GROUP C

AINABYOONA JACQUILINE S20B13/204

JUMA JOSEPHAT S20B13/222
MUKIIBI KHANRY J21B13/028
OWOMUGISHA MELANIE S20B13/217
AYEBARE JOEL KAHWA J12B13/250
 Differentiate between a Threat, Risk and
Vulnerability in Information Security
A threat any circumstance or event with the potential to adversely impact a
computer system.
A risk Is the possibility of suffering harm or loss, Risk is product of
probability and impact.
Vulnerability A vulnerability is a weakness which can be exploited by a
threat actor, such as an attacker, to cross privilege boundaries i.e, perform
unauthorized actions) within a computer system.
 What are some of the threats that could affect IT systems? Describe at least 5

• Hardware and software failure – such as power loss or data corruption.

• Malware attacks – malicious software designed to disrupt computer operation.
• Viruses –This refers to a computer program that when executed, replicates itself by
modifying/ disrupting other computer programs computer code that can copy itself and
spread from one computer to another, often disrupting computer operations.
• Theft of intellectual property- Intellectual property theft is when someone robs a
company of its creative expressions, designs, inventions or trade secrets collectively
known as intellectual property.
• Sabotage- deliberately destroy, damage, or obstruct (something), especially for political
or military advantage.
• Man-in-the-middle attack.-An attack in which an attacker is positioned between two
communicating parties in order to intercept and/or alter data traveling between them.
• Password attacks refers to any of the various methods used to maliciously authenticate
into password-protected accounts.
 What is the difference between a malware
and a cyber attack?

• A malware attack is an attack where malicious software executes

unauthorized actions on the victim's system while a cyber-attack is the
process of attempting to steal data or gaining unauthorized access to
computers and networks
 What do you understand by the below cyber attacks

• DOS
Denials-of-service attack (DOS). Is an attack on a machine or network making it inaccessible to the intended users
usually done by sending information that triggers a crash or flooding the target with traffic which deprives the
legitimate users of a service or resource they expected.
Methods of Dos attacks;
Flooding services
Flood attacks occur when the system receives too much traffic for the server to buffer, causing them to
slow down and eventually stop. Popular flood attacks include:
Buffer overflow attacks. It is most common attack. The concept is to send more traffic to a network
address than the programmers have built the system to handle.
(Internet Control Message Protocol) ICMP flood – leverages misconfigured network devices by sending
spoofed packets that ping every computer on the targeted network, instead of just one specific machine.
The network is then triggered to amplify the traffic. This attack is also known as the smurf attack or ping
of death.
SYN flood – sends a request to connect to a server, but never completes the handshake. Continues until
all open ports are saturated with requests and none are available for legitimate users to connect to .
• MIM
• A man-in- middle attack is a type of attack, where attackers interrupt an
existing conversation or data transfer by inserting themselves in the
"middle" of the transfer.
• The attackers pretend to be both legitimate participants. This enables an
attacker to intercept information and data from either party while also
sending malicious links or other information to both legitimate participants
in a way that might not be detected in Realtime.
Original Connection
Cancelled

Authorized User Web App

Man-in-Middle (Attacker)