CHAPTER 1=INTRODUCTION TO SECURITY - Coggle Diagram
CHAPTER 1=INTRODUCTION TO SECURITY
The term information security is frequently used to describe the tasks of securing information that is in a digital format
This digital information is manipulated by a microprocessor (such as on a personal computer)
Information security can be best understood by examining its goals and the process of how it is accomplished
The term “information security” also can be defined as protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide;
Preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information.
Confidentiality ensures that only authorized parties can view the information.
Guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity.
Integrity ensures that the information is correct and no unauthorized person or malicious software has altered the data
Ensuring timely and reliable access to and use
Availability ensures that data is accessible to
1.2 SECURITY THREATS
A threat, in the context of computer security, refers to anything that has the potential to cause serious harm to a computer system.
Threats can lead to attacks on computer
systems, networks and more.
Risk of network intrusion
Once the hacker gains access to the
network, four types of threat may arise:
• Information theft
Breaking into a computer to obtain confidential
information. Information can be used or sold fo various purpose. Example: stealing an
organization’s proprietary information, such as research and development information
• Identity theft
A form of information theft where personal
information is stolen for the purpose of taking over someone’s identity. Using this information an
individual can obtain legal documents, apply for credit and make authorized online purchases.
• Data loss/ manipulation
Breaking into a computer to destroy or after
data records. Example of data loss: sending a virus that reformats a computer hard drive.
Example of data manipulation: breaking into a records system to change information, such
as the price of an item.
• Disruption of service
Preventing legitimate users from accessing
services to which they should be entitled.
Differentiate between Attackers and
Cracker/ Intruder/ Attacker
Work for themselves
Can easily be identified because their
actions are malicious
Referred as Black Hat
Hired by companies
Obtain advanced knowledge of operating systems and programming languages
Referred as White Hat
Various threats to computer security
Hackers may use a modem or cable to
hack the targeted computers
Hacking is a source of threat to security in
computer. It is defined as unauthorized access to the computer system by a hacker
Computers are also threatened by natural or
environmental disaster. Be it at home, stores, offices and also automobiles. Examples of
natural or environmental disasters:
Earthquakes, storms and tornados
Inadequate power supply
The effect is caused by an agent, with the
intention to cause damage.
The agent for malicious code is the writer of
the code, or any person who causes its distribution.
Two types of computer theft
Computer is used to steal money, goods,
information and resources.
Stealing of computer, especially notebook and