Computer

Security

COMPUTER

Copyright © 2014-2020 TestBook Edu Solutions Pvt. Ltd.: All rights reserved
 Download Testbook App

Computer Security
 The definition of the term computer security has changed in recent years. Prior the
problem of data security became hugely publicized in the media, most people’s
thoughts of computer security based on the physical machine. Traditionally,
computer services have been physically protected for the following three reasons:

1. Prevention of theft of or damage to the hardware

2. Prevention of theft of or damage to the information

3. Prevention of disruption of service

 Computer security is safeguarding implemented to computing devices like

computers and smartphones, and also in computer networks like private and public
networks, including the whole Internet. The field encapsulates all the processes and
mechanisms by which digital device, information and services are safe from
unintended or unauthorized access, change or destruction, and are of increasing
importance in line with the increasing dependence on computer systems of majority
of societies round the world.

 It involves physical security to avoid theft of equipment, and information security to

safeguard the data on that device. It is often referred to as "cyber security" or "IT
security", though such terms normally do not imply to physical security (locks and
such).

Terminologies related to Computer Security are:

Phishing
 Phishing is the attempt to acquire sensitive information such as usernames,
passwords, and credit card details (and sometimes, indirectly, money) by
masquerading as a trustworthy entity in an electronic communication

Pharming
 Pharming Is another technique used to steal confidential access code. It works by
redirecting users to a rogue server.

COMPUTER | Computer Security PAGE 2

 Download Testbook App

SQL injection
 A SQL injection attack consists of insertion or “injection” of a SQL query via the input
data from the client to the application.

 A successful SQL injection exploit can read sensitive data from the database, modify
database data (Insert/Update/Delete), execute administration operations on the
database (such as shutdown the DBMS), recover the content of a given file present
on the DBMS file system and in some cases issue commands to the operating
system.

 SQL injection attacks are a type of injection attack, in which SQL commands are
injected into data-plane input in order to affect the execution of predefined SQL
command,

Spyware
 Spyware is a type of malicious software -- or malware -- that is installed on a
computing device without the end user's knowledge. It invades the device, steals
sensitive information and internet usage data, and relays it to advertisers, data firms
or external users.

 The capabilities include activity monitoring, collecting keystrokes, data harvesting

(account information, logins, financial data), and more.

 Spyware secretly places itself on your computer and views transactions that are
made on websites.

Adware
 Adware (short for advertising-supported software) is a type of malware that
automatically delivers advertisements. Common examples of adware include pop-
up ads on websites and advertisements that are displayed by software. Often times
software and applications offer “free” versions that come bundled with adware.

 Adware often appears as an advertisement and inevitably is harmful to the user.

Bot/Botnet
 A type of software application or script that performs tasks on command, allowing an
attacker to take complete control remotely of an affected computer.

COMPUTER | Computer Security PAGE 3

 Download Testbook App

 A collection of these infected computers is known as a “botnet” and is controlled by

the hacker or “bot-herder”

 Spyware and adware both cause a great risk dealing with credit card fraud
and identification theft.

Clickjacking
 Clickjacking is an attack that tricks a user into clicking a webpage element which is
invisible or disguised as another element. The invisible page could be a malicious
page, or a legitimate page the user did not intend to visit – for example, a page on
the user's banking site that authorizes the transfer of money.

 A hacking attack that tricks victims into clicking on an unintended link or button,
usually disguised as a harmless element.

Encryption
 Encryption is the method by which information is converted into secret code that
hides the information's true meaning. The science of encrypting and decrypting
information is called cryptography. In computing, unencrypted data is also known as
plaintext, and encrypted data is called ciphertext.

 The process of encoding data to prevent theft by ensuring the data can only be
accessed with a key.

 It helps protect private information, sensitive data, and can enhance the
security of communication between client apps and servers.

Hacker
 A hacker is a person who uses computer system, networking or other techniques in
order to overcome a technical issues. The word hacker may define anyone with
technical skills, but it generally refers to a person who utilises his or her abilities to
attain unauthorized access to machines or networks in order to commit criminal
activities.

COMPUTER | Computer Security PAGE 4

 Download Testbook App

 A hacker may, for example, steal data and info to hurt people via identity theft,
damage or bring down systems and, in some cases, keep such systems hostage to
demand ransom.

