COMPUTER SECURITY

Security is protection from, or resilience against, potential harm (or other unwanted
coercion). It is protection of a person, building, organization, or country or phenomena
against threats such as crime or attacks by foreign countries or possible undesirable change
in state change in state. It is a state of being free from danger or threat. Security is both a
feeling and a state of reality. One can feel secure, while they are not, but also feel insecure
while they are secure.
Computer security refers to protecting and securing computers and their related data,
networks, software, hardware from unauthorized access, misuse, disclosure, disruption,
modification, or destruction theft, information loss, and other security issues. It involves a
range of measures to prevent, detect, and respond to various types of threats, including
malware, viruses, phishing, and denial-of-service attacks. Computer security entails
processes and producers necessary to ensure that the computer system (hardware, software
and human being involved) is protected against all potential threats that hamper the
activities of the system. Computer security is the process of making sure all parts of a
computer system are protected appropriately and yet still perform their purpose. Computer
security requires an understanding of the system usage
Three key objectives of computer security:
1. Confidentiality: Preserving authorized restrictions on information access and
disclosure, including means for protecting personal privacy and proprietary
information. A loss of confidentiality is the unauthorized disclosure of information.
This term covers two related concepts:
 Data confidentiality: Assures that private or confidential information is not made
available or disclosed to unauthorized individuals.
 Privacy: Assures that individuals control or influence what information related to
them may be collected and stored and by whom and to whom that information may
be disclosed.
2. Integrity: Guarding against improper information modification or destruction,
including ensuring information nonrepudiation and authenticity. A loss of integrity is
the unauthorized modification or destruction of information. This term covers two
related concepts:
 Data integrity: Assures that information (both stored and in transmitted packets) and
programs are changed only in a specified and authorized manner.
 System integrity: Assures that a system performs its intended function in an
unimpaired manner, free from deliberate or inadvertent unauthorized manipulation
of the system.
3. Availability: Ensuring timely and reliable access to and use of information. A loss of
availability is the disruption of access to or use of information or an information system.
Availability Assures that systems work promptly and service is not denied to authorized
users.
4. Authenticity: Ensuring the originality of the user. Authenticity refers to the process of
verifying the identity of users, devices, or systems to ensure they are genuine and not
impersonate.

TYPES OF COMPUTER SECURITY

Computer security can be classified into five types:
A. CYBER SECURITY
Cyber security means securing our computers, electronic devices, networks, programs,
systems from cyber-attacks. Cyber-attacks are those attacks that happen when our
system is connected to the Internet.
B. INFORMATION SECURITY
Information security means protecting our system’s information from theft, illegal use
and piracy from unauthorized use. Information security has mainly three objectives:
confidentiality, integrity, and availability of information.
C. APPLICATION SECURITY
Application security means securing our applications and data so that they don’t get
hacked and also the databases of the applications remain safe and private to the owner
itself so that user’s data remains confidential.
D. NETWORK SECURITY
Network security means securing a network and protecting the user’s information
about who is connected through that network. Over the network hackers steal, the
packets of data through sniffing and spoofing attacks, man in the middle attack, war
driving, etc, and misuse the data for their benefits.
E. OPERATING SYSTEM SECURITY
Operating system security refers to the protection of applications and hardware
resources in an operating system against various malicious attacks, such as
unauthorized access, code tampering, and spoofing.
Operating System (OS) security refers to the protective measures and techniques
implemented to ensure the integrity, confidentiality, and availability of an operating
system and its associated data. The primary goal of OS security is to prevent
unauthorized access, use, disclosure, disruption, modification, or destruction of the
operating system and its resources.
Key Components of OS Security
1. Authentication: Verifying the identity of users, processes, and devices before allowing
access to the system.
2. Authorization: Controlling what actions authenticated users can perform on the system.
3. Access Control: Managing permissions to system resources, such as files, directories,
and devices.
4. Encryption: Protecting data from unauthorized access by transforming it into an
unreadable format.
5. Firewalls: Monitoring and controlling incoming and outgoing network traffic based on
predetermined security rules.
6. Intrusion Detection and Prevention Systems (IDPS): Identifying and preventing
potential security threats.
7. Secure Boot: Ensuring that the operating system and other software are genuine and have
not been tampered with during the boot process.
8. Patch Management: Regularly updating the operating system and applications to fix
security vulnerabilities.
Threats to OS Security
1. Malware: Software designed to harm or exploit a system, such as viruses, Trojan horses,
and ransomware.
2. Phishing: Social engineering attacks aimed at tricking users into revealing sensitive
information.
3. Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks:
Overwhelming a system with traffic to make it unavailable.
4. Unauthorized Access: Gaining access to a system without permission, often through
weak passwords or exploited vulnerabilities.
Best Practices for OS Security
1. Regularly Update and Patch the OS: Apply security patches and updates as soon as they
are available.
2. Use Strong Passwords and Enable Two-Factor Authentication: Protect user accounts
with strong passwords and an additional layer of verification.
3. Install Anti-Virus and Anti-Malware Software: Use reputable security software to detect
and remove malware.
4. Use Firewalls and Configure Them Correctly: Enable the firewall and configure it to
block unnecessary incoming and outgoing traffic.
5. Back Up Data Regularly: Regular backups ensure that critical data can be recovered in
case of a security breach or system failure.
By understanding these components, threats, and best practices, individuals and
organizations can significantly enhance the security of their operating systems, protecting
against a wide range of potential threats.

