Computer Security PDF
Document Details
Uploaded by Deleted User
Tags
Summary
This document provides an overview of computer security, including definitions, types of cyberattacks, and steps to ensure security. It covers topics such as cyber security, information security, and various types of attacks such as denial-of-service, backdoor, eavesdropping, phishing.
Full Transcript
COMPUTER SECURITY IT Security and Ethics JRM | GEC Elect 21.4 - Living in the IT Era Objectives Define computer security. List the different types of computer security. Describe the types of cyberattacks. Explain steps on how to ensure co...
COMPUTER SECURITY IT Security and Ethics JRM | GEC Elect 21.4 - Living in the IT Era Objectives Define computer security. List the different types of computer security. Describe the types of cyberattacks. Explain steps on how to ensure computer security. JRM | GEC Elect 21.4 - Living in the IT Era Computer Security Computer security refers to protecting and securing computers and their related data, networks, software, hardware from unauthorized access, misuse, theft, information loss, and other security issues. JRM | GEC Elect 21.4 - Living in the IT Era Types of computer security Cyber security means securing our computers, electronic devices, networks , programs, systems from cyber attacks. Cyber attacks are those attacks that happen when our system is connected to the Internet. Information security means protecting our system’s information from theft, illegal use and piracy from unauthorized use. Information security has mainly three objectives: confidentiality, integrity, and availability of information. JRM | GEC Elect 21.4 - Living in the IT Era Types of computer security Application security means securing our applications and data so that they don’t get hacked and also the databases of the applications remain safe and private to the owner itself so that user’s data remains confidential. Network security means securing a network and protecting the user’s information about who is connected through that network. JRM | GEC Elect 21.4 - Living in the IT Era Types of cyber attacks Denial of service attack or DOS is a kind of cyber attack in which the attackers disrupt the services of the particular network by sending infinite requests and temporary or permanently making the network or machine resources unavailable to the intended audience. Backdoor trojan horse or virus gets installed in our system and start affecting it’s security along with the main file. Consider an example: suppose you are installing free software from a certain website on the Internet. Unknowingly, along with this software, a malicious file also gets installed, and as soon as you execute the installed software that file’s malware starts affecting your computer security. JRM | GEC Elect 21.4 - Living in the IT Era Types of cyber attacks Eavesdropping refers to secretly listening to someone’s talk without their permission or knowledge. Attackers try to steal, manipulate, modify, hack information or systems by passively listening to network communication, knowing passwords etc. Phishing While fishing, we catch fish by luring them with bait. Similarly, in phishing, a user is tricked by the attacker who gains the trust of the user or acts as if he is a genuine person and then steals the information by ditching. Trick the users and they end up giving their personal information such as login details or bank details or card number etc. JRM | GEC Elect 21.4 - Living in the IT Era Types of cyber attacks Spoofing is the act of masquerading as a valid entity through falsification of data(such as an IP address or username), in order to gain access to information or resources that one is otherwise unauthorized to obtain. Spoofing is of several types- email spoofing, IP address spoofing, MAC spoofing , biometric spoofing etc. Malware Malicious + Software = Malware. Malware intrudes into the system and is designed to damage our computers. Different types of malware are adware, spyware, ransomware, Trojan horse, etc. JRM | GEC Elect 21.4 - Living in the IT Era Types of cyber attacks Social engineering involves manipulating users psychologically and extracting confidential or sensitive data from them by gaining their trust. The attacker generally exploits the trust of people or users by relying on their cognitive basis Polymorphic attacks Poly means “many” and morph means “form”, polymorphic attacks are those in which attacker adopts multiple forms and changes them so that they are not recognized easily. These kinds of attacks are difficult to detect due to their changing forms JRM | GEC Elect 21.4 - Living in the IT Era Steps to ensure computer security Always keep your Operating System up to date. Always use a secure network connection. Always install an Antivirus and keep it up to date. Enable firewall. Use strong passwords. Don’t trust someone easily. Keep your personal information hidden. Don’t download attachments that come along with e-mails unless and until you know that e-mail is from a genuine source. JRM | GEC Elect 21.4 - Living in the IT Era Steps to ensure computer security Don’t purchase things online from anywhere. Learn about computer security and ethics. If you are attacked, immediately inform the cyber cell so that they may take appropriate action and also protect others from getting attacked by the same person Don’t use pirated content. JRM | GEC Elect 21.4 - Living in the IT Era References https://www.geeksforgeeks.org/computer-security-overview/ CompTIA Security+ Guide to Network Security Fundamentals Fifth Edition, Cengage Learning 2015 JRM | GEC Elect 21.4 - Living in the IT Era
