TYPES OF COMPUTER SECURITY RISKS

-
TYPES OF COMPUTER SECURITY RISKS

Definition : Any event or action that could cause a loss of damage to computer hardware,software,data,information or processing capability.


MALICIOUS CODE (Virus,Worm,Trojan Horse)

Malicious code is code causing damage to a computer or system. It is code not easily or solely controlled through the use of anti-virus tools.

Computer Virus
  • Definition : A computer virus is a potentially damaging computer program that affects or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission.
  • Examples: Melissa, Tequila, Cascade, Invader  

Worm
  • A worm is a program that copies itself repeatedly.
  • For example in memory or on a network, using up resources and possibly shutting down the computer or network.
  • Examples: Jerusalem, Sobig,   Nimda, Morris Worm

Trojan Horse
  • A program that hides within or looks like a legitimate program. It does not replicate itself to other computers.
  • Examples: It can change your desktop, adding silly active desktop icons or they can cause serious damage by deleting files and destroying information on your system.
  • Examples: Netbus, Back Orifice, Subseven, Beast 


Computer Virus
Worm
Trojan Horse
Attached itself to a program or file which cannot spread without human action.
When we run or open a file in which virus is present then it starts effecting and starts spreading.
Worm is similar to virus but spreads without human action.
It gets multiplied or copied itself into hundred or thousands in number.
Spread itself into other computers through mail or address.
Similar to virus and worm but it does not spread or reproduce.
It looks similar to software but will actually damaged or once installed or run it.
Can cause severe damage such as deleting files.



UNAUTHORIZED ACCESS AND USE


Unauthorized Access
Unauthorized Use
The use of a computer or network without permission.
The use of a computer or its data for unapproved or possibly illegal activities.



  • To help prevent unauthorized access and use, they should have a written acceptable use policy (AUP) that outlines the computer activities for which the computer and network may and may not be used.
  • Access control : is a security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer.
  • Possessed object : is any item that you must carry to gain access to a computer or computer facility. 
  • Examples of possessed objects are badges, cards, smart cards and keys. 


HARDWARE THEFT


  • Hardware theft is the act of stealing computer equipment.
  • Hardware vandalism is the act of defacing or destroying computer equipment.

Safeguards against Hardware Theft and Vandalism:
  • physical access controls, such as locked doors and windows
  • install alarm systems in their buildings
  • physical security devices such as cables that lock the equipment to a desk



SOFTWARE THEFT

Software theft occurs when someone: 
  • Steals software media
  • Intentionally erases programs
  • Illegally copies a program
  • Illegally registers and/or activates a program.

Steals software media involves a perpetrator physically stealing the media that contain the software or the hardware that contains the media.


Safeguards against Software Theft
To protect software media from being stolen, owners should keep original software boxes and media in a secure location, out of sight of prying eyes.
All computer users should back up their files and disks regularly.
To protect themselves from software piracy, software manufacturers issue users license agreements.



INFORMATION THEFT


  • Information theft occurs when someone steals personal or confidential information.
  • If stolen, the loss of information can cause as much damage as (if not more than) hardware or software theft.

Safeguards against Information Theft
Protecting information on computers located on an organization’s premises.
To protect information on the internet and networks, organizations and individuals use a variety of encryption techniques.
Encryption is a process of converting readable data into unreadable characters to prevent unauthorized access.



SYSTEM FAILURE

  • A system failure is the prolonged malfunction of a computer
  • Can cause loss of hardware, software, data, or information.
  • These include aging hardware; natural disasters such as fires, floods, or hurricanes; random events such as electrical power  problems; and even errors in computer programs.


Safeguards against System failure
To protect against electrical power variations, use a surge protector.
A surge protector, also called a surge suppressor, uses special electrical components to smooth out minor noise, provide a stable current flow, and keep an overvoltage from reaching the computer and other electronic equipment.













Comments

Post a Comment

Popular posts from this blog

INTERNET SERVICES

-
Image
INTERNET SERVICES Types of Internet Services : World Wide Web (WWW) E-Mail Instant Messaging Voice over Internet Protocol (VoIP) Message Board File Transfer Protocol WORLD WIDE WEB (WWW) -Consist of a worldwide collection of electronic documents.Each electronic document called web page which can contain text,graphic,animation,audio and video.Have built in conections to other documents. Static (fixed) - visitor see all the same content. Dynamic - visitor can customize some or all of the viewed content such as desired stock quotes,weather for a region or ticket availability for flights. E-MAIL -Short for electronic mail. -Transmission of messages and files via a computer network.Consist of simple text or can contain attachment such as documents,graphics,audio or video clips. -Google and Yahoo! provide free e -mail services. -An e-mail address is a unique name that consist of a user name and domain name that identifies the user. -Basic form : username@host
Read more

SECURITY MEASURES

-
Image
SECURITY MEASURES Definition of security measures: The precautionary measures taken toward possible danger or damage. DATA BACKUP A data backup is the result of copying or archiving files and folders for the purpose of being able to restore them in case of data loss. Data loss can be caused by many things ranging from computer viruses, hardware failures, file corruption, system failure or theft.  Definition Benefits Importance To copy files to a second medium (a disk or tape) as a precaution in case the first medium fails In the case of system failure, you can restore the files by copying the backed up files to their original location. Prevent against data loss CRYPTOGRAPHY Cryptography Encryption Decryption Technology of encoding information so it can only be read by authirized individuals. Process of converting readable data i
Read more

TYPES OF WEBSITE

-
Image
TYPES OF WEBSITES Portal Business Blog Wiki Online Social Network PORTAL - A web site that offers variety of internet services from single,convenient location. - Provide the functions and features to authenticate and identify the users. - Privide with an easy,intuitive,personalized and user customizable web interface for facilitating access to information. - Have online community : Online community ; a web site that joins a specific group of people with similar interest or relationship. eg : KMPh portal e-learning,AltaVista,AOL,Excite,GO.com.iGoogle,Lycos,MSN and Yahoo!. - A wireless portal : designed for internet-enabled moble devices.Suppport a user with a smartphone or alphanumeric pager. BLOG - An informal web site consisiting of time stamped articles or posts in diary or journal format,usually listed in reverse chronological order. - Types of blog : vlog - a blog that contains video clips. Microblog - allows user to publish
Read more