 The word hacker has traditionally been a divisive one, often being used as a term of
admiration for a person who possess a high degree of skill, and also creativity in his
or her approach to technical issues. However, the term is generally applied to an
individual who utilizes this knowledge for illegal or unethical purposes.

Types of Hackers
The security community has unofficially used definitions to hat colour as a way various
hackers are identified, usually categorized into three types: white hat, black hat and
grey hat.

1. White hat hackers, also called ethical hackers, strive to work in the public's best
interest, instead of creating turmoil. Many white hat hackers used to perform
penetration testing, hired to test to break into the company's networks to figure out
and report on security vulnerabilities. The security firms then aid their clients mitigate
security risks before criminal hackers may exploit them.

2. Black hat hackers by their own will acquire unauthorized access to networks and
machines with malicious intentions, in order to steal data, spread malware or profit
from ransom ware, vandalize or in some case damage systems or for any other
purpose, which involves gaining notoriety. Black hat hackers are clearly criminals by
definition as they violate regulations against accessing machines without
authorization, but they may also involve in other illegal jobs, including identity theft
and distributed denial-of-service attacks.

3. Grey hat hackers comes approximately between white hat hackers and black hat
hackers. While their motives can be same as to those of white hat hackers, grey
hats are more likely than white hat hackers to access systems in absence of
authorization; at the same time, they are more likely than black hat hackers to
prevent doing intentional damage to the systems they hack. Although they aren't
typically, or solely, motivated by money, grey hat hackers may help to fix
vulnerabilities they have found through their own, unauthorized, activities instead of
using their knowledge to exploit vulnerabilities for illegal intentions.

COMPUTER | Computer Security PAGE 5

 Download Testbook App

Vulnerability
 Vulnerability is a flaw which enables an attacker to decrease a system's information
guarantee. Vulnerability is the combination of three elements: a system susceptibility
or weakness, attacker permissibility to the flaw, and attacker ability to exploit the
flaw. In order to exploit vulnerability, the hacker must have at least one equivalent
tool or technique that can link to a system flaw. In this frame, vulnerability is also
referred as the attack surface.

 Vulnerability detection and prevention is the cyclical work of identifying, classifying,

remediating, and mitigating weaknesses. This practice usually implies to software
vulnerabilities in computing machines.

Backdoors
 A backdoor in a computer system, is a process of bypassing usual authentication,
securing remote permit to a computer, gaining access to plaintext, and so on, while
trying to stay undetected.

 The backdoor can take the resemblance of an installed program (e.g., Back Orifice),
or could be an amendment to an existing program or hardware component. It may
also forged information about disk and memory usage.

Denial-of-Service Attack
 A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or
network, making it inaccessible to its intended users. DoS attacks accomplish this
by flooding the target with traffic, or sending it information that triggers a crash.

 DoS attack is not to steal information but to slow or take down a web site. Denial of
service attack (DOS) is an attack against computer or network which reduces,
restricts or prevents accessibility of its system resources to authorized users.

COMPUTER | Computer Security PAGE 6

 Download Testbook App

Digital Signature
 A digital signature is an electronic form of a signature that can be used to
authenticate the identity of the sender of a message or the signer of a document,
and also ensure that the original content of the message or document that has been
sent is unchanged.

Ransomware
 Ransomware is a form of malware that encrypts a victim's files. The attacker then
demands a ransom from the victim to restore access to the data upon payment.

 “Ransomware is extortion software that can lock your computer and then
demand a ransom for its release.”

Deepfake
 An audio or video clip that has been edited and manipulated to seem real or
believable. The most dangerous consequence of the popularity of deepfakes is that
they can easily convince people into believing a certain story or theory that may
result in user-behavior with a bigger impact as in political or financial.

Social Engineering
 Social engineering is a manipulation technique that exploits human error to gain
private information, access, or valuables.

COMPUTER | Computer Security PAGE 7

 Download Testbook App

 Scams based on social engineering are built around how people think and act. So,
once a hacker understands what motivates a person’s actions, they can usually
retrieve exactly what they’re looking for – like financial data and passwords.

Direct-Access Attacks
A malicious user gaining physical entry to a system (or part thereof) can conduct many
functions, install various types of devices to compromise integrity, including operating
system amendments, software worms, key loggers, and covert voice devices. The
attacker may also simply download large amounts of data onto backup media, for
example CD-R/DVD-R, tape; or portable drives such as key drives, digital cameras or
digital audio players. One more common technique is to start an operating system
stored on a CD-ROM or other bootable device and retrieve the data from the hard drive
(s) this way. The only way to prevent this is to encrypt the storage device and save the
key away from the system. Direct-access attacks are the only kind of threat to
Standalone machines (never connect to internet), in majority of cases.

