includes a review of documents, procedures, and system
configurations.
Authentication The process to verify that a user is authorized to access a given resource. This is part of the
logon system.
Black hat hackers Hackers with malicious intent; synonymous with cracker.
,CIA Triangle: Confidentiality, Integrity, and Availability.
Cookie A small file containing information from a Web site.
Cracker One who breaks into a system to do something malicious, illegal, or harmful. A hacker with
malicious intent; synonymous with black hat hacker.
Denial-of-service (DoS) An attack that prevents legitimate users from accessing a resource.
Ethical hacker A person who hacks into systems to accomplish some goal that he feels is ethically valid.
Firewall A device or software that provides a barrier between your machine or network and the rest of the
world.
Gray hat hackers Hackers who normally behave legally, but who may, for certain reasons and in limited
situations, conduct illegal activities, usually for reasons they feel are ethically compelling.
Hacker A person who tries to learn about a system by examining it in detail and reverse-engineering it.
Hacking The process to attempt to learn about a system by examining it and often exploiting flaws. This
usually involves attempts to compromise the target system in some way.
Intrusion-detection system (IDS) A system designed to detect signs of attacks in progress and to notify
the administrator.
Key logger Software that logs key strokes on a computer.
Layered security approach An approach that attempts to fortify security within the network rather than
just the perimeter.
Malware Any software that has a malicious purpose, such as a virus or Trojan horse.
Proxy server A machine or software that hides all internal network IP addresses from the outside world. It
provides a point of contact between a private network and the Internet.
Reactive security Security that simply acts after something has gone wrong.
Script kiddy A hacker term for a person who claims much greater hacking skill than he actually has.
Sneaker Someone who attempts to compromise a system to assess its vulnerability.
Social engineering Using interpersonal skills to extract information about a computer system and its
security.
Spyware Software that monitors computer use.
Trojan horse Software that appears to have a valid and benign purpose but actually has another nefarious
purpose.
Virus Software that is self-replicating and spreads like a biological virus.
War-dialing Dialing phones waiting for a computer to pick up. This is usually done via some automated
system.
, War-driving Driving and scanning for wireless networks that can be compromised.
White hat hackers Hackers who hack only for legal/ethical purposes.
Teaching notes
I. How Seriously Should You Take Threats to Network Security?
Teaching Tips: Have students assess the risk on their home computers using the formula in the In
Practice callout box (p. 5). Lead students in a discussion on how valuable they believe their data is to
someone else.
II. Identifying Types of Threats
Teaching Tips: Lead students in a discussion about why someone would write malware, break into
a system, or deny access to another system.
III. Basic Security Terminology
Teaching Tips: As with any occupation, security personnel need to understand the language used
by people in the field. In this case, there are two basic cultures. There are those that exploit systems and
those that protect systems; each may use words a little differently. Also mention to students that because
this is an extremely fast-changing field, new words are continuously invented. Words such as phishing and
blue snarfing are recent additions.
Teaching Tips: Ask students: “Who should grant permission for a sneaker to test the security of a
system? Would it be the system administrator, the head of the IT department, or a CEO? How would a
sneaker prove she has the authorization to break in?”
Teaching Tips: Not all IT security issues have technological solutions. IT Security is about one-
third technology, one-third business, and one-third sociology. Social engineering is by far the tool of choice
for most crackers. You can obtain an ID and password faster, easier, and with less risk over the phone than
by using a computer. See whether any student has ever overheard a conversation in which someone has
revealed a password.
IV. Concepts and Approaches
Teaching Tips: Good security has different layers of access. Use the example of a bank safety
deposit box. What layers of security do you need to go through to get to items stored in your safety deposit
box? The doors to the bank building have locks. The lobby may have armed guards. The vault has a big lock
on it. Each drawer of a safety deposit box also has two key locks—you have one key and the bank has the
other. How do layers improve security?
V. How Do Legal Issues Impact Network Security?
Teaching Tips: Let students understand that IT security needs to protect systems not only from
hackers, but also from untrained users, disgruntled employees, and lawyers. Lawsuits can damage a
company faster than the loss of a computer or the temporary loss of data. Lawsuits can even put CEOs in
jail if their IT department did not do “due diligence.”
COMPUTER SECURITY FUNDAMENTALS
CHAPTER 1
INTRODUCTION TO COMPUTER SECURITY
Chapter 1 objectives
When students finish reading this chapter, they will be able to:
Identify the top threats to a computer network: intrusion, denial-of-service attacks, and malware.
Assess the likelihood of an attack on your personal computer and network.
Define key terms such as cracker, sneaker, firewall, and authentication.
Compare and contrast perimeter and layered approaches to network security.
Use online resources to secure your network.
chapter overview
This chapter, as well as the entire textbook, acquaints students with the actual threats posed to a network.
It also gives a high-level overview of the entire book, introduces topics, and references what chapters have
more detailed information. This chapter introduces students to some major terms, techniques, and
resources of network security.
The major sections in this chapter are
1. How Seriously Should You Take Threats to Network Security? Realistically assessing the risks to
your computer network.
2. Identifying Types of Threats. Covers the common threats to a computer: malware, intrusions, and
denial-of-service attacks.
