Computer Security

 1. What is computer Security / Cyber Security? How can you secure your computer?

Ans: Computer security, also known as cyber security, refers to the practice of protecting computer systems, networks, and data from various forms of threats, attacks, and unauthorized access.

We can secure our computer using following way:

a) Use the best antivirus software, which not only provides protection to your PC but also internet protection and guards against cyber threats.

b) Do not download untrusted email attachments as these may carry harmful malware.

c) Never download software from unreliable sites as they may come with a virus that may infect your system as soon as you install the software.

2. What do you mean by information Security (infosec)? Write key principle of infosec.

The processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption.

Key principles of Information Security

a) Confidentiality:- Only authorized users can access the data resources and information.

b) Integrity:- Only authorized users should be able to modify the data when needed.

c) Availability:- Data should be available to users when needed.

3. What is Security Threats? Explain possible security threats.

A risk which can potentially harm computer systems and organization which could be physical such as someone stealing a computer that contains vital data and non-physical such as a virus attack phishing, etc.

Possible Security Threats

Internal: The threats include fire, unstable power supply, humidity in the rooms, housing of the hardware, etc.

External: These threats include Lightning, floods, earthquakes, etc.

Human: These threats include theft, vandalism of the infrastructure and/or hardware, disruption, accidental or intentional errors.

-Loss or corruption of system data.

-Disrupt business operations that rely on computer systems.

-Loss of sensitive information.

-Unauthorized access to computer systems resources such as data.

Phishing: Phishing is the fake attempt to obtain sensitive information such as usernames, passwords and credit card

Botnet: A botnet is a logical collection of Internet-connected devices such as computers, smart phones or internet of things (IoT) devices whose security have been breached and control is given away to a third party.

Rootkit: A rootkit is a malicious code (kit) that hides in system area provides continued Administrator's (root) privileged access to a computer

Keylogger: Keylogger is hardware or software for recording the keys pressed on a keyboard secretly so that person using the keyboard does not know that their actions are being monitored.

Hacker: A computer hacker is any skilled computer expert who uses his/her technical knowledge to overcome a problem.

4. What is malicious code (Malware)?

Malicious code, also known as malware, refers to any software or code that is designed to harm, or gain unauthorized access to computer systems, networks, or data that includes computer viruses, worms, Trojan horses and spyware.

Types of malware

a) Virus: A virus is a man made destructive program which disturbs the normal functioning of the computer system. It is the most common type of malware which can execute itself and spread by infecting other programs or files.

b) Worm: Worms are self-replicating programs that can spread across networks without human intervention.

c) Trojan horse: Trojans appear as legitimate software but contain hidden malicious functionality. They can perform actions like stealing data, providing unauthorized access, or installing other malware

d) Spyware: Spyware monitors a user's activities without their knowledge, often collecting sensitive information such as passwords, credit card details, and browsing habits..

e) Adware: Adware displays unwanted advertisements to users, often generating revenue for attackers through pay-per-click schemes. While not always explicitly harmful, it can be disruptive and compromise user privacy.

f) Ransomware: Ransomware encrypts a victim's data and demands a ransom in exchange for the decryption key. It can lead to data loss and operational disruption.

5. How can you protect a system from infection?

a) Never download files from unknown or suspicious sources.

b) Install antivirus software that features automatic updates and has the capability to detect all types of infections.

c) Delete spam and junk emails without forwarding.

d) Always scan a pen drive from an unknown source for viruses before using it.

e) Regularly back up your documents, photos, and important email messages to the cloud or to an external hard drive. In the event of an infection, your information will not be lost.

6. What are security mechanisms?

A mechanism that is designed to detect, prevent, or recover from a security attack. It includes

Authentication Systems,  Firewalls, Cryptography, Antivirus Software, Backup System

Authentication.

7. What is authentication? Write its types.

Authentication is the process of verifying the identity of a person or device.

Authentication system makes sure that right people enters the system and access the right information.

Types of Authentication are Password,  Biometric

8. What is Password? What are the criteria for strong password?

A set of secret characters or words used to authenticate access to a digital system.

Password ensures that unauthorized users do not access the computer. It secures the data by protecting the data from unauthorized access as it is very difficult to guess and determine and changed regularly.

Any four criteria for strong password are:

a) Do not keep a password which can be easily guessed such as date of birth, nickname, etc.

b) Do not keep word as password that is currently popular.

c) Keep a password with mixture of alphabet, symbols and numbers which is difficult to guess.

d) Keep changing your password regularly.

