8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

CW3551-DATA AND INFORMATION SECURITY

UNIT II - SECURITY INVESTIGATION

UNIT II - SECURITY INVESTIGATION 9

Need for Security, Business Needs, Threats, Attacks, Legal, Ethical and Professional Issues - An
Overview of Computer Security - Access Control Matrix, Policy-Security policies, Confidentiality
policies, Integrity policies and Hybrid policies.

Topics:
1. Need for Security, Business Needs
2. Threats
3. Attacks
4. Legal, Ethical and Professional Issues
5. An Overview of Computer Security- Access Control Matrix
6. Policy -Security policies
7. Confidentiality policies
8. Integrity policies
9. Hybrid policies

1. Need for Security, Business Needs:

NEED FOR SECURITY
The purpose of information security management is to ensure business continuity and reduce
business damage by preventing and minimizing the impact of security incidents. The Audit Commission
Update report (1998) shows that fraud or cases of IT abuse often occur due to the absence of basic
controls, with one half of all detected frauds found by accident. An Information Security Management
System (ISMS) enables information to be shared, whilst ensuring the protection of information and
computing assets.
At the most practical level, securing the information on your computer means:

1. Ensuring that your information remains confidential and only those who should access that information,
can.
2. Knowing that no one has been able to change your information, so you can depend on its accuracy
(information integrity).
3. Making sure that your information is available when you need it (by making back-up copies and, if
appropriate, storing the back-up copies off-site).

BUSINESS NEEDS FIRST

Information security performs four important functions for an organization:

a. Protects the organization’s ability to function
b. Enables the safe operation of applications implemented on the organization’s IT systems.

about:blank 1/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

c. Protects the data the organization collects and uses.

d. Safeguards the technology assets in use at the organization.

Protecting the functionality of an organization

ü Decision makers in organizations must set policy and operate their organizations in compliance with the
complex, shifting legislation that controls the use of technology.

Enabling the safe operation of applications

Organizations are under immense pressure to acquire and operate integrated, efficient, and
capable applications.
 The modern organization needs to create an environment that safeguards applications using the
organization’s IT systems, particularly those applications that serve as important elements of the
infrastructure of the organization.

Protecting data that organizations collect & use

 Protecting data in motion

 Protecting data at rest

 Both are critical aspects of information security.

 The value of data motivates attackers to seal, sabotage, or corrupts it.

 It is essential for the protection of integrity and value of the organization’s data

Safeguarding Technology assets in organizations

Must add secure infrastructure services based on the size and scope of the enterprise.
Organizational growth could lead to the need for public key infrastructure, PKI, an integrated system of
software, encryption methodologies.

2. Threats

Threats to Information Security

Information Security threats can be many like Software attacks, theft of intellectual property, identity theft,
theft of equipment or information, sabotage, and information extortion.

about:blank 2/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

Threat can be anything that can take advantage of a vulnerability to breach security and negatively alter,
erase, harm object or objects of interest.

Software attacks means attack by Viruses, Worms, Trojan Horses etc. Many users believe that malware,
virus, worms, bots are all same things. But they are not same, only similarity is that they all are malicious
software that behaves differently.

Malware is a combination of 2 terms- Malicious and Software. So Malware basically means malicious
software that can be an intrusive program code or anything that is designed to perform malicious
operations on system. Malware can be divided in 2 categories:

1. Infection Methods
2. Malware Actions
Malware on the basis of Infection Method are following:

1. Virus – They have the ability to replicate themselves by hooking them to the program on
the host computer like songs, videos etc and then they travel all over the Internet. The
Creeper Virus was first detected on ARPANET. Examples include File Virus, Macro Virus,
Boot Sector Virus, Stealth Virus etc.
2. Worms – Worms are also self-replicating in nature but they don’t hook themselves to the
program on host computer. Biggest difference between virus and worms is that worms are
network-aware. They can easily travel from one computer to another if network is available
and on the target machine they will not do much harm, they will, for example, consume hard
disk space thus slowing down the computer.
3. Trojan – The Concept of Trojan is completely different from the viruses and worms. The
name Trojan is derived from the ‘Trojan Horse’ tale in Greek mythology, which explains
how the Greeks were able to enter the fortified city of Troy by hiding their soldiers in a big
wooden horse given to the Trojans as a gift. The Trojans were very fond of horses and
trusted the gift blindly. In the night, the soldiers emerged and attacked the city from the
inside.
Their purpose is to conceal themselves inside the software that seem legitimate and when
that software is executed they will do their task of either stealing information or any other
purpose for which they are designed.
They often provide backdoor gateway for malicious programs or malevolent users to enter
your system and steal your valuable data without your knowledge and permission. Examples
include FTP Trojans, Proxy Trojans, Remote Access Trojans etc.

