As a rule, the more sophisticated the rootkit,
4. The most basic type of hiding mechanism is …
5. Rootkits may also hide files in a number of ways, including …
6. Rootkits almost without exception also provide …
Task 11. Translate the following sentences paying attention to the participles:
1. When discussing information security issues or situations, it is helpful to have a model by which to do so.
2. We will first cover the basic knowledge needed to understand the key concepts of information security, discussing many of the concepts that underpin the security world.
3. In terms of access control systems, it is important to understand that, when dealing with computing environments, the logical and physical are often closely entangled.
4. Discretionary access control (DAC) is a model of access control based on access being determined by the owner of the resource in question.
5. The Jefferson Disk, invented by Thomas Jefferson in 1795, is a purely mechanical cryptographic machine.
6. We can control the flow of traffic between subnets, allowing or disallowing traffic based on a variety of factors, or even blocking the flow of traffic entirely if necessary.
7. To build defensive measures using this concept, we put in place multiple layers of defense, each giving us an additional layer of protection.
8. Many access control systems are set to deny by default, with the authorized users only being permitted access.
9. Monitoring is largely a reactive activity, with actions taken based on gathered data, typically from logs generated by various devices.
10. History is rich with the use of cryptography, with some of the oldest examples being used by the ancient Greeks and Romans.
11. The device built by Jefferson contained 36 disks, with each disk representing one character in the message.
12. When we segment a network, we divide it into multiple smaller networks, each acting as its own small network called a subnet.
Task 12.Read and translate the text:
Text 2C. Types of Rootkits
Essential Vocabulary
assign n – присваивать, назначать, определять
imply v – значить, подразумевать
innocuous adj – безобидный, безвредный
kernel mode – режим ядра, привилегированный режим
query n – запрос, опрос
Two fundamental types of rootkits, user-mode rootkits and kernel-mode rootkits, exist. The difference is based on the levels at which they operate and the type of software they change or replace.
|
|
|
User-mode Rootkits
User-mode rootkits replace executables and system libraries that system administrators and users use. The secure shell (SSH) program and the C library in Unix and Linux systems are two of the most common targets. For example, if a rootkit has replaced the SSH program, both the last date of modification and file length will be what they were when SSH was originally installed when system administrators enter commands to query for this information. Additionally, most rootkits target only a few executables and system libraries (often only one); the fewer executables and system libraries targeted, the less likely system administrators and users are to notice that something is wrong.
Kernel-mode Rootkits
As their name implies, kernel-mode rootkits change components within the kernel of the operating system on the victim machine or sometimes even completely replace the kernel. The kernel is the heart of an operating system; it provides fundamental services (e.g., input and output control) for every part of the operating system.
How Rootkits and Other Types of Malware Differ
As stated in the definition, a rootkit is a type of Trojan horse program. The term "Trojan horse program" actually refers to a wide range of hidden malicious programs; rootkits are thus one kind of Trojan program. Rootkits, however, go farther than conventional Trojans in that the latter are designed to go unnoticed, but do not incorporate active mechanisms that prevent them from being noticed. In general, the primary method of hiding Trojan horse programs is assigning an innocuous name, such as "datafile" or "misc," to them. In contrast, rootkits have mechanisms that actively hide their presence from anti-virus and anti-spyware programs, system management utilities, and system and network administrators. Additionally, Trojan programs are generally created within systems that have been compromised; i.e., they do not replace existing programs and files, but are instead new programs that are installed. As mentioned previously, in contrast rootkits actually replace operating system programs and system libraries.
|
|
|
Task 13.Find in the text a word that has the same or a similar meaning to the following:
Usual, basic, to alter, goal, initially, to mean, centre, harmless.
Task 14.Translate the following words and phrases:
Additionally; as their name implies; the fewer … the less; the more sophisticated the rootkit, the more proficient the hiding mechanisms are; as stated in the definition; as mentioned previously; thus; in general; in contrast; whereas; furthermore.
Task 15. Answer the questions:
Дата добавления: 2018-04-15; просмотров: 219; Мы поможем в написании вашей работы! |
Мы поможем в написании ваших работ!