Home Uncategorized App security

Uncategorized

App security

Objective: The objective of this discussion is to understand the threat and vulnerability of the Microsoft operating systems and to find ways to mitigate the security breach. Microsoft operating system is widely used in various organizations and finding strategies to defend against an attack is becoming difficult.

DQ1: Therefore, your task is to read the one of book titled “security strategies in windows platforms and application” and layout strategies you could use to mitigate the risk of an attack in Microsoft windows platform.

DQ2: Discuss the telnets of information security and how windows and application could be mapped into a typical IT Infrastructure that could help to secure the system?

Note: All discussions must adhere to APA 6th edition format. Please, do not post more than 200 words for the discussion. Please, don’t forget to create in-text citations before referencing any article. You may visit the content area to learn about the APA format.

Students Name
Professor’s Name
Course
Date

What is APA style?
Is an American Psychological writing style developed in 1929 by social scientist to guide writing.
Writing style for academic documents such as journals, thesis and books.
Consists of different rules and procedures to be observed during writing.
Writers and publishers use uniform elements in writing such as title page, paper citation, body presentation, punctuations and abbreviations, presentation of numbers and statistics and many others.

Writers and publishers can use the style purely or can modify it to achieve given writing standards. The format has been developed over the years to suit the growing needs of scientific writing.
2

What is the need of APA style?
The style was developed due to the need of uniform scientific reporting.
Uniformity and simplicity of the style enables users to be able to read through the documents faster with ease.
It provides clarity in the academic works by preventing language biasness.
The rules enables all facts and ideas to be disclosed without any distraction in the writings.

The style enables writers to follow rules in their work thereby making the writings consistent. Again, the style has a standard language to be used by every scholar or publisher. For this reason, the format enables accuracy in all academic writings.
3

General APA guidelines
The work should be typed and printed on a standardized white paper of 8.5 x 11 inch per paper.
The document should have a 1 inch margin in both sides.
The beginning of all the paragraphs should be indented by pressing Tab once or placing five spaces.(Lester et al. 35).
APA format recommends the use of 12 pt. of Times New Romans font for clarity.
The paper uses single space after periods or punctuation marks in every sentence.
The entire work is finally double spaced for clarity.

The general guidelines are set to ensure that all the work is clear and presentable. This is important as scholars don’t strain to read the information in the paper.
4

Grammar and Language in APA
The style encourages the use of active voice in all the writings (Szuchman et al. 37).
The author should always use bias free language in the writings.
Writers must observe grammatical rules which include;
Avoiding dangling modifiers
Ensuring verbs and subject agreement
Avoid using linguistic devices such as clichés, alliteration and rhyming words.
Use of correct spelling of words.
Avoid being redundant in the writing
The sentences should never begin with numbers.
Arthurs use less abbreviations in their work.

Observation of grammar rules enables the readers to get the actual ideas of the writer. Again, the rules enables scholars not to be confused as a result of usage of inconsistent words.
5

Title page
The title information should have a specific page.
It contains the heading, writers, and the institutional affiliation of the scholar. (Szuchman et al. 159).
It includes the running head flushed to the right with the page number flushed to the right. The format is as shown;
Running head: PAPER TITLE page number
Note that the paper title is in capital case while the running head in in small caps.
All other pages have headings flushed to the right as shown
PAPER TITLE page number

The title page is important in providing the first impression of the work. All the titles in the paper should be in the upper case except the one used in the title page which contains both upper and lower case caps. The main words should begin with upper case while miner words begin with lower case.
6

Title page
The main characters in the title should begin in capital letters while other words begin in small letters. (Szuchman and Lenore 91).
The information should be written in the middle of the page.
The heading should not be more than 12 words in length without any abbreviations.
The authors name is typed below the title starting with the first name, middle name(s) and the last name.
Institution affiliation is typed below the authors name.
All text in the title page should be double spaced.

