TYPES OF COMPUTER SECURITY RISKS

-
TYPES OF COMPUTER SECURITY RISKS

Definition : Any event or action that could cause a loss of damage to computer hardware,software,data,information or processing capability.


MALICIOUS CODE (Virus,Worm,Trojan Horse)

Malicious code is code causing damage to a computer or system. It is code not easily or solely controlled through the use of anti-virus tools.

Computer Virus
  • Definition : A computer virus is a potentially damaging computer program that affects or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission.
  • Examples: Melissa, Tequila, Cascade, Invader  

Worm
  • A worm is a program that copies itself repeatedly.
  • For example in memory or on a network, using up resources and possibly shutting down the computer or network.
  • Examples: Jerusalem, Sobig,   Nimda, Morris Worm

Trojan Horse
  • A program that hides within or looks like a legitimate program. It does not replicate itself to other computers.
  • Examples: It can change your desktop, adding silly active desktop icons or they can cause serious damage by deleting files and destroying information on your system.
  • Examples: Netbus, Back Orifice, Subseven, Beast 


Computer Virus
Worm
Trojan Horse
Attached itself to a program or file which cannot spread without human action.
When we run or open a file in which virus is present then it starts effecting and starts spreading.
Worm is similar to virus but spreads without human action.
It gets multiplied or copied itself into hundred or thousands in number.
Spread itself into other computers through mail or address.
Similar to virus and worm but it does not spread or reproduce.
It looks similar to software but will actually damaged or once installed or run it.
Can cause severe damage such as deleting files.



UNAUTHORIZED ACCESS AND USE


Unauthorized Access
Unauthorized Use
The use of a computer or network without permission.
The use of a computer or its data for unapproved or possibly illegal activities.



  • To help prevent unauthorized access and use, they should have a written acceptable use policy (AUP) that outlines the computer activities for which the computer and network may and may not be used.
  • Access control : is a security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer.
  • Possessed object : is any item that you must carry to gain access to a computer or computer facility. 
  • Examples of possessed objects are badges, cards, smart cards and keys. 


HARDWARE THEFT


  • Hardware theft is the act of stealing computer equipment.
  • Hardware vandalism is the act of defacing or destroying computer equipment.

Safeguards against Hardware Theft and Vandalism:
  • physical access controls, such as locked doors and windows
  • install alarm systems in their buildings
  • physical security devices such as cables that lock the equipment to a desk



SOFTWARE THEFT

Software theft occurs when someone: 
  • Steals software media
  • Intentionally erases programs
  • Illegally copies a program
  • Illegally registers and/or activates a program.

Steals software media involves a perpetrator physically stealing the media that contain the software or the hardware that contains the media.


Safeguards against Software Theft
To protect software media from being stolen, owners should keep original software boxes and media in a secure location, out of sight of prying eyes.
All computer users should back up their files and disks regularly.
To protect themselves from software piracy, software manufacturers issue users license agreements.



INFORMATION THEFT


  • Information theft occurs when someone steals personal or confidential information.
  • If stolen, the loss of information can cause as much damage as (if not more than) hardware or software theft.

Safeguards against Information Theft
Protecting information on computers located on an organization’s premises.
To protect information on the internet and networks, organizations and individuals use a variety of encryption techniques.
Encryption is a process of converting readable data into unreadable characters to prevent unauthorized access.



SYSTEM FAILURE

  • A system failure is the prolonged malfunction of a computer
  • Can cause loss of hardware, software, data, or information.
  • These include aging hardware; natural disasters such as fires, floods, or hurricanes; random events such as electrical power  problems; and even errors in computer programs.


Safeguards against System failure
To protect against electrical power variations, use a surge protector.
A surge protector, also called a surge suppressor, uses special electrical components to smooth out minor noise, provide a stable current flow, and keep an overvoltage from reaching the computer and other electronic equipment.













Comments

Post a Comment

Popular posts from this blog

NETWORK ARCHITECHTURE

-
Image
NETWORK ARCHITECTURE Definition  : The configuration of computers,devices and media on a network. Client-Server network Peer to peer Network Differences Between Client/Server and Peer to Peer Network Category Client/Server Peer-to-Peer Definition One or more computers act as a server and the other computers on the network request services from the server. Each computer called a peer,has equal responsibilities and capabilities,sharing hardware (such as a printer),data or information with other computers on the peer-to-peer network. Size For medium and large network. For small network fewer than 10 computers. Operating System Needs a specific operating system such as Windows Server 2008. Does not need a specific operating system. Training Need training. Does no need training. Set up More difficult to set up. Easy to set up. Installation More expensive to install. Less expensive to install. Implementation
Read more

INTERNET SERVICES

-
Image
INTERNET SERVICES Types of Internet Services : World Wide Web (WWW) E-Mail Instant Messaging Voice over Internet Protocol (VoIP) Message Board File Transfer Protocol WORLD WIDE WEB (WWW) -Consist of a worldwide collection of electronic documents.Each electronic document called web page which can contain text,graphic,animation,audio and video.Have built in conections to other documents. Static (fixed) - visitor see all the same content. Dynamic - visitor can customize some or all of the viewed content such as desired stock quotes,weather for a region or ticket availability for flights. E-MAIL -Short for electronic mail. -Transmission of messages and files via a computer network.Consist of simple text or can contain attachment such as documents,graphics,audio or video clips. -Google and Yahoo! provide free e -mail services. -An e-mail address is a unique name that consist of a user name and domain name that identifies the user. -Basic form : username@host
Read more

RULES OF NETIQUETTE

-
Image
RULES OF NETIQUETTE Netiquette or net etiquette (etiquette on the Internet ) Is the code of acceptable behaviours users should follow while on the Internet or online cyberspace. It is conduct expexted of individuals while online. For : WWW,E-mail,Instant Messaging,Chat room,Newsgroup & message board. Image 1 NETIQUETTE GUIDELINES FOR ONLINE COMMUNICATIONS  Image 2 Golden Rule : Treat others a you would the to treat you. Be polite.Avoid offensive language. Avoid sending or posting flames,which are abusive or insulting messages.Do not participae in flame wars,which are exchanges of flames. Be careful when using sarcsm and humor,as it migh tbe misinterpreted. Do not use all captal letters,which equivalent of SHOUTING! Use emoticons to express emotion. Clearly identify spoiler,which is a message that reveals an outcome to a game or ending to a movie or program. Be forgiving of other's mistakes. Read the FAQ,if one exist. Image 3
Read more