JIGJIGA UNIVERSITY

COLLEGE OF BUSINESS
AND ECONOMICS

DEPARTMENT OF ECONOMICS
WEEKEND
COMPUTER APPLICATION MANAGEMENT
GROUP ASSIGNMENT

GROUP 5
 GROUP MEMBERS

MOHAMED ABSHIR ABDISALAN 0546/13

ABDIWALI DURAN MOHAMED 0408/13
SULEMAN RAMADAN ADAN 0466/13
ABDIMALIK SHEIK ABDI IBRAHIM 0400/13
YELELET HABTU 0469/13
SULEKA IBRAHIM ISMAEL 0465/15
MUSTAFE HASSEN ISMAEL 0454/13
MOHAMED AHMED YAKUB 0450/13

INSTRUCTOR: SHUGRI ADAN

SUBMISSION DATE: AUGUST 20 / 23
 SHORT ANSWERS

1. Explain about Worms.

The worm is a program that propagates itself across computers, usually by spawning
copies of itself in each computer's memory. A worm might duplicate itself in one
computer so often that it causes the computer to crash.

A computer worm is a type of malware that can replicate itself and spread from
computer to computer without human intervention. Worms can spread through
email attachments, file-sharing networks, and even security vulnerabilities in
operating systems. Once a worm has infected a computer, it can use the computer's
resources to send itself to other computers, or it can delete files or damage the
computer's operating system.

2. What are Trojan horses?

A Trojan horse is a program that pretends to be something else. A Trojan horse

may appear to be something interesting and harmless, such as a game, but
when it runs it may have harmful effects.
The term comes from the classic Greek story of the Trojan horse found in
Homer’s Iliad.
A Trojan horse is a type of malware disguised as a legitimate file or program.
When a user opens the Trojan horse, it can install other malware on the
computer, steal data, or give the attacker remote access to the computer.
Trojans are often hidden in email attachments or can be downloaded from
malicious websites.

3. Explain the difference between Viruses and Bombs?

A bomb infects a computer’s memory, but unlike a virus, it does not replicate
itself.
A logic bomb delivers its instructions when it is triggered by a specific
condition, such as when a particular date or time is reached or when a
combination of letters is typed on a keyboard.
A logic bomb has the ability to erase a hard drive or delete certain files.
Viruses and bombs are both types of malware, but they work in different ways.
A virus is a self-replicating program that spreads from computer to computer
by attaching itself to other files. When a virus infects a computer, it can spread
to other files on the computer, or it can send itself to other computers on a
 network. A bomb, on the other hand, is a type of malware that is designed to
destroy data or damage a computer system. When a bomb is triggered, it can
delete files, reformat a hard drive, or even destroy a computer's operating
system.

4. Explain types of security goals one by one in detail.

Security: The prevention and protection of computer assets from unauthorized

access, use, alteration, degradation, destruction, and other threats

There are three main types of security goals: confidentiality, integrity, and availability.

Data Confidentiality
Is concerned with having secret data remain secret
And is the goal of protecting sensitive information from unauthorized access.
This can be achieved through encryption, access control, and password
management.

Data Integrity
Unauthorized users should not be able to modify any data without the
owner’s permission
Including removing data and adding false data
This Is the goal of ensuring that data is accurate and has not been tampered
with. This can be achieved through checksums, digital signatures, and
intrusion detection systems.

System Availability
Means nobody can disturb the system to make it unusable
is the goal of ensuring that systems and data are accessible to authorized
users when needed. This can be achieved through load balancing,
redundancy, and disaster recovery.
1. Worms

In computer security, a worm is a type of malware that can replicate itself and spread
from one computer to another without human interaction. Worms are often used to
steal data, spread spam, or disrupt operations.

Worms are different from viruses in a few key ways. First, worms are self-replicating,
meaning that they can spread without the need for a human to open an infected file.
Second, worms can spread through network connections, while viruses typically
spread through files. Third, worms can often be more destructive than viruses, as
they can spread quickly and infect a large number of computers.

Here are some examples of famous worms:

● Morris Worm: The first computer worm, created by Robert Tappan Morris in
1988. It infected over 6,000 computers on the Internet.
● Melissa Worm: A mass-mailing worm that infected over 100,000 computers in
1999. It spread through email attachments and deleted files on infected
computers.
● Code Red Worm: A worm that infected over 250,000 computers in 2001. It
exploited a vulnerability in Microsoft's IIS web server software.
● SQL Slammer Worm: The fastest-spreading worm ever recorded, infecting
over 75,000 computers in 10 minutes in 2003. It exploited a vulnerability in
Microsoft's SQL Server database software.
● WannaCry Ransomware Worm: A worm that spread through Windows
computers in 2017. It encrypted files on infected computers and demanded a
ransom payment to decrypt them.

If you think that your computer may be infected with a worm, it is important to scan
your computer with an antivirus or anti-malware program. You should also report the
infection to the authorities if you believe that it is malicious.

Here are some tips to help you protect your computer from worms:

● Keep your software up to date. Software updates often include security

patches that can help protect your computer from worms.
● Use a firewall. A firewall can help block worms from entering your computer.
● Be careful about what emails you open and what attachments you download.
Worms are often spread through email attachments.
● Use a web browser that has security features enabled. Web browsers with
security features enabled can help block worms from infecting your computer
when you browse the web.
 ● Be aware of the latest threats. Keep up-to-date on the latest security threats so
that you can take steps to protect your computer.

2. Trojan horses

A Trojan horse is a type of malware disguised as a legitimate file or program. Once

the Trojan horse is executed, it can then install other malware on the victim's
computer, steal data, or give the attacker remote access to the victim's computer.

Trojan horses are often spread through email attachments, malicious websites, and
peer-to-peer file-sharing networks. They can also be installed by clicking on a
malicious link or opening a malicious file.

