ASS 4 secu 422

docx

School

New Jersey City University *

*We aren’t endorsed by this school

Course

422

Subject

Electrical Engineering

Date

Apr 3, 2024

Type

docx

Pages

Uploaded by BarristerJackalMaster1076

Describe leading threats (Virus, Worm, Trojan Horses, Rootkits, Social Engineering, and Botnet). Describe the malware detection symptoms. Describe defense in depth. 1. Leading threats in the realm of cyber security start with viruses. Viruses is a malicious software that attaches itself to legitimate files in order to spread from one computer to the other. Worms on the other hand is a standalone program that replicates itself through networks without requiring any authorization. The most effective in my opinion trojan horse is a malware that not only disguises as a legitimate software, but it tricks users into downloading the software which can be done in a single click. Rootkit on the other hand is malware that is designed to conceal their presence on a system while providing unauthorized access to an attacker. Furthermore, social engineering is a technique in which attackers manipulate individuals’ confidentiality to provide them restricted access. This form of threat conjoined with a trojan horse, or a worm is very effective. Lastly, a botnet is a network of compromised bots that control a single entity. They are normally more effective in a large number of computers with other malware like worms or viruses. 2. The malware detection system includes software like Network intrusion detection, Host intrusion detection, antivirus, and security auditing. These systems input servers and system logs that are well coordinated and co relates logs from many systems which tract the status of incident disclosure. 3. Defense in the field of cyber security has many different layers beginning with perimeter defense, networks security, end point security, IAM and security monitoring/incident report. Network security is the farthest layer of defense which focuses on protecting the network’s perimeter from any unauthorized users. This can be as simple as a firewall or security gateway device. Network security on the other hand protects the internal network traffic k and communications this can involve NAC and VPNS. Furthermore, end point security refers to computer’s smartphones and servers; these are all devices that represent a potential entry point for hackers. Devices like host-based firewalls or EDR systems are used while securing and organizations endpoint. IAM other know as identity and access management identifies all the access rights and maintains them secure. Solutions can involve MFA, SSO, and cross sire scripting. Lastly, Incident response/security monitoring handles specifics attack

incidents. This group is a team of different specialists that have knowledge relating network protocols, OS, physicals security issues and malicious code.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version