Generally, the principal methods of protecting computer systems and networks from unauthorized access and control include the timely updating of all software programs to eliminate any known flaws and security vulnerabilities, the implementation of appropriate network security measures such as encryption of sensitive information, password protocols, and personnel practices, policies, and procedures designed to eliminate the element of human error from the equation (Boyce, 2002). According to the largest comprehensive review of documented instances of computer network intrusions and attempted intrusions, the vast majority of malicious attacks on computer networks are perpetrated by relatively low-level "hackers" rather than sophisticated professionals (Baker, Hylender, & Valentine, 2008)
In the realm of private computer networks, the types of information at risk are credit card numbers and bank account information that can be used to withdraw funds fraudulently or to make fraudulent purchases. Private computer network intruders also typically target identifying information such as social security numbers that can be exploited for the purpose of identity theft (Ballezza, 2007; Personick & Patterson, 2003; Schmalleger, 2009)
Strategies for Protecting Computer Networks In some respects, private computer users and business network administrators face the same types of threats from which they must protect their computer systems and networks. Specifically, the main threat is that individuals or entities will try to gain access to their systems and networks for the purpose of acquiring private information that can be used for monetary gain (Boyce, 2002; Dam & Lin, 1996)
Computer Network Security Issues Computer technology has changed society tremendously in the last two decades. Today, virtually every aspect of modern business depends on computer systems and computer networks, including businesses that have no connection to high technology (Evans, 2004)
Computer security consultants compare the computer security habits of many computer users, both in the home and also in corporate business, to car owners who leave their vehicles in dangerous neighborhoods with the keys in the ignition and valuables in plain sight (; Schmalleger, 2009). Specifically, the most common method of gaining unauthorized access to computer networks is simply by trying the most common defaults for network passwords such as "password" or "0000" or "12345" and other equally common and predictable passwords that users never bother to change after acquiring access to their systems (Kizza, 2005; Schmalleger, 2009)
The most common method of protecting computer systems and networks from these types of intrusions include proprietary anti-virus and anti-malware software programs designed to scan computer systems on a regular basis and to recognize malicious code, alert the user, and inactivate those malicious codes (Personick & Patterson, 2003; Schmalleger, 2009). Finally, social engineering is another effective way of gaining unauthorized access to computer systems and networks (Larsen, 2007)
In the realm of professional business computer systems and networks, malicious intruders may seek similar information for monetary gain as well as proprietary information such a business secrets, strategies, privileged communications, and patents that can be exploited by other businesses for profit. They may also seek to gain remote control of computer networks for the purposes of using them to perpetrate other crimes or to add a layer of protection to hide their identity from authorities investigating their Internet-based crimes (Personick & Patterson, 2003; Schmalleger, 2009)
This method allows remote hackers to gain network access by tricking authorized users to open attached files or to visit Internet destinations that install malicious codes such as Trojan Horses and "worms" that capture passwords and even all keystrokes of authorized users and transmit that information to the remote hacker (Kizza, 2005; Personick & Patterson, 2003). Frequently, the methods used to accomplish this include popular Internet applications and portals such as FaceBook, MySpace, and music download sites among others (Schmalleger, 2009)
Understanding how these attacks are carried out and what their aims and effects can be is the first and most important step in combating them, and this research aims to provide such an understanding. Research Summary As mentioned above, denial of service attacks and distributed denial of service attacks (DOS attacks hereafter) can take place in a variety of settings and by a variety of means, including over local computer networks and over the Internet, affecting networks as a whole, websites, and even individual and specific terminals or servers (Roebuck, 2005; Cross, 2008)
In order to accomplish this, a consistent recommendation among it security experts is to have the latest and greatest technologies and services available, from hosting services to network gateways and firewalls and whatever other pieces of hardware and software architecture are involved in keeping a website live or a network running (Vaughan-Nichols, 2010; Schwartz, 2012). This, combined with planning that includes back-up means of serving consumer/business needs and an understanding of the lack of control when it comes to confronting DOS attacks, are some of the best weapons available (Schwartz, 2012)