F. MOBILE SECURITY
Mobile security is cybersecurity for mobile devices. It involves protecting smartphones,
tablets, and laptops from cyber threats such as data loss, credential theft, account
compromise, and so forth.
Mobile devices have become an intrinsic part of everyday life. People are no longer just
using them for texting, social networking, and entertainment. The availability of
applications for business and professional networking has turned mobile devices into
handheld computers that can be used on the go.
For this reason, mobile devices need protection so they do not become a means to
compromise private information. Common mobile device security threats that users have
to contend with include malicious applications and websites, data leaks, spyware, also
social engineering attacks, and more.
How to Safeguard Against Mobile Security Threats
Endpoint security for mobile devices requires a defense solution that can promptly detect
and respond to various types of attacks without negatively impacting the user experience.
This solution typically implements:
A comprehensive view of applications, devices, and networks across the organization
A flexible and scalable defense strategy
Risk visibility in the mobile and remote workforce
Privacy protection built into the design of mobile security policies
A positive user experience and optimized work environment

The Security Problem in Computing

The meaning of the term computer security has evolved in recent years. Before the
problem of data security became widely publicized in the media, most people’s idea of
computer security focused on the physical machine. Traditionally, computer facilities
have been physically protected for three reasons:
• To prevent theft of or damage to the hardware
• To prevent theft of or damage to the information
• To prevent disruption of service
Computer Security is security applied to computing devices such as computers and
smartphones, as well as computer networks such as private and public networks,
including the whole Internet. The field covers all the processes and mechanisms by which
digital equipment, information and services are protected from unintended or
unauthorized access, change or destruction, and are of growing importance in line with
the increasing reliance on computer systems of most societies worldwide. It includes
physical security to prevent theft of equipment, and information security to protect the
data on that equipment. It is sometimes referred to as "cyber security" or "IT security",
though these terms generally do not refer to physical security (locks and such).
Some important terms used in computer security are:
Vulnerability
Vulnerability is a weakness which allows an attacker to reduce a system's information
assurance. Vulnerability is the intersection of three elements: a system susceptibility or
flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit
vulnerability, an attacker must have at least one applicable tool or technique that can
connect to a system weakness. In this frame, vulnerability is also known as the attack
surface.
Vulnerability management is the cyclical practice of identifying, classifying,
remediating, and mitigating vulnerabilities. This practice generally refers to software
vulnerabilities in computing systems.
Backdoors
A backdoor in a computer system, is a method of bypassing normal authentication,
securing remote access to a computer, obtaining access to plaintext, and so on, while
attempting to remain undetected.
The backdoor may take the form of an installed program (e.g., Back Orifice), or could
be a modification to an existing program or hardware device. It may also fake
information about disk and memory usage.
Denial-of-service attack
Unlike other exploits, denials of service attacks are not used to gain unauthorized access
or control of a system. They are instead designed to render it unusable. Attackers can
deny service to individual victims, such as by deliberately entering a wrong password
enough consecutive times to cause the victim account to be locked, or they may overload
the capabilities of a machine or network and block all users at once. These types of attack
are, in practice, very hard to prevent, because the behaviour of whole networks needs to
be analyzed, not only the behaviour of small pieces of code. Distributed denial of service
(DDoS) attacks are common, where a large number of compromised hosts (commonly
referred to as "zombie computers", used as part of a botnet with, for example; a worm,
trojan horse, or backdoor exploit to control them) are used to flood a target system with
network requests, thus attempting to render it unusable through resource exhaustion.
Direct-access attacks
An unauthorized user gaining physical access to a computer (or part thereof) can perform
many functions, install different types of devices to compromise security, including
operating system modifications, software worms, key loggers, and covert listening
devices. The attacker can also easily download large quantities of data onto backup
media, for instance CD-R/DVD-R, tape; or portable devices such as key drives, digital
cameras or digital audio players. Another common technique is to boot an operating
