Chapter 3 of the text (pp. 101-102) identifies and describes many different types of malicious attacks. Select three from the list and, using this reading and at least one additional outside source, write a 2-3 page APA-formatted paper (including cover page, running head, page numbers, APA headers, in-text citations and final Reference page) analyzing how these types of attacks are made, and how they can be combatted.
An attack on a computer system or network asset succeeds by exploiting a vulnerability in the system. There are four general categories of attacks. An attack can consist of all or a combination of these four categories: â€¢ Fabricationsâ€”Fabrications involve the creation of some deception in order to trick unsuspecting users.
â€¢ Interceptionsâ€”An interception involves eavesdropping on transmissions and redirecting them for unauthorized use.
â€¢ Interruptionsâ€”An interruption causes a break in a communication channel, which blocks the transmission of data.
â€¢ Modificationsâ€”A modification is the alteration of data contained in transmissions or files. As you learned earlier, security threats can be active or passive. Both types can have negative repercussions for an IT infrastructure. An active attack involves a modification of the data stream or attempts to gain unauthorized access to computer and networking systems. An active attack is a physical intrusion. In a passive attack, the attacker does not make changes to the system. This type of attack just eavesdrops on and monitors transmissions. Active threats include the following:
â€¢ Brute-force attacks
â€¢ Dictionary threats
â€¢ Address spoofing
â€¢ Replay attacks
â€¢ Man-in-the-middle attacks
â€¢ Social engineering
Such attacks are widespread and common. A growing number of them appear on an information systems security professionalâ€™s radar screen every year. Following is a description of several of the most common types of malicious attacks.