MODULE 4.docx

# Information security principles and goals Information security aims to protect information and information systems from unauthorized access, use, disclosure, disruption, modification, and damage. ### 1.1 Core information security principles The fundamental principles of information security are often referred to as the "CIA triad": #### 1.1.1 Confidentiality Confidentiality ensures that only authorized users have the right to access specific information. This principle is concerned with preventing the unauthorized disclosure of sensitive data. #### 1.1.2 Integrity Integrity means that information or data remains unaltered and accurate. It prevents unauthorized changes or tampering with information, ensuring its reliability. #### 1.1.3 Availability Availability ensures that information and systems are accessible and usable when needed by authorized users. This means systems and data should be available during operational hours and resilient to disruptions. ### 1.2 Computer security risks Computer security risks are actions or events that could lead to a loss of or damage to computer hardware, software, information, data, or processing capabilities. Organizations must consider these risks when designing and implementing information security measures. #### 1.2.1 Risks to personal and organizational data Personal and organizational data must be protected. Organizations need to account for these risks when designing and implementing information security. #### 1.2.2 Computer malware Malware refers to malicious software that can damage computers without the user's consent. Common types include: ##### 1.2.2.1 Virus A virus is designed to take control of system operations and can destroy files or even the entire computer. Viruses can enter a computer through downloaded files or programs, email attachments, CDs, and flash drives. ##### 1.2.2.2 Worm A worm is a self-replicating program that consumes system and network resources by repeatedly copying itself. This can lead to system slowdowns and potential compromises. ##### 1.2.2.3 Trojan horse A Trojan horse program does not replicate or copy itself to other computers. Instead, it causes damage or compromises the security of the computer it infects by targeting sensitive areas. ##### 1.2.2.4 Spyware Spyware is software placed on a computer without the user's consent or knowledge. It can capture information such as web browsing habits, email messages, usernames and passwords, and credit card information. ### 1.3 Safeguards against computer malware While no method can guarantee a computer or network is entirely safe from all malicious software, several safeguards can significantly enhance security. #### 1.3.1 Strong password protection Strong passwords are a crucial defense for accounts. Key characteristics include: * **Adequate length:** Passwords should be at least eight characters long, and preferably longer, to resist brute-force attacks. * **Adequate character mix:** A good password uses a meaningless combination of letters (both uppercase and lowercase) and numbers. * **Avoid directly identifiable information:** Passwords should not be easily guessable, such as names of family members, pets, or other personal details. > **Example:** > * Weak passwords: "orange", "97435333", "alabri" > * Strong passwords: "OraNge@3241", "Al#Abri@442" #### 1.3.2 Backup and recovery Regularly backing up data and having a recovery plan in place is essential to restore information in case of loss or damage. #### 1.3.3 Regular software updating Software is not perfect and often requires updates to address vulnerabilities. * **Security updates:** These are designed to protect software and computers from harmful programs, viruses, and exploits. * **Application updates:** These can fix problems or enhance how a computer works. * **Operating system updates:** Keeping operating systems updated often improves overall performance and security. #### 1.3.4 Digital certificates A digital certificate is a notice that guarantees a user or a website is legitimate, providing a level of assurance about their identity and security. #### 1.3.5 Encryption and decryption * **Encryption:** This security technique converts readable data (plaintext) into unreadable characters (ciphertext) to prevent unauthorized access. * **Decryption:** This is the inverse process of encryption, allowing authorized parties with the necessary decryption information to read the encrypted files. #### 1.3.6 Firewall A firewall is hardware or software that protects a network's resources from intrusion by users on another network. It controls incoming and outgoing network traffic, acting as a barrier to protect network resources. #### 1.3.7 Antivirus software Antivirus software is a utility program used to protect a computer against viruses and other malware. It works by scanning for malicious software, removing any detected viruses, and protecting against threats found in storage devices or incoming files. This includes protection against worms, Trojans, and spyware. ### 1.4 Security features in Windows 10 Windows 10 includes several tools to help protect computers from threats. The main security tools are: #### 1.4.1 User Account Control (UAC) UAC is a tool that warns users when a program or user attempts to make changes to computer system settings. This helps prevent accidental changes or malicious software from altering settings. UAC can be configured at different notification levels: * **Low:** Never notify the user. * **Moderate:** Notify only when an application tries to make changes. * **High:** Notify when programs or the user tries to make changes. #### 1.4.2 Windows Defender Windows Defender is an antivirus and malware protection component included in the Windows operating system. It allows