4. Bots –: can be seen as advanced form of worms. They are automated processes that are
designed to interact over the internet without the need for human interaction. They can be
good or bad. Malicious bot can infect one host and after infecting will create connection to

about:blank 3/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

the central server which will provide commands to all infected hosts attached to that
network called Botnet.
Malware on the basis of Actions:

1. Adware – Adware is not exactly malicious but they do breach privacy of the users. They
display ads on a computer’s desktop or inside individual programs. They come attached
with free-to-use software, thus main source of revenue for such developers. They monitor
your interests and display relevant ads. An attacker can embed malicious code inside the
software and adware can monitor your system activities and can even compromise your
machine.
2. Spyware – It is a program or we can say software that monitors your activities on computer
and reveal collected information to an interested party. Spyware are generally dropped by
Trojans, viruses or worms. Once dropped they install themselves and sits silently to avoid
detection.
One of the most common example of spyware is KEYLOGGER. The basic job of keylogger
is to record user keystrokes with timestamp. Thus capturing interesting information like
username, passwords, credit card details etc.
3. Ransomware – It is type of malware that will either encrypt your files or will lock your
computer making it inaccessible either partially or wholly. Then a screen will be displayed
asking for money i.e. ransom in exchange.
4. Scareware – It masquerades as a tool to help fix your system but when the software is
executed it will infect your system or completely destroy it. The software will display a
message to frighten you and force to take some action like pay them to fix your system.
5. Rootkits – are designed to gain root access or we can say administrative privileges in the
user system. Once gained the root access, the exploiter can do anything from stealing private
files to private data.
6. Zombies – They work similar to Spyware. Infection mechanism is same but they don’t spy
and steal information rather they wait for the command from hackers.

 Theft of intellectual property means violation of intellectual property rights like

copyrights, patents etc.
 Identity theft means to act someone else to obtain person’s personal information or to
access vital information they have like accessing the computer or social media account of a
person by login into the account by using their login credentials.
 Theft of equipment and information is increasing these days due to the mobile nature of
devices and increasing information capacity.
 Sabotage means destroying company’s website to cause loss of confidence on part of its
customer.
 Information extortion means theft of company’s property or information to receive
payment in exchange. For example ransomware may lock victims file making them

about:blank 4/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

inaccessible thus forcing victim to make payment in exchange. Only after payment victim’s
files will be unlocked.
These are the old generation attacks that continue these days also with advancement every year.
Apart from these there are many other threats. Below is the brief description of these new
generation threats.

 Technology with weak security – With the advancement in technology, with every passing
day a new gadget is being released in the market. But very few are fully secured and follows
Information Security principles. Since the market is very competitive Security factor is
compromised to make device more up to date. This leads to theft of data/ information from
the devices
 Social media attacks – In this cyber criminals identify and infect a cluster of websites that
persons of a particular organization visit, to steal information.
 Mobile Malware –There is a saying when there is a connectivity to Internet there will be
danger to Security. Same goes for Mobile phones where gaming applications are designed to
lure customer to download the game and unintentionally they will install malware or virus
on the device.
 Outdated Security Software – With new threats emerging everyday, updation in security
software is a prerequisite to have a fully secured environment.
 Corporate data on personal devices – These days every organization follows a rule
BYOD. BYOD means Bring your own device like Laptops, Tablets to the workplace.
Clearly BYOD pose a serious threat to security of data but due to productivity issues
organizations are arguing to adopt this.
 Social Engineering – is the art of manipulating people so that they give up their
confidential information like bank account details, password etc. These criminals can trick
you into giving your private and confidential information or they will gain your trust to get
access to your computer to install a malicious software- that will give them control of your
computer. For example email or message from your friend, that was probably not sent by
your friend. Criminal can access your friends device and then by accessing the contact list,
he can send infected email and message to all contacts. Since the message/ email is from a
known person recipient will definitely check the link or attachment in the message, thus
unintentionally infecting the computer.

