INSS: Security and protection
In today’s article, INSS: Safety and Security, a summary of points for those who need to know for the test will be presented, according to CEBRASPA’s analysis.
Strategy Contests produces articles on major topics. today’s topic covers 10.42% of the exam Computeras analyzed by our team illustrated below.
will address main rules for competition of the National Institute for Social Security. The goal is to pass the test.
Worms – INSS: Security and protection
Worms are programs that look like viruses, but are actually capable of automatically spreading across networks, sending copies of themselves from computer to computer.
In addition, they generally use communication networks to infect other computers (via e-mail, web, FTP, enterprise networks, among others).
Unlike a virus, a worm does not embed copies of itself in other programs or files and does not need to be explicitly launched to spread.
Therefore, its spread takes place by exploiting existing vulnerabilities or errors in the configuration of software installed on computers.
In this way, worms can spread in various ways, but the most common is network spread. Its outstanding feature is replication (a functional copy of itself) and infection of other computers without human intervention and without the need for a master program.
Therefore, worms are particularly responsible for consuming a lot of resources.
They significantly degrade the performance of networks and can fill up the computer’s hard disk, due to the large number of copies of themselves that they usually spread.
In addition, they can cause great inconvenience to those who receive such copies.
Bots or robots work in a similar way to a worm, as it is a program that can automatically reproduce by exploiting existing vulnerabilities or flaws in the configuration of software installed on a computer.
In addition to the worm, it has communication mechanisms with the attacker that allow remote control of the bot.
Bots await commands from hackers and can manipulate infected systems without the user’s knowledge. According to the literature, communication between an attacker and a computer via a bot can take place through IRC channels, web servers, and P2P networks, among others.
Thus, during communication, an attacker can send instructions for performing malicious actions, such as launching an attack, stealing data from an infected computer, and sending spam.
This is the meaning of botnet, an abbreviation of the words robot (bot) and network (network).
In this way, a network infected with bots is called a botnet (also known as a zombie network), and it usually consists of thousands of these malicious elements sitting on machines, waiting for an attacker’s command.
The more zombies (zombie computers) participate in the botnet, the more powerful it will be. An attacker in control of a botnet can use it to:
- collect data from a large number of computers;
- “click” on advertisements and generate false income;
- spamming on a massive scale; host phishing site;
- launch denial-of-service attacks that, among other things, prevent the use of Internet services.
Antivirus – INSS: Security and protection
An antivirus is a preventive and corrective tool that detects (and, in many cases, removes) computer viruses and other malicious programs (such as spyware and Trojans).
They do not prevent an attacker from exploiting any existing vulnerabilities on the computer. It also does not prevent unauthorized access to backdoors installed on the computer.
The term firewall is a link between computer networks that limits data communication traffic between the part of the network that is “inside” or “in front” of the firewall, thus protecting it from threats from the computer network that is “outside”. firewall.
Therefore, this protection mechanism is often used to protect a smaller network (such as company computers) from a larger network (such as the Internet).
A firewall must be installed at the point of connection between networks, where it controls the traffic entering and leaving the protected network through security rules.
It can be from a single computer, software running at the point of connection between computer networks, or a complex set of hardware and software (this scenario is the most common!).
It should be noted that this makes it a potential bottleneck for data traffic and, if not properly sized, can cause delays and reduce network performance.
Firewalls are implemented, as a rule, in devices that separate the internal and external networks, called bastion hosts.
When the bastion host goes down, the connection between the internal and external networks stops working.
The main features offered by firewalls are:
- Regulate data traffic between the local network and an untrusted external network by introducing packet or application filters;
- Prevent the transmission or reception of harmful or unauthorized access within the local network; a defense mechanism that limits the flow of data between networks, with the possibility of creating a “log” of incoming and outgoing network traffic;
- Protecting vulnerable or critical systems, hiding network information such as system names, network topology, user IDs, among others.
Email viruses are attachments to email messages. According to Microsoft (2013), a firewall cannot determine the content of messages and therefore cannot protect you from these types of viruses.
Therefore, an anti-virus program should be used to scan and delete suspicious attachments from e-mail before opening it.
