Explore
For Enterprise
Join for Free
Log In

Гуманитарные науки и искусства
Бизнес
Компьютерные науки
Наука о данных
Информационные технологии
здоровье
Математика и логика
Личное развитие
Естественные и технические науки
Социальные науки
Изучение языков
Степени
Сертификаты

Полный обзор Coursera

Обзор
Поиск
Для организаций
Войти
Присоединиться бесплатно

Network Attacks

Loading...

IT Security: Defense against the digital dark arts

4.8 (оценок: 2,808) | Зарегистрировано учащихся: 30K

Курс 1 из 5 — Сертификация специалиста по ИТ-поддержке Google Специализация

This course covers a wide variety of IT security concepts, tools, and best practices. It introduces threats and attacks and the many ways they can show up. We’ll give you some background of encryption algorithms and how they’re used to safeguard data. Then, we’ll dive into the three As of information security: authentication, authorization, and accounting. We’ll also cover network security solutions, ranging from firewalls to Wifi encryption options. Finally, we’ll go through a case study, where we examine the security model of Chrome OS. The course is rounded out by putting all these elements together into a multi-layered, in-depth security architecture, followed by recommendations on how to integrate a culture of security into your organization or team. At the end of this course, you’ll understand: ● how various encryption algorithms and techniques work as well as their benefits and limitations. ● various authentication systems and types. ● the difference between authentication and authorization. ● how to evaluate potential risks and recommend ways to reduce risk. ● best practices for securing a network. ● how to help others to grasp security concepts and protect themselves.

Просмотреть программу курса

Получаемые навыки

Cybersecurity, Wireless Security, Cryptography, Network Security

Рецензии

4.8 (оценок: 2,808)

5 stars
2,301 ratings
4 stars
408 ratings
3 stars
62 ratings
2 stars
19 ratings
1 star
18 ratings

TE

Oct 05, 2018

Thank you to all the instructors. I learned concrete and useful IT skills from the courses and especially from the projects. After completing this course, I feel I want to learn more and more.

DS

Jan 30, 2019

Course 1 and 5 are probably my favorite of the courses because i feel i learned a lot in these two the most, all are great i just really wanted to learn more about security which was course 5

Из урока

Understanding Security Threats

Welcome to the IT Security course of the IT Support Professional Certificate! In the first week of this course, we will cover the basics of security in an IT environment. We will learn how to define and recognize security risks, vulnerabilities and threats. We'll identify the most common security attacks in an organization and understand how security revolves around the "CIA" principle. By the end of this module, you will know the types of malicious software, network attacks, client-side attacks, and the essential security terms you'll see in the workplace.

Network Attacks3:41

Denial-of-Service3:21

Преподаватели

Google

Текст видео

A network attack that is simple in concept,

but can cause a lot of damage is a DNS Cache Poisoning attack.

You probably remember from the bits and bytes of computer networking course,

that DNS works by getting information about

IP addresses and names to make it easier for you to find a website.

A DNS Cache Poisoning attack works by tricking a DNS server into

accepting a fake DNS record that will point you to a compromised DNS server.

It then feeds you fake DNS addresses when you try to access legitimate websites.

Not only that, DNS Cache Poisoning can spread to other networks too.

If other DNS servers are getting their DNS information from a compromised server,

they'll serve those bad DNS entries to other hosts.

Several years ago, there was a large scale DNS Cache Poisoning attack in Brazil.

It appeared that attackers managed to poison the DNS cache of some local ISPs,

by inserting fake DNS records for

various popular websites like Google, Gmail, or Hotmail.

When someone attempted to visit one of those sites,

they were served a fake DNS record and were

sent to a server that the attacker controlled,

which hosted a small java applet.

The user would then be tricked into installing the applet,

which was actually a malicious banking trojan designed to steal banking credentials.

This is an example of the real world damage DNS Cache Poisoning attacks can pose.

You can learn more about it in the next supplementary reading.

A man-in-the-middle attack, is an attack that places the attacker in

the middle of two hosts that think they're communicating directly with each other.

It's clearly a name that needs some updating,

men aren't the only hackers out there.

The attack will monitor the information going to and from these hosts,

and potentially modify it in transit.

A common man-in-the-middle attack is a session hijacking or cookie hijacking.

Let's say you log into a website and forget to log out.

Now, you've already authenticated yourself to the website and

generated a session token that grants you access to that website.

If someone was performing a session hijacking,

they could steal that token and impersonate you on the website,

and no one wants that.

This is another reason to think about the CIA's of security,

you always want to make sure that the data that you are sending

or receiving has integrity and isn't being tampered with.

Another way a man-in-the-middle attack can be established is a rogue access point attack.

A rogue AP is an access point that is

installed on the network without the network administrator's knowledge.

Sometimes, in corporate environments,

someone may plug a router into their corporate network to

create a simple wireless network. Innocent enough, right?

Wrong. This can actually be pretty dangerous,

and could grant unauthorized access to an authorized secure network.

Instead of an attacker having to gain access to

a network by plugging directly into a network port,

they can just stand outside the building and hop onto this wireless network.

A final man-in-the-middle method will cover is called an evil twin.

It's similar to the rogue AP example but has a small but important difference.

The premise of an evil twin attack is for you

to connect to a network that is identical to yours.

This identical network is our networks evil twin and is controlled by our attacker.

Once we connect to it,

they will be able to monitor our traffic.

I wonder if Fred Weasley ever did this to George,

probably not, they were wizards.

They could just magic their way out of problems. Must be nice.

Ознакомьтесь с нашим каталогом

Присоединяйтесь бесплатно и получайте персонализированные рекомендации, обновления и предложения.

Coursera делает лучшее в мире образование доступным каждому, предлагая онлайн-курсы от ведущих университетов и организаций.

© Coursera Inc., 2019 Все права защищены.

Загрузить из App Store

Загрузить в Google Play

Coursera
О проекте
Руководство
Карьера
Каталог
Сертификаты
Сертификаты MasterTrack™
Степени
Для организаций
Для правительственных организаций

Сообщество
Learners
Partners
Developers
Beta Testers
Translators

На связи
Блог
Facebook
LinkedIn
Twitter
Instagram
YouTube
Технический блог

Еще
Условия
Конфиденциальность
Помощь
Доступность
Пресса
Контакты
Справочник
Филиалы