users to scan their computers for malicious software and checks files and programs as they are opened. #### 1.4.3 Windows Firewall The Windows Firewall prevents unauthorized external access to a computer by controlling network traffic. --- # Computer network security risks and data protection This section details the various security risks to computers and networks, focusing on threats to personal and organizational data and the concept of computer security risks leading to loss or damage. ### 2.1 Computer security risks A computer security risk is defined as any action or event that could result in a loss or damage to computer hardware, software, information, data, or processing capabilities. #### 2.1.1 Risks to personal and organizational data Protecting personal and organizational data is paramount. Organizations must account for these risks when designing and implementing information security measures. #### 2.1.2 Computer malware Malware refers to malicious software that can damage computers without the user's consent. ##### 2.1.2.1 Virus A virus is designed to take control of system operations, destroy files stored on a computer, or even disable the computer itself. Viruses can enter a computer through downloaded files or programs, email attachments, CDs, and flash drives. ##### 2.1.2.2 Worm A worm is a self-replicating program that typically consumes system and network resources by repeatedly creating copies of itself. This excessive resource usage can overload a computer and expose it to danger. ##### 2.1.2.3 Trojan horse A Trojan horse is a program that does not replicate or copy itself to other computers but instead causes damage or compromises the security of the computer it infects, often targeting sensitive areas. ##### 2.1.2.4 Spyware Spyware is a program installed on a computer without the user's consent or knowledge. It can covertly capture various types of information, including web browsing habits, email messages, usernames and passwords, and credit card information. ### 2.2 Safeguards against computer malware While there are no absolute guarantees for computer or network safety from malicious software, several methods can significantly enhance protection. #### 2.2.1 Strong password protection Strong passwords are crucial for protecting accounts. They should be at least eight characters long, preferably longer, and use an adequate mix of letters and numbers in a meaningless combination. Directly identifiable information, such as family member or pet names, should be avoided. > **Example:** Weak passwords include "orange", "97435333", or "alabri". Stronger passwords are "OraNge@3241" or "Al#Abri@442". #### 2.2.2 Backup and recovery Regularly backing up data and having a recovery plan is essential to restore information in case of loss or damage. #### 2.2.3 Regular software updating Software updates are designed to protect systems from harmful programs, viruses, and exploits. Updating applications adds features, fixes problems, and enhances overall performance. Keeping operating system applications updated also improves the overall performance of the software and the computer. #### 2.2.4 Digital certificates A digital certificate is a form of authentication that assures a user or website is legitimate, indicating a level of protection and trustworthiness. #### 2.2.5 Encryption and decryption * **Encryption:** This security technique converts readable data (plaintext) into unreadable characters (ciphertext) to prevent unauthorized access. * **Decryption:** This is the inverse process of encryption, allowing only authorized parties with the necessary decryption information to read the encrypted files. #### 2.2.6 Firewall A firewall is hardware or software that protects a network's resources from intrusion by users on other networks. It manages incoming and outgoing network traffic and is a fundamental component for network security. #### 2.2.7 Antivirus software Antivirus software is a utility program designed to protect a computer against viruses. It works by scanning memory and storage devices for malicious software, removing any computer viruses found, and protecting against worms, Trojans, and spyware from incoming files. ### 2.3 Security features in Windows 10 Windows 10 includes several tools to protect computers from threats like viruses and other malware. The primary security tools are User Account Control, Windows Defender, and Windows Firewall. #### 2.3.1 User Account Control (UAC) User Account Control is a tool that warns users when an attempt is made to change computer system settings. This helps prevent accidental changes or malicious software from altering settings. UAC can be configured to low, moderate, or high notification levels, depending on the user's preference for security alerts. #### 2.3.2 Windows Defender Windows Defender provides built-in antivirus and malware protection within the Windows operating system. It allows users to scan their computers for malicious software and checks each file or program as it is opened. #### 2.3.3 Windows Firewall The Windows Firewall prevents unauthorized external access to a computer, acting as a barrier against intrusions from outside the network. --- # Computer malware types and their impact This section details various forms of malicious software designed to infiltrate and compromise computer systems without explicit user authorization. ### 3.1 Defining computer malware Computer malware refers to any malicious software designed to damage or disrupt computer systems and networks without the user's consent. These threats can lead to data loss, unauthorized access, and system instability. ### 3.2 Types of computer malware Malware encompasses a range of threats, each with distinct characteristics and methods of operation. #### 