The author’s name should not contain initials such as Dr., PHD. And others. Besides, the institution affiliation is used to indicate the place or facilities used by the aurthor to conduct the academic research.
7

Abstract
The writing should have an abstract.
The abstract provide an overview of the paper. (Szuchman and Lenore 74)
It should be between 75-100 words .
The abstract should be placed in it’s a different page after the title page.
It should be headed “Abstract” at the center in the upper end of the page.
The abstract should not be indented.

The abstract is used to show how the writer has organized the work. Again, it can be used to provide the main words in the paper.
8

Body
This part is always on a different section of the work.
The heading which is in both upper and lower case should appear at the center of the first line (Swales et al. 53) .
The introduction follows the title.
Headings should be used to organize the work and show important sections.
The author must in text the source documents used in the writing.
Visual figures can be used to illustrate given points.

The body always starts on the third page. In case the author uses visual figures and diagrams, they should be as simple as possible to enable the reader to understand the work.
9

Paper Citation
All the materials used must be cited in the paper (Swales et al. 63).
If the writer directly quotes from a material, citation must include the authors last name, year of publication and page of the book as shown;
“APA style is often difficult to use,”(John, 2014, p. 35), as students confuse it with other styles
Use paragraph numbers to cite online work with no page numbers.
In case of long quotations, omit the quotation marks then write the words indented from the left margin on a different section as illustrated below;
John’s (2014) study concluded that:
Many first year scholars encounter many challenges in APA formatting. However, with good practice, the students find the style very easy to use as compared with others. For this reason, most lectures encourage their learners to always use the style in their work.

Scholars have to cite their work to prevent plagiarism. Furthermore, citation is a way of recognizing and appreciating other scholars work in the academic field.
10

Paper Citation Cont’
When a writer has summarized or paraphrased a given authors work, the writers identity and period of publication is given as shown;
According to John (2014), APA formatting style is difficult for most first year students.
The page paraphrased can also be indicated but not a must.
Lectures always encourage students to use APA format in their writings (John, 2014, p. 35).
In case the material has two authors, “&” is used to include both names as shown;
Kennedy, G. C., & John, P. L. (2007). (Kennedy & John, 2007)
In case of three authors;
Maurice, K. A., Ken, E. L., & Vista, U. N. (2004).
First citation, (Maurice, Ken, & Vista, 2004)
Subsequent citations, (Maurice et al., 2004)

In citing a material published by two authors, always include both names of the writers in every place. However, in case of three authors, only use the three names of the writers in the first citing.
11

Paper Citation Cont’
More than three authors is cited as;
Felix, B. C., Alfred, M., Mali, K., MacCleopas, R. T., & Vista, M. (2004). Becomes, (Felix et al., 2004)
When citing materials from the internet, always use the last date the material was revised by the writer.
In case no authors are included in the work, use the main words of the title instead of the writer.
Use “n.d.” when the work has no date of formatting instead of the date.
For example,
John and Kennedy (2014) give important concepts in APA formatting style.
The APA style is one of the easiest formatting writing styles( APA Style, n. d.).

References
Sources used should have a separate page at the end of the work.(Szuchman et al. 84).
The page should be headed “Reference” in the middle of the first line of the paper.
Every cited works must be provided at the reference.
References should be having hanging indentions.
The sources should be given in an alphabetic manner using the last name of the first author.
Any sources apart from journal articles should have upper case in the first letter of a title or a subtitle, first words of proper nouns and letters after colon or a dash in the title.

The references enable the reader to be able to trace the facts in the research done.
13

References Cont’
All the main words in the journal title should be in capital letters (Szuchman et al. 143).
The titles of major materials should appear in italics.
Shorter works such as essays and some journals should not be quoted or italicized.
Arthurs names should start with last names then other initials follow.

In case the authors are more than six, list them then use “et al” after the sixth writer.
14

References Cont’
Single authors; Last name first, followed by author initials. For example;
John, K. (2014)…….
Incase of two authors , the writers names are given then & is used between the names as shown;
Kennedy, S., & Abril, W. I. (2007)…………..
When the authors are an organization,
American Dentist Association. (2007)……
When the paper uses citations with no authors name, a writer should use a shortened title of the work using the main words.
When two or more writings by the same author is given, the scholar should list them following each other according to the year of publication as shown,
John, J. K. (2008)…….
John, J. K. (2010)…….

