计算机专业英语10 网络和计算机安全039.docx
- 文档编号:3897943
- 上传时间:2022-11-26
- 格式:DOCX
- 页数:12
- 大小:25.97KB
计算机专业英语10 网络和计算机安全039.docx
《计算机专业英语10 网络和计算机安全039.docx》由会员分享,可在线阅读,更多相关《计算机专业英语10 网络和计算机安全039.docx(12页珍藏版)》请在冰豆网上搜索。
计算机专业英语10网络和计算机安全039
Unit10reading
NetworkandComputerSecurity
Introduction
ThiscomputersecuritytutorialiswrittenbasedonmyexperienceswithcomputerandnetworksecurityalongwithmytrainingandinformationIhaveread.ThefieldofsecurityisconstantlychangingsoIcannotguaranteethatinformationinthiscomputersecuritytutorialwillbecurrent.Thiscomputersecuritytutorialwilldefinesomebasicsecurityissuesandgiveinsightintowhatcausessecuritytobeaconstantissue.Itwillhelpyoudecidewhattoprotectandprovidesomebasicinformationaboutattacksthatmaybemadeagainstyournetwork,computersystems,ordata.Itwillalsoprovidecomputerandnetworksecurityrecommendationsforyouoryourorganization.Althoughmuchusefulinformationcanbederivedfromthisdocumentwithoutthereaderhavingnetworkingknowledge,tousethisdocumentindepth,Irecommendthatreadersofthiscomputersecuritytutorialhaveafundamentalknowledgeaboutnetworking.
Inthiscomputersecuritytutorial,thetermscomputersecurityandnetworksecuritywillbeusedoften.Whenthetermcomputersecurityisused,itspecificallyreferstothesecurityofonecomputer,althoughtheoverallsecurityofeachindividualcomputerisrequiredfornetworksecurity.Whenthetermnetworksecurityisused,itreferstothesecurityofthenetworkingeneral.Thisincludessuchissuesaspasswordsecurity,networksniffing,intrusiondetection,firewalls,networkstructureandsoforth.
1.SecurityViolationDefinition
Computerornetworksecurityhasbeenviolatedwhenunauthorizedaccessbyanypartyoccurs.
2.WhySecurity?
Computersecurityisrequiredbecausemostorganizationscanbedamagedbyhostilesoftwareorintruders.Theremaybeseveralformsofdamagewhichareobviouslyinterrelated.Theseinclude:
•Damageordestructionofcomputersystems.
•Damageordestructionofinternaldata.
•Lossofsensitiveinformationtohostileparties.
•Useofsensitiveinformationtostealitemsofmonetaryvalue.
•Useofsensitiveinformationagainsttheorganization'scustomerswhichmayresultinlegalactionbycustomersagainsttheorganizationandlossofcustomers.
•Damagetothereputationofanorganization.
•Monetarydamageduetolossofsensitiveinformation,destructionofdata,hostileuseofsensitivedata,ordamagetotheorganization'sreputation.
Themethodsusedtoaccomplishtheseunscrupulousobjectivesaremanyandvarieddependingonthecircumstances.Thisguidewillhelpadministratorsunderstandsomeofthesemethodsandexplainsomecountermeasures.
3.SecurityIssues
Computersecuritycanbeverycomplexandmaybeveryconfusingtomanypeople.Itcanevenbeacontroversialsubject.Networkadministratorsliketobelievethattheirnetworkissecureandthosewhobreakintonetworksmayliketobelievethattheycanbreakintoanynetwork.Ibelievethatoverconfidenceplaysanimportantroleinallowingnetworkstobeintrudedupon.Therearemanyfallaciesthatnetworkadministratorsmayfallvictimto.Thesefallaciesmayallowadministratorstowrongfullybelievethattheirnetworkismoresecurethanitreallyis.
Thisguidewillattempttoclarifymanyissuesrelatedtosecuritybydoingthefollowing:
•Helpyoudeterminewhatyouareprotecting.
•Breakcomputersecurityintocategories.
•Explainsecuritytermsandmethods.
•Pointoutsomecommonfallaciesthatmayallowadministratorstobeoverconfident.
•Categorizemanycommonattacksagainstnetworksandcomputers.
•Explainsomeattackmethods.
•Describetoolsthatcanbeusedtohelpmakeanetworkmoresecure.
4.SecurityInterdependence
Therearemanydifferentaspectstocomputerandnetworksecurity.Thesedifferentareasofcomputersecurityareinterdependentoneachotherinorderforanetworktobesecure.Ifoneormoreareasofcomputersecurityareignored,thentheentiresecurityintegrityoftheorganization'snetworkmaybecompromised.Aclearexampleofthisisintheareaofcomputervirusorwormprotection.Computervirusprotectionprogramscanonlyfilterknownvirusesorworms.Therearevirusesorwormsthatarenotyetrecognizedasvirusprogramsimmediatelyaftertheirrelease.Thebestwaytomakeunrecognizedvirusorwormprogramslesseffectiveisbyquicklyremovingthevulnerabilitiesthattheyuse.Someofthesevulnerabilitiesareoperatingsystemandapplicationprogramerrors.Whensecuritypatchesarecreatedforsoftware,theyshouldbequicklyapplied.Inthiswaythevulnerabilitytovirusesisminimizedbutnoteliminated.Thereareotherstepswhichmayfurtherreducethisvulnerability,butitcanneverbecompletelyeliminated.
