ELearning College Assignment 1 (Solution) 1. What is cyber security?   Answer :   First of all, the term cyber security refers to...


Friday, May 22, 2020 1 Comments

ELearning College Assignment 1 (Solution)

1. What is cyber security?
First of all, the term cyber security refers to all the safeguards and measures to reduce the digital security breach. Cyber security affects all the computers and mobile phone or any other devices concerned with internet across the world may be targeted by cyber criminals. Cyber security means to protect from intruder, hackers, and illegal crimes. It mainly focus on security of confidential data and information around the world. Security breach is not a new thing for us because we man have heard or seen such activities in this digital era. Cyber security helps us to protect from such breaching, hacking, malwares and many more. Today world the most demanding technology is cyber security.

2. What are the main objective of cyber security? 
The main objectives of cyber security are as follows:
Confidentiality: It means that only the sender and receiver can see the message or information or access it. It gives fully privacy with two person only.
But when third person access this message then it is no more remains confidential.
Authentication: It means authenticating user’s identity. It take user’s real identity which concern that same person is sending message.
Integrity; It means there is not any change in message or modification in message. Any change in message leads to dishonesty in message like alter, delete, insert, etc then its integrity is lost.
Non-repudiation:  It is a situation like when a user send a message but later says that I have not send this message. So non-repudiation does not allow the sender to refuse after sending the message.
Access control: It ensures which user can access and which cannot access.
Availability: It says that the resources that is available will be available to the authorized user only but not the rest.

3. What is rogue software ?
Rogue software refers to the fake antivirus that pretends you’re infected with virus. It may asks you about money or to but things or to enter your debit card number. All this is a fake security alert or scam to access your confidential data or files. It is a form of malicious software and internet fraud that misleads user into believing there is a virus on their computer and aims to convince them to pay fake malware remove tools that actually install as many as malware on your computer.
For example: Torjan horse which leads you to believe that your computer has virus so either follow fake or install anti–virus to protect computer.

4. What are the internal and external attacks of cyber security? And what are the preventive measure to protect cyber crime ?
The difference between internal and external attacks are:
Cyber criminals may be the organization or entity or may be stranger. We cannot predict without proof. But there are two distinct categories of cyber-attacks carried out by criminal’s entities worldwide.
Internal Attack: an internal attack occurs when an individual engages in some kind of malicious activities, by ways of their authorized access to the system. In the majority of internal attacks which are carried out by disgruntled employees, dissatisfied contractors, former employees who still have access to the organization’s system and so on. Internal attacker may have high level of access privileges, however easy to track back to their origins. Such attacks damage less comparison to external attack.
Examples: Data thief is on risk, passwords no longer cut it, the threat within, companies lack security skill etc.
External Attack: an external attacks occur when anyone who does not have authorized access to the company’s systems launches an attack. Any business that operates computers and IT systems that are connected to the internet is technically a viable target for external attackers worldwide. Most attacks by firewalls and safeguards. They uses malware, phishing, DOS attacks, ransomware to access from externally to gain access to control your system or software.  
Examples: DDoS, web app s are under attack, ransomware, phishing etc.

These are the preventive measure you can take to protect from cybercrime:
i) Keep tracking employee access levels and change then accordingly and frequently.
ii) Change passwords and other information when after an employee leaves.
iii) While training don’t share confidential data or information or passwords and ensure that passwords meet at least medium level of requirements.

1 comment: