Why are rootkits extremely difficult to identify?

Task 23.Define the type of Conditional Sentences and translate them correctly:

1. All the measures previously mentioned will do no good unless systems are kept up to date and properly maintained.

2. If we do not take care to construct passwords in a secure manner, they can be easily cracked by an attacker.

3. If we use the same eight-character password but use both upper- and lowercase letters, it will take the password cracker around six days to break the password.

4. If we have sufficiently planned and prepared in advance, we should be able to easily protect our data from any disaster that is not global in scale. If we do not prepare for such an issue, we can very easily lose our data permanently.

5. If we evenly apply the same level of security to everything, we may be overprotecting some things that are not of high value and underprotecting things of much greater value.

6. If the physical security at the location where such data rests is weak, an attacker might be able to simply enter the building and steal a laptop, paper documentation, flash drive, or disk from a server and walk right out with the data.

7. If systems and network devices were up-to-date with respect to patches, attackers would be unable to exploit vulnerabilities and thus could not install rootkits.

8. If they did not have rigid security measures in place, and they did not continuously evaluate them in order to find weaknesses, their businesses would quickly fail.

9. If we were not able to utilize encryption to protect the information we send over such channels, many of the Internet-based activities we enjoy today would be carried out at a much greater risk than they are carried out presently.

10. If we were to be audited by an outside agency—the Business Software Alliance (BSA), for instance—and we were found to be running large quantities of unlicensed software, the financial penalties could be severe indeed.

11. If our logical controls were implemented properly and were successful, an attacker or unauthorized user could not access our applications and data without subverting the controls that we had in place.

12. Had the organization taken the necessary steps to protect its data by encrypting it, it would not have had such a large security incident.

UNIT 3

 Task 1.Read and translate the text using Essential Vocabulary:   

Text 3A. Expanded Top Ten Big Data Security and Privacy Challenges

Essential Vocabulary

acquisition n - сбор (данных), извлечение (информации)

challenge n – проблема, задача

commodity n - продукт массового спроса

compile v – составлять

dissemination n – распространение

diversity n – разнообразие

draft v – составить

end-point input – конечная точка доступа

fortify v - укреплять

granular adj – поэтапный, детальный

heterogeneous adj - неоднородный

hosting n – размещение, хостинг

inter-cloud – межоблачная

leverage v – по-новому применять

magnify v – усиливать, увеличивать

mining n – выборка, извлечение

necessitate v – делать необходимым, неизбежно влечь за собой

provenance n – происхождение

scalable adj – масштабируемый

streaming adj - потоковый

Security and privacy issues are magnified by the velocity, volume, and variety of Big Data. Therefore, traditional security mechanisms are inadequate. We highlight the top ten Big Data security and privacy challenges, which will motivate increased focus on fortifying Big Data infrastructures.

The term “Big Data” refers to the massive amounts of digital information companies and governments collect about human beings and our environment. The amount of data generated is expected to double every two years, from 2500 exabytes in 2013 to 40,000 exabytes in 2020. Large-scale cloud infrastructures, diversity of data sources and formats, the streaming nature of data acquisition and high volume inter-cloud migration all create unique security vulnerabilities.

It is not merely the existence of large amounts of data that is creating new security challenges. Big Data has been collected and utilized by many organizations for several decades. The current use of Big Data is novel because organizations of all sizes now have access to Big Data and the means to employ it. In the past, Big Data was limited to very large organizations such as governments and large enterprises that could afford to create and own the infrastructure necessary for hosting and mining large amounts of data. These infrastructures were typically proprietary and were isolated from general networks. Today, Big Data is cheaply and easily accessible to organizations large and small through public cloud infrastructure. Software infrastructures such as Hadoop enable developers to easily leverage thousands of computing nodes to perform data-parallel computing. Combined with the ability to buy computing power on-demand from public cloud providers, such developments greatly accelerate the adoption of Big Data mining methodologies. As a result, new security challenges have arisen from the coupling of Big Data with public cloud environments characterized by heterogeneous compositions of commodity hardware with commodity operating systems, and commodity software infrastructures for storing and computing on data.

As Big Data expands through streaming cloud technology, traditional security mechanisms tailored to securing small-scale, static data on firewalled and semi-isolated networks are inadequate.

Streaming data demands ultra-fast response times from security and privacy solutions.

The main purpose is to highlight the top ten Big Data security and privacy challenges according to practitioners. To do so, the working group utilized a three-step process to arrive at the top challenges in Big Data:

1. The working group interviewed Cloud Security Alliance (CSA) members and surveyed security-practitioner oriented journals to draft an initial list of high priority security and privacy problems.

2. The working group studied published solutions.

3. The working group characterized a problem as a challenge if the proposed solution did not cover the problem scenarios.

Based on this three-step process, the working group compiled the top ten challenges to Big Data security and privacy:

1. Secure computations in distributed frameworks.

2. Security best practices for non-relational data stores.

3. Secure data storage and transactions logs.

4. End-point input validation/filtering.

5. Real-time security monitoring.

6. Scalable privacy-preserving data mining and analytics.

7. Cryptographically enforced data security.

8. Granular access control.

9. Granular audits.

10. Data provenance.

In order to secure the infrastructure of Big Data systems, the distributed computations and data stores must be secured. To secure the data itself, information dissemination must be privacy-preserving, and sensitive data must be protected through the use of cryptography and granular access control. Managing the enormous volume of data necessitates scalable and distributed solutions for both securing data stores and enabling efficient audits and data provenance. Finally, the streaming data emerging from diverse end-points must be checked for integrity and can be used to perform real time analytics for security incidents to ensure the health of the infrastructure.

Task 2.Translate the following word combinations:

Data acquisition; expanded security and privacy challenges; to fortify Big Data infrastructures; commodity software /hardware; leverage computing nodes; public cloud environments; distributed frameworks; end-point input validation; granular access control; cryptographically enforced data security; data provenance.

Task 3. Answer the questions:

1. What does the text acquaint us with?

2. What’s the nature of the term “Big Data”?

3. Why are Big Data security and privacy issues magnified?

4. What’s the reason of unique security vulnerabilities connected with Big Data?

5. What can the streaming data emerging from diverse end-points be used for?

Task 4.Render the text:

The text is devoted to …

The introductory part is concerned with …

It is shown that …

The problems of … are outlined

The author stresses the importance of …

Special attention is paid to …

There are critical reviews on …

Recommendations for … are presented.

Conclusions regarding … are maid.

Task 5. Read and translate the text using Essential Vocabulary:

Мы поможем в написании ваших работ!