Technical Data Threats – Why is it a threat?

Hacking: Hacking is now a multi-billion dollar industry for cybercriminals and provides
opportunities to extract data for political and monetary gains. Hacking refers to an unauthorized
user gaining access to a computer or a network. There are a variety of ways that hackers gain access
to networks or computers –some as intricate as altering a systems security, and others as
straightforward as guessing a user’s passwords or installing a keylogger.

about:blank 5/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

Cracking: Cracking is reverse engineering of software, passwords or encryption could lead to

unauthorized access to sensitive information. This is another form of hacking.
Malware: Malware (short for malicious software) disrupts computer operations, gathers sensitive
information, or gains access to a computer system to compromise data and information. Antivirus
software and firewalls are typically used to keep malware off of computers. Examples of malware
include viruses, worms, spyware, ransomware, keyloggers and backdoors, but in reality malware
can be any program that operates against the requirements of the computer user.
Misuse: Employees may take advantage of entrusted resources or privileges for a malicious or
unintended purpose. Included in this category are administrative abuse, policy violations, and use of
non-approved assets. These actions can be either malicious or non-malicious in nature.
Errors: Errors such as system misconfigurations or programming errors can cause unauthorized
access by cybercriminals. Errors can occur in-house due to faulty programming, or hackers can find
loopholes that can cause errors as well.
Data Leakage: Unauthorized electronic or physical transmission of data or information from within
a company to an external destination or recipient could leave data in the wrong hands.
Cloud Computing: Storing unencrypted sensitive data with lax access controls leaves data stored
in the cloud vulnerable to improper disclosure. With the growing amount of organizations and
people using cloud computers, it’s more important now than ever before to protect your information
against hackers.
Mobile Devices: Mobile devices carrying sensitive data can be lost or stolen, possibly causing data
to fall into the wrong hands.
Availability Attacks: Availability attacks are structured cyberattacks to extort or damage
companies whose websites or online assets are a major source of revenue.
Advanced Persistent Threats (APT): The goal of an APT isn’t to corrupt files or tamper, but to
steal data as it continues to come in. Hackers attack computer systems while avoiding detection and
harvesting valuable information over a long period of time.
Third Parties / Service Providers: Third-party networks may be used by other external
cybercriminals as an initial access point into a company’s network.
Non-Technical Vulnerabilities – Why is it a threat?
Remember that data security isn’t only an electronic issue. Non-technical threats can affect your
business, too.
Physical: Theft, tampering, snooping, sabotage, vandalism, local device access, and assault can
lead to a loss of data or information.
Environmental: Natural events such as tornadoes, power loss, fires, and floods pose hazards to the
infrastructure in which data assets are located.
Insider Threat: Employees, contractors, or partners can commit fraud, espionage or theft of
intellectual property.
Social Media: Employees often fall victim to scams or reveal information not intended for public
knowledge on social media.

about:blank 6/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

Dumpster Diving: Improper disposal of sensitive data could lead to improper disclosures and
sensitive information just sitting in trash bins. Having internal procedures when disposing of
sensitive documents is crucial in preventing this kind of a non-technical vulnerability.
Social Engineering: Attackers rely heavily on human interaction to gain access to company
networks or systems, usually tricking users into breaking normal security procedures and revealing
their account credentials.

3. Attacks
It’s important to the distinction between active and passive attacks can be blurry, and some attacks
may involve elements of both. Additionally, not all attacks are technical in nature; social
engineering attacks, where an attacker manipulates or deceives users in order to gain access to
sensitive information, are also a common form of attack.
Active attacks:
Active attacks are a type of cybersecurity attack in which an attacker attempts to alter, destroy, or
disrupt the normal operation of a system or network. Active attacks involve the attacker
taking direct action against the target system or network, and can be more dangerous than passive
attacks, which involve simply monitoring or eavesdropping on a system or network.
Types of active attacks are as follows:
 Masquerade
 Modification of messages
 Repudiation
 Replay
 Denial of Service
Masquerade –
Masquerade is a type of cybersecurity attack in which an attacker pretends to be someone else in
order to gain access to systems or data. This can involve impersonating a legitimate user or system
to trick other users or systems into providing sensitive information or granting access to restricted
areas.
There are several types of masquerade attacks, including:
Username and password masquerade: In a username and password masquerade attack, an
attacker uses stolen or forged credentials to log into a system or application as a legitimate user.
IP address masquerade: In an IP address masquerade attack, an attacker spoofs or forges their
IP address to make it appear as though they are accessing a system or application from a
trusted source.
Website masquerade: In a website masquerade attack, an attacker creates a fake website that
appears to be legitimate in order to trick users into providing sensitive information or
downloading malware.
Email masquerade: In an email masquerade attack, an attacker sends an email that appears to be
from a trusted source, such as a bank or government agency, in order to trick the recipient
into providing sensitive information or downloading malware.

