.

Monday, January 14, 2019

Information Technology logical security Essay

Logical breeding security is the guarding of knowledge against unauthorised access while at the said(prenominal) magazine making current that their integrity is guaranteed. If logical security is laid down in a shoddy way, then it would ca usance risks and its pic may lead to the agree of the data. System intrusion is unrivaled of the vulnerabilities for logical IT security. packet package bugs may non all be eliminated by system administrators or programmers (Perry, 2006). The intruders therefore practice the bugs to find holes and hack into system computing devices or server computers.These bugs burn be in the form of buffer overflows, unconsidered inputs, and race conditions. Buffer overflows polish up is extra knowledge that can overwrite the effective data in the buffer and this data could be degrading the data integrity of the actual data. Race conditions ack-ack gun is multiple processes access and use same data concurrently and end result is that one proc ess may unload copying correct data since the other process may ingest changed the data. A system configuration is some other issue that normally forms another form of system intrusion.Most systems energize default manufacturers configurations. Customers find it calorie-free to use since root/administrator countersignatures ar usually empty/blank. If administrators unload re-configuration of access controls, then the system can be intruded into even through with(predicate) the net income. With the advent of technologies that can eavesdrop at the moving traffic, there has been the globe of sniffer software product which are use to monitor the traffic. Sniffing unsecured traffic is embitter for logical security.A sniffer can also be used licitly or illegitimately to capture data transmitted on a network. It can be illegitimately used when the network router reads data packets then determining its intended destination in the network. A router may have a sniffer program that reads data in the packet and can realise its parentage and destination then sends it to unintended destinations due to intrusion mechanisms in the network such(prenominal) as use of software bugs. Control on key directories for data should be factored in access standards to avoid unofficial access.Limiting or eliminating access to everyone is important therefore restricting use of removable media such as flash disks and floppy disks for confidential information (Cole, & deoxyadenosine monophosphate Krutz, 2005). Data integrity should be observed to ensure information lined is as original especially through performing synchronization from time to time to take care of bugs such as race conditions. hush-hush information should be encrypted especially that which is sensitive and so make appropriately.Forgetting to back-up and store data on a regular schedule would run shaping into crisis especially if the computer system breaks down, especially if the hard disk retentivity th e crucial data crashes. Output devices such as scanners and printers on the network assigned for confidential information should at all time be under monitoring by use of monitoring utility software. Software for local systems should be legal. Vendors face the risk of software piracy for exemplar illegal copying of their software. Organizations should ensure that they install software that has been licensed.Licensed software is beneficial since their updates and patches could easily be attained from the Internet (Perry, 2006). Open source software give exploiters advantage of using them at their own inclination since they are freeware and put one acrosst require license to install them. Their refuge is questionable and may not be guaranteed, they could be prone to bugs as they are easily customizable. Pirated operating systems which access the Internet are chanceful and pose endangerment to the applications installed on it. Such systems can be in risk of being virus infected or may spring up worms and Trojans.Therefore organizations should ensure licenses bought are used for the OS and renewal of the licenses done at end of term for each license, this then get out seize recommended updates and patches for the operating system (Cole, & Krutz, 2005). Building security levels on user data is crucial since it ensures confidentiality and integrity of sensitive data. The different levels would be such as access to workstations and desktop applications, access to computer servers and data, access to business enterprise bespoke applications.Access built only for authenticated persons using password and IDs. Password policies should be in place such as allowing immobile passwords of more than six characters, allow changing password on regularly basis say after 3 months, one password per one user ID. Password sharing among employees could cause malicious use of a users account by another user and this will be untraceable and unsuitable, users should the refore be formally notified their role in user ID and password protection for their user accounts.Web security attack is common in the cyber cafes and computer systems always accessing the Internet. nearly of the HTTP (Hyper Text bear protocol) vulnerabilities include cross-site scripting assaulter gains control of the scripts location header and redirects the scripts. The second HTTP vulnerability is the web cache poisoning that allows attack websites visited by many users (Contos, Crowell, Derodeff, & Cole, 2007). The attacker redirects the URL of the website to the IP address of his computer.Web vulnerability is the cross-user daub attacks where a website maybe seen defaced by a user and at this time attacker is stealing or resetting cookies sessions. Network infrastructure laid without software firewalls spell doom for logical security in the network. This is so because intruders can use software for maliciousness such as phishing where the attacker or program successfull y masquerades as another by falsifying data and to the recipient the site appears as genuine but then the attacker will then manipulate or steal recipients credentials such as login details or financial information.This phase of masquerade is also called spoofing (Hoffer, Prescott, & McFadden, 2008). Local systems that have their firewalls disabled on system services provided by Operating systems such as Microsoft windows is a threat to security. All the time, firewalls should be set to enabled state and exceptions created for required software applications in the network. Viruses are programs or codes that can alter other programs functionality or render another program useless.Inadvertently leaving virus infected computer systems still connected on the network pose danger of infecting other computer systems in the same network through self-propagating viruses or Trojans or worms. Viruses can also be attained through e-mails. Some chain e-mails sent to users have attachments th at have viruses attached to them. They infect a computer system once they are opened or downloaded to the computer hard disk. Distribution of such viruses could also be through the same network and media devices such as external hard disks and flash disks. repudiation is the situation where one is able to deny being partisan to information manipulation. This is vulnerable for the data confidentiality and integrity of information. The best way to guarantee perpetrators dont walk scot free is by ensuring data access controls are well defined such as event logs for applications and strong holding policies such as one user password per one user ID, remote monitoring the network activities and data sent and received and redemptive security logs for local system among other policies very important for non-repudiation.

No comments:

Post a Comment