Professional Documents
Culture Documents
COMPUTER SECURITY Definition & Need
COMPUTER SECURITY Definition & Need
Parasitic Virus
Memory Resident Virus
Boot Sector Virus
Stealth Virus
Polymorphic virus
Metamorphic Virus
Assignment: Study all of this how it works?
Worms
Worms
Inside attack [insider]: these types of attack is carried out by user inside
organization. These are the authorized users to access the system resources
Out side Attack [An outsider]:Out sider can be any unauthorized user who is
from outside the organization. :Define following terms:
Assets: Assets is any thing which has some value. In computer world assets
is Data, devices, hardware software, information etc.
Vulnerability: it is weakness in the system.
Threats: Threats is an action taken by attacker who try to exploit
vulnerabilities to damage assets
Risk is an incident or attack that can cause damage to system.
An attack against a system can be done by sequences of actions, exploiting
weak point until attackers goal is not achieved,
In a dos attacks, the attacker attempts to deny authorized users access
either to specific information or to the computer system or network
itself. This can be accomplished by crashing this system-taking it offline-
or by sending so many requests that the machine is overwhelmed.
The purpose of a dos attack can be simply to prevent access to the target
system, or the attack can be used in conjunction with other action to
gain unauthorized access to a computer or networks.
In DDOS attacks service is denied by over whelming the target with
traffic from many different systems. A network of attack agents
(sometime called zombies)is created by the attacker, and upon receiving
the attacks agents Commence sending a specific type of traffic against
the target.
Distributed DENIAL-OF-SERVICE-ATTACK
BACKDOORS AND TRAPDOORS
Password Selection
• Make your password as long as possible.
• Use many characters as possible like Upper case, Lower
case, Numbers Special Characters etc.
• Do not use personal data, like account no, mob. No.
• Change your password regularly, ideally after 30 ,60 or 90
days.
• Make sure that password is hard to crack but easy to
remember.
• Do not write down password any ware like on table,in a
computer file, in your personal dairy.
Password Selection Strategy
• User Education
• Computer Generated Password.
• Reactive Password.
• Proactive Password.
User Education
• RBAC is an access control is determine by the system not by the owner, This
type of access control is used in commercial applications and also in military
system. where multi level access control is required
• ABAC and DAC is differ in nature as DAC allow user to control but in RBAC
system access is controlled by the system which is outside user’s control.
• Three Rules are defined fro RBAC:
– Role Assigned: Subject can execute a transaction, only if the
subject has selected or being a role.
– Role authorization : A subject’s active role must be authorize