Objective: The objective of this discussion is to understand the threat and vulnerability of the Microsoft operating systems and to find ways to mitigate the security breach. Microsoft operating system is widely used in various organizations and finding strategies to defend against an attack is becoming difficult.
DQ1: Therefore, your task is to read the chapter one of our book titled “security strategies in windows platforms and application” and layout strategies you could use to mitigate the risk of an attack in Microsoft windows platform.
DQ2: Discuss the telnets of information security and how windows and application could be mapped into a typical IT Infrastructure that could help to secure the system?
Week 5 Assignment
Application: ANOVA Study: The Alpha Shoe Company
When you read published research studies, you find experimental studies in which one or more variables are manipulated. One example is a study on whether students with windows in their classrooms give their instructors higher evaluations than students with no windows in their classrooms. You could do a basic comparison of these two groups with a t test, which you studied in Week 4. Perhaps it would be more interesting to have additional levels of environment. You might compare instructor evaluations when students are in a class with no windows, a class with windows that look out to a parking lot, a class with windows that look out to a park, or a class with no windows but pictures of windows on the wall. Since you have multiple levels of the factor, environment, an ANOVA would help you understand the differences between each.
This Assignment will give you practice conducting a study with multiple levels of a factor by working once again with the Alpha Shoe Company. Since many research studies rely on the ANOVA for analysis, you will enhance your ability to understand the results of research studies that you evaluate in the future.
Scenario:
Imagine that Alpha Shoe Company wants to do a second study on the vertical lift basketball players can gain from their shoes. Recall that they believe that how high a player can jump is affected by the type of shoe that player wears. They identified 25 professional basketball players and randomly assigned each of them to wear one of the five types of shoe, then measured how high each player jumped. Each player’s jumping height is given below in inches:
Pluto
Omega II
Beta Super
Delta
Gamma
29.1
29.2
28.5
28.4
27.7
29.8
29.1
28.9
28.0
27.9
30.0
28.8
29.2
28.8
28.0
29.0
28.7
28.3
29.0
28.2
31.1
28.8
30.0
28.9
28.0
Assignment:
To complete this Assignment, submit by Day 7 answers to the following. Use SPSS to compare the means of the scores of these five shoes with a one-way ANOVA. Save and submit both your SPSS data file and your output.
· Before comparing the scores with an ANOVA, state your null and alternative hypotheses in words (not formulas).
· Identify the independent and dependent variables.
· Name the levels in your identified factor.
· State the within-group degrees of freedom and explain how you calculate it.
· State the between-group degrees of freedom and explain how you calculate it.
· Identify the obtained F value.
· Identify the p value.
· Explain whether the F test is significant. Explain how you know and what it tells you.
· Explain what you can conclude about the effect of shoe choice on vertical lift (jumping height).
· Should you conduct a post hoc test? Why or why not? If yes, conduct a Tukey HSD post hoc analysis. Explain what the results tell you about type of shoe choice and vertical lift.
· Submit three documents for grading: your text (Word) document with your answers and explanations to the application questions, your SPSS Data file, and your SPSS Output file.
· Provide an APA reference list.
Security Strategies in Windows Platforms and Applications
Lesson
1
Microsoft Windows and the
Threat Landscape
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Cover image © Sharpshot/Dreamstime.com
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
1
Learning Objective(s)
Describe information systems security and the inherent security features of the Microsoft Windows operating system.
Describe threats to Microsoft Windows and applications.
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
2
Key Concepts
Information systems security and the C-I-A triad
Microsoft Windows and a typical IT infrastructure
Vulnerabilities of Microsoft Windows systems and their applications
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
3
Information Systems Security
Defense in depth
A collection of strategies to make a computer environment safe
Information security
Main goal is to prevent loss
Most decisions require balance between security and usability
Security controls are mechanisms used to protect information
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
4
Security Controls
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
5
Type of Control
Administrative
Type of Function
Preventive
Detective
Corrective
Technical
Physical
C-I-A Triad
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
The practice of securing information involves ensuring three tenets of information security: confidentiality, integrity, and availability
Known as the C-I-A triad
Also known as the availability, integrity, and confidentiality (A-I-C) triad
Each tenet interacts with the other two and, in some cases, may conflict
6
Confidentiality
The assurance that the information cannot be accessed or viewed by unauthorized users
Examples of confidential information:
Financial information
Medical information
Secret military plans
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
A successful attack against confidential information enables the attacker to use the information to gain an inappropriate advantage or to extort compensation through threats to divulge the information.