about:blank 7/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

Modification of messages –
It means that some portion of a message is altered or that message is delayed or reordered to
produce an unauthorized effect. Modification is an attack on the integrity of the original data. It
basically means that unauthorized parties not only gain access to data but also spoof the data by
triggering denial-of-service attacks, such as altering transmitted data packets or flooding the
network with fake data. Manufacturing is an attack on authentication. For example, a message
meaning “Allow JOHN to read confidential file X” is modified as “Allow Smith to read
confidential file X”.
Repudiation –
Repudiation attacks are a type of cybersecurity attack in which an attacker attempts to deny or
repudiate actions that they have taken, such as making a transaction or sending a message. These
attacks can be a serious problem because they can make it difficult to track down the source of the
attack or determine who is responsible for a particular action.
There are several types of repudiation attacks, including:
Message repudiation attacks: In a message repudiation attack, an attacker sends a message and
then later denies having sent it. This can be done by using spoofed or falsified headers or by
exploiting vulnerabilities in the messaging system.
Transaction repudiation attacks: In a transaction repudiation attack, an attacker makes a
transaction, such as a financial transaction, and then later denies having made it. This can be done
by exploiting vulnerabilities in the transaction processing system or by using stolen or falsified
credentials.
Data repudiation attacks: In a data repudiation attack, an attacker modifies or deletes data and
then later denies having done so. This can be done by exploiting vulnerabilities in the data
storage system or by using stolen or falsified credentials.
Replay –
It involves the passive capture of a message and its subsequent transmission to produce an
authorized effect. In this attack, the basic aim of the attacker is to save a copy of the data originally
present on that particular network and later on use this data for personal uses. Once the data is
corrupted or leaked it is insecure and unsafe for the users.
Denial of Service –
Denial of Service (DoS) is a type of cybersecurity attack that is designed to make a system or
network unavailable to its intended users by overwhelming it with traffic or requests. In a DoS
attack, an attacker floods a target system or network with traffic or requests in order to consume its
resources, such as bandwidth, CPU cycles, or memory, and prevent legitimate users from accessing
it.
There are several types of DoS attacks, including:
Flood attacks: In a flood attack, an attacker sends a large number of packets or requests to a
target system or network in order to overwhelm its resources.

about:blank 8/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

Amplification attacks: In an amplification attack, an attacker uses a third-party system or

network to amplify their attack traffic and direct it towards the target system or network,
making the attack more effective.
To prevent DoS attacks, organizations can implement several measures, such as:
[Link] firewalls and intrusion detection systems to monitor network traffic and block suspicious
activity.
[Link] the number of requests or connections that can be made to a system or network.
[Link] load balancers and distributed systems to distribute traffic across multiple servers or
networks.
[Link] network segmentation and access controls to limit the impact of a DoS attack.
Passive attacks: A Passive attack attempts to learn or make use of information from the system but
does not affect system resources. Passive Attacks are in the nature of eavesdropping on or
monitoring transmission. The goal of the opponent is to obtain information that is being transmitted.
Passive attacks involve an attacker passively monitoring or collecting data without altering or
destroying it. Examples of passive attacks include eavesdropping, where an attacker listens in on
network traffic to collect sensitive information, and sniffing, where an attacker captures and
analyzes data packets to steal sensitive information.
Types of Passive attacks are as follows:
 The release of message content
 Traffic analysis
The release of message content –
Telephonic conversation, an electronic mail message, or a transferred file may contain sensitive or
confidential information. We would like to prevent an opponent from learning the contents of these
transmissions.
Traffic analysis –
Suppose that we had a way of masking (encryption) information, so that the attacker even if
captured the message could not extract any information from the message.
The opponent could determine the location and identity of communicating host and could observe
the frequency and length of messages being exchanged. This information might be useful in
guessing the nature of the communication that was taking place.
The most useful protection against traffic analysis is encryption of SIP traffic. To do this, an
attacker would have to access the SIP proxy (or its call log) to determine who made the call.