References where authors have first similar names, the subsequent names should be used to arrange the sources alphabetically. Again, if the sources are from the same author in the same year, they should be organized alphabetically in the order of the article first word of the title.
15

References Cont’
The basic format for referencing books is given by (Szuchman and Lenore 84);
writers last name and initials(Year of publication or editing). Book heading. Place: printer
In case the book has been edited, it should contain the word “ed.” At the end of the title.
Electronic references;
Web page,
Scholars name (Last date of edition). Title of resource. Web address where the information was retrieved.
Online publications,
Author last name(s) and initials (last date of edition). Title of material, Heading of the publication, volume number(edition number). Date of retrieval, web page address

In case a author appears in a source document as a sole author then as a main writer in a group of writers, then the single author entry should be first. Besides, where, the authors name(s) are not there but the editors name are given, the editors last names and initials should be used.

Works Cited
Lester, James D., and James D. Lester. Writing research papers: A complete guide. Pearson, 2012.
Swales, John M., and Christine B. Feak. Academic writing for graduate students: Essential tasks and skills. Vol. 1. Ann Arbor, MI: University of Michigan Press, 2004.
Szuchman, Lenore T., and Barbara Thomlison. Writing with style: APA style for social work. Cengage Learning, 2010.
Szuchman, Lenore T. Writing with style: APA style made easy. Cengage Learning, 2013.

Security Strategies in Windows Platforms and Applications

Lesson

Microsoft Windows and the
Threat Landscape

www.jblearning.com

Cover image © Sharpshot/Dreamstime.com

Page ‹#›

Security Strategies in Windows Platforms and Applications

Learning Objective(s)

Describe information systems security and the inherent security features of the Microsoft Windows operating system.

Describe threats to Microsoft Windows and applications.

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Key Concepts
Information systems security and the C-I-A triad
Microsoft Windows and a typical IT infrastructure
Vulnerabilities of Microsoft Windows systems and their applications

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Information Systems Security
Defense in depth
A collection of strategies to make a computer environment safe
Information security
Main goal is to prevent loss
Most decisions require balance between security and usability
Security controls are mechanisms used to protect information

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Security Controls

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Type of Control

Administrative

Type of Function

Preventive

Detective

Corrective

Technical

Physical

C-I-A Triad

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
The practice of securing information involves ensuring three tenets of information security: confidentiality, integrity, and availability
Known as the C-I-A triad
Also known as the availability, integrity, and confidentiality (A-I-C) triad
Each tenet interacts with the other two and, in some cases, may conflict
6

Confidentiality
The assurance that the information cannot be accessed or viewed by unauthorized users
Examples of confidential information:
Financial information
Medical information
Secret military plans

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
A successful attack against confidential information enables the attacker to use the information to gain an inappropriate advantage or to extort compensation through threats to divulge the information.
7

Integrity
The assurance that the information cannot be changed by unauthorized users
Ensuring integrity means applying controls that prohibit unauthorized changes to information
Examples of integrity controls:
Security classification
User clearance

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Availability
The assurance that the information is available to authorized users in an acceptable time frame when the information is requested is availability
Examples of attacks that affect availability:
Denial of service (DoS)
Hacktivist

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Microsoft Windows and Applications in a Typical IT Infrastructure
IT infrastructure
Collection of computers, devices, and network components that make up an IT environment

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Microsoft Windows and Applications in a Typical IT Infrastructure
Common infrastructure components:
Client platforms
Network segments
Network devices
Server instances (often listed by function)
Cloud-based offerings, such as Microsoft Office 365 and Microsoft Azure

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

A Sample IT Infrastructure

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Windows Clients
Client systems provide functionality to end users; customer-facing systems
Include desktops, laptops, and mobile devices
Each application can be deployed on client systems as either a thin or a thick client
Windows 10
Newest and most popular Windows client operating system

