Cyber Security

Assignment # 1

Submitted To
Ma’am Rabia Aslam Khan
Submitted By

Hammad Arif (FA-19/BSIT/043)

Faculty of Computer Science

Layering:
Increase layers to serve as a shield against assaults. If an attacker bypasses one barrier, they must
bypass another, and each layer requires more work on their part. The layer's weakness has a major
impact on the system security.

Diversity:
Every layer should utilize a separate kind of security. It complements the layering approach well.

Obscurity:
Make internal operations so distinct and one-of-a-kind that it is incredibly challenging outsiders to
comprehend and identify them.

Simplicity:
The security system should not be too complex to implement. It might result in people missing
particular vulnerabilities in the process. It should be simple enough to be used, so people working in
it do not try finding shortcuts.

Case Project: Bay Pointe Security Consulting

Reducing the risk of data breaches and attacks in IT systems. Applying security controls to prevent
unauthorized access to sensitive information. Preventing disruption of services, e.g., denial-of-
service attacks. Protecting IT systems and networks from exploitation by outsiders.

In the case of cyberattacks and data breaches, companies and organizations are often viewed as
negligent for not protecting their customers' information. Governments also face blame when they
do not or cannot stop malicious cyber activities from happening on their soil.

Malware
Malware is malicious software that attacks information systems. Ransomware, spyware and Trojans
are examples of malware. Depending on the type of malicious code, hackers to steal or secretly copy
sensitive data, block access to files, disrupt system operations or make systems inoperable could use
malware.

Phishing
Phishing occurs when hackers socially engineer email messages to entice recipients to open them.
The messages trick recipients into downloading the malware within the email by either opening an
attached file or embedded link.

DDoS
DDoS take place when hackers bombard an organization's servers with large volumes of
simultaneous data requests, thereby making the servers unable to handle any legitimate requests.

SQL injection
SQL injection occurs when hackers insert malicious code into servers using the Structured Query
Language programming language to get the server to reveal sensitive data.

Q: 2
1. Confidentiality is the preservation of authorized restrictions on University information access
and disclosure, including means for protecting personal privacy and proprietary information.
Confidentiality has to do with the privacy of information, including authorizations to view,
share, and use it. Information with low confidentiality concerns may be considered "public"
or otherwise not threatening if exposed beyond its intended audience. Information with
high confidentiality concerns is considered secret and must be kept confidential to prevent
identity theft, compromise of accounts and systems, legal or reputational damage, and other
severe consequences.
2. Integrity is the protection against improper modification or destruction of University
information. It includes non-repudiation and authenticity.
Integrity has to do with the accuracy of information, including its authenticity and
trustworthiness. Information with low integrity concerns may be considered unimportant to
precise University activities or not necessary to vigorously check for errors. Information with
high integrity concerns is considered critical and must be accurate in order to prevent
negative impact on University activities.
Integrity concerns along with availability concerns contribute to data's criticality.
3. Install and run anti-virus software on your computer to detect and remove malware.
4. Back up your computer's data to protect yourself and the University from data loss or
corruption.
5. Enable your computer's firewall to block potentially harmful traffic.
6. Encrypt sensitive information to protect it from being read or misused if it's lost or stolen.
7. Password-protect your computer to prevent others from logging in and using your system
and files.
8. Regularly patch your computer's software and firmware to protect against the newest
vulnerabilities.
9. Physically secure your computer in a locked office when possible. Never leave laptop
computers unattended in public locations.
10. Configure your computer to automatically lock after fifteen minutes of inactivity.