Here are some examples of Trojan horses:

● Fake antivirus software: This type of Trojan horse pretends to be antivirus

software, but it actually installs malware on the victim's computer.
● Botnets: Botnets are networks of computers that are infected with malware
and controlled by a remote attacker. Botnets can be used to send spam,
launch denial-of-service attacks, or steal data.
● Ransomware: Ransomware is a type of malware that encrypts the victim's files
and demands a ransom payment to decrypt them.
● Keyloggers: Keyloggers record the victim's keystrokes and send them to the
attacker. This can be used to steal passwords and other sensitive information.

If you think that your computer may be infected with a Trojan horse, it is important
to scan your computer with an antivirus or anti-malware program. You should also
report the infection to the authorities if you believe that it is malicious.

Here are some tips to help you protect your computer from Trojan horses:

● Keep your software up to date. Software updates often include security

patches that can help protect your computer from Trojan horses.
● Use a firewall. A firewall can help block Trojan horses from entering your
computer.
● Be careful about what emails you open and what attachments you download.
Trojan horses are often spread through email attachments.
● Use a web browser that has security features enabled. Web browsers with
security features enabled can help block Trojan horses from infecting your
computer when you browse the web.
 ● Be aware of the latest threats. Keep up-to-date on the latest security threats so
that you can take steps to protect your computer.

3. Difference between Viruses and Bombs

Viruses and bombs are both types of malware, but they have different ways of
spreading and activating.

● Viruses are self-replicating programs that spread by attaching themselves to

other files. When a user opens an infected file, the virus copies itself to the
user's computer and then infects other files on the computer. Viruses can also
spread through email attachments, network shares, and removable media.
● Bombs are not self-replicating, but they are activated by a specific event or
condition. For example, a bomb might be set to activate on a certain date,
time, or event, such as the termination of an employee. Bombs can also be
activated by user input, such as by clicking on a link or opening a file.

Feature Virus Bomb

Self-replicating Yes No

Spreads through Files, email attachments, Specific event or

network shares, condition
removable media

Activation When a user opens an When a specific event or

infected file condition occurs

Example Jerusalem virus, Melissa Logic bomb, Trojan horse

virus

It is important to note that not all bombs are malicious. Some bombs are used for
legitimate purposes, such as to automatically uninstall software or to disable a
system when it is no longer needed. However, most bombs are used for malicious
purposes, such as to destroy data or to disrupt operations.
If you think that your computer may be infected with a virus or a bomb, it is
important to scan your computer with an antivirus or anti-malware program. You
should also report the infection to the authorities if you believe that it is malicious.

4. Security: Goals and Types

Information security (InfoSec) enables organizations to protect digital and analog

information. InfoSec provides coverage for cryptography, mobile computing, and
social media, as well as infrastructure and networks containing private, financial, and
corporate information. Cybersecurity, on the other hand, protects both raw and
meaningful data, but only from internet-based threats.

Organizations implement information security for a wide range of reasons. The main
objectives of InfoSec are typically related to ensuring confidentiality, integrity, and
availability of company information. Since InfoSec covers many areas, it often involves
the implementation of various types of security, including application security,
infrastructure security, cryptography, incident response, vulnerability management,
and disaster recovery.

When considering information security, there are many subtypes that you should
know. These subtypes cover specific types of information, tools used to protect
information, and domains where information needs protection.

Application security

Strategies protect applications and application programming interfaces (APIs). You

can use these strategies to prevent, detect and correct bugs or other vulnerabilities
in your applications. If not secured, application and API vulnerabilities can provide a
gateway to your broader systems, putting your information at risk.

Much of application security is based on specialized tools for application shielding,

scanning, and testing. These tools can help you identify vulnerabilities in applications
and surrounding components. Once found, you can correct these vulnerabilities
before applications are released or vulnerabilities are exploited. Application security
applies to both applications you are using and those you may be developing since
both need to be secured.

Infrastructure security

Strategies protect infrastructure components, including networks, servers, client

devices, mobile devices, and data centers. The growing connectivity between these,
and other infrastructure components, puts information at risk without proper
precautions.
This risk is because connectivity extends vulnerabilities across your systems. If one
part of your infrastructure fails or is compromised, all dependent components are
also affected. Due to this, an important goal of infrastructure security is to minimize
dependencies and isolate components while still allowing intercommunications.

Cloud Security

Provides similar protections to application and infrastructure security but is focused

on cloud or cloud-connected components and information. Cloud security adds
extra protections and tools to focus on the vulnerabilities that come from
Internet-facing services and shared environments, such as public clouds. It also tends
to include a focus on centralizing security management and tooling. This
centralization enables security teams to maintain visibility of information and
information threats across distributed resources.

Another aspect of cloud security is collaboration with your cloud provider or

third-party services. When using cloud-hosted resources and applications, you are
often unable to fully control your environments since the infrastructure is typically
managed for you. This means that cloud security practices must account for
restricted control and put measures in place to limit accessibility and vulnerabilities
stemming from contractors or vendors.

Endpoint Security

Endpoint security helps protect end-user endpoints such as laptops, desktops,

smartphones, and tablets against cyberattacks. Organizations implement endpoint
security to protect devices used for work purposes, including those connected to a
local network and those using cloud resources.

Endpoints connecting to corporate networks become a security vulnerability that

can potentially allow malicious actors to breach the network. An endpoint is
essentially a potential entry point that cybercriminals can and often exploit through
various techniques like malicious software (malware) installed on an endpoint device
to obtain control of a system or exfiltrate data.

An endpoint security solution examines processes, files, and network traffic on each
endpoint for indicators of malicious activity. Once the tool detects a threat, it notifies
the relevant users and can perform automated responses.