KEMBAR78
Fundamentals of Computer Security | PDF | Computer Security | Security
Scribd
Upload
2K views5 pages

Fundamentals of Computer Security

Computer security refers to protecting computer systems and data from threats. It aims to maintain confidentiality, integrity, and availability. Key elements include threats, exploits, vulnerabilities, attacks, and data theft. Computer security is important due to increasing system complexity, easier exploits, and more network access points. Maintaining security requires precautions, updates, and timely responses. Layers include physical, network, system, application, and user security. Computer security awareness helps minimize attacks and information loss.

Uploaded by

Rosen LP
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
2K views5 pages

Fundamentals of Computer Security

Computer security refers to protecting computer systems and data from threats. It aims to maintain confidentiality, integrity, and availability. Key elements include threats, exploits, vulnerabilities, attacks, and data theft. Computer security is important due to increasing system complexity, easier exploits, and more network access points. Maintaining security requires precautions, updates, and timely responses. Layers include physical, network, system, application, and user security. Computer security awareness helps minimize attacks and information loss.

Uploaded by

Rosen LP
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Fundamentals of Computer Security

Computer Security Essential Terminologies

THREAT
- An action or event that has the potential to compromise and/or violate security

EXPLOIT
- A defined way to breach the security of an IT system through vulnerability

VULNERABILITY
- Existence of a weakness, design or implementation error that can lead to an
unexpected, undesirable event compromising the security of a system

CRACKER, ATTACKER, or INTRUDER


- An individual who breaks into computer systems in order to steal, change, or
destroy information

ATTACK
- Any action derived from intelligent threats to violate the security of the system

DATA THEFT
- Any action of stealing the information from the users’ systems

About Computer Security

Security is a state of Computer security Users should focus on


well-being of refers to the various security
information and protection of threats and counter
infrastructure computer systems measures in order to
and the information protect their
a user stores or information assets
processes

Why Computer Security is important for protecting the confidentiality,


integrity, and availability of computer systems and their resources.
Computer Computer administration and management have become more complex
Security? which produces more attack avenues.
Evolution of technology has focused on the ease of use while the skill
level needed for exploits has decreased.
Network environments and network-based

Network environments and network-based

Network environments and network-based applications provide more


attack paths.
POTENTIAL LOSSES DUE TO COMPUTER SECURITY ATTACKS

Misuse of computer Data loss/theft Loss of trust Unavailability of Identity theft Financial loss
resources resources

ELEMENTS OF SECURITY

Confidentiality Authenticity Integrity Availability Non-repudiation


•Confidentiality is •Authenticity is “the •Integrity is •Availability is •Non-repudiation is
“ensuring that identification and “ensuringthat the “ensuring that the “ensuring that a
information is assurance of the information is information is party to a contract
accessible only to origin of accurate, complete, accessible to or a communication
those authorized to information” reliable, and is in its authorized persons cannot deny the
have access” (ISO- original form” when required authenticity of their
17799) without delay” signature on a
document”

THE SECURITY, FUNCTIONALITY, AND EASE OF USE TRIANGLE

- Applications/software products by default are preconfigured for ease of use, which


makes the user vulnerable to various security flaws
- Similarly, increased functionality (features) in an application make it difficult to use in
addition to being less secure

Security
(Restrictions)

Functionality
Ease of Use
(Features)

Fundamental Concepts of Computer Security

PRECAUTION
Adhering to the preventive measures while using computer system and applications
Adhering to the preventive measures while using computer system
and applications

MAINTENANCE
Managing all the changes in the computer applications and keeping them up to date

REACTION
Acting timely when security incidents occur
LAYERS OF COMPUTER SECURITY

• Ensures that a valid user is logged in and that the logged-in


LAYER 5: User Security user is allowed to use an application/program

LAYER 4: Application • Covers the use of software, hardware and procedural


Security methods to protect applications from external threats

• Protects the system and its information from theft,


LAYER 3: System Security corruption, unauthorized access, or misuse

LAYER 2: Network • Protects the networks and their services from unauthorized
Security modification, destruction, or disclosure

• Safeguards the personnel, hardware, programs, networks,


LAYER 1: Physical Security and data from physical threats

Computer Security Risks to Home Users


 Home computers are prone to various cyber-attacks as they provide attackers easy
targets due to a low level of security awareness.
 Security risk to home users arise from various computer attacks and accidents causing
physical damage to computer systems

Computer Accidents Computer Attacks

 Hard disk or other  Malware attacks


component failures  Email attacks
 Power failure and surges  Mobile code (Java/JavaScript/ActiveX)
 Theft of a computing attacks
device  Denial of service and cross-site scripting
attacks
 Identity theft and computer frauds
 Packet sniffing
 Being an intermediary for another attack
(zombies)

WHAT TO SECURE IN RELATION TO COMPUTER SECURITY?

 HARDWARE
- Laptops, Desktop PCs, CPU, hard disk, storage devices, cables, etc

 SOFTWARE
- Operating system and software applications

 INFORMATION
- Personal identification such as Social Security Number (SSN), passwords, credit
card numbers, etc

 COMMUNICATIONS
- Emails, instant messengers, and browsing activities
WHAT MAKES A HOME COMPUTER VULNERABLE?

WHAT MAKES A COMPUTER SYSTEMS SECURE?

BENEFITS OF COMPUTER SECURITY AWARENESS

It helps a user minimize


Computer Security It helps users to protect losses in case of an
Awareness helps minimize sensitive information and accident that causes
the chance of computer computing resources from physical damage to
attacks. unauthorized access computer systems

It helps users to prevent


It helps prevent the loss cybercriminals from using
of information stored on their systems in order to
the systems launch attacks on the
other computer systems
COMPUTER Security is a state of well-being of information and infrastructures
SECURITY…
THINGS TO Computer security is the protection of computing systems and the data
REMEMBER that they store or access

Confidentiality, integrity, non-repudiation, authenticity, and availability


are the elements of security

Confidentiality, integrity, non-repudiation, authenticity, and availability


are the elements of security

Computer security awareness helps minimize the chances of computer


attacks and prevent the loss of information stored on the systems

BASIC COMPUTER SECURITY CHECKLIST

 Use of strong passwords


 Use of anti-virus systems
 Regular update of operating system and other installed applications
 Regular backup of important files
 Use of encryption techniques and digital signatures
 Use of firewall and intrusion detection systems
 Follow standard guidelines for internet activities
 Physical security of computing infrastructure
 Awareness of current security scenario and attack techniques

You might also like