Computer Security: Fundamentals, Examples, and Countermeasures

Verified

Added on  2023/01/12

|15
|5240
|98
AI Summary
This document provides an overview of computer security, including its fundamentals, examples of threats, and countermeasures to protect systems. It also discusses key issues in computer security and explores different cyber security frameworks. The document is relevant for anyone interested in understanding and implementing effective computer security measures.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Computer Security

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Table of Contents
Introduction......................................................................................................................................3
Task 1...............................................................................................................................................3
Analyse fundamentals of computer security and examples along with countermeasures......3
Task 2...............................................................................................................................................6
Recognise key computer security issues through usage of threat intelligence concept.........6
Task 3...............................................................................................................................................8
Assess cyber security frameworks for protection of systems from threat..............................8
Task 4.............................................................................................................................................10
Identification of distinct objects that are present in active directory for managing user account.
..............................................................................................................................................10
Task 5.............................................................................................................................................12
Describe code of conduct that is required by IT professionals............................................12
Conclusion.....................................................................................................................................14
References......................................................................................................................................15
Document Page
Introduction
Protecting data and computer system from unauthorised usage, theft and harm is defined as
computer security. It implies a process that can be used for preventing as well as detecting
unauthenticated usage of system (Basta and CISSP, 2013). Generally, this denotes control that is
placed for furnishing availability, confidentiality along with integrity of computer systems. This
involves controlling physical access for securing system against any kind of harm that is carried
out by data, network access and code injection. To understand the concept of computer security
Utility firm is considered whose website is attacked through botnet which is used for conducting
DDoS attacks, forward spam and allow third person to have access to devices on a network. This
report contains computer security elements along with preventive measures, key issues,
frameworks as well as examine active directory for their users. The code of conduct required by
IT professionals while working in organisation will also be discussed.
Task 1
Analyse fundamentals of computer security and examples along with countermeasures.
Anything that leads to loss of physical damage or kind of corruption to hardware or
infrastructure is defined as computer system threat. The risk which harms organisation as well as
systems is referred to as security threat. It is being conducted by either physical or non-physical
attacks that leads intruder to gain unauthorised access (Boyle and Panko, 2014). On the other
hand, incident which creates modifications or physical alterations within computer system
implies physical threat. For an instance stealing and making modifications to data contained in
system. Non-physical threat involves corruption of data, illegal tracking of actions, security
breaches that are conducted on computer system. This denotes that there is a requirement for
securing computer systems from malicious attacks which may lead to hamper services furnished
by organisation. For thi sit is necessary to analyse critical elements that creates impact.
With reference to Utility Firm’s website, Botnet attack was made for carrying out DDoS
attack along with other activities that are destructive for firm. As per the present scenario, the
major threat is to systems which are connected with each other on a network; this makes them
more vulnerable to attacks (Carroll, 2014). In this context some attacks or threats have been
illustrated below:
Document Page
Malware: This is a malicious program, software or a file that is harmful for computer
users that are developed with intent of damaging, stealing and creating a mess. It is
circulated through distinct methods. There exist various kind of malware like GhOst,
Kovter, ZeuS, CoinMiner, Emotet and various others. For this third person utilises
malware by making use of physical or virtual means for affecting devices present on the
network (Conklin and et. al, 2015). For an example malicious programs can be shared
through USB drives and also on internet through drive-by download which are being
automatically downloaded without any kind of permission from system users. For this, it
is important that appropriate countermeasures must be taken by Utility Firm; this
involves usage of antivirus and anti-malware solution, e-mail spam filters and endpoint
security measures. In addition to this, experts need to make sure that patches and cyber
security are updated on regular intervals and accordingly employees can be trained so
that they do not get involved into these activities unintentionally. They need to ensure
that clicks are not made on suspicious emails as well as restrict application privileges.
Distributed denial-of-service attack: It is malicious attempt that creates an influence on
services or traffic present on network and targeted server by flooding traffic present on
the internet. DDoS attacks are being made by making use of different compromised
system like a source for traffic attack. DDoS attack is responsible for checking out
confines on application resources, web servers and network by sending impales of
counterfeit traffic (What is a DDoS Attack, 2019). For an example attacks like short
bursts related with malicious pursuit on systems endpoints such as search function. For
this, intruder utilises army of zombie devices like botnet. The rationale behind this is to
slow down systems for legitimate users. The countermeasures that can used by Utility
Firm is that they can utilise website application firewall that will assist in keeping website
away from any kind of malicious traffic. Furthermore, Sucuri firewall can be installed
within system that will block countries from making communication among websites in
which attacks are conducted. Along with this, traffic has to be tracked for analysing their
peaks.
Phishing & social engineering attacks: The deceitful attempts which are made towards
elicit responsive data that is attained by victims by carrying out certain types of activities
is defined as phishing (Fisch, White and Pooch, 2017). Within this, activities comprises

