Wireless networking, more commonly termed as Wi-Fi, is the technology that opens your PDA or laptop computer to the world. However this technology is quite vulnerable to many exploits. A malicious intruder can use the most basic software to detect and capture the signal of your wireless device, along with usernames, passwords, emails and other data you would prefer to keep confidential. An intruder doesn’t have to be inside of your home or office building to manipulate a wireless signal. For example, they could be sitting outside in their car…

A social engineering attack is one in which the intended victim is somehow tricked into doing the attacker’s bidding. An example would be responding to a phishing email, following the link and entering your banking credentials on a fraudulent website. The stolen credentials are then used for everything from finance fraud to outright identity theft. An old adage comes to mind here, “it pays to be suspicious”. With socially engineered attacks, the opposite is also true – if you aren’t suspicious, you likely will end up paying. In addition to…

A computer connected to a computing network is potentially vulnerable to an attack. An “attack” is the exploitation of a flaw in a computing system (operating system, software program or user system) for purposes that are not known by the system operator and that are generally harmful. Attacks are always taking place on the Internet, at a rate of several attacks per minute on each connected machine. These attacks are mostly launched automatically from infected machines (by viruses, Trojan horses, worms, etc.) without their owner’s knowledge. In rarer cases, they…

Malware (for “malicious software”) is any program or file that is harmful to a computer user. Thus, malware includes computer viruses, worms, Trojan horses, and also spyware, programming that gathers information about a computer user without permission. Adware Generically, adware (spelled all lower case) is any software application in which advertising banners are displayed while the program is running. The authors of these applications include additional code that delivers the ads, which can be viewed through pop-up windows or through a bar that appears on a computer screen. The justification…

Confidentiality One of the major reasons to implement a cryptographic system is to ensure the confidentiality of the information being used. Confidentiality may be intended to prevent the unauthorized dis- closure of information in a local network or to prevent the unauthorized disclosure of information across a network. A cryptographic system must do this effectively in order to be of value. The need to keep records secure from internal disclosure may be just as great as the need to keep records secure from outside attacks. The effectiveness of a cryptographic…

Business continuity concepts One of the oldest phrases still in use today is “the show must go on.” Nowhere is that more true than in the world of business, where downtime means the loss of significant revenue with each passing minute. Business continuity is primarily concerned with the processes, policies, and methods that an organization follows to minimize the impact of a system failure, network failure, or the failure of any key component needed for operation—that is, essentially whatever it takes to ensure that the business continues and that the…

Environmental controls The location of your computer facility is critical to its security. Computer facilities must be placed in a location that is physically possible to secure. Additionally, the location must have the proper capabilities to manage temperature, humidity, and other environmental factors necessary to the health of your computer systems. HVAC If the computer systems for which you’re responsible require special environmental considerations, you’ll need to establish cooling and humidity control. Ideally, systems are located in the middle of the building, and they’re ducted separately from the rest of…

Security Policy Training and Procedures Security awareness and training are critical to the success of a security effort. They include explaining policies, procedures, and current threats to both users and management. A security awareness and training program can do much to assist in your efforts to improve and maintain security. Such efforts need to be ongoing, and they should be part of the organization’s normal communications to be effective. Communicating with Users to Raise Awareness Communication and awareness help ensure that security information is conveyed to the appropriate people in…

Preparation Preparing for incident response involves multiple factors. The first step is outlining how you intend to respond to specific incidents. Formulating an IRP is part of that preparation. You also will need to identify the personnel and resources needed for your response. For example, if you intend to take a server offline in the event that it is breached, do you have a backup server available? In the event of a suspected computer crime, which of your personnel are qualified to perform the initial forensic processes? If no one…

The five steps outlined here will help in all incident response situations. For the exam, however, there are a number of procedures and topics about which CompTIA wants you to be aware that are relevant to a forensic investigation. We strongly recommend that you familiarize yourself with these topics as you prepare for the exam. Act in Order of Volatility When dealing with multiple issues, address them in order of volatility (OOV); always deal with the most volatile first. Volatility can be thought of as the amount of time that…