Eavesdropping
 Eavesdropping is the practice of surreptitiously monitoring a private conversation,
typically between hosts connected on a network. For instance, programs like
Carnivore and NarusInsight have been utilized by the FBI and NSA to eavesdrop on
the machines of internet service providers.

Spoofing
 Spoofing of user identity defines a condition in which one person or program
intentionally masquerades as another by falsifying information and thereby
achieving an illegitimate advantage.

COMPUTER | Computer Security PAGE 8

 Download Testbook App

Snooping
 Snooping, in a security context, is unauthorized access to another person's or
company's data. The practice is similar to eavesdropping but is not necessarily
limited to gaining access to data during its transmission

Tampering
 Tampering defines an intentional amendment of products in the means that would
turn them harmful to the user.

Repudiation
 Repudiation defines a condition where the authenticity of a signature is being
compromised.

Information Disclosure
 Information Disclosure (Privacy breach or Data leak) defines a condition where
information, thought as protected, is shared in an untrusted place.

Elevation of Privilege
 Elevation of Privilege defines a condition where a user or a program tries to attain
elevated privileges or permit to resources that are usually restricted to him/it.

COMPUTER | Computer Security PAGE 9

 Download Testbook App

Exploits
 An exploit is a fragment of software, a chunk of data, or queue of commands that
uses a software "bug" or "glitch" to cause unintended or unanticipated working to
occur on computer software, machine itself, or something electronic (usually
computerized). This frequently involves such things as attaining control of a
computer machine or permitting privilege escalation or a denial of service attack.
The term "exploit" normally refers to small programs created to take advantage of a
software weakness that has been revealed, either remote or local. The code from
the exploit program is periodically reused in Trojan horses and computer viruses.

Indirect Attacks
 An indirect attack is an attack conducted by a third-party computer machine. By
using second person’s computer to conduct an attack, it becomes far more
challenging to track down the real attacker. There have also been events where
attackers used the anonymity of public systems, such as the tor onion router
system.

Computer Security Types

One way to ascertain the similarities and variations among Computer Security is by
enquiring what is being secured. For example,

 Information security is protecting information from illicit access, modification &

deletion

 Application Security is protecting an application by constructing security features to

restrict from Cyber Threats just like SQL injection, DoS attacks, data breaches and
etc.

COMPUTER | Computer Security PAGE 10

 Download Testbook App

3. Computer Security defines protecting a standalone system by keeping it updated

and patched

4. Network Security is by protecting both the software and hardware technologies

5. Cyber security is referred as protecting computer machines, which are linked over
the computer networks

Types of Attacks
Attacks are categorized into two types:

 Passive attacks: does not include any amendments to the body of an

original message

 Active attacks: the body of the original message are amended in some
ways.

Components of Computer System

The devices of a computer system that required to be protected are:

 Hardware, the physical part of the machine, like the system memory and disk drive

 Firmware, permanent software that is written into a hardware device’s non-volatile

memory and is in reality invisible to the user

 Software, the programming that facilitates services, like operating system, word
processor, net browser to the user

COMPUTER | Computer Security PAGE 11

 Download Testbook App

The CIA Triad

Computer security is primarily concerned with three
main categories:

 Confidentiality is assuring that information is

provided only to the intended customers

 Integrity is securing information from being

amended by unauthorized personals

 Availability is that information must be provided

to users as and when required.

In easy language, computer security is assuring that information and computer

components are working but still secured from people or software that shouldn’t get
access to it or modify it.

Computer Security Threats

 Computer security threats are possible problems that can possibly hamper the usual
working of the computer system. In the current times, cyber threats are exponentially
increasing as the world is going digital. The very common harmful types of computer
security are follows:

Trojans
 A Trojan horse, or Trojan, is a type of malicious code or software that looks
legitimate but can take control of your computer.

 A Trojan is designed to damage, disrupt, steal, or in general inflict some other

harmful action on your data or network.

COMPUTER | Computer Security PAGE 12

 Download Testbook App

Viruses
 A computer virus is a malicious program which is transmitted into
the user’s computer without user’s knowledge. It copies itself and
effects the files and programs on the user’s PC. The actual
intention of a virus is to make sure that the victim’s computer will
never be able to work properly or even at all.