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
of gaining access to accounts, network, data and wire transfer. Phishing activities are
being conducted by making use of engineering tactics. It is attained by distinct forms
such as URL, domain spoofing, Evil twin, vishing, domain, etc. An example can be taken
for understanding this concept, near about $100 million is being lost by Google and
Facebook to cybercriminal in which phishing attacks were being spoofed by intruders.
Countermeasures for preventing it involves execution of training, emphasising on
phishing reporting, using random simulations, encryption, spam filters, reliable email
along with signing certificates (Gupta, Agrawal, and Yamaguchi, 2016).
Formjacking: This term is being used for description of making use of malicious
Javascript code for stealing details of credit cards as well as other data associated with
payment forms which are available with checkout web pages on electronic commerce
sites. When individuals makes use of e-commerce site as well as click on submit option
then malicious Javascript code will be injected by cyber criminals for collection of
information which has been entered such as card details, address and many others. This
data is gained by intruders for carrying out illegal activities (The Top 9 Cyber Security
Threats That Will Ruin Your Day, 2019). For an example, in 2018 such kind of attacks
were raised which lead near about 4800 websites to get comprised by it.
Countermeasures that can be used by Utility Firm website is that they can have
vulnerability scanning as well as penetration testing make use of sub-resource integrity
and tracking outbound traffic.
Man-in-the-middle-attack: It denotes that they are being inserted by attackers while
making two-party transactions. Like when two persons are interacting with each other but
third person taps their phone line and starts listening to conversation which takes place.
These attacks are conducted by cybercriminals who have installed malware on computers
or developed a fake wireless network (Manku and Vasanth, 2015). An instance can be
considered to comprehend it like certain group of Russia’s intelligence agent entered into
Organisation for Prohibition of Chemical Weapons (OPCW) by making use of Wi-Fi
panel antenna for attainment of data related with investigation. For dealing with this
attack, countermeasure which can be taken up by Utility Firm involves usage of
Document Page
TLS/SSL encryption protocols and outcomes achieved by this may not be precise but still
it will aid within securing systems.
Task 2
Recognise key computer security issues through usage of threat intelligence concept.
Preventative measures: The measures which are being taken by organisations for
protecting their systems from any kind of harm are referred to as preventive measures. With
referenced to Utility Firm, they are mentioned below:
Firewall: It is responsible for enforcing rules associated with data packets that assist to
enter or prevent into network (Peltier, 2016). They have to be integrated by Utility Firm
within distinct network devices for restricting as well as filtering traffic for reduction of
associated security risks from malicious packets.
Antivirus: It is liable for detecting and elimination of viruses from computer system and
secure them from malicious software such as spyware, botnets, ransomware, rootkits, and
keylogers
Antispyware: This is responsible for detection along with prevention from unwanted
installation of spyware program. It can be used by Utility Firm for identifying active
spywares present within their systems.
Identification of potential vulnerability: There exist wide ranges of tools which can be used
by Utility Firm for checking existing security state of network. It is responsible for examination
of open ports, unpatched software and various other aspects (Peltier, 2013). Software such as
ShadowScan or Microsoft Baseline Security Analyser can be used for detection of
vulnerabilities.
Identifying probable threats: The process of determination of risks that are present on
network, supplication or system is known as threat detection. This can be detected by Utility
Firm for making sure that their devices are not vulnerable to attacks (Pfleeger and Pfleeger,
2012). There are different ways by which it can be identified; few of them are shown beneath:
Document Page
Cloud access & security brokers technology: It will lead Utility Firm to determine
unauthorised access which is being made by intruders within cloud applications. It will
provide firm with adequate access patterns.
Network firewalls: They implies physical or virtual appliances which are responsible for
tracking traffic related with malicious activities by which firm can take appropriate
actions accordingly (Pieprzyk, Hardjono and Seberry, 2013). It is one of the most
significant methods which is utilised by Utility Firm for detecting and blocking threats in
network.
SIEMs: It implies security information management platform which is responsible fro
formulating correlation among interconnected threats and attacks. This renders holistic
view about complete chain of attacks and will connect different technologies for
detecting those.
Identifying Compromised Systems: For this¸ Utility Firm have to determine certain aspects
for identification of whether their devices are affected are not. These are shown below:
What is the outbound IP, URL destination and where traffic is moving?
Identify the network traffic and whether it behaves in a relevant way? Do there exist
unwanted protocol which is utilising network ports?
What occurs in DNS? Does Utility Firm is omitting some kind of security threats at low
level chatty protocol?