3.2.1 Viruses A virus is a type of malware engineered to take over system operations. It can destroy files stored on a computer or even damage the entire system. Viruses typically infect computers through downloaded files or programs, email attachments, CDs, and flash drives. #### 3.2.2 Worms Worms are self-replicating programs that spread autonomously across networks. Their primary characteristic is their ability to create multiple copies of themselves repeatedly, which can consume significant system and network resources. This excessive resource consumption can lead to a slowdown or complete failure of the computer and network. #### 3.2.3 Trojan horses A Trojan horse is a program that, unlike viruses and worms, does not replicate itself or copy itself to other computers. Instead, it causes damage or compromises the security of the computer by disguising itself as legitimate software. It can target sensitive areas of the computer's security, leaving it vulnerable. #### 3.2.4 Spyware Spyware is a type of malware that is installed on a computer without the user's consent or knowledge. Its primary function is to secretly capture information about the user's activities. This captured information can include web browsing habits, email messages, usernames and passwords, and credit card information. > **Tip:** Spyware is particularly insidious because it operates in the background, making it difficult for users to detect its presence and actions. ### 3.3 Impact of malware on computer systems Malware can have severe consequences for both individual users and organizations. The impact ranges from minor inconveniences to catastrophic data breaches and system failures. * **Data loss and corruption:** Viruses and Trojan horses can delete, modify, or corrupt critical data, leading to irreversible loss. * **System disruption and downtime:** Worms and viruses can consume system resources to the point of crashing the computer, leading to significant downtime for individuals and businesses. * **Security compromise:** Spyware can steal sensitive information like login credentials and financial details, enabling identity theft and financial fraud. Trojan horses can create backdoors for attackers to gain unauthorized access. * **Unauthorized access:** Malware can create vulnerabilities that allow attackers to remotely control infected systems or access confidential information. * **Resource depletion:** Worms, in particular, can consume network bandwidth and processing power, degrading performance for all users on the network. --- # Safeguards and security features against computer malware This topic outlines essential protective measures and built-in security features designed to defend against various forms of malicious software. ### 4.1 Understanding computer malware Computer malware refers to actions or events that could cause a loss of or damage to computer hardware, software, information, data, or processing. These threats can significantly impact both personal and organizational data, necessitating robust security measures during the design and implementation of information security systems. #### 4.1.1 Types of computer malware * **Virus:** A virus is designed to take control of system operations and can destroy files, or even the computer itself. Viruses can infiltrate a computer through downloaded files, email attachments, CDs, and flash drives. * **Worm:** Unlike viruses, worms are self-replicating programs that consume system and network resources by repeatedly creating copies of themselves. This resource consumption can overload a computer and lead to system instability or failure. * **Trojan horse:** This type of program does not replicate or copy itself to other computers. Instead, it causes damage or compromises the computer's security by targeting sensitive areas. * **Spyware:** Installed on a computer without the user's consent or knowledge, spyware can covertly capture information such as web browsing habits, email messages, usernames and passwords, and credit card details. ### 4.2 Safeguards against computer malware While no single method can guarantee complete safety from all malicious software, a combination of protective strategies significantly enhances security. #### 4.2.1 Strong passwords A strong password is the first line of defense for an account. Key characteristics of a strong password include: * **Adequate length:** Passwords should be at least eight characters long, and preferably longer, to prevent easy determination through brute-force attacks. * **Character mix:** A meaningless combination of letters, numbers, and special characters enhances security. A mix that is seven or eight characters long is recommended. * **Avoidance of identifiable information:** Passwords should not include names of family members, pets, or other easily guessable personal details. > **Tip:** A weak password might be "orange" or "97435333," while a strong password could be "OraNge@3241" or "Al#Abri@442." #### 4.2.2 Backup and recovery Regularly backing up data is crucial for recovery in the event of data loss or corruption due to malware. This involves creating copies of important files and having a plan to restore them. #### 4.2.3 Regular software updating Software imperfections can leave systems vulnerable. Regular updates are designed to address these vulnerabilities: * **Security updates:** These are specifically created to protect software and computers from harmful programs, viruses, and exploits. * **Application updates:** These can include additions that help prevent or fix problems, or enhance and improve software functionality. * **Operating system updates:** Keeping the operating system updated often leads to enhanced overall performance and can patch security weaknesses. #### 4.2.4 Digital