1. What are the threats to Information System Security? Discuss each threat.

Information System Security faces various threats that can compromise the confidentiality,
integrity, and availability of data and systems. Let's discuss some common threats:
Malware: Malicious software, such as viruses, worms, Trojans, ransomware, and
spyware, is designed to infiltrate systems, disrupt operations, and steal or manipulate
data.
Social Engineering: It involves manipulating individuals to gain unauthorized access
to information or systems. Examples include phishing, where attackers deceive users
into revealing sensitive information, and impersonation, where attackers pose as
legitimate individuals to gain trust and access.
Hacking and Unauthorized Access: Hackers exploit vulnerabilities in networks,
systems, or applications to gain unauthorized access. They can steal data, modify or
delete information, disrupt services, or use compromised systems for further attacks.
Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks: These
attacks aim to overwhelm systems or networks with an excessive amount of traffic or
requests, rendering them unavailable to legitimate users.
Insider Threats: These threats come from within an organization and can be
intentional or unintentional. Malicious insiders may abuse their privileges to steal or
leak sensitive information, while negligent employees may accidentally expose data
or fall victim to social engineering attacks.
Physical Threats: Physical threats include theft, damage, or destruction of hardware,
storage media, or other critical components of an information system. This can result
in loss of data, system downtime, or unauthorized access.
Data Breaches: Data breaches occur when unauthorized individuals gain access to
sensitive or confidential data. Breached data can be exploited for financial gain,
identity theft, or other malicious purposes.
Advanced Persistent Threats (APTs): APTs are sophisticated, targeted attacks that
involve persistent monitoring, infiltration, and exfiltration of data over an extended
period. They often bypass traditional security measures and aim to remain
undetected.
System and Software Vulnerabilities: Flaws or weaknesses in operating systems,
applications, or software can be exploited by attackers to gain unauthorized access
or disrupt systems. Regular patching and updates are essential to mitigate these
vulnerabilities.
Mobile and Wireless Security Risks: Mobile devices and wireless networks introduce
additional security risks due to their portability, limited security controls, and potential
for interception or unauthorized access.
It's important for organizations to employ a multi-layered approach to information system
security, including robust security policies, regular updates and patches, employee training,
strong access controls, encryption, network monitoring, and incident response plans to
mitigate these threats effectively.
2. What is old generation Threats and New Generation Threats?

Old Generation threats: Early internet and IT dangers. These risks predated improved
security safeguards and changed with technology. Older dangers include:
 Viruses: These dangerous programs proliferate and infect other files or systems,
inflicting damage or interrupting activities.
Worms: Self-replicating malware that exploits network flaws to infect multiple
systems without human intervention.
Trojans: Trojans, named after the Greek legendary horse, trick users into
downloading them by posing as legitimate software. Installed, they can execute
unlawful actions or provide attackers backdoor access.
Phishing: Phishing attacks use false emails or texts to steal passwords, credit card
numbers, and login credentials.
Spam: Unsolicited mass emails with fraudulent or harmful information.
Technology and dangers have created new generation threats. They target people,
organizations, and systems using complex methods and changing trends. Modern risks
include:
Ransomware: Ransomware encrypts files and demands a ransom to unlock them.
Due of its profitability and widespread influence, it is a major danger.
Advanced Persistent Threats (APTs): Skilled, resourced attackers launch covert,
focused assaults. They want long-term network access to steal data or spy.
Insider Threats: Insider threats have been around for a long time, but the current
generation has realized their potential. By leaking data, stealing IP, or accidentally
disclosing critical information, malicious insiders or incompetent staff might do
significant damage.
Fileless Malware: Untraceable fileless malware runs in memory without leaving
traces on the hard disk. It leverages legitimate apps or operating systems to do
crimes.
IoT Threats: The quantity of connected devices increases the attack surface. IoT
risks entail hacking and exploiting networked devices including smart home,
medical, and industrial control systems.
Supply Chain Attacks: Attackers hack trusted vendors or suppliers to inject
malware or backdoors into software upgrades or components. They can infiltrate
many systems or organizations via hacked software.
Cloud security risks include unauthorized access, data breaches,
misconfigurations, and cloud service misuse as cloud computing becomes more
prevalent.

3. What is Infection Method and Action Method?

Malware uses infection methods to enter and obtain access to a targeted device or
network. It includes email attachments, drive-by downloads, malicious websites or
links, exploiting vulnerabilities, social engineering, and portable media. Security
experts can apply suitable precautions and preventative measures by
understanding the infection mechanism.
Action Method: Malware performs actions after infecting a machine or network.
Malware kind and intent determine these behaviors. Data theft, illegal remote
control, system changes to avoid detection, botnet creation for nefarious reasons,
file encryption for ransomware attacks, and keylogging or screen capture of
 sensitive information are common behaviors. Security professionals may create
effective reaction strategies and countermeasures to reduce the impact and spread
of malware in affected environments by understanding malware's action mode.

4-5. In your own idea/experience, how can you prevent viruses from attacking your
system?
Cybersecurity must be proactive and multi-layered to stop malware. Install and
update reliable antivirus software to identify and eliminate threats. Second, address
vulnerabilities by updating your OS, apps, and plugins periodically. Third, avoid
dodgy URLs and email attachments. Use multi-factor authentication and strong
passwords. Finally, back up your vital data periodically to recover quickly from an
assault. These precautions can lower the danger of infections and safeguard your
machine from harm and data loss.