1.3 Computer Security
Computer Security / Cyber Security
• The security given to the computer for protecting computer data, information, program and hardware from being lost and damaged is called computer security. • Proper computer security helps prevent viruses and malware, which allows programs to run quicker and smoother.
Hardware Security
The protection of computer Hardware from physical loss or theft and accidental harms is called Hardware Security.
Hardware security Measures:
- Regular maintenance:
- Insurance:
- Free from dust:
- Fire protection:
- Power protecting device:
- Protection from theft:
- Air condition system:
Why UPS is used in computer system?
UPS is used in computer system to supply backup electric power and to protect computer from power failure and power fluctuation of electric Voltage.
Software security:
The protection of software, program data, file, document etc. from being lost, damage or corrupted is known as software security. Some of the software security measures are:
• Use of password
• Backup system
• Virus prevention
• Scandisk
• Defragmentation
• Using original software
• Use of password
• Backup system
• Virus prevention
• Scandisk
• Defragmentation
• Using original software
Information Security (infosec)
Information security is the practice of protecting information from unauthorized access, misuse, destruction, or modification.
Key principles of Information Security
a) Confidentiality: - Only authorized users can access the data resources and information.
b) Integrity:- Only authorized users should be able to modify the data when needed.
c) Availability:- Data should be available to users when needed.
b) Integrity:- Only authorized users should be able to modify the data when needed.
c) Availability:- Data should be available to users when needed.
Security Threats
A risk which can potentially harm computer systems and organization. The cause could be physical such as someone stealing a computer that contains vital data. The cause could also be non-physical such as a virus attack.
Possible Security Threats
- Internal: The threats include fire, unstable power supply, humidity in the rooms housing the hardware, etc.
- External: These threats include Lightning, floods, earthquakes, etc.
- Human: These threats include theft, vandalism of the infrastructure and/or hardware, disruption, accidental or intentional errors.
- Loss or corruption of system data.
- Disrupt business operations that rely on computer systems.
- Loss of sensitive information.
- Unauthorized access to computer systems resources such as data.
- Internal: The threats include fire, unstable power supply, humidity in the rooms housing the hardware, etc.
- External: These threats include Lightning, floods, earthquakes, etc.
- Human: These threats include theft, vandalism of the infrastructure and/or hardware, disruption, accidental or intentional errors.
- Loss or corruption of system data.
- Disrupt business operations that rely on computer systems.
- Loss of sensitive information.
- Unauthorized access to computer systems resources such as data.
Malicious code (Malware)
Malicious code, also known as malware, refers to any software or code that is designed to harm, or gain unauthorized access to computer systems, networks, or data.It includes computer viruses, worms, Trojan horses and spyware.
Malicious code, also known as malware, refers to any software or code that is designed to harm, or gain unauthorized access to computer systems, networks, or data.
It includes computer viruses, worms, Trojan horses and spyware.
Types of malware
a) Virus: A virus is a man made destructive program which disturbs the normal functioning of the computer system. It is the most common type of malware which can execute itself and spread by infecting other programs or files.b) Worm: Worms are self-replicating programs that can spread across networks without human intervention.c) Trojan horse: Trojans appear as legitimate software but contain hidden malicious functionality. They can perform actions like stealing data, providing unauthorized access, or installing other malwared) Spyware: Spyware monitors a user's activities without their knowledge, often collecting sensitive information such as passwords, credit card details, and browsing habits..e) Keyloggers, also called system monitors, are used to see nearly everything a user does on their computer. This includes emails, opened web-s, programs and keystrokes.f) Adware: Adware displays unwanted advertisements to users, often generating revenue for attackers through pay-per-click schemes. While not always explicitly harmful, it can be disruptive and compromise user privacy.g) Ransomware: Ransomware encrypts a victim's data and demands a ransom in exchange for the decryption key. It can lead to data loss and operational disruption.
a) Virus: A virus is a man made destructive program which disturbs the normal functioning of the computer system. It is the most common type of malware which can execute itself and spread by infecting other programs or files.
b) Worm: Worms are self-replicating programs that can spread across networks without human intervention.
c) Trojan horse: Trojans appear as legitimate software but contain hidden malicious functionality. They can perform actions like stealing data, providing unauthorized access, or installing other malware
d) Spyware: Spyware monitors a user's activities without their knowledge, often collecting sensitive information such as passwords, credit card details, and browsing habits..
e) Keyloggers, also called system monitors, are used to see nearly everything a user does on their computer. This includes emails, opened web-s, programs and keystrokes.
f) Adware: Adware displays unwanted advertisements to users, often generating revenue for attackers through pay-per-click schemes. While not always explicitly harmful, it can be disruptive and compromise user privacy.
g) Ransomware: Ransomware encrypts a victim's data and demands a ransom in exchange for the decryption key. It can lead to data loss and operational disruption.
