Page 33 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 33

Unit 2: Threats




          Threat: Any person, act, or object that poses a danger to computer security is called a threat.  Notes
          Trojan Horses: This malware attack disguises itself as something innocent like a computer game
          or a search results page.

          Viruses: The term virus refers specifically  to malware inserting malicious code into existing
          documents or programs.
          Vulnerability: Any kind of asset that is not working optimally and is mission-critical or essential
          to the organization, such as data that are not backed-up, is called a vulnerability.
          Zombie Computers: ‘Zombie’ computer is a computer under seize of a spammer who has infected
          the computer attached to a network  with malware so that it acts as a tool of  a spammer by
          silently sending out thousands of emails from the owner’s email address.

          2.7 Review Questions

          1.   How do we keep our own and other people’s computers safe from hackers? Explain with
               the help of a hypothetical situation.
          2.   How do we keep viruses from attacking  all our computers if we get connected to the
               Internet?
          3.   Make distinction between information level threat and network level threat.
          4.   Explain the techniques used by hackers to steal passwords.
          5.   What does the term packet filtering firewall mean? Where would such a device be used
               and for what purpose?
          6.   Illustrate briefly two kinds of security attacks, which can be directed against an Internet-
               connected computer system.
          7.   Explain the security threats of information systems.
          8.   Describe the physical threats of information systems.
          9.   Discuss various Malicious Threats with their accessing damages respectively.

          10.  Threats  from outside  the  organization  must be  addressed, since  the  damages  from
               non-secured information system can effect in disastrous consequences for the organization.
               Comment.

          Answers: Self  Assessment

          1.   countermeasure                    2.  vulnerability
          3.   outside                           4.  Network level
          5.   Information-based                 6.  virus

          7.   trojan horses                     8.  News service
          9.   Phishing                          10.  Botnets
          11.  Denial-of-Service attack (DoS)    12.  IP spoofing
          13.  Time  Bomb                        14.  Fire damage

          15.  Hardware malfunction






                                           LOVELY PROFESSIONAL UNIVERSITY                                   27
   28   29   30   31   32   33   34   35   36   37   38