Scribd
Upload
65 views12 pages

Information Assurance and Security

The document discusses key concepts in computer security including unauthorized access, hackers, threats, vulnerabilities, and attacks. It also defines antivirus software, social engineering, viruses, and firewalls. The document explains that computer security uses a layered approach similar to military techniques to exhaust attackers. It provides examples of best practices in layered security such as application whitelisting, system restore solutions, authentication, and encryption of files, disks, removable media, and network folders.

Uploaded by

Simeon Cainday III
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
65 views12 pages

Information Assurance and Security

The document discusses key concepts in computer security including unauthorized access, hackers, threats, vulnerabilities, and attacks. It also defines antivirus software, social engineering, viruses, and firewalls. The document explains that computer security uses a layered approach similar to military techniques to exhaust attackers. It provides examples of best practices in layered security such as application whitelisting, system restore solutions, authentication, and encryption of files, disks, removable media, and network folders.

Uploaded by

Simeon Cainday III
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 12

IT20 INFORMATION ASSURANCE AND SECURITY 1

TERMINOLOGIES
AND LAYERS
IT20 INFORMATION ASSURANCE AND SECURITY 1

Listed below are some of the terminologies used in computer security:

1. Unauthorized Access − when someone gains access to a server,


website, or other sensitive data using someone else's account
details.

2. Hacker − Is an individual who tries to exploit a computer system


for a reason which can be money, a social cause, fun etc.
IT20 INFORMATION ASSURANCE AND SECURITY 1

3. Threat − Is an action or event that might compromise the


security.

4. Vulnerability − It is a weakness, a design problem or


implementation error in a system that can lead to an unexpected
and undesirable event regarding security system.

5. Attack − Is an assault on the system security that is delivered by


a person or a machine to a system. It violates security protocols.
IT20 INFORMATION ASSURANCE AND SECURITY 1

6. Antivirus or Antimalware − Is a software that operates on


different OS which is used to prevent malicious software attacks.

7. Social Engineering − Is a technique that a hacker uses to stole


data of a person for various purposes by means of psychological
manipulation.
IT20 INFORMATION ASSURANCE AND SECURITY 1

8. Virus − It is a malicious software that installs on your computer


without your consent for a bad intention.

9. Firewall − It is a software or hardware which is used to filter


network traffic based on guidelines.
IT20 INFORMATION ASSURANCE AND SECURITY 1

In Computer Security, layers is a well-known


practice which was taken from military
techniques.

The aim of this is to exhaust the attacker when


he succeeds to penetrate the first layer of
security by finding a hole, then he has to find
a hole in the second layer and so on, until he
arrives at the destination if he succeeds.
IT20 INFORMATION ASSURANCE AND SECURITY 1

Best Practices in a Layer Type of Security


Computer Application White Listening
The idea is to install just a limited number of applications in your
computers, which are useful as well as are genuine.

Computer System Restore Solution


In case your computer is hacked and your files are damaged, you should
have the possibility to again have access to your files. An example is
Windows System Restore or Backup.
IT20 INFORMATION ASSURANCE AND SECURITY 1

Computer and Network Authentication


The data that is accessed over the network is best to be provided only to
the authorized users.

File, Disk and Removable Media Encryption


Generally a good practice is to encrypt hard disks or removable devices,
the idea behind this is in case your laptop or your removable USB is
stolen and it is plugged in another machine it cannot be read.
IT20 INFORMATION ASSURANCE AND SECURITY 1

Remote Access Authentication


Systems which are accessed over the network is best to be provided only
to the authorized users.

Network Folder Encryption


Again like the case of Network Authentication, if you have a network
storage or a network folder shared, it is good to be encrypted to prevent
any unauthorized user who is listening to the network to read the
information.
IT20 INFORMATION ASSURANCE AND SECURITY 1

Secure Boundary and End-To-End Messaging


Nowadays email or instant messaging is widely spread and it is the
number one tool to communicate. It is better that the communication to
be encrypted is between the end users.
IT20 INFORMATION ASSURANCE AND SECURITY 1

Reference
Tutorials Point. ‘Computer Security’ [Online]. Available at
https://www.tutorialspoint.com/computer_security/index.htm. 2021

Tutorials Point. ‘Internet Security’ [Online]. Available at


https://www.tutorialspoint.com/internet_technologies/internet_security_overview.htm. 2021

You might also like