Even if you have an antivirus program, you should not open an email attachment unless you are absolutely sure it is safe.
Therefore, phishing is a technique used to trick computer users into revealing personal or financial information, such as bank account passwords.
So a common online phishing attempt begins with an email received from a seemingly trustworthy source that actually directs recipients to provide information to a fraudulent website.
Therefore, a firewall cannot determine the content of email messages and therefore cannot protect you from this type of attack.
The firewall does not have an attack detection function. It performs packet filtering and then blocks unauthorized transmissions.
In this way, it operates between the external and internal networks, controlling the information traffic that exists between them, trying to ensure that this traffic is reliable, in accordance with the security policy of the website being accessed.
Also remember that a firewall is not an antivirus nor does it work as an antispyware.
Firewall (personal): software that controls access and communication between a computer and the Internet or local network. It blocks hackers and other unauthorized traffic and allows authorized traffic.
Firewall (network): a hardware, software, or both device that controls network access and communication between a network and the Internet or between two different parts of a network.
Cryptography – INSS: Security and protection
The word cryptography is derived from the Greek words KRIPTOS (secret, hidden, incomprehensible) and GRAPHO (writing, writing).
It is a set of concepts and techniques aimed at encoding information so that only the sender and receiver can access it.
Basic encryption terminology:
- message or text: data you want to protect. This text when in its original form, i.e. when transmitted, is called plain text or clear text.
- consignor or consignor: the person or service that sends the message.
- receiver or recipient: the person or service that will receive the message.
- coding: the process that plaintext goes through, turning into ciphertext.
- decoding: the process of recovering clear text from cipher text.
- Communication channel: is the medium used to exchange information.
- encode: the act of encrypting plaintext, as well as decryption is the act of deciphering ciphertext.
- Key: information held by the sender and recipient that will be used to encrypt and decrypt the text or message.
Digital signature – INSS: Security and protection
A digital signature is like a person’s personal signature, which only he could put on a document.
In this way, it is what guarantees the authenticity and completeness of the information (it was generated by the person who claims to have generated it and has not been changed), with non-repudiation, the sender cannot dispute the authenticity of the message. .
It works like this: the hash of the message is encoded using the user’s private key. Therefore, the public key is used to decode the hash. Message hashing is used because it is faster to hash a hash than a whole message. This generated hash is added to the signed document.
An electronic signature would be any electronic means that can be used to identify someone or something. It could simply be the password you use to log into your email.
Thus, a digital signature is a special example of an electronic signature, but not every electronic signature guarantees the integrity and authenticity of documents or messages.
The differences between a signature and a digital certificate are highlighted:
• It is a type of electronic signature.
• It results from the use of asymmetric encryption algorithms.
• Ensures authenticity and integrity.
• Electronic document signed by the CA.
• Contains various information about the holder such as name, CPF etc.
• Binds a person or entity to a public key.
Certificate Authority (CA)
Let’s take the example of a driver’s license. The certificate can be considered a driver’s license, the Certification Body acts as a type of licensing authority.
In the ICP, the CA issues, manages and revokes certificates for the end-user community.
In this way, the CA takes on the task of authenticating its end users and digitally signing certificate information before its distribution.
The CA is ultimately responsible for the credibility of the certificates it issues.
Registration Authority (AR) – INSS: Safety and Security
Although AR can be considered an extended component of ICP, administrators consider it necessary. As the number of end users within the ICP increases, so does the CA’s workload.
The AR serves as an intermediary entity between the CA and its end users, assisting the CA in its day-to-day certificate processing functions. AR is necessarily an entity operationally connected to AC, which is responsible for:
- identify certificate holders: individuals, organizations or equipment;
- forward CA requests for issuance and revocation of certificates;
- keep the documents presented for identification of the owner.
Concluding this article, it can be said that the main topics related to information security have been brought to the INSS test.
So focus on knowing not only the concepts but also mass solving as many questions as possible.
Hugs and good studying!
Do you want to know all about the upcoming competitions?
Check out our articles!
Competitions in 2022
Competitions in 2023