How to Protect a system from infection
a) Never download files from unknown or suspicious sources.b) Install antivirus software that features automatic updates and has the capability to detect all types of infections.c) Delete spam and junk emails without forwarding.d) Always scan a pen drive from an unknown source for viruses before using it.e) Regularly back up your documents, photos, and important email messages to the cloud or to an external hard drive. In the event of an infection, your information will not be lost.
a) Never download files from unknown or suspicious sources.
b) Install antivirus software that features automatic updates and has the capability to detect all types of infections.
c) Delete spam and junk emails without forwarding.
d) Always scan a pen drive from an unknown source for viruses before using it.
e) Regularly back up your documents, photos, and important email messages to the cloud or to an external hard drive. In the event of an infection, your information will not be lost.
Security mechanisms
A mechanism that is designed to detect, prevent, or recover from a security attack. It includes- Authentication Systems
- Firewalls
- Cryptography
- Antivirus Software
- Backup System
A mechanism that is designed to detect, prevent, or recover from a security attack. It includes
- Authentication Systems
- Firewalls
- Cryptography
- Antivirus Software
- Backup System
Authentication System
Authentication is the process of verifying the identity of a person or device.Authentication system makes sure that right people enters the system and access the right information.
Authentication is the process of verifying the identity of a person or device.
Authentication system makes sure that right people enters the system and access the right information.
Types of Authentication
Password
Password is a set of secret characters or words used to authenticate access to a digital system. It ensures that unauthorized users do not access the computer.
Criteria for strong password are:
- Do not keep a password which can be easily guessed such as date of birth, nickname, etc.
- Do not keep word as password that is currently popular.
- Keep a password with mixture of alphabet, symbols and numbers which is difficult to guess.
- Keep changing your password regularly.
- Password should be difficult to guess and determine and should be changed regularly and memorized
- Password should be at least 8 characters long.
- Do not keep a password which can be easily guessed such as date of birth, nickname, etc.
- Do not keep word as password that is currently popular.
- Keep a password with mixture of alphabet, symbols and numbers which is difficult to guess.
- Keep changing your password regularly.
- Password should be difficult to guess and determine and should be changed regularly and memorized
- Password should be at least 8 characters long.
Biometric
Biometrics are physical or behavioral human characteristics that can be used to digitally identify a person to grant access to systems, devices or data.- Examples of these biometric identifiers are fingerprints, facial patterns and voice.
- Computers and devices can unlock automatically when they detect the fingerprints of an approved user.
- Apple's Face ID (introduced with the iPhone X) authenticates users by facial recognition.
- Retinal scanners, which require an eye scan to allow authorized individuals to access secure areas.
Biometrics are physical or behavioral human characteristics that can be used to digitally identify a person to grant access to systems, devices or data.
- Examples of these biometric identifiers are fingerprints, facial patterns and voice.
- Computers and devices can unlock automatically when they detect the fingerprints of an approved user.
- Apple's Face ID (introduced with the iPhone X) authenticates users by facial recognition.
- Retinal scanners, which require an eye scan to allow authorized individuals to access secure areas.
Firewall
A firewall is a network security device or software application designed to monitor, filter, and control incoming and outgoing network traffic based on predetermined security rules.- Firewall blocks unwanted traffic as well as malicious software from infecting your computer.
- Firewalls helps to prevent unauthorized access.
- Software firewalls are designed to protect a computer by blocking certain programs from sending
- and receiving information from a local network or the Internet.
- Hardware firewalls are found on most network routers and can be configured through the router setup screen.
A firewall is a network security device or software application designed to monitor, filter, and control incoming and outgoing network traffic based on predetermined security rules.
- Firewall blocks unwanted traffic as well as malicious software from infecting your computer.
- Firewalls helps to prevent unauthorized access.
- Software firewalls are designed to protect a computer by blocking certain programs from sending
- and receiving information from a local network or the Internet.
- Hardware firewalls are found on most network routers and can be configured through the router setup screen.
Cryptography
Cryptography is a technique of securing information and communications through use of codes so that only those people for whom the information is intended can understand it and process it.The prefix “crypt” means “hidden” and suffix graphy means “writing”.- It involves the use of mathematical algorithms and methods to convert plain, readable data (plaintext) into a coded, unreadable form (ciphertext) to ensure confidentiality, integrity, authentication, and non-repudiation. Cryptography is used to secure and protect data during communication.
Cryptography is a technique of securing information and communications through use of codes so that only those people for whom the information is intended can understand it and process it.
The prefix “crypt” means “hidden” and suffix graphy means “writing”.
- It involves the use of mathematical algorithms and methods to convert plain, readable data (plaintext) into a coded, unreadable form (ciphertext) to ensure confidentiality, integrity, authentication, and non-repudiation. Cryptography is used to secure and protect data during communication.