certificates A digital certificate acts as a verifiable notice that confirms the legitimacy of a user or a website, providing a layer of trust and assurance regarding their identity. #### 4.2.5 Encryption and decryption * **Encryption:** This security technique converts readable data (plaintext) into unreadable characters (ciphertext) to prevent unauthorized access. * **Decryption:** This is the inverse process of encryption, allowing only authorized parties with the necessary decryption information to convert ciphertext back into readable plaintext. #### 4.2.6 Firewalls Firewalls are hardware and/or software components that protect a network's resources from intrusion by users on other networks. They control and monitor incoming and outgoing network traffic, acting as a barrier between a trusted internal network and untrusted external networks. #### 4.2.7 Antivirus software Antivirus software is a utility program designed to protect a computer against viruses and other malware. Its functions include: * Scanning memory and storage devices for malicious software. * Removing detected computer viruses. * Protecting against threats from incoming files, including worms, Trojans, and spyware. ### 4.3 Security features in Windows 10 Windows 10 incorporates several built-in tools to help protect computers from threats like viruses and malware. The primary security features include: #### 4.3.1 User Account Control (UAC) User Account Control is a tool that alerts the user when an application or process attempts to make changes to the computer's system settings. This helps prevent accidental changes or malicious software from altering configurations. UAC settings can be adjusted to different notification levels: * **Low:** Never notifies the user. * **Moderate:** Notifies only when an application attempts to make changes. * **High:** Notifies when programs or the user tries to make changes. #### 4.3.2 Windows Defender Windows Defender is an integrated antivirus and malware protection component within the Windows operating system. It enables users to scan their computer for malicious software and checks each file or program as it is opened. #### 4.3.3 Windows Firewall The Windows Firewall is designed to prevent unauthorized access from outside the computer. It acts as a barrier, controlling network traffic to block malicious attempts to infiltrate the system. --- ## Common mistakes to avoid - Review all topics thoroughly before exams - Pay attention to formulas and key definitions - Practice with examples provided in each section - Don't memorize without understanding the underlying concepts

| Term | Definition | |------|------------| | Confidentiality | The principle that ensures only authorized users have the right to access specific information, preventing unauthorized disclosure. | | Integrity | The principle that ensures information or data remains unaltered and free from any unauthorized changes or tampering. | | Availability | The principle that ensures information must be accessible and available to authorized users when needed, within the scope of the system. | | Computer security risk | An action or event that has the potential to cause a loss of or damage to computer hardware, software, information, data, or processing capabilities. | | Malware | Malicious software designed to damage computers without the user's consent, compromising system operations and security. | | Virus | A type of malware designed to take control of system operations, destroy files, or damage the computer itself, often spread through downloaded files or email attachments. | | Worm | A self-replicating program that consumes system and network resources by repeatedly copying itself, potentially causing significant strain and risk to the computer. | | Trojan horse | A program that causes damage or compromises computer security without replicating itself to other computers, often targeting sensitive security areas. | | Spyware | A program installed on a computer without the user's consent or knowledge, capable of capturing sensitive information such as browsing habits, emails, usernames, passwords, and credit card details. | | Brute force password cracker | A method used to gain unauthorized access to accounts by systematically trying all possible combinations of characters until the correct password is found. | | Digital certificate | A notice that authenticates the legitimacy of a user or a Web site, providing a level of assurance for security and trust. | | Encryption | A security technique that converts readable data (plaintext) into unreadable characters (ciphertext) to prevent unauthorized access and protect information confidentiality. | | Decryption | The inverse process of encryption, allowing authorized parties with the necessary decryption information to convert encrypted files back into readable format. | | Firewall | Hardware and/or software designed to protect a network's resources from intrusion by users on other networks, managing and controlling incoming and outgoing network traffic. | | Antivirus Software | A utility program used to protect computers against viruses and other malicious software by scanning memory, storage devices, and incoming files for threats. | | User Account Control (UAC) | A security feature in operating systems that warns users when an application or user attempts to make changes to computer system settings, helping to prevent accidental or malicious alterations. | | Windows Defender | An antivirus and malware protection component included in the Windows operating system that scans computers for malicious software and checks files and programs. | | Windows Firewall | A security feature in Windows that prevents unauthorized external access to a computer by controlling network traffic. |