system contained on a CD-ROM or other bootable media and read the data from the hard
drive(s) this way. The only way to defeat this is to encrypt the storage media and store
the key separate from the system. Direct-access attacks are the only type of threat to
Standalone computers (never connect to internet), in most cases.
Eavesdropping
Eavesdropping is the act of surreptitiously listening to a private conversation, typically
between hosts on a network. For instance, programs such as Carnivore and NarusInsight
have been used by the FBI and NSA to eavesdrop on the systems of internet service
providers.
Spoofing
Spoofing of user identity describes a situation in which one person or program successfully
masquerades as another by falsifying data and thereby gaining an illegitimate advantage.
Tampering
Tampering describes an intentional modification of products in a way that would make
them harmful to the consumer.
Repudiation
Repudiation describes a situation where the authenticity of a signature is being challenged.
Information disclosure
Information Disclosure (Privacy breach or Data leak) describes a situation where
information, thought as secure, is released in an untrusted environment.
Elevation of privilege
Elevation of Privilege describes a situation where a person or a program want to gain
elevated privileges or access to resources that are normally restricted to him/it.
Exploits
An exploit is a piece of software, a chunk of data, or sequence of commands that takes
advantage of a software "bug" or "glitch" in order to cause unintended or unanticipated
behaviour to occur on computer software, hardware, or something electronic (usually
computerized). This frequently includes such things as gaining control of a computer
system or allowing privilege escalation or a denial of service attack. The term "exploit"
generally refers to small programs designed to take advantage of a software flaw that has
been discovered, either remote or local. The code from the exploit program is frequently
reused in Trojan horses and computer viruses.
Indirect attacks
An indirect attack is an attack launched by a third-party computer. By using someone
else's computer to launch an attack, it becomes far more difficult to track down the actual
attacker. There have also been cases where attackers took advantage of public
anonymizing systems, such as the tor onion router system.
Computer crime: Computer crime refers to any crime that involves a computer and a
network.
Cyber Crime Prevention Tips
1. Use Strong Passwords
Use different user ID / password combinations for different accounts and avoid
writing them down. Make the passwords more complicated by combining letters,
numbers, special characters (minimum 10 characters in total) and change them
on a regular basis.
2. Secure your computer
Activate your firewall
Firewalls are the first line of cyber defense; they block connections to unknown
or bogus sites and will keep out some types of viruses and hackers.
o Use anti-virus/malware software
Prevent viruses from infecting your computer by installing and regularly
updating anti-virus software.
o Block spyware attacks
Prevent spyware from infiltrating your computer by installing and updating
anti-spyware software.
3. Be Social-Media Savvy
Make sure your social networking profiles (e.g. Facebook, Twitter, Youtube,
MSN, etc.) are set to private. Check your security settings. Be careful what
information you post online. Once it is on the Internet, it is there forever!
4. Secure your Mobile Devices
Be aware that your mobile device is vulnerable to viruses and hackers. Download
applications from trusted sources.
5. Install the latest operating system updates
Keep your applications and operating system (e.g. Windows, Mac, Linux) current
with the latest system updates. Turn on automatic updates to prevent potential
attacks on older software.
6. Protect your Data
 Use encryption for your most sensitive files such as tax returns or financial records,
make regular back-ups of all your important data, and store it in another location.
7. Secure your wireless network
Wi-Fi (wireless) networks at home are vulnerable to intrusion if they are not
properly secured. Review and modify default settings. Public Wi-Fi, a.k.a. “Hot
Spots”, are also vulnerable. Avoid conducting financial or corporate transactions
on these networks.
8. Protect your e-identity
Be cautious when giving out personal information such as your name, address,
phone number or financial information on the Internet. Make sure that websites are
secure (e.g. when making online purchases) or that you’ve enabled privacy settings
(e.g. when accessing/using social networking sites).
9. Avoid being scammed Always think before you click on a link or file of unknown
origin. Don’t feel pressured by any emails. Check the source of the message. When
in doubt, verify the source. Never reply to emails that ask you to verify your
information or confirm your user ID or password.
Principle of security
There are five principles of security. They are as follows:
• Confidentiality:
The principle of confidentiality specifies that only the sender and the intended
recipient should be able to access the content of the message.

