COMPUTER SECURITY
💘
COMPUTER SECURITY RISK
💣
Definition of computer security risk:
Any event or action that could cause a loss of or damage to computer hardware, software,
data, information or processing capability.
data, information or processing capability.
Perpetrators of cybercrime and other intrusions fall into seven basic categories
- Hacker - someone who accesses a computer or network illegally
- Cracker - someone who accesses a computer or network illegally but has the intent of. destroying data, stealing information, or other malicious action
- Script kiddie - same intent as a cracker but does not have the technical skills and knowledge
- Corporate spies - have excellent computer and networking skills
- hired to break into a specific computer and steal its proprietary data and information.
- help identify security risks in their own organization.
- Unethical employees - break into their employers’ computers for a variety of reasons:
- want to exploit a security weakness
- seek financial gains from selling confidential information
- disgruntled employees may want revenge.
- Cyber extortionist - someone who uses e-mail as a medium for extortion
- Send an organization a threatening e-mail message indicating they will expose confidential information if they are not paid a sum of money.
- Cyberterrorist - someone who uses the Internet or network to destroy or damage computers for political reasons
- the nation’s air traffic control system,
- electricity-generating companies
- telecommunications infrastructure.
1. MALICIOUS CODE
I) COMPUTER VIRUS
A computer virus is a potentially damaging computer program that affects or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission.
II) WORM
A worm is a program that copies itself repeatedly.
III) TROJAN HORSE
A program that hides within or looks like legitimate program. It does not replicate itself to other computers.
2. UNAUTHORIZED ACCESS & USE
Unauthorized access
Unauthorized use - the use of a computer or its data for unapproved
Access control - security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer or possibly illegal activities .
PIN - a numeric password
Possessed object - any item that you must carry to gain access to a computer or computer facility.
3. HARDWARE THEFT
Hardware theft - the act of stealing computer equipment.
Hardware vandalisme - the act of defacing or destroying computer
equipment.
Safeguards :
- physical access control
- install alarm systems
- Device tracking app
- Use variety of encryption technque
To copy files to a second mediumas a precaution in case the first medium fails.
A data back up is the result of copying or achiving files and folders for the purpose of being able to restore them in case of data loss.
A firewall is a system designed to prevent unauthorized access to or from a private network.
Malicious code is code causing damage to a computer or system. It is code not easily or solely controlled through the use of anti-virus code
I) COMPUTER VIRUS
A computer virus is a potentially damaging computer program that affects or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission.
II) WORM
A worm is a program that copies itself repeatedly.
III) TROJAN HORSE
A program that hides within or looks like legitimate program. It does not replicate itself to other computers.
2. UNAUTHORIZED ACCESS & USE
- the use of a computer network without permission.
Unauthorized use - the use of a computer or its data for unapproved
Access control - security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer or possibly illegal activities .
PIN - a numeric password
Possessed object - any item that you must carry to gain access to a computer or computer facility.
3. HARDWARE THEFT
Hardware theft - the act of stealing computer equipment.
Hardware vandalisme - the act of defacing or destroying computer
equipment.
Safeguards :
- physical access control
- install alarm systems
- Device tracking app
4. SOFTWARE THEFT
Software theft :
- steals software media
- intentionally erases media
- illegally copies a program
- illegally registers and / or activates a program.
Safeguards :
- keep original software boxes and media
- back up their files and disks
- protect themselves from software piracy
5. INFORMATION THEFT
Information theft occur when someone steals personal or confidential information.
Safeguards :
- Protect information on computers located on organization's premises.
- Protect information on computers located on organization's premises.
- Use variety of encryption technque
- Encryption - process of converting readable data into unreadable characters to prevent unauthorized access.
6. SYSTEM FAILURE
A system failure is the prolonged malfunction of a computer. It can cause loss of hardware, software, data or information
- Electrical power variations
- Electrical disturbance
- noise
- Undervoltages
- Overvoltages
Safeguards :
- Use a surge protector
- Surge protector - uses electrical components to smooth out minor noise , provide a current flow and keep an overvoltages from reaching the computer and other electronic equipment.
SECURITY MEASURE
💥
Definition of Security Measures
The precautionary measures taken toward possible danger or damage.
1. DATA BACKUP
- Definition :
To copy files to a second mediumas a precaution in case the first medium fails.A data back up is the result of copying or achiving files and folders for the purpose of being able to restore them in case of data loss.
- Benefits :
If system fails , you can restore the files by copying the backed up files to their original location.
- Importance :
Prevent agaisnt data loss
- Data loss can be caused by :
- computer viruses
- hardware failures
- files corruption
- system failure or theft
2. CRYPTOGRAPHY
Cryptogrsphy
Technology of encoding information so it can only be read by authorized individuals
- Encryption
Process of converting readable data into unreadable characters to prevent unauthorized access
- Decryption
Process of decode encrypted data
- How ?
- Unencrypted ⇒ plain text
- Encrypted ⇒ cipher text
- To encrypt, plain text converted into cipher text using an encryption key.
3. ANTIVIRUS
Anti-virus software is a program or set of programs that are designed to prevent, search for, detect and remove software viruses and other malicious software like worms Trojan
horses, adware and more.
Basic Function :
- scan specific files or directories
- Allow to schedule scans
- Allow to initiate a scan of a specific files
- Remove any malicious code detected
4. ANTI SPYWARE
Spyware
Spyware is a type of malware that is installed on a computer without the user's knowledge in order to collect information about them.
Anti Spyware
Anti-spyware is a type of software that is designed to detect and remove unwanted spyware programs.
5. FIREWALL
A firewall is a system designed to prevent unauthorized access to or from a private network.
6. PHYSICAL ACCESS CONTROL
- Lock your laptop
- Locks door and windows
- Put the access code
- Pur the CCTV
- Make a policies
7. HUMAN ASPECTS
AWARENESS :
- Ethics - be a good cyber citizen
- Lock it when you leave
- Pishing Emails
- Dispose of Information Properly
- Protect data in mobile devices
