Lernkarten
Describe Trade Secrets and how they are used
- Patent or copyright could be used for such information, but both of the m provide the protection just for a limited time period
- Trade Secrets are often used by big software companies to protect their core base of intellectual property.
Whats a Patent and is it usable for software
- Protect the intellectual property rights of inventors
- 20 years exclusive usage of the invention
- After 20 years the invention is public available for everyone to use
- Must be new, must be useful, must not be obvious
- Does not provide adequate protection for computer software products
What are assets of an organization
- Information: All data of an organization
- Systems: The system includes any services provided for / from the organization (IT)
- Devices: server, desktop computers, portable laptops, tablets, smartphones, external devices e.g. printers
- Facilities: all physical location that an organization owns or rents
- Personnel: Working for an organization
- Intellectual Property: Assets which are intangible (immateriel)
- Brand names
- Creative output
- Secret recipes or product techniques
What could happen if an asset is lossed or disclouserd
- An overall security compromise (security breach, security leck)
- Loss of productivity
- Reduction of profits
- Additional expenditures (Auslagen / Ausgaben)
- Discontinuation (Stilllegung / Unterbrechung) of the organization
- And more …
waht are the military and business data classifications
Military :
- Top secret
- Secret
- Confidential
- Sensitive but unclassified
- unclassified
The unauthorized disclosure of top-secret data will have drastic effects and cause grave damage to national security. The unauthorized disclosure of data classified as secret will have significant effects and cause critical damage to national security. The unauthorized disclosure of data classified as confidential will have noticeable effects and cause serious damage to national security. Sensitive but unclassified is used for data that is for internal use.
Business:
- Confidental / Private
- Sensitive
- Public
What is SSH, why is it used and what are the advantages compared to older technologies as e.g. ftp, telnet, rlogin ...
Secure Shell replaces unsecure remote configuration operations as e.g.: telnet, ftp, rlogin, rsh, rcp and rexec. Old commands and protocols transmit the content in plain text rather than encrypted format.
Advantages: encrypts data, offers different authentication methods e.g. password authentication, Pubkey Authentication
What is suspicious behaviour of a process?
process running with open network socket, that doesn’t show up on a similar system, network saturation (Ausnutzung) from a single host but nothing in the file system, programm eating up 100% CPU power but nothing in the file system
What is a reverse shell and a bind shell how do they work together and what can happen?
Bind Shell: Attacker connects to a victim on a listening port
Reverse Shell: Victim connects to attacker on listening port
Can be done with netcat, which then allows to transfer files