A B

• Integrity:
The confidential information sent by A to B which is accessed by C without the
permission or knowledge of A and B.

A B

• Authentication:
Authentication mechanism helps in establishing proof of identification.
 • Access control:
Access control specifies and control who can access what.
• Availability:
It means that assets are accessible to authorized parties at appropriate times.

BASIC NETWORK TERMINOLOGIES

Wireless and Home Network Security
How many gadgets are linked to your Wi-Fi network in your house? You could always
have a dozen or more devices connected to your network at once, thanks to laptops,
streaming gadgets, new iPhones, security cameras, and smart speakers.
Now consider the data that is stored on those devices: bank account details, credit card
numbers, login passwords, and live video feeds. Consider how easily accessible that data
would be if someone were to access your Wi-Fi network. If your network is ever infiltrated,
you want to make sure you're safeguarding yourself from hackers.
The likelihood of having your private information compromised and leaked to third parties
is decreased with a secure home network. Furthermore, it will block devices and people
who are not permitted or who could slow down your connection or use your paid internet
service for free.
Home Network Security describes the methods and tools employed to keep cyber threats
out of a home network. These include PCs, smartphones, and Internet of Things devices.
Safeguarding against malware, hacking attempts, and data breaches is the main goal.
Cybercriminals utilize home networks as priority targets, with ransomware, phishing, and
malware. These threats will decrease with effective security measures. With more devices
being connected and migrating online, home network security earns attention. A secure
network means less latency and faster communication between devices. To establish a
secure home network, several key components should be implemented.
Why is Home Network Security Important?
We rely on our home networks for everything in today's connected world, from streaming
entertainment to doing online banking. However, because hackers are constantly looking
for methods to attack flaws in our networks, there is an increased danger associated with
this greater connectedness. Because of this, it's more crucial than ever to take precautions
to safeguard your home network. This offers advantages like quicker and more dependable
internet connection, in addition to protecting your private data and gadgets. This post will
discuss the benefits of protecting your home network and offer actionable
recommendations.
Home network security guards against identity theft and other fraudulent actions by
keeping your personal information safe from hackers. Furthermore, by keeping others from
accessing your internet connection, you may secure your network and avoid further
problems and network speed slowdowns. In conclusion, network security helps avert
device compromise, which can result in ransomware attacks, data loss, and other forms of
cybercrime.
There are several more reasons to protect your home network in addition to the security
advantages. The major benefits of home network security are as follows:
Faster and more dependable internet access: You can stop unauthorized people from
accessing your network, which might cause it to become unreliable or slow down, by
safeguarding it. You may be able to get a quicker and more reliable internet connection as
a result.
Parental controls: You may limit internet access during specific hours or prevent access to
specific websites using the built-in parental controls found in many routers. This might
assist you in keeping an eye on and managing your kids' internet usage.
Keeping IoT devices safe: A lot of smart gadgets, including security cameras and
thermostats, rely on your home network to provide them with an internet connection. You
can lessen the likelihood that hackers may infiltrate these devices by keeping your network
secure.
Basic Key Components of Home Network
1. Firewall: An untrusted external network and a trusted internal network are separated
by a firewall. It blocks unauthorized access while allowing legitimate
communication. Your firewall is the first, and possibly most crucial, layer of defense
in your network. In accordance with predetermined rules, they keep an eye on all
incoming and exiting traffic. Routers and modems typically house your network
firewall, a vital security feature that shields your devices from malicious hackers.
Your internet service provider (ISP) has, ideally, given great thought to the security
of your router. It is built to be safely exposed to the public internet.
2. Encryption: Utilizing encryption protocols such as WPA2 or WPA3 for Wi-Fi
connections protects data. It is difficult to read, even if it is captured.
3. Strong Passwords: Implementing complex passwords for both the Wi-Fi network
and router admin accounts is critical. To change these passwords frequently secures
brute-force attacks.
4. Updates: Keeping router firmware and device software up to date. Updates for the
security flaws are provided by producers.
 5. Monitoring: Proactively monitoring network activity can help identify suspicious
behavior or devices in the network. This proactive approach lets us respond quickly
to potential threats.
6. Two-Factor Authentication (2FA): Enabling 2FA adds an additional layer of
security. It requires two forms of identification before granting access to sensitive
devices or resources.
Procedure on How to Secure Your Home Wireless Network
1. Modify the default password: Your router probably had a default password when
you originally set it up. This password is readily discovered by hackers online;
therefore, it's critical to update it to a strong, one-of-a-kind password.
Turn on WPA2 encryption: For residential networks, WPA2 is the most secure
encryption technique available. It is enabled through the router's settings.
2. Upgrade the firmware: Firmware upgrades are released by router makers to address
security flaws and enhance functionality. Ensure that you routinely check for
updates and install them as soon as they are made available.
3. Turn off remote management: Although it gives you the ability to control your
network from anywhere, it also gives hackers a point of access. If you do not require
this function at all, disable it.
4. Activate a guest network: A lot of routers let you create a distinct network for guests
that lets them access the internet but limits access to your primary network. When
guests need to use the internet, this can be helpful.
5. Disable WPS: Although Wi-Fi Protected Setup (WPS) makes it simple to add new
devices to your network, it also poses a security risk. Go into the router's settings
and disable this option.