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Windows Servers
Server computers provide services to client applications
Common server applications:
Web servers, application servers, and database servers
Windows Server 2019
Essentials, for small businesses
Standard, for most server functions
Datacenter, for large-scale deployments

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Microsoft’s End-User License Agreement (EULA)
Software license agreement that contains the Microsoft Software License Terms
Must be accepted prior to installation of any Microsoft Windows product
Located in the Windows install folder or on the Microsoft website

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Microsoft EULA Sections

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Updates

Additional Notices—Networks, Data, and Internet Usage

Limited Warranty

Exclusions from Limited Warranty

Windows Threats and Vulnerabilities
Successful attack: One that realizes, or carries out, a threat against vulnerabilities

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Risk

Any exposure to a threat

Threat

Any action that could lead to damage, disruption, or loss

Vulnerability

Weakness in an operating system or application software

Windows Threats and Vulnerabilities
A threat is not necessarily dangerous
Fire in fireplace = desirable
Fire in data center = dangerous
For damage to occur, there has to be a threat
Attackers look for vulnerabilities, then devise an attack that will exploit the weakness

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Anatomy of Microsoft Windows Vulnerabilities
Ransomware
Malicious software that renders files or volumes inaccessible through encryption
Attacker demands payment using cryptocurrency for the decryption key
Well-known ransomware attacks
CryptoLocker
Locky
WannaCry

Discovery-Analysis-Remediation Cycle

Discovery
Once an attack starts, attackers become as inconspicuous as possible
Need to compare suspect activity baseline (normal activity) to detect anomalies
Common method of accomplishing this is to use activity and monitoring logs

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.

Analysis
Security information and event management (SIEM) tools
Collect and aggregate security-related information from multiple sources and devices
Help prepare data for correlation and analysis
Current vulnerability and security bulletin databases
Help you determine if others are experiencing same activity

Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
SIEM tools can often cross-reference known vulnerability databases to help identify suspect behavior.
The analysis phase includes validating suspect activity as abnormal and then figuring out what is causing it.
22

Remediation
Contain any damage that has occurred, recover from any loss, and implement controls to prevent a recurrence

Common Forms of Attack
Threat Description
Phishing Generally start with a message that contains a link or image to click, or a file to open; taking these actions launches malware attacks
Malware Malicious software designed to carry out tasks that the user would not normally allow
Denial of service (DoS) Any action that dramatically slows down or blocks access to one or more resources
Injection attack Depends on ability to send instructions to an application that causes the application to carry out unintended actions; SQL injection is common

Common Forms of Attack (Cont.)
Threat Description
Unprotected Windows Share A situation that allows attackers to install tools, including malicious software
Session hijacking and credential reuse Attempts by attackers to take over valid sessions or capture credentials to impersonate valid users
Cross-site scripting Specially crafted malicious code used to attack web applications

Common Forms of Attack (Cont.)
Threat Description
Packet sniffing The process of collecting network messages as they travel across a network in hopes of divulging
sensitive information, such as passwords

Summary
Information systems security and the C-I-A triad
Microsoft Windows and a typical IT infrastructure
Vulnerabilities of Microsoft Windows systems and their applications

Turn in your highest-quality paper
Get a qualified writer to help you with

“ App security ”

Get high-quality paper

NEW! AI matching with writer

Hire a Writer

Client Reviews

4.9

Sitejabber

4.6

Trustpilot

4.8

Our Guarantees

100% Confidentiality

Information about customers is confidential and never disclosed to third parties.

Original Writing

We complete all papers from scratch. You can get a plagiarism report.

Timely Delivery

No missed deadlines – 97% of assignments are completed in time.

Money Back

If you're confident that a writer didn't follow your order details, ask for a refund.

New to Your Trusted Assignment Help Service? Sign up & Save

Calculate the price of your order

Type of paper needed:

Pages:

You will get a personal manager and a discount.

Academic level:

We'll send you the first draft for approval by at

Total price:

$0.00

Power up Your Academic Success with the
Team of Professionals. We’ve Got Your Back.

Power up Your Study Success with Experts We’ve Got Your Back.

Order Now Order Now