Computer Worm
 A computer worm is a kind software program that can replicate
itself from one computer to another, without manual involvement.
The potential vulnerability here is that it will utilize up user’s
computer hard disk space as a worm can copy in large volume and
with very high speed.

Phishing
 Disguising as an authentic individual or business, phishers try to
steal sensitive financial or personal data through fraudulent email
or instant mails. Phishing is in real unfortunately very simple to
execute. User is deluded into thinking it’s the genuine mail and he/
she may enter his/her personal information.

Botnet
 A botnet is a cluster of computers linked to the internet that have
been compromised by a hacker through a computer virus. This
particular computer is known as ‘zombie computer’.

COMPUTER | Computer Security PAGE 13

 Download Testbook App

Rootkit
 A rootkit is a computer program created to facilitate continued
privileged permit to a computer while actively hiding its
activity. Once a rootkit has been loaded, the controller of the
rootkit will be having ability to remotely control and execute files
and change system specifications on the host machine.

Key logger
 Also called a keystroke logger, key loggers can track the real-time working of a user
on his/her computer. It maintains a record of all the keystrokes
done by user keyboard. Key logger is also a very strong threat to
steal people’s login credential, namely, username and password.

 These are perhaps the very common security threats that anyone
can come across. Apart from these, there are different ones like
spyware, wabbits, scareware, bluesnarfing and so on. Fortunately, there are
techniques to secure the system against these attacks.

Logic Bomb
 A logic bomb is a piece of code intentionally inserted into a software system that will
set off a malicious function when specified conditions are met. For example, a
programmer may hide a piece of code that starts deleting files (such as a
salary database trigger), should they ever be terminated from the company.

 Software that is inherently malicious, such as viruses and worms, often contain logic
bombs that execute a certain payload at a pre-defined time or when some other
condition is met.

COMPUTER | Computer Security PAGE 14

 Download Testbook App

 This technique can be used by a virus or worm to gain momentum and spread
before being noticed. Some viruses attack their host systems on specific dates, such
as Friday the 13th or April Fools' Day. Trojans and other computer viruses that
activate on certain dates are often called "time bombs".

Why is Computer Security

Important?
 In this digital age, we all want to protect our computers and our personal data and
hence computer security is crucial to keep our personal information protected. It is
also crucial to maintain our computer protection and its overall health by prohibiting
viruses and malware which would affect the system performance.

What is Anti-Virus?
 Antivirus software is a commonly available and widely used program or set of
programs that are designed to restrict, search for, detect, and remove software
viruses, and other malicious software like worms, Trojans, adware, and more.

Why Do we Need Antivirus Software?

 These tools are crucial for users to have loaded and up-to-date because a computer
in absence antivirus software protection will be infected within minutes of connecting
to the internet. The bombardment is constant, which implies antivirus companies
have to update their detection tools periodically to tackle with the more than 60,000
new pieces of malware created every day.

COMPUTER | Computer Security PAGE 15

 Download Testbook App

 Today's malware (an umbrella term that encapsulates computer viruses) alters
appearance suddenly to prevent detection by older, definition-based antivirus
program. Viruses can be designed to cause damage to the device, prohibit a user
from accessing data, or to take control of the computer.

What Does Antivirus Software Do?

 Various companies create antivirus software and what everyone of them offer can
be different but all perform following essential functions:

1. Scan particular files or directories for any malware or predetermined

malicious patterns

2. Allow user to plan scans to automatically run for user

3. Allow user to conduct a scan of a selected file or the entire computer, or of a

CD or flash drive at any time.

4. Quarantine any malicious piece of program detected, sometimes user will be

notified of such infection and asked if he/she wants to dump the file, other
programs will automatically do this in background.

5. Reminds about the ‘health’ of the computer

 Always be sure user has the best, up-to-date security software installed to protect
his/her devices like computers, laptops, tablets, and smartphones.

How Does Antivirus Software Work?

Most of the antivirus software programs still download malware definitions straight to
user’s device and scan the files in search of any possible matches. But since, as it’s
mentioned above, most malware periodically morphs in appearance to avoid being
caught, Web root works differently. Rather than storing examples of recognized
malware on the device, it saves malware definitions in the cloud storage. This enables
us to acquire less space, scan quicker, and manage a more robust threat library.