BLUETOOTH SECURITY
Bluetooth security is used to protect services offered by devices as well as enforce
exclusivity, permitting only very specific devices to connect. In accomplishing this end,
the security troika was introduced consisting of authentication, authorization, and
encryption.
Bluetooth specifications include a collection of features that provide developers the tools
they need to secure communications between Bluetooth devices and implement the
appropriate level of security for their products.
All Bluetooth specifications are subject to security reviews during the development
process. In addition, Bluetooth technology is an open, global standard, and the Bluetooth
SIG encourages active review of the specifications by the security research community.
Bluetooth Security Modes
There are two security modes: LE Security Mode 1 and LE Security Mode 2. There are
also four security levels appropriately numbered 1 through 4, with 4 being the most secure.
Yes you can mix levels and modes. To further complicate things, there are two additional
security modes named Mixed Security Mode and Secure Connection Only Mode.
We’ll start with the security levels first:
Security Level 1 supports communication without security at all, and applies to any
Bluetooth communication, but think of it as applying to unpaired communications.
Security Level 2 supports AES-CMAC encryption (aka AES-128 via RFC 4493, which is
FIPS-compliant) during communications when the devices are unpaired.
Security Level 3 supports encryption and requires pairing.
Security Level 4 supports all the bells and whistles, and instead of AES-CMAC for
encryption, ECDHE (aka Elliptic Curve Diffie-Hellman aka P-256, which is also FIPS-
compliant) is used instead.
Then the security modes:

Security Mode 1 is those levels without signing of data

Security Mode 2 is those same levels with signing of data, including both paired and
unpaired communications.
Mixed Security Mode is when a device is required to support both Security Mode 1 and 2,
i.e., it needs to support signed and unsigned data.
Secure Connection Only Mode is Secure Mode 1 with Security Level 4, meaning that all
incoming and outgoing traffic in a Bluetooth device involve authenticated connections and
encryption only. To complete the confusing complexity, you can run Secure Connection
Only Mode with Secure Mode 2 instead of 1 to ensure all data is signed, but since the data
is encrypted, and more math means more computing power, and more computing power
means faster battery drain, Bluetooth SIG apparently felt encryption without signing was
good enough for this particular mode.