5.SecurityLimitationsandApplications
Ifyouarereadingthisdocumentandarethinkingthatyoucangetalltheinformationrequiredtomakeyournetworkcompletelysecure,thenyouaresadlymistaken.Inmanyways,computersecurityisalmostastatisticalgame.Youcanreducebutnoteliminatethechancethatyoumaybepenetratedbyanintruderorvirus.Thisismainlyforonereason:
Noonecaneverknowallthesoftwarevulnerabilitiesofallsoftwareusedonasystem.
Thisiswhyeventhosewhoconsiderthemselveshackerswillsaythatthenumberonecomputersecuritythreatisthelackofqualityintheapplicationsandoperatingsystems.
Thebottomlinehereisthatunlessyoucanremovealltheapplicationandoperatingsystemproblemsthatallowvirusesandintruderstopenetratenetworks,youcanneversecureyournetwork.Additionallytheusersonyournetworkarepotentiallyagreatersecurityriskthananyprograms.Obviouslyremovingallvulnerabilitiesisimpossibleandwillnotsecureyournetworkagainstusererrors.Ihaveevenconsideredthepossibilitythatanoperatingsystemwithoutanetworkinterfacecanbecompletelysecure,buteventhiscannotbeguaranteed.UnknownvirusesorTrojanprogramscancreepinwithapplicationsonCDsorfloppies.Thishasbeenknowntohappen.Althoughanattackermaynotbeabletogetdatafromthesystem,theycandamageordestroydata.
6.LayeredSecurity
Thefactthatcompletesecurityisimpossibleisthereasonsecurityexpertsrecommend"layeredsecurity".Theideaistohavemultiplewaysofpreventinganintrusiontodecreasethechancethatintrusionswillbesuccessful.Forexample,youshouldhavevirusprotectiononyourclientcomputers.Tohelplayerthissecurityyoushouldalsofiltervirusesatyouremailserver.Tohelpevenmore,youshouldblockthemostdangeroustypesofemailattachmentstopreventunrecognizedvirusesandotherhostilesoftwarefromenteringyournetwork.Anothergooddefenselayerwouldalsoincludeeducatingyourusersaboutviruses,howtheyspread,andhowtoavoidthem.
Hackers
Therearemanydocumentsthatattempttodefinethetermhacker.Ibelievethatthetermhackerisaconnotativeterm.Thismeansthatitismoredefinedbypeople'sbeliefsratherthanbyadictionary.Somebelievethatahackerisaveryskilledcomputerperson.Othersbelievethathackersarethosethatperformunauthorizedbreakintocomputersystems.Themediaandmanysourceshavecausedmanyuninformedpeopletobelievethatahackerisathreattocomputerandnetworksecuritywhilethisisnotthecase.Ahackerisnomorelikelytobreakthelawthananyoneelse.Iusethemoreaccuratedescriptiveterm,"intruder"todescribethosewhointrudeintonetworksorsystemswithoutauthorization.
8.PhysicalSecurity
Thisguidewillnottalkaboutphysicalcomputersecuritybeyondthisparagraph.Yourorganizationshouldbeawarehowphysicallysecureeveryaspectofitsnetworkisbecauseifanintrudergetsphysicalaccess,theycangetyourdata.Besurethatyourorganizationproperlysecureslocationsandconsiderthefollowing:
•Servers-Containyourdataandinformationabouthowtoaccessthatdata.
•Workstations-Maycontainsomesensitivedataandcanbeusedtoattackothercomputers.
•Routers,switches,bridges,hubsandanyothernetworkequipmentmaybeusedasanaccesspointtoyournetwork.
•Networkwiringandmediaandwheretheypassthroughmaybeusedtoaccessyournetworkorplaceawirelessaccesspointtoyournetwork.
•Externalmediawhichmaybeusedbetweenorganizationalsitesortoothersitestheorganizationdoesbusinesswith.
•Locationsofstaffwhomayhaveinformationthatahostilepartycanuse.
•Someemployeesmaytakedatahomeormaytakelaptopshomeoruselaptopsontheinternetfromhomethenbringthemtowork.Anyinformationontheselaptopsshouldbeconsideredtobeatriskandtheselaptopsshouldbesecureaccordingtoproperpolicywhenconnectedexternallyonthenetwork.
9.SomeTerms
Thisparagraphdescribessomecommonlyusedcomputersecurityterms.
•Protocol-Welldefinedspecificationallowingcomputercommunication.
•Confidentiality-Informationisavailableonlytopeoplewithrightfulaccess.
•Integrity-Informationcanonlybechangedbyauthorizedpersonnel.Thereceiverofthemessageshouldbeabletotellthemessagewasnotmodified.
•Availability-Informationisavailabletoonlythosewhoneedit.
•Verification-nonrepudiation-Thereisproofthatthesendersentthemessage
•Authentification-Thereceiverofthemessageshouldbeabletobesureoftheoriginofthemessage.Requiresadigitalsignature(Onewayhash,publickeyalgorithm,andsymmetricalgorithm)orapublickeyalgorithm.
•Spyware-Acomputerprogramwhosepurposeistospyonyourinternetactivitiesusuallyformarketingpurposesandusuallydonebyashadycorporateentity.
•Malware-Acomputerprogramwithsomeevilintent.Itmayonthesurfacehaveagoodoru
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 计算机专业英语10 网络和计算机安全039 计算机专业 英语 10 网络 计算机 安全 039