Scribd
Upload
34 views10 pages

Security Audits & Authentication Guide

The document discusses various topics related to cyber security including security audit, authentication, biometrics, deception techniques like honeypots, denial of service attacks, ethical hacking, incident response process, network scanning, security policies, and threat management. Specific areas covered include data, physical, and network security audits, types of authentication, biometric techniques like fingerprint, facial recognition and retina scans, uses of honeypots, phases of incident response, and challenges of threat management.

Uploaded by

rohankumar5471
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
34 views10 pages

Security Audits & Authentication Guide

The document discusses various topics related to cyber security including security audit, authentication, biometrics, deception techniques like honeypots, denial of service attacks, ethical hacking, incident response process, network scanning, security policies, and threat management. Specific areas covered include data, physical, and network security audits, types of authentication, biometric techniques like fingerprint, facial recognition and retina scans, uses of honeypots, phases of incident response, and challenges of threat management.

Uploaded by

rohankumar5471
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

REMAINING PART OF FIRST CHAPTER.

Page 11 first chapter


Q28.what is security audit? Explain the areas where audit is performed.

Sol
Security audit is a process of reviewing and examining activities of a
system.it provides a checklist for validating security of the system.

Cyber audit reviews the following areas


Data security:review security measure for data.review data encryption
technique

Physical security:- in this area multifactor authentication is reviewed


Network security:- in this area,antivirus configuration and security
monitoring are checked.

Advantages of security audit.


It helps to identify gaps in security.
Provides assurance to vendors,employees and client.

Q29. What is authentication.Explain its types


Authentication is process of verifying identity of a person using uname
and password when user logs in to the system
Types of authentication
Peer entity authentication: used to verify identities of peer
entities(computer) in communication.
…AUTHENTICATE REMOTE COMPUTER
Data orgin authentication is an assurance that source information is
verified.
Q30
BIOMETERIC AUTHENTICATION uses human characteristic feature to
verify persons identity and grant acess

Types of biometric
Finger scan
Facial feature scan
Retina scan

Finger scan .scans finger prints which are unique for each person

Working
Data comes from scanner that read various aspects of finger data.Then
the information is used to verify the users.

Uses
Investigate criminal cases
Authorizing users at ATM.

Adv
User friendly
Provides high performance
Easy way to authenticate a person.

Disadvantage
Error prone when skin is dry or dirty(old age).

Facial feature scan:- differentiate humans based on features like


eye,nose etc.
Facial recognition has 2 sub process
Detection:process of locating a face in a captured image.
Recognition:Comparison is performed between captured face and other
faces in database

Working of facial security scan


Existing photo of individual digitally scanned
Extract features of identifies face
The generated template is compared against template saved in
database.
If they match.generated templated is similar to saved template.

Uses
Used in survelliance(watching) purpose to find criminals
Used in multinational companies.
Adv
Non expensive technology
Helps in finding missing people
Used in law enforcement areas

Disadvantages
The results gets effected with change in age,hair style.
Concern about privacy and security(morphing).

Retina scan uses unique pattern of person retinal blood vessel

Working
Delicate sensor retina scan examine pattern of retina blood vessels

Uses
Used in prison for identity verification
Adv
Highly accurate
Performs verification at high speed.

Disadvantage
Expensive technique
Not user friendly
Results may vary based on poor infrared light.

Deception:process of creating false perception(illusion) for attacker


RAT TRAP…FOOD
Commonly used deception technique is HONEY POTS

Honey pots used captured information from unauthorized persons that


are tricked to access them.

Purpose of designing honey pots

Gather information about activities of attackers


Distract attackers using critical systems
Inspire attacker to stay for a long time so that admin can respond to the
system.

Denial of services filters.


Denial of service attack(Dos) in which attacker seeks to make network
or machine unavailable to intended users
Temporarily disrupt service….overflow msgs
Face book blocked.

Dos filter :defence mechanism to prevent DOS attacks


Types of dos filters
Ingress filters…examine incoming packets in network to prevent any
suspicious attack

Egress filter.examine outgoing packets to prevent suspicious packet


from entering another network.
Q33: PAGE 14
ETHICAL HACKERS aim at finding loop holes in the system and report to
owners
Aspects to be considered while performing ethical hacking.

Identify areas which require high protection


If unwanted person gain access,what is the consequence
How soon access of unwanted person gets noticed.

Page 16.
Define incidence response.explain various phases in incidence response
cycle.

Incident response.the main objective of this plan is to manage and


handle incident by taking effective counter measure.

Page 118
It include four main stages
Preparation
Detection/analysis
Containment/eradication/recovery
Post incident activity.

Prepare for potential incidients


Implement response check list,provide staff with cybersecurity training

Detection and analysis


Access whether an event is cyber attack.evaluate its intensity and
classify cyber security incident based on nature of attack.

Containing the impact


Isolate effected systems and prevent incident from propagating further.
Make sure threat is no longer present in the network and eradicating
any threats from the system

Restore effected system to their pre incident state.

Post incidence activity


Document everything that occurred during incident and the response.
Use this information to recognize areas of improvement.

Strengthen your security by continuously testing and evaluating your


incidence response plan.

Q37.
Define scanning.Explain its types
Network scanning is the method used to scan a network for security
assessment and maininting the system.
Network scanning used by ethical hacker and technical teams to check
loopholes in the system.
Types.
Network scanning: ,
network scanning is the technique of scanning devices,systems in
network for vulnerabilities and inconsistencies

Port Scanning.
Testors use port scanning techniques to identify open ports or doors in
the system that can be used by the attackers.

Vulnerability scanning
Automated scanning of systems in network to find whether is an
vulnerability or loop holes

Explain in details about security policy.what is the need of a security


plan.

Security policy refers to clear ,comprehensive,well defined


plans,rules and practices that regulate access to an organisation
system and information.

Comprehensive :thoroughly defined.


Good policy protects not only information and systems, but also
individual employees and the organization as a whole.
Features of security policy.
Must be properly defined
Must be up to date(lastest technology).
Must be presented in such a way that it can be easily be understood.
Must be strictly be enforced by all staff members

Need for security policy.


Security policies are important because they protect an
organizations' assets, both physical and digital. They identify all
company assets and all threats to those assets.

Explain in detail about thread management.


Threat management is the process of detecting, preventing, and
responding to cyberthreats. Effective threat management tools and
procedures can help reduce the risk of cyberattacks.

Challenges of cyber threat management are as follows


1.lack of skilled staff who can make use of existing technology to protect
data
2.Lack of visibility: the organization must ensure that they don’t have
blind spots in their security
Blind spot:an area somebody cannot see
3.Lack of insight:an organization must have key performance indicators
to detect and response to cyber security incidents.

Getting less marks.watching social media..key performance indicator.

You might also like