Computer security

Table of Contents

TOC \o "1-3 " \h \z \u HYPERLINK \l "_Toc5 " Table of Contents PAGEREF _Toc5 \h 1

HYPERLINK \l "_Toc6 " Executive Summary PAGEREF _Toc6 \h 2

HYPERLINK \l "_Toc7 " Scope of Report PAGEREF _Toc7 \h 3

HYPERLINK \l "_Toc8 " Assumptions PAGEREF _Toc8 \h 3

HYPERLINK \l "_Toc9 " Vulnerabilities PAGEREF _Toc9 \h 3

HYPERLINK \l "_Toc0 " Corrective Measures for Security PAGEREF _Toc0 \h 3

HYPERLINK \l "_Toc1 " Measures for Security PAGEREF _Toc1 \h 3

HYPERLINK \l "_Toc2 " Encryption PAGEREF _Toc2 \h 3 p

HYPERLINK \l "_Toc3 " Passwords PAGEREF _Toc3 \h 3 HYPERLINK \l "_Toc4 " Updates and Patches PAGEREF _Toc4 \h 3

HYPERLINK \l "_Toc5 " Antivirus Software PAGEREF _Toc5 \h 3

HYPERLINK \l "_Toc6 " Firewalls PAGEREF _Toc6 \h 3 HYPERLINK \l "_Toc7 " VPN PAGEREF _Toc7 \h 3

HYPERLINK \l "_Toc8 " Summary PAGEREF _Toc8 \h 3

HYPERLINK \l "_Toc9 " List of References PAGEREF _Toc9 \h 3 Executive Summary

Alice works from home for an oil company . Alice deals with confidential information and must do more to keep this data safe on her home computer , as well as when she is transmitting this data to her employer Covered in this report are some of the issues Alice and her employer face . Also covered in this report are ways Alice can better protect the information housed in the computer , and ways that data transmittal can be more secure

There are many risks when using the computer and internet . Some attacks are aimed directly at specific systems other attacks are indirect affecting a system because of information garnered from another computer . Though it might seem an impossible task , protecting a system and data can be achieved by learning about the risks and recommended ways of fixing them . The information gathered in this report came from internet reference materials as well as authoritative sites on computer security , systems , and applications

The hardware , software and downloads mentioned in this report are widely known and accepted as preventative measures and fixes for nefarious acts . No specific brands are mentioned other than Microsoft , because of the assumption that Alice is using Windows XP Professional

There are more risks mentioned than corrective measures because many of the measures offer protection from more than one risk

Social engineering and human error were intentionally left out of this report , as we assume that Alice is versed in maintaining confidentiality , and protects her passwords , as well as her office and computer . Other assumptions made in this report are common and hence justifiable

Scope of Report

This report will review the methods by which Alice can improve the security of the data she retains on her home computer and how the company can help Alice have a more secure internet connection

Assumptions

Alice is

a ) using a direct connection to the Internet

b ) is not using an antivirus program , or hard /software firewall

c ) not sure if she stays current with operating system and application updates and patches

d ) using email and instant messaging

e ) using Microsoft Windows XP

Vulnerabilities

1 ) Exploits

backdoors...