COMPUTER | Computer Security PAGE 16

 Download Testbook App

Free vs. Paid Antivirus Software

 Activities from banking to baby photos, most of our business and personal data
stays on our devices. If it were saved physically, spending for a security application
would be a no-brainer.

 Unfortunately, we usually expect our online data to stay protected without lifting a
finger or spending anything. Companies encouraging to do it without any cost are
partly responsible for the ambiguity, to be sure.

 But consumers must insist on features like identity theft security, mobile security,
and support facilities when it comes to their data security, too—features normally
lacking with priceless solutions.

What is Firewall?
 A firewall is a kind of security-conscious type of hardware or software that stays
between the computer and our network with a primary task: preventing malicious
software from reaching us. In other words we can say that the firewall works like a
security guard between the Internet and our local area network (LAN). All network
traffic passing through the LAN must face the firewall, which restricts unauthorized
access to the network.

Types of Firewalls
1. Packet-filtering firewall: It checks every packet that passes the fi rewall and
examines the packet as per the set of rules that user sets up. If the packet gets to
pass the test, it’s allowed to go through. If the packet fails to pass the test then it is
rejected. Packet filters are the most inexpensive variety of firewall. That is why
packet-filtering firewalls are used very common.

COMPUTER | Computer Security PAGE 17

 Download Testbook App

2. Stateful packet inspection (SPI): It is installed in accordance from simple

packet filtering. A firewall having Stateful packet checking looks at packets in
clusters instead of doing individually. It maintains the record of all those packets
have crossed through the firewall and can create patterns that indicate unauthorized
entry.

3. Deep packet inspection (DPI): It is the actual data of the packets is checked
so viruses, spam, and other harmful content can be restricted. DPI also enables
practices, such as data mining, eavesdropping, and content censorship, which make
its way through a controversial subject.

Few Cyber Crime Prevention

Techniques
1. Use Strong Passwords: Using different user ID / password combinations for
various accounts and not writing them down. Making the passwords more complex
by using letters, numbers, special characters (minimum 10 characters in total) and
change them on a periodically.

2. Securing computer:

a. Activate the firewall: Firewalls are the primary line of cyber defence.
They restrict connections to unknown or bogus websites and will keep out
various types of viruses and hackers.

b. Use anti-virus/malware software: Prohibit viruses from infecting the

computer by loading and periodically updating anti-virus software.

c. Block spyware attacks: restrict spyware from infiltrating the computer

system by installing and updating anti-spyware program.

3. Being Social-Media Savvy: Making sure that social networking profi les (e.g.
Facebook, Twitter, YouTube, MSN, etc.) are made private. Checking the security
settings. Being careful what information are being posted online. Once it is on
the Internet, it is stays there forever!

COMPUTER | Computer Security PAGE 18

 Download Testbook App

4. Securing Mobile Devices: Being aware that the mobile device is vulnerable to
viruses and hackers. Downloading applications from trusted sources.

5. Install the latest operating system updates: Keeping the applications and
operating system (e.g. Windows, Mac, Linux, etc.) current with the earliest system
updates. Turning on automatic updates to prohibit potential attacks on older
software.

6. Protecting the Data: Using encryption for the most sensitive documents such
as tax returns or financial records, making regular back-ups of all the important data,
and storing it in different location.

8. Securing the wireless network: Wi-Fi (wireless) networks at residence are

vulnerable to intrusion if they are not correctly protected. Reviewing and modifying
default settings periodically. Public Wi-Fi, also known as “Hot Spots”, are also
vulnerable. Avoiding conducting financial or corporate transactions on these
networks.

9. Protecting the e-identity: being very vigilant when sharing personal

information such as name, address, phone number or fi nancial information on
the websites or emails. Making sure that websites are protected (e.g. when making
online purchases) or that privacy settings are enabled (e.g. when accessing/using
social networking sites).

10. Avoiding being scammed: Always checking before clicking on a link or file of
unknown origin. Not feeling compelled by emails. Checking the source of the
message for authenticity. When doubtful, verifying the source. Avoiding
replying to emails that ask to verify the information or confirm the user ID or
password.

11. Calling the right person for help: Not getting panic! If anyone is a victim, if
encountered illegal Internet content (e.g. child exploitation) or if suspecting a
computer crime, identity theft or a commercial scam, reporting this to the local law
authority. If need help with maintenance or software installation on the computer,
consulting with authorised service provider or a certified computer technician.

COMPUTER | Computer Security PAGE 19