Pairing
Now knowing what these modes and levels are, one can start to answer some of those
questions about maintaining pairing despite sleep mode or enforcing privacy on a
Bluetooth connection between devices that aren’t always talking to each other. But we need
to discuss how they are implemented, starting with pairing.
The pairing process is pretty much where everything security-related takes place and is
decided beforehand. Its purpose is to determine what the capabilities are on each end of the
two devices getting ready to pair and then to get them actually talking to each other. The
pairing process happens in three phases, and we will quickly outline each one.
Phase One
In phase one, the two devices let each other know what they are capable of doing. The
values they are reading are Attribution Protocol (ATT) values. These live at layer 4 with
L2CAP, and are typically not ever encrypted. They determine which pairing method is
going to be used in phase two, and what the devices can do and what they expect. For
example, ATT values will be different for a Bluetooth Smart vs a Bluetooth Smart Ready
device.
Phase Two
In phase two, the purpose is to generate a Short Term Key (STK). This is done with the
devices agreeing on a Temporary Key (TK) mixed with some random numbers which gives
them the STK. The STK itself is never transmitted between devices. With STK, this is
commonly known as LE legacy pairing. However, if the Secure Connection Only Mode is
being used, a Long Term Key (LTK) is generated at this phase (instead of an STK), and
this is known as LE Secure Connections.
Phase Three
In phase three, the key from phase two is used to distribute the rest of the keys needed for
communications. If an LTK wasn’t generated in phase two, one is generated in phase three.
Data like the Connection Signature Resolving Key (CSRK) for data signing and the
Identity Resolving Key (IRK) for private MAC address generation and lookup are
generated in this phase.
There are four different pairing methods:
Numeric Comparison. Basically, both devices display the same six digit value on their
respective screens or LCD displays, and you make sure they match and hit or click the
appropriate button on each device. This is not to prevent a man-inthe-middle (MITM)
attack, mainly because it doesn’t, but rather to identify the devices to each other.
Just Works. Obviously, not all devices have a display, such as headphones or a speaker.
Therefore, the Just Works method is probably the most popular one. Technically, it is the
same as Numeric Comparison, but the six-digit value is set to all zeros. While Numeric
Comparison requires some on-the-fly math if you are performing a MITM attack, there is
no MITM protection with Just Works.
Passkey Entry. With Passkey Entry, a six-digit value is displayed on one device, and this
is entered into the other device.
Out of Band (OOB). A communication method outside of the Bluetooth communication
channel is not used, but the information is still secured. The Apple Watch is a good example
of this workflow. During the Apple Watch pairing method, a swirling display of dots is
displayed on the watch face, and you point the pairing iPhone’s camera at the watch face
while (according to Apple) bits of information are transmitted via this process. Another
example is using Near Field Communication (NFC) between NFC-capable headphones and
a pairing phone.
Determining Modes and Levels
As mentioned before, the Layer-7 application is not aware of the underlying Bluetooth
security implementation. Therefore, reversing an app used for some Bluetooth-enabled
device will not tell you the full story. Nevertheless, there are several steps you can take to
determine.

SECURITY TERMINOLOGIES
Data Backup: data backups in computers involves creating copies of your data to a separate
location so it can be restored if the original data is lost or corrupted. This is crucial for data
protection and business continuity, ensuring you can recover from equipment failure, cyber-
attacks, or natural disasters.
Key concepts and methods Data Backup
Data Loss Prevention: backups protect against accidental deletion, hardware failure, software
glitches, or malicious attacks.
Business Continuity: in case of a disaster, backups allow you to restore operations quickly and
minimize downtime.
Data Integrity: backups can help restore data to a known good state, even if the original data is
corrupted.
Types of Backup Methods
Full Backup: Copies all selected data, creating a complete snapshot of your system.
Incremental Backup: Only backs up the data that has changed since the last backup (full or
incremental).
Differential Backup: Backs up all changes made since the last full backup.
Cloud Backup: Stores data on remote servers, offering accessibility and scalability.
Local Backup: Stores data on a local storage device, such as an external hard drive.
Common Backup Solutions:
External Hard Drives: Provide a cost-effective and convenient way to store backups.
Cloud Storage Services: Offer online storage and automated backups.
Software Solutions: Provide features like scheduling, compression, and encryption.
Hardware Appliances: Dedicated devices designed for backup and recovery.
Steps for Backing up your Computer:
Choose a Backup Method: Decide whether to use local or cloud storage, and select the appropriate
software or hardware.
Select Data to Back Up: Choose the files, folders, or entire drives you want to protect.
Configure Backup Settings: Set the frequency of backups, storage location, and other options.
Start the Backup: Initiate the backup process, and monitor its progress.
Test Your Backups: Regularly verify that your backups can be restored successfully.

