magistrsko delo
Abstract
V magistrskem delu bomo opredelili pojem kibernetske varnosti, prav tako se bomo posvetili tudi vrstam in izvajalcem kibernetskih napadov. Predstavili bomo penetracijsko testiranje s katerim se vedno bolj srečujejo podjetja na trgu z namenom, da ugotovijo ranljivosti svojih sistemov in izboljšajo varnost znotraj podjetja.
Varnost informacijske tehnologije je zaščita računalniških sistemov, omrežij in podatkov pred nepooblaščenim dostopom, krajo, poškodbo ali drugimi vrstami kršitev varnosti. Zagotavlja zaupnost, celovitost in razpoložljivost informacij in virov ter nepooblaščenim uporabnikom preprečuje dostop do občutljivih informacij ali sistemov. Cilj kibernetske varnosti je zmanjšati možnosti za napad na računalniške sisteme in omrežja ter omejiti škodo, ki jo lahko povzroči uspešno izkoriščanje ranljivosti.
Izkoriščanje se nanaša na uporabo ranljivosti ali slabosti v računalniških sistemih ali omrežjih za pridobitev nepooblaščenega dostopa ali izvajanje drugih zlonamernih dejanj. Izkoriščanje je lahko v različnih oblikah, na primer z uporabo zlonamerne programske opreme, socialnega inženiringa ali hekerskih tehnik za pridobitev dostopa do sistemov, krajo informacij ali motenje poslovnih dejavnosti. Iz tega izhaja penetracijsko testiranje, kjer podjetja z namenom ugotovitve potencialnih ranljivosti najamejo profesionalne hekerje.
V drugem delu magistrskega dela bomo predstavili rezultate naših poizkusov vdora in izkoriščanja ranljivosti v predpripravljene sisteme. Iz praktičnega dela bomo izhajali in prišli do zaključkov in smiselnih napotkov za zagotovitev boljše kibernetske varnosti.
Keywords
informacijska varnost;kibernetska varnost;hekerji;socialni inženiring;penetracijski test;
Data
Language: |
Slovenian |
Year of publishing: |
2023 |
Typology: |
2.09 - Master's Thesis |
Organization: |
UM EPF - Faculty of Economics and Business |
Publisher: |
G. Šilak |
UDC: |
004.056.53 |
COBISS: |
161719043
|
Views: |
35 |
Downloads: |
2 |
Average score: |
0 (0 votes) |
Metadata: |
|
Other data
Secondary language: |
English |
Secondary title: |
Cyber security |
Secondary abstract: |
In this Master's thesis we will define the concept of cyber security, and we will also look at the types and perpetrators of cyber attacks. We will present penetration testing, which is increasingly being used by companies in the market to identify vulnerabilities in their systems and improve security within the company.
IT security is the protection of computer systems, networks and data from unauthorised access, theft, damage or other types of security breaches. It ensures the confidentiality, integrity and availability of information and resources and prevents unauthorised users from gaining access to sensitive information or systems. The aim of cyber security is to reduce the chances of attacks on computer systems and networks and to limit the damage that can be caused by the successful exploitation of vulnerabilities.
Exploitation refers to the use of vulnerabilities or weaknesses in computer systems or networks to gain unauthorised access or perform other malicious acts. Exploitation can take many forms, such as the use of malware, social engineering or hacking techniques to gain access to systems, steal information or disrupt business activities. This leads to penetration testing, where companies hire professional hackers to identify potential vulnerabilities.
In the second part of the master thesis, we will present the results of our attempts to penetrate and exploit vulnerabilities in pre-built systems. From the practical work we will draw conclusions and come up with meaningful guidance to ensure better cyber security. |
Secondary keywords: |
information security;cyber security;computer vulnerabilities;hackers;social engineering;penetration testing; |
Type (COBISS): |
Master's thesis/paper |
Thesis comment: |
Univ. v Mariboru, Ekonomsko-poslovna fak. |
Pages: |
V, 68 str. |
ID: |
18685066 |