4. Legal, Ethical and Professional Issues

Information Technology specifies to the components that are used to store, fetch and manipulate
the information at the minimum level with the server having an operating system. Information
Technology have a wide area of applications in education, business, health, industries, banking
sector and scientific research at a large level. With the leading advancement in information
technology, it is necessary to have the knowledge of security issues, privacy issues and main

about:blank 9/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

negative impacts of IT. To deal with these issues in IT society it is important to find out the ethical
issues.
Some of the major ethical issues faced by Information Technology (IT) are:
1. Personal Privacy
2. Access Right
3. Harmful Actions
4. Patents
5. Copyright
6. Trade Secrets
7. Liability
8. Piracy
These are explained with their affects as following below:
1. PersonalPrivacy:
It is an important aspect of ethical issues in information technology. IT facilitates the users
having their own hardware, operating system and software tools to access the servers that
are connected to each other and to the users by a network. Due to the distribution of the
network on a large scale, data or information transfer in a big amount takes place which
leads to the hidden chances of disclosing information and violating the privacy of any
individuals or a group. It is a major challenge for IT society and organizations to maintain
the privacy and integrity of data. Accidental disclosure to inappropriate individuals and
provisions to protect the accuracy of data also comes in the privacy issue.
2. AccessRight:
The second aspect of ethical issues in information technology is access right. Access right
becomes a high priority issue for the IT and cyberspace with the great advancement in
technology. E-commerce and Electronic payment systems evolution on the internet
heightened this issue for various corporate organizations and government agencies. Network
on the internet cannot be made secure from unauthorized access. Generally, the intrusion
detection system are used to determine whether the user is an intruder or an appropriate
user.

3. HarmfulActions:
Harmful actions in the computer ethics refers to the damage or negative consequences to the
IT such as loss of important information, loss of property, loss of ownership, destruction of
property and undesirable substantial impacts. This principle of ethical conduct restricts any
outsiders from the use of information technology in manner which leads to any loss to any
of the users, employees, employers and the general public. Typically, these actions
comprises of the intentional destruction or alteration of files and program which drives a
serious loss of resources. To recover from the harmful actions extra time and efforts are
required to remove the viruses from the computer systems.

about:blank 10/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

4. Patents:
It is more difficult to deal with these types of ethical issues. A patent can preserve the
unique and secret aspect of an idea. Obtaining a patent is very difficult as compared with
obtaining a copyright. A thorough disclosure is required with the software. The patent
holder has to reveal the full details of a program to a proficient programmer for building a
program.

5. Copyright:
The information security specialists are to be familiar with necessary concept of the
copyright law. Copyright law works as a very powerful legal tool in protecting computer
software, both before a security breach and surely after a security breach. This type of
breach could be the mishandling and misuse of data, computer programs, documentation
and similar material. In many countries, copyright legislation is amended or revised to
provide explicit laws to protect computer programs.

6. TradeSecrets:
Trade secrets is also a significant ethical issue in information technology. A trade secret
secures something of value and usefulness. This law protects the private aspects of ideas
which is known only to the discover or his confidants. Once disclosed, trade secret is lost as
such and is only protected by the law for trade secrets. The application of trade secret law is
very broad in the computer range, where even a slight head start in the advancement of
software or hardware can provide a significant competitive influence.

7. Liability:
One should be aware of the liability issue in making ethical decisions. Software developer
makes promises and assertions to the user about the nature and quality of the product that
can be restricted as an express warranty. Programmers or retailers possess the legitimate to
determine the express warranties. Thus they have to be practical when they define any
claims and predictions about the capacities, quality and nature of their software or hardware.
Every word they say about their product may be as legally valid as stated in written. All
agreements should be in writing to protect against liability. A disclaimer of express
warranties can free a supplier from being held responsible of informal, speculative
statements or forecasting made during the agreement stages.

8. Piracy:
Piracy is an activity in which the creation of illegal copy of the software is made. It is
entirely up to the owner of the software as to whether or not users can make backup copies
of their software. As laws made for copyright protection are evolving, also legislation that
would stop unauthorized duplication of software is in consideration. The software industry

about:blank 11/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

is prepared to do encounter against software piracy. The courts are dealing with an
increasing number of actions concerning the protection of software.

