Security Incidents

Only available on StudyMode
  • Download(s) : 263
  • Published : February 11, 2013
Open Document
Text Preview
Security Incidents
Computer Forensics

Computer Forensics 641 11/1/2012



Abstract

In this document, the importance of security incidents is expressed as a high priority for any business that may possess valuable information. Computer networks are attacked more now than they have before, and in large numbers. There is a high demand for security within Information Technology to ensure that businesses, as well as their clients, do not fall victims to attacks that may compromise their assets. The categories of incidents explain the levels of risk according to the type of incident, as well as what classifies the incident levels. Security incidents are a major part of today’s world, and this document states the issues concerning the rise of e-commerce and products, such as software, that require access to the internet. Concluding the document is a brief example on how to identify and how to prevent a security incident by informing the reader what to look for as a potential threat and how to minimize vulnerabilities within a network.

Keywords
security incidents, categories of incidents, identify incidents, prevent incidents  

Table of Contents

Security Incidents ……………………………………………. 4 ➢Categories of Incidents ……………………………………… 5 ➢Security Issues in Today’s World …………………………… 6 ➢How to Identify a Security Incident ………………………… 7 ➢How to Prevent a Security Incident ………………………… 8 ➢Conclusion …………………………………………………… 9 ➢References …………………………………………………… 10


Security Incidents
Security incidents are imminent threats of violation of computer security policies, acceptable use policies, or standard security practices such as evidence of data tampering, unauthorized access or attempts at unauthorized access from internal and external sources, threats and attacks by an electronic medium, defaced Web pages, detection of some unusual activity such as malicious code or modified traffic patterns, denial-of-service attacks, and other malicious attacks and type of incidents that weaken the trust and confidence in information technology systems such as virus attacks that can damage the servers or the company’s workstations (EC-Council Press, 2010). Some examples of computer security incidents are; •An attacker commands a botnet to send high volumes of connection requests to a web server, causing it to crash. •Users are tricked into opening a “quarterly report” sent via email that is actually malware; running the tool has infected their computers and established connections with an external host. •An attacker obtains sensitive data and threatens that the details will be released publicly if the organization does not pay a designated sum of money. •A user provides or exposes sensitive information to others through peer-to-peer file sharing services (Cichonski, 2012). The most common computer security incident comes from the internal penetration of a company because the internal penetrator has no barriers to surpass in order to have access to the computer, and that their intrusion activity could be difficult to track. Three categories of users are identified: the masquerader, the legitimate, and the clandestine user. The masquerader is a user that steals credentials to have access to computers, pretending to be a trusted party. The legitimate user is the user that has been granted access to computer resources by an organization, and uses his or her credentials to use them. The clandestine user has or can get super user privileges. All these intrusions constitute a security threat to computer resources (Diaz-Gomez, 2010).

Categories of Incidents
Incidents can be classified as low-level, mid-level, or high-level incidents, depending on their intensity and effect. Low-level incidents are the least harmful incidents and should be handled within one working day. Low-level incidents consist of situations such as compromise of a password, suspected...
tracking img