Professional Documents
Culture Documents
Sic
Sic
2. **Three D's of Security**: The Three D's of Security are Deterrence, Detection, and
Defense.
- Deterrence: Discouraging potential attackers by implementing visible security measures
and policies, such as access controls, surveillance systems, and security awareness
programs.
- Detection: Identifying and monitoring security incidents or breaches through continuous
monitoring, intrusion detection systems (IDS), log analysis, and security audits to detect
unauthorized activities or abnormal behavior.
- Defense: Implementing proactive security measures and controls to protect against
security threats and vulnerabilities, such as firewalls, antivirus software, encryption, access
controls, and security patches.
3. **Threat Vector**: A threat vector refers to the method or pathway used by attackers to
exploit vulnerabilities and compromise the security of a system or network. Threat vectors
can include email attachments, malicious websites, phishing emails, infected USB drives,
social engineering tactics, software vulnerabilities, and insider threats. Understanding and
mitigating threat vectors are essential for effective cybersecurity defense.
4. **Onion Model**: The Onion Model, also known as the Defense-in-Depth model, is a
security strategy that involves implementing multiple layers of defense to protect against
various security threats. The model resembles the layers of an onion, with each layer
representing a different security control or mechanism, such as physical security, network
security, host-based security, application security, and data encryption. By deploying
overlapping layers of security controls, organizations can enhance resilience and mitigate
the impact of security breaches.
5. **CIA Triad Model of Computer Security**: The CIA Triad model consists of three core
principles of information security: Confidentiality, Integrity, and Availability.
- Confidentiality: Ensuring that sensitive information is accessible only to authorized
individuals and protected from unauthorized disclosure or access.
- Integrity: Maintaining the accuracy, reliability, and trustworthiness of data and information
by preventing unauthorized modification, alteration, or deletion.
- Availability: Ensuring that information and resources are accessible and usable when
needed by authorized users, while protecting against denial of service (DoS) attacks and
disruptions.
6. **Various Types of Worms**: Worms are self-replicating malware that spread across
networks by exploiting vulnerabilities in operating systems, applications, or network
protocols. Some common types of worms include:
- Email Worms: Spread through email attachments or links, exploiting vulnerabilities in
email clients or servers to infect systems and propagate to other users' contacts.
- Network Worms: Exploit vulnerabilities in network protocols or services to spread rapidly
across networks, infecting vulnerable devices and compromising network security.
- File-sharing Worms: Spread through file-sharing networks or removable storage devices,
such as USB drives, infecting files and devices accessed by users.
- Instant Messaging (IM) Worms: Spread through instant messaging platforms, exploiting
vulnerabilities in IM clients or services to infect users and propagate to their contacts.
Unit 2
:
7. **Role-Based Authorization**:
- Role-Based Authorization (RBA) grants access to resources based on the roles assigned
to users or entities.
- Access rights and permissions are associated with specific roles rather than individual
users.
- RBA simplifies access management and enhances security by enforcing the principle of
least privilege.
Each of these components contributes to the overall security posture of computer systems
and networks, ensuring the confidentiality, integrity, and availability of data and resources.
Unit 3
2. **Features of Firewall**:
- Packet Filtering: Examines packets based on predefined rules and allows or denies them
based on criteria such as source/destination IP addresses, port numbers, and protocols.
- Stateful Inspection: Tracks the state of active connections and allows only legitimate
packets associated with established connections.
- Application Layer Filtering: Analyzes application-layer data to identify and block specific
types of traffic, such as malicious payloads or unauthorized protocols.
- Intrusion Prevention: Detects and blocks known attack patterns or signatures in network
traffic to prevent unauthorized access or malicious activity.
- Virtual Private Network (VPN) Support: Allows secure remote access to the network by
encrypting and tunneling traffic over the internet.
Unit 4
Unit 5
1. **Cloud Computing**:
- Cloud computing refers to the delivery of computing services over the internet on a
pay-as-you-go basis.
- It allows users to access and use computing resources such as servers, storage,
databases, networking, software, and analytics over the internet, without the need for owning
or maintaining physical infrastructure.
- Cloud computing is characterized by its scalability, flexibility, and cost-effectiveness,
enabling organizations to quickly scale resources up or down based on demand and pay
only for what they use.
- Deployment models include public cloud, private cloud, hybrid cloud, and multi-cloud,
offering varying degrees of control, security, and customization.
- Common cloud service models include Infrastructure as a Service (IaaS), Platform as a
Service (PaaS), and Software as a Service (SaaS), providing different levels of abstraction
and management responsibilities to users.
4. **Hypervisor Machine**:
- A hypervisor, also known as a virtual machine monitor (VMM), is a software or firmware
that creates and manages virtual machines (VMs) on physical hardware.
- It allows multiple operating systems (OS) or guest instances to run concurrently on a
single physical server, sharing hardware resources like CPU, memory, and storage.
- Hypervisors provide isolation and abstraction between virtual machines and the
underlying physical hardware, enabling efficient resource utilization and flexible deployment
of workloads.
- Types of hypervisors include Type 1 (bare-metal) hypervisors, which run directly on the
physical hardware, and Type 2 (hosted) hypervisors, which run on top of a host OS.