Features of Cryptography
- Confidentiality: Information can only be accessed by the person for whom it is intended and no
- other person except him can access it.
- Integrity: Information cannot be modified in storage or transition between sender and intended receiver without any addition to information being detected.
- Non-repudiation: The creator/sender of information cannot deny his or her intention to send information at later stage.
- Authentication: The identities of sender and receiver are confirmed. As well as destination/origin of information is confirmed.
- Confidentiality: Information can only be accessed by the person for whom it is intended and no
- other person except him can access it.
- Integrity: Information cannot be modified in storage or transition between sender and intended receiver without any addition to information being detected.
- Non-repudiation: The creator/sender of information cannot deny his or her intention to send information at later stage.
- Authentication: The identities of sender and receiver are confirmed. As well as destination/origin of information is confirmed.
Techniques used in cryptography
- Encryption
- Decryption
- Encryption
- Decryption
Encryption
Encryption is a process which transforms the (plain text) original information into an unrecognizable form (cipher text) using key algorithms.Data is encrypted to make it safe from stealing. However, many known companies also encrypt data to keep their trade secret from their competitors.
Encryption is a process which transforms the (plain text) original information into an unrecognizable form (cipher text) using key algorithms.
Data is encrypted to make it safe from stealing. However, many known companies also encrypt data to keep their trade secret from their competitors.
Decryption
Decryption is a process of converting encoded/encrypted (cipher text) data in a form that is readable and understood (plain text) by a human or a computer.This method is performed by un-encrypting the text manually or by using keys used to encrypt the original data.
Decryption is a process of converting encoded/encrypted (cipher text) data in a form that is readable and understood (plain text) by a human or a computer.
This method is performed by un-encrypting the text manually or by using keys used to encrypt the original data.
KEY DIFFERENCE BETWEEN ENCRYPTION AND DECRYPTION
- Encryption is a process of converting normal data into an unreadable form whereas Decryption is a method of converting the unreadable/coded data into its original form.
- Encryption is done by the person who is sending the data to the destination, but the decryption is done at the person who is receiving the data.
- The same algorithm with the same key is used for both the encryption-decryption processes.
- Encryption is a process of converting normal data into an unreadable form whereas Decryption is a method of converting the unreadable/coded data into its original form.
- Encryption is done by the person who is sending the data to the destination, but the decryption is done at the person who is receiving the data.
- The same algorithm with the same key is used for both the encryption-decryption processes.
Antivirus software
Antivirus software is software designed to detect and remove virus from computer system and ensures virus free environment.E.g. Kaspersky, NAV, MSAV, McAfee, NOD 32 etc.Main use of antivirus is to protect computer from viruses and remove viruses that are detected and also protects data and programs from being corrupted.
Antivirus software is software designed to detect and remove virus from computer system and ensures virus free environment.
E.g. Kaspersky, NAV, MSAV, McAfee, NOD 32 etc.
Main use of antivirus is to protect computer from viruses and remove viruses that are detected and also protects data and programs from being corrupted.
Backup system
It is the system of copying data and programs into another location or creating a duplicate copy of it in a secured place.
Importance of Backup
Backup is vital to computer security system - to save the data from being lost or damaged due to accidental or intentional harm.
- To recover lost data and software.
These files are kept on hard disks, CDs and tapes and on the internet.
Backup is vital to computer security system
- to save the data from being lost or damaged due to accidental or intentional harm.
- To recover lost data and software.
These files are kept on hard disks, CDs and tapes and on the internet.
Power Protection Device
Power protection device is an electric device that controls electric voltage and provides enough backup to the computer system when there is power failure.- Computer needs 220 volts to 240 volts constantly.
Some common power protection devices are:a) UPSb) Volt Guardc) CVTd) Stabilizere) Spike Guardf) Surge Suppressor
Power protection device is an electric device that controls electric voltage and provides enough backup to the computer system when there is power failure.
- Computer needs 220 volts to 240 volts constantly.
Some common power protection devices are:
a) UPS
b) Volt Guard
c) CVT
d) Stabilizer
e) Spike Guard
f) Surge Suppressor
Why Power Protection Device needed?
To protect computer system from damage, expensive data loss and unnecessary down time (is out of action or unavailable for use).
Volt Guard.
A power protection device that provides constant output voltage to the computer system in case of high input voltage coming from the source.
UPS
UPS is a battery supported power protection device which controls the electric voltage and supplies clean and continuous power to the computer system even during power failures.
Importance of UPS
The importance of UPS in computer security system is that it controls fluctuation of electric voltage and provides enough backup electric power to the computer system when there is power failure.
Spike Guard
A device designed to protect electrical devices from voltage spikes.Automatically maintains a constant voltage level.
A device designed to protect electrical devices from voltage spikes.
Automatically maintains a constant voltage level.
I like this site thank you
ReplyDelete