Month: November 2014

  • Introduction to cyber security – Week 6, Network Security

    Firewall basics Blocks dangerous communications from spreading across network, either from outside into a network or within the network. Can be dedicated hardware, part of router or integrated with OS. Compares addressing and protocol information of datagram to rules setup in firewall’s software. If datagram comes from a hacker and the rules say block unknown…

  • Introduction to cyber security – Week 5, Cryptography

    Specialised area of mathematics concerned with protecting information. Anything that can be represented as 0s and 1s can be encrypted. Applications for cryptography include: Secure banking and payment systems Protecting conversations over mobile telephones Safeguarding wireless networks Securing files on hard disks and memory keys Authenticating electronic documents Electronic voting Securing media files – Digital…

  • Introduction to cyber security – Week 4, Networking and Communications

    What is the internet? Hierarchy of individual networks – from LANs to telephone networks. A network of networks. Two key design factors: No central controlling computer. All machines would have the same authority. Information should be deliverable along any route thereby being able to bypass machines which are unavailable. No distinct route required. How data…

  • Introduction to cyber security – Week 3, Malware

    Viruses Inserts copies of itself onto crucial parts of hard disk in applications and data. They are self-replicating and either start when the infected application starts each time or after starting once copy themselves and start each time the computer starts. Mainly written to harm users by destroying data, creating backdoors which can be exploited.…

  • Introduction to cyber security – Week 2, Authentiation

    Passwords – what are they for? Identification and authentication – Systems need to uniquely identify each user and prevent impersonation. Risks and solutions Password sent in plain text Passwords sent over SSL are encypted. Password stored in plain text Hashed version of the password stored in database. Hashing is a one-way process, it cannot be…

  • Introduction to cyber security – Week 1, Threat Landscape

    Terminology CIA – guiding principal Confidential – only to be read by right people Integrity – only changed by authorised people/processes Availability – available to read/use whenever we want Information assets Information asset could be customer data amongst other things Authentication – necessary to verify identity of source of request of information. Non-repudiation – ensuring…