7
Integrity
The assurance that the information cannot be changed by unauthorized users
Ensuring integrity means applying controls that prohibit unauthorized changes to information
Examples of integrity controls:
Security classification
User clearance
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
8
Availability
The assurance that the information is available to authorized users in an acceptable time frame when the information is requested is availability
Examples of attacks that affect availability:
Denial of service (DoS)
Hacktivist
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
9
Microsoft Windows and Applications in a Typical IT Infrastructure
IT infrastructure
Collection of computers, devices, and network components that make up an IT environment
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
10
Microsoft Windows and Applications in a Typical IT Infrastructure
Common infrastructure components:
Client platforms
Network segments
Network devices
Server instances (often listed by function)
Cloud-based offerings, such as Microsoft Office 365 and Microsoft Azure
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
11
A Sample IT Infrastructure
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Windows Clients
Client systems provide functionality to end users; customer-facing systems
Include desktops, laptops, and mobile devices
Each application can be deployed on client systems as either a thin or a thick client
Windows 10
Newest and most popular Windows client operating system
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
13
Windows Servers
Server computers provide services to client applications
Common server applications:
Web servers, application servers, and database servers
Windows Server 2019
Essentials, for small businesses
Standard, for most server functions
Datacenter, for large-scale deployments
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
14
Microsoft’s End-User License Agreement (EULA)
Software license agreement that contains the Microsoft Software License Terms
Must be accepted prior to installation of any Microsoft Windows product
Located in the Windows install folder or on the Microsoft website
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
15
Microsoft EULA Sections
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Updates
Additional Notices—Networks, Data, and Internet Usage
Limited Warranty
Exclusions from Limited Warranty
Windows Threats and Vulnerabilities
Successful attack: One that realizes, or carries out, a threat against vulnerabilities
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
17
Risk
Any exposure to a threat
Threat
Any action that could lead to damage, disruption, or loss
Vulnerability
Weakness in an operating system or application software
Windows Threats and Vulnerabilities
A threat is not necessarily dangerous
Fire in fireplace = desirable
Fire in data center = dangerous
For damage to occur, there has to be a threat
Attackers look for vulnerabilities, then devise an attack that will exploit the weakness
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
18
Anatomy of Microsoft Windows Vulnerabilities
Ransomware
Malicious software that renders files or volumes inaccessible through encryption
Attacker demands payment using cryptocurrency for the decryption key
Well-known ransomware attacks
CryptoLocker
Locky
WannaCry
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Most ransomware encrypts data and demands a payment using cryptocurrency in exchange for the decryption key.
19
Discovery-Analysis-Remediation Cycle
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
A recurring three-step process for addressing attacks
20
Discovery
Once an attack starts, attackers become as inconspicuous as possible
Need to compare suspect activity baseline (normal activity) to detect anomalies
Common method of accomplishing this is to use activity and monitoring logs
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
21
Analysis
Security information and event management (SIEM) tools
Collect and aggregate security-related information from multiple sources and devices
Help prepare data for correlation and analysis
Current vulnerability and security bulletin databases
Help you determine if others are experiencing same activity
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
SIEM tools can often cross-reference known vulnerability databases to help identify suspect behavior.
The analysis phase includes validating suspect activity as abnormal and then figuring out what is causing it.
22
Remediation
Contain any damage that has occurred, recover from any loss, and implement controls to prevent a recurrence
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
23
Common Forms of Attack
Threat Description
Phishing Generally start with a message that contains a link or image to click, or a file to open; taking these actions launches malware attacks
Malware Malicious software designed to carry out tasks that the user would not normally allow
Denial of service (DoS) Any action that dramatically slows down or blocks access to one or more resources
Injection attack Depends on ability to send instructions to an application that causes the application to carry out unintended actions; SQL injection is common
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
24
Common Forms of Attack (Cont.)
Threat Description
Unprotected Windows Share A situation that allows attackers to install tools, including malicious software
Session hijacking and credential reuse Attempts by attackers to take over valid sessions or capture credentials to impersonate valid users
Cross-site scripting Specially crafted malicious code used to attack web applications
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
25
Common Forms of Attack (Cont.)
Threat Description
Packet sniffing The process of collecting network messages as they travel across a network in hopes of divulging
sensitive information, such as passwords
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
26
Summary
Information systems security and the C-I-A triad
Microsoft Windows and a typical IT infrastructure
Vulnerabilities of Microsoft Windows systems and their applications
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
27