The possibilities and the distance involved make Internet DOS attacks more complex, but with the proper know-how they can be easier to achieve consistently for attackers (Roebuck, 2005). Preventing DOS attacks can be all but impossible, especially in an Internet setting, but taking steps to ensure that a website/server can easily recover from a DOS attack and restore reliable service to users can help reduce the likelihood of that being targeted -- if the attack cannot have much of an effect, it isn't worth much effort (Vaughan-Nichols, 2010)
¶ … computer networks understood. Please start reviewing articles discussing stranger requests received IT personnel: Jennifer Mears & Denise Dubie, Funny tech support stories, CD-ROM coffee holders, homemade cookies, frozen computers, The seven most important things about computer networks that should be understood by everyone who uses one Principle one: Know how to 'talk the talk' In the article "They've heard them all," two of the most humorous stories detailing naive users' confusion about computers revolve around simple misunderstandings of vocabulary (Mears & Dubie 2006:1)
"One way viruses try to hide from virus removal software is by hiding themselves inside Microsoft Windows or inside other programs on your computer, so when Windows or a program starts to act strangely, you should check to see if you have a virus. A full-disk virus scan will take a while, so start the scan before you head out to lunch" (Harding 2012)
Computer Network Security -- Information Assurance Issues Discussion Question 1 - Information Assurance and IA-CMM. In general, information assurance relates to the three "CIA" elements of information confidentiality, integrity, and availability (Boyce, 2008; Kizza, 2009)
The confidentiality component refers mainly to the limitation of access to system information to authorized individuals; the integrity component refers mainly to the limitation of changes to data and other elements of the system to authorized individuals and processes; and the availability component refers mainly to the maintenance of the system's ability to function and provide access to information at all times (Boyce, 2008; Kizza, 2009). Because our organization relates to healthcare, we must, by federal law, observe very strict protocols under the Health Insurance Portability and Accountability Act (HIPAA) that are designed to protect confidential healthcare information, called "protected health information" (PHI) (Personick & Patterson, 2007)
The star topology will allow for highly distributed network architecture, with Wi-Fi Access Points anchored to specific department servers and printers for managing inventory position reports and sales-out data across the store from each register. The star topology is ideal for an agile, highly distributed networking model as the workloads are evenly distributed throughout the network as well (Hale, 2005)
Procedures for Securing and Maintaining Networks The Bistro Bookstore needs to have a well-defined and executed security and maintenance plan for its networks and systems that are supporting their operations. The most critical areas of creating a security plan and strategy for a given business include perimeter security, communications security, secure networking, platform security, access security and physical security (Keller, Powell, Horstmann, Predmore, Crawford, 2005)
The TCP/IP protocol is the most pervasively supported and secure of all protocols in low-cost networking and connectivity devices (Potter, 2006). TCP/IP also supports advanced networking features including Dynamic Host Configuration Protocol (DHCP) which allows for IP addresses to be selectively assigned to laptops, tablet PCs including iPads and smartphones, configured either for non-secured or secured connections (Lehr, McKnight, 2003)
TCP/IP also supports advanced networking features including Dynamic Host Configuration Protocol (DHCP) which allows for IP addresses to be selectively assigned to laptops, tablet PCs including iPads and smartphones, configured either for non-secured or secured connections (Lehr, McKnight, 2003). A DHCP address checked out to a given device can be limited to as little as six hours of use, to 24 hours in the Window Server operating system (Leroy, Detal, Cathalo, et
Having a more comprehensive plan for network security at the kiosks and cash registers incouding requiring the use of sign-on cards that have Radio Frequency Identification (RFID) chips codes with employee's login privileges is also important to make sure duplicates are not produced and used for gaining access to internal systems. Another strategy is to create a series of security zones and very specific user roles throughout Bistro and bookstore, delineating who has privileges to update pricing, promotional programs and also manage marketing programs and specials (Liew, 2008)