3. Basic Security Terminology. Presented here are definitions of the people, devices, activities, and basic
paradigms involved in network security.
4. How Do Legal Issues Impact Network Security? Covers laws on privacy and security and their
impact on organizations.
5. Online Security Resources. Some major security organizations are presented here with links to their
sites.
chapter outline
I. Chapter 1 Objectives
II. Introduction
III. How Seriously Should You Take Threats to Network Security?
IV. Identifying Types of Threats
, Malware
Compromising System Security
Denial-of-Service Attacks
Web Attacks
Session Hijacking
DNS Poisoning
V. Assessing the Likelihood of an Attack on Your Network
VI. Basic Security Terminology
Hacker Slang
Professional Terms
VII. Concepts and Approaches
CIA Triangle
VIII. How Do Legal Issues Impact Network Security?
IX. Online Security Resources
CERT
Microsoft Security Advisor
F-Secure
SANS Institute
X. Summary
XI. Test Your Skills
XII. Exercises
XIII. Projects
key terms
Audit A check of systems security. This usually includes a review of documents, procedures, and system
configurations.
Authentication The process to verify that a user is authorized to access a given resource. This is part of the
logon system.
Black hat hackers Hackers with malicious intent; synonymous with cracker.
,CIA Triangle: Confidentiality, Integrity, and Availability.
Cookie A small file containing information from a Web site.
Cracker One who breaks into a system to do something malicious, illegal, or harmful. A hacker with
malicious intent; synonymous with black hat hacker.
Denial-of-service (DoS) An attack that prevents legitimate users from accessing a resource.
Ethical hacker A person who hacks into systems to accomplish some goal that he feels is ethically valid.
Firewall A device or software that provides a barrier between your machine or network and the rest of the
world.
Gray hat hackers Hackers who normally behave legally, but who may, for certain reasons and in limited
situations, conduct illegal activities, usually for reasons they feel are ethically compelling.
Hacker A person who tries to learn about a system by examining it in detail and reverse-engineering it.
Hacking The process to attempt to learn about a system by examining it and often exploiting flaws. This
usually involves attempts to compromise the target system in some way.
Intrusion-detection system (IDS) A system designed to detect signs of attacks in progress and to notify
the administrator.
Key logger Software that logs key strokes on a computer.
Layered security approach An approach that attempts to fortify security within the network rather than
just the perimeter.
Malware Any software that has a malicious purpose, such as a virus or Trojan horse.
Proxy server A machine or software that hides all internal network IP addresses from the outside world. It
provides a point of contact between a private network and the Internet.
Reactive security Security that simply acts after something has gone wrong.
Script kiddy A hacker term for a person who claims much greater hacking skill than he actually has.
Sneaker Someone who attempts to compromise a system to assess its vulnerability.
Social engineering Using interpersonal skills to extract information about a computer system and its
security.
Spyware Software that monitors computer use.
Trojan horse Software that appears to have a valid and benign purpose but actually has another nefarious
purpose.
Virus Software that is self-replicating and spreads like a biological virus.
War-dialing Dialing phones waiting for a computer to pick up. This is usually done via some automated
system.
, War-driving Driving and scanning for wireless networks that can be compromised.
White hat hackers Hackers who hack only for legal/ethical purposes.
Teaching notes
I. How Seriously Should You Take Threats to Network Security?
Teaching Tips: Have students assess the risk on their home computers using the formula in the In
Practice callout box (p. 5). Lead students in a discussion on how valuable they believe their data is to
someone else.
II. Identifying Types of Threats
Teaching Tips: Lead students in a discussion about why someone would write malware, break into
a system, or deny access to another system.
III. Basic Security Terminology
Teaching Tips: As with any occupation, security personnel need to understand the language used
by people in the field. In this case, there are two basic cultures. There are those that exploit systems and
those that protect systems; each may use words a little differently. Also mention to students that because
this is an extremely fast-changing field, new words are continuously invented. Words such as phishing and
blue snarfing are recent additions.
Teaching Tips: Ask students: “Who should grant permission for a sneaker to test the security of a
system? Would it be the system administrator, the head of the IT department, or a CEO? How would a
sneaker prove she has the authorization to break in?”
Teaching Tips: Not all IT security issues have technological solutions. IT Security is about one-
third technology, one-third business, and one-third sociology. Social engineering is by far the tool of choice
for most crackers. You can obtain an ID and password faster, easier, and with less risk over the phone than
by using a computer. See whether any student has ever overheard a conversation in which someone has
revealed a password.
IV. Concepts and Approaches
Teaching Tips: Good security has different layers of access. Use the example of a bank safety
deposit box. What layers of security do you need to go through to get to items stored in your safety deposit
box? The doors to the bank building have locks. The lobby may have armed guards. The vault has a big lock
on it. Each drawer of a safety deposit box also has two key locks—you have one key and the bank has the
other. How do layers improve security?
V. How Do Legal Issues Impact Network Security?
Teaching Tips: Let students understand that IT security needs to protect systems not only from
hackers, but also from untrained users, disgruntled employees, and lawyers. Lawsuits can damage a
company faster than the loss of a computer or the temporary loss of data. Lawsuits can even put CEOs in
jail if their IT department did not do “due diligence.”