SOCIAL NETWORKING
A social network is a platform, typically a website or app, where users can connect with each other,
share content, and engage in various forms of communication.
User Profiles: Each user has a profile where they can share information about themselves, such as
their interests, photos, and personal details.
Connection and Networking: Social networks allow users to connect with other individuals, build
relationships, and form communities based on shared interests or connections.
Content Sharing: Users can share various types of content, including text, images, videos, and
links, with their network.
Communication Tools: Social networks provide tools for communication, such as direct
messaging, group chats, and public posts.
Examples:
Popular social networks include Facebook, Instagram, Twitter (now X), TikTok, LinkedIn, and
others.
Purpose:
Social networks are used for a variety of purposes, including:
Maintaining Relationships: Connecting with friends, family, and colleagues.
Sharing Information: Staying updated on current events, news, and trends.
Promoting Businesses: Businesses use social networks to market their products and services.
Finding Jobs: Job seekers use social networks like LinkedIn to find employment opportunities.
Expressing Opinions: Sharing thoughts and opinions on various topics.

ANTIVIRUS PROTECTION
Antivirus protection in computers involves using software to prevent, detect, and remove
malicious software (malware) like viruses, worms, and trojans, ensuring your computer and data
are safe from cyber-attacks.
Antivirus software, also known as anti-malware, is a program designed to protect computers from
various types of malware.
How it works:
Real-time protection: Antivirus software typically runs in the background, monitoring your
computer for suspicious activity and blocking potential threats.
Scanning: It scans files, programs, and even emails for known malware signatures and patterns.
Detection and removal: When malware is detected, the software can quarantine, remove, or
otherwise neutralize the threat.
Firewall protection: Some antivirus software also includes firewall features to control network
traffic and prevent unauthorized access to your computer.
Important of Antivirus Protection
Cybersecurity: Antivirus software is a crucial part of cybersecurity, helping to protect your
computer and personal information from cyberattacks.
Data protection: It helps prevent malware from damaging your files, stealing your data, or
compromising your privacy.
System stability: Malware can slow down your computer, cause crashes, and even make your
computer unusable.
Examples of Antivirus Software:
According to www.toppr.com, some popular antivirus software includes Microsoft Defender,
Norton 360, Bitdefender Antivirus, Malwarebytes, McAfee Total Protection, and ESET NOD32
Antivirus.

INTERNET SECURITY
Internet security encompasses measures to protect computer networks, devices, programs, and data
from unauthorized access, theft, damage, or other attacks that could compromise their integrity,
confidentiality, or availability. It also includes protecting user privacy and blocking malware,
viruses, spyware, and other cyber threats.
Key Aspects of Internet Security
Data:
Safeguarding sensitive information from unauthorized access, theft, or modification.
Devices:
Protecting computers, smartphones, and other connected devices from malware and cyberattacks.
Networks:
Ensuring the security of local and wide area networks from intrusion and malicious activity.
Privacy:
Protecting users' personal information and online activities from being monitored or compromised.
Key Measures and Technologies
Firewalls: Act as a barrier between a network and the internet, controlling incoming and outgoing
traffic based on predetermined security rules.
Antivirus and Anti-malware Software: Detect and remove malicious software, such as viruses,
worms, and trojans.
Secure Protocols: Using secure protocols like HTTPS to encrypt data transmitted over the internet.
VPNs: Virtual Private Networks encrypt internet traffic, making it more difficult for hackers to
intercept data.
Intrusion Detection and Prevention Systems (IDS/IPS): Monitor network traffic for suspicious
activity and take action to prevent or mitigate threats.
Data Loss Prevention (DLP): Measures to prevent sensitive data from leaving a network or device.
Strong Passwords and Two-Factor Authentication: Using unique, strong passwords and enabling
two-factor authentication (2FA) to add an extra layer of security.
Regular Software Updates: Keeping operating systems, browsers, and other software up to date
with the latest security patches.
Email Security: Protecting against phishing emails and other email-based threats.
Network Segmentation: Dividing a network into smaller, isolated segments to limit the impact of
a potential security breach.
Secure Internet Access (SIA): Measures and technologies that secure the connection between the
endpoint and the internet, ensuring the privacy and integrity of data and providing a safe browsing
experience.
Credit card fraud detection involves using various policies, tools, and methodologies to identify
and prevent unauthorized or fraudulent transactions, employing techniques like real-time
monitoring, machine learning, and behavioral analytics.
CREDIT CARD FRAUD
Credit card fraud detection is a crucial process for financial institutions and card issuers to
minimize losses from fraudulent activity, both online and in-store.
It aims to quickly identify and stop suspicious or unauthorized transactions, protecting both
cardholders and the finance system.
It involves using various techniques and technologies to identify potentially fraudulent transactions
in real-time or post-transaction analysis.