9. What is Biometric?

Biometrics are physical or behavioral human characteristics that can be used to digitally identify a person to grant access to systems, devices or data scanning from device database.

Examples of these biometric identifiers are fingerprints, facial patterns and voice.

10. What is Firewall?

A firewall is a network security device or software application designed to monitor, filter, and control incoming and outgoing network traffic based on predetermined security rules.

Firewall blocks unwanted traffic as well as malicious software from infecting your computer.

(Hardware firewalls are found on most network routers and can be configured through the router setup screen.)

11. What is Cryptography? Write its features.

A technique of securing information and communications through use of codes so that only those person for whom the information is intended can understand it and process it.

Thus preventing unauthorized access to information.

Unreadable form of the text which is encrypted is called cipher text.

Features of Cryptography

a) Confidentiality: Information can only be accessed by the person for whom it is intended.

b) Integrity: Information cannot be modified in storage or transition between sender and intended receiver without any addition to information being detected.

c) Non-repudiation: The creator/sender of information cannot deny his or her intention to send information at later stage.

d) Authentication: The identities of sender and receiver are confirmed. As well as destination/origin of information is confirmed.

12. What is encryption? Why is it used?

Encryption is a process which transforms the original information into an unrecognizable form. That's why a hacker is not able to read the data as senders use an encryption algorithm.

It is used for the following purpose:

-Data is encrypted to make it safe from stealing.

-to keep their trade secret from their competitors.

13. What do you mean by decryption?

Decryption is a process of converting encoded/encrypted data in a form that is readable and understood by a human or a computer. 

14. How is encryption is differ from decryption? Write.

a) Encryption is a process of converting normal data into an unreadable form whereas Decryption is a method of converting the unreadable/coded data into its original form.

b) Encryption is done by the person who is sending the data to the destination, but the decryption is done at the person who is receiving the data.

c) The same algorithm with the same key is used for both the encryption-decryption processes.

15. What is antivirus software? Write with example and its uses.

Antivirus software is software designed to detect and remove virus from computer system and ensures virus free environment. E.g. Kaspersky, NAV, MSAV, McAfee, NOD 32 etc.

-Main use of antivirus is to protect computer from viruses and remove viruses that are detected and also protects data and programs from being corrupted.

16. What is backup system? Write its purpose.

It is the system of copying data and programs into another location or creating a duplicate copy of it in a secured place.

-A copy of a file which is used in the event of the original file being corrupted.

-Backup is vital to computer security system in order to save the data from being lost or damaged due to accidental or intentional harm.

17. What do you mean by hardware Security? Write its measures and explain any two.

The security given to the machine and peripheral hardware from theft and from electronic intrusion (interruption) and damage.

Different hardware security measures are:

a) Regular Maintenance     b) Insurance    c) Dust free environment  d) Protection from Fire

e) Protection from Thief     f) Air condition system   g) Power Protection device (Volt guard, Spike guard, UPS)

18. What do you mean by power Protection Device? Write with examples.

An electric device that controls electric voltage and provides enough backup to the computer system when there is power failure. Computer needs 220 volts to 240 volts constantly.

Some common power protection devices are:

a) UPS      b) Volt Guard   c) CVT  d) Stabilizer   e) Spike Guard  f) Surge Suppressor

19. Why is Power Protection Device needed?

To protect computer system from damage, expensive data loss and unnecessary down time (is out of action or unavailable for use).

20. What do you mean by volt guard?

A power protection device that provides constant output voltage to the computer system in case of high input voltage coming from the source.

21. What is UPS ? Write its importance.

UPS is a battery supported power protection device which controls the electric voltage and supplies clean and continuous power to the computer system even during power failures.

The importance of UPS in computer security system is that it controls fluctuation of electric voltage and provides enough backup electric power to the computer system when there is power failure.

22. What is Spike Guard

A device designed to protect electrical devices from voltage spikes.

Automatically maintains a constant voltage level.

23. What is software security? Write its different measures.

The protection of computer data, information and software from being damaged or lost knowingly or unknowingly is called software security.

      Some software security measures are: a. Password  b. Backup    c. Antivirus,    

d. Fragmentation,     e. scandisk, etc.

24. Define defragmentation and fragmentation.

The process of rewriting part of file to a contiguous sector on a disk. It increase disk access speed or performance.

The process of scattering part of same disk over random location.

 

***

Posted in: