Professional Documents
Culture Documents
Fundamentals of Secutity
Fundamentals of Secutity
1
OUTLINE
i. What is Security in Computing?
iii. Lojack
v. Social engineering
2
vi. TCP/IP attacks
SECURITY
Security" refers to the state or quality of being protected from harm, danger,
or unwanted threats. In a broad sense, security can apply to various contexts,
including physical, financial, personal, and digital domains.
3
What is Security in Computing?
• Security in computing" refers to the measures, practices, and
technologies used to protect computer systems, networks, and data
from unauthorized access, use, disclosure, disruption, modification,
or destruction.
• Encryption: Encryption is the process of encoding data in such a way that only
authorized parties can access it. It's used to protect sensitive information during
transmission and storage. Encryption algorithms and protocols like AES
(Advanced Encryption Standard) and SSL/TLS (Secure Sockets Layer/Transport
5
Layer Security) are commonly employed.
Components of security in computing cont.
• Authentication: Authentication verifies the identity of users or systems
attempting to access resources. This can be achieved through various methods
such as passwords, multi-factor authentication (MFA), digital certificates, and
biometric authentication.
• Firewalls: Firewalls are network security devices that monitor and control
incoming and outgoing traffic based on predetermined security rules. They
help prevent unauthorized access to or from private networks while allowing
legitimate 6
Importance of Security
• Security is crucial in the digital age due to the increasing reliance on technology
for various aspects of daily life and business operations.
enabled , can track and recover stolen laptops, desktops, and mobile devices. It's similar in concept to the
vehicle recovery system, but it's aimed at the digital realm.
How it works
• Installation: LoJack software is installed on the device, often at the BIOS or firmware level, making it
resistant to removal or tampering by thieves.
• Activation: If the device is stolen, the owner reports the theft to the LoJack service provider. The service
provider then activates the tracking feature within the software.
• Tracking: Once activated, the software begins sending location information and other data to the LoJack
service provider, allowing them to track the stolen device's whereabouts.
• Recovery: Law enforcement agencies can use the tracking data provided by LoJack to locate and recover
9
the stolen device.
Security threats
Security threats encompass a wide range of malicious activities and vulnerabilities that can
attaching to host programs. Viruses can cause damage to files, disrupt system operations, and
• Worms: Self-replicating malware that spreads across networks without requiring user
vulnerabilities.
• Trojans: Malware disguised as legitimate software or files to deceive users into executing
them. Trojans typically perform malicious actions such as stealing sensitive information,
11
Definitions of various types of malware cont.
• Adware: Software that displays unwanted advertisements or pop-ups to users, often
bundled with legitimate software downloads. Adware may collect user data and degrade
system performance.
• Spyware: Malware designed to secretly monitor and collect information about a user's
activities without their consent. Spyware may track keystrokes, browsing habits, passwords,
malware but may not meet the criteria for strict classification as malware. Examples include
• Data breach: Data breach occurs when unauthorized individuals or entities gain access to sensitive or
confidential information stored by an organization. Data breaches can result from various factors, including
cyberattacks, insider threats, accidental exposure, or vulnerabilities in systems or applications.
Consequences of data breaches may include:
5. Organizations mitigate data breaches through implementing robust security measures such as encryption,
access controls, network monitoring, incident response plans, and compliance with data protection
14
regulations.
Definitions of various types of malware cont.
• Social Engineering Attacks:
• Social engineering attacks exploit human psychology to manipulate individuals into divulging
confidential information, performing actions.
Social engineering tactics include:
1. Phishing emails impersonating legitimate entities to trick users into disclosing passwords or
sensitive information
2. Pretexting, where attackers create false scenarios to gain trust and extract information from
victims
3. Baiting, enticing victims with promises of rewards or benefits to trick them into downloading
malware or providing access credentials
4. Impersonation, where attackers pose as trusted individuals or authorities to deceive victims into
complying with requests
5. Organizations combat social engineering attacks through employee training, implementing
multi-factor authentication, conducting security awareness programs, and deploying email
filtering and monitoring solutions. 15
Definitions of various types of malware cont.
• Advanced Persistent Threats (APTs): APTs are sophisticated and targeted
cyberattacks orchestrated by highly skilled adversaries, such as nation-state actors,
organized crime groups, or cyber espionage organizations. APTs aim to infiltrate
networks, remain undetected for extended periods, and steal sensitive information or
disrupt operations.
Characteristics of APTs include:
1. Persistent and stealthy tactics to evade detection by security defences
2. Customized malware and advanced attack techniques tailored to specific targets
3. Long-term surveillance and reconnaissance activities to gather intelligence and
identify vulnerabilities
4. Organizations defend against APTs by implementing advanced threat detection
tools, conducting regular security assessments, segmenting networks, enforcing
strict access controls, and fostering a cybersecurity culture.
16
Definitions of various types of malware cont.
• Ransomware:
• Ransomware is a type of malicious software that encrypts files or locks users out of
their systems, demanding payment (usually in cryptocurrency) for decryption keys or to
restore access. Ransomware attacks often propagate through phishing emails, malicious
attachments, or exploit kits.
• Web security: Web security involves protecting websites, web applications, and web services
from various threats such as cyberattacks, data breaches, and unauthorized access. Measures
include using secure coding practices, implementing firewalls, deploying SSL/TLS encryption,
and regularly updating software to address vulnerabilities.
• Spam: Unsolicited or unwanted emails sent in bulk, often for commercial purposes or
spreading malware. Spam can overload email servers, waste network bandwidth, and pose
security risks if email attachments or links contain malware.
1. IP spoofing: Manipulating the source IP address in network packets to impersonate a trusted entity or
2. Packet sniffing: Capturing and analysing network traffic to eavesdrop on sensitive information such as
3. TCP SYN flooding: Exploiting vulnerabilities in the TCP three-way handshake process to flood a target
server with excessive SYN requests, overwhelming its resources and causing a denial of service.
4. TCP session hijacking: Intercepting and taking control of an ongoing TCP session between a client and
21
server to eavesdrop on or manipulate data exchanges.
THANK YOU.
22