5. An Overview of Computer Security - Access Control Matrix

What is access control matrix in information security?

An access control matrix is a table that defines access permissions between specific subjects and
objects. A matrix is a data structure that acts as a table lookup for the operating system. For
example, Table 4.1 is a matrix that has specific access permissions defined by user and detailing
what actions they can enact.

Computer security refers to protecting and securing computers and their related data, networks,
software, hardware from unauthorized access, misuse, theft, information loss, and other security
issues. The Internet has made our lives easier and has provided us with lots of advantages but it has
also put our system’s security at risk of being infected by a virus, of being hacked, information
theft, damage to the system, and much more.

Technology is growing day by day and the entire world is in its grasp. We cannot imagine even a
day without electronic devices around us. With the use of this growing technology, invaders,
hackers and thieves are trying to harm our computer’s security for monetary gains, recognition
purposes, ransom demands, bullying others, invading into other businesses, organizations, etc. In
order to protect our system from all these risks, computer security is important.

Types of computer security

Computer security can be classified into four types:

1. Cyber Security: Cyber security means securing our computers, electronic devices, networks ,
programs, systems from cyber attacks. Cyber attacks are those attacks that happen when our system
is connected to the Internet.

2. Information Security: Information security means protecting our system’s information from
theft, illegal use and piracy from unauthorized use. Information security has mainly three
objectives: confidentiality, integrity, and availability of information.

3. Application Security: Application security means securing our applications and data so that they
don’t get hacked and also the databases of the applications remain safe and private to the owner
itself so that user’s data remains confidential.

4. Network Security: Network security means securing a network and protecting the user’s
information about who is connected through that network. Over the network hackers steal, the
packets of data through sniffing and spoofing attacks, man in the middle attack, war driving, etc,
and misuse the data for their benefits.

about:blank 12/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

GNANAMANI COLLEGE OF TECHNOLOGY

DEPARTMENT OF AI&DS

Steps to ensure computer security

In order to protect our system from the above-mentioned attacks, users should take certain steps to
ensure system security:

1. Always keep your Operating System up to date. Keeping it up to date reduces the risk of their
getting attacked by malware, viruses, etc.

2. Always use a secure network connection. One should always connect to a secure network. Public
wi-fi’s and unsecured networks should be avoided as they are at risk of being attacked by the
attacker.

3. Always install an Antivirus and keep it up to date. An antivirus is software that scans your PC
against viruses and isolates the infected file from other system files so that they don’t get affected.
Also, we should try to go for paid anti-viruses as they are more secure.

4. Enable firewall. A firewall is a system designed to prevent unauthorized access to/from a

computer or even to a private network of computers. A firewall can be either in hardware, software
or a combination of both.

5. Use strong passwords. Always make strong passwords and different passwords for all social
media accounts so that they cannot be key logged, brute forced or detected easily using dictionary
attacks. A strong password is one that has 16 characters which are a combination of upper case and
lower case alphabets, numbers and special characters. Also, keep changing your passwords
regularly.

6. Don’t trust someone easily. You never know someone’s intention, so don’t trust someone easily
and end up giving your personal information to them. You don’t know how they are going to use
your information.

7. Keep your personal information hidden. Don’t post all your personal information on social
media. You never know who is spying on you. As in the real world, we try to avoid talking to
strangers and sharing anything with them. Similarly, social media also have people whom you don’t
know and if you share all your information on it you may end up troubling yourself.

8. Don’t download attachments that come along with e-mails unless and until you know that e-mail
is from a genuine source. Mostly, these attachments contain malware which, upon execution infect
or harms your system.

9. Don’t purchase things online from anywhere. Make sure whenever you are shopping online you
are doing so from a well-known website. There are multiple fraud websites that may steal your card
information as soon as you checkout and you may get bankrupt by them.

10. Learn about computer security and ethics. You should be well aware of the safe computing and
ethics of the computing world. Gaining appropriate knowledge is always helpful in reducing cyber-
crime.

about:blank 13/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

about:blank 14/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

about:blank 15/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

about:blank 16/17
8/28/24, 10:37 PM CW3551-DIS-UNIT-II Notes

about:blank 17/17