Delete any request for
financial password or
information
Secure your computing devices
Set your spam filters to high
Difference Between Virus,
Worm & Trojan Horse
A Trojan is software that appears to
perform a desirable function for the user
prior to run or install, but steals
information or harms the system.
Worms
A computer worm it a self-contained
program (or set programs) that is able
to spread functional copies of itself or
segments to other computer system
(usually via network connections)
A computer virus attaches itself it
travels to a program or file enabling
it to spread from one computer to
another, leaving infection.
DEFINITION
Commonly knows as malware
is any software that brings harm
to a computer system.
Examples
Past employee
An opportunistic employee
Disgruntled employee
Beware of
Worm
Hacking Tools
Password cracker
Shell Scripts
INTRODUCTION OF SECURITY
TYPE OF SECURITY THREATS
INTERNAL THREATS
Internal threats occur when someone has authorized
access to the network with either an account on a server or physical access to the network.
EXTERNAL THREATS
These people does not have any authorize access
to the company system or network.
External threats come from individuals or
organization who works outside of a company.
STRUCTURED THREATS
These group always involved with the major fraud and theft cases reported to law enforcement agencies.
They understand, develop and use sophisticated hacking technique to penetrate unsuspecting businesses.
Consist of expert individuals that know
system vulnerabilities and can understand
and develop exploit code and scripts
Subtopic
UNSTRUCTURED THREATS
For example, in an external company
Website is hacked, the integrity of
the company is damage.
Consist of inexperienced individuals
using hacking tools
GOAL OF SECURITY
AVAILABILTY
Is maintained when all component of the
information system are working properly.
The Situation where informaation is
available when and where it is rightly
needed.
INTERGITY
Is maintain when the information remains
unchanged during storage, transmission.
Is the condition where information is kept
accurate and consistent unless authorized
changes are made.
CONFIDENTIALITY
Ensure that only authorized people
are allowed to access the information.
Is the protection of information
from unauthorized access.
DATA AND EQUIPMENT
Social Engineering
Is the art of manipulating people so they give
up confidential information
Data Wiping
It is a non destructive process that enables the
medium to be safely reused without loss of
storage capacity or leakage of data
Performed externally by physically connecting
storage media to a hardware bulk-wiping device
or internally by booting a PC from a CD or network
is the process of logically removing data
from a read / write medium so that it can
no longer be read