They are few questions which to be answered but there are many others that has to be
considered by Utility Firm for making sure that there systems are not compromised (Shim,
Qureshi and Siegel, 2013).
Managing Incidents against Cyber Threats: It denotes incident response that is structured
methodology and can be used for dealing with certain aspects of security like cyber threats,
breaches and incidents (Stallings and et. al, 2012). A well formulated plan can assist Utility Firm
within identification, reduction of damage along with minimisation of cost related with cyber
attacks. This is being done via:
Formulation of plan in advance in correspondence to ways to handle and prevention from
any kind of security incidents.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
It involves each aspect that ranges from making observation of possible attack elements,
identifying signs associated with attack as well as prioritising each.
Utilisation of Threat Intelligence Concept: The key concern associated with cyber security
comprises of attacks which are carried out via compromised IoT devices (like ransomware,
Botnets and DDoS), attacks against blockchain, cryptocurrencies, cloud security issues (spectre,
data loss, spectre & meltdown vulnerabilities and insecure APIs) (Tan, 2016). For making sure
that devices of Utility Firm are not vulnerable to attacks, threat intelligence can be utilised as it
involves data related with understanding of threats which target firm.
Task 3
Assess cyber security frameworks for protection of systems from threat.
The practices, technologies and processes which are formulated for protection of devices,
network, data and programs from certain type of unauthorised damage or access is defined as
cyber security threat. For making sure that systems are not vulnerable, Utility Firm can make use
of distinct frameworks according to their needs (Vacca, 2012). The approach which is being used
for protecting digital assets of organisation is referred to as cyber security framework. Some of
these are mentioned beneath:
US National Institute Of Standards & Technology (NIST) Cyber Security Framework:
It is proposed for protecting critical infrastructures like power plants as well as dams from
cyber attacks. But this can also be utilised by organisation which needs to have enhanced
security. It is responsible for illustrating activities that are required for attainment of unlike
outcomes in context of cyber security. The essential elements are illustrated below:
Functions: It is liable for outlining five critical assets that comprises of: detecting,
protecting, responding as well as recovering.
Categories: For the functions which have been illustrated above, there are certain
categories with reference to activities that are conducted. For an instance, to protect
devices from threats initial step is to update software, installation of antivirus and
antimalware programs along with appropriate access control policies.
Document Page
Subcategories: This denotes tasks and challenges associated with each category like for
implementation of software updates, it is crucial that automatic system and sofwtare
update has been turned on (Vorobiev and et. al, 2017).
Informative sources: This implies documents or manuals which furnish information
related with particular activities for their users in context of ways in which things can be
done. For an example individuals can have manuals in context of ways in which auto-
updates can be turned on or made.
The framework is responsible for authentication, identification, self assessment of cyber
security risks, management in context of supply chain as well openness to vulnerability (Basta
and CISSP, 2013). But it will not be easy for Utility Firm to carry out its execution as answer can
not be achieved like how well firm is doing with respect to cyber security.
ISO/IEC 27001: It is an international documented standard that is formulated for cyber
security. This is dependent on assumption which is made by organisation that they are already
making use of ISMS (Information Security Management System). It will allow Utility Firm for
managing data security risks in a systematic way by taking into account vulnerabilities along
with threats associated with same (Boyle and Panko, 2014). Apart from this, organisation is
responsible for designing and implementation of information Security (InfoSec) controls that are
coherent and comprehensive. Within this risks will be mitigated, PDCA cycle in this context for
Utility Firm is specified below:
Plan: It denotes formulation of ISMS as well as development of policies, objectives,
processes and processes which have to be considered for management of risk.
Do: This implies implementation of authentic working of ISMS that involves
execution of InfoSec policies, procedures and various other aspects.
Check: It comprises of having reviews and carrying out tracking of ISMS for
measurement of performance related with processes in context of policies and
objectives of Utility Firm.
Act: It is related with making updates and enhancement within ISMS (Information
Security Management System). Here, preventive and corrective actions will be taken
for carrying out review along with internal audit.
Document Page
ISO 2007 is liable for furnishing Utility Firm with facilities for understanding threats,
protecting against them, formulating technical agreements, skill enhancement, interoperability
along with avoiding risk associated with technological compatibilities in terms of efficiency as
well as contentment of users (Carroll, 2014). Along with this, there are some limitations which
have to be considered by Utility Firm such as IT budget for entire process may be costly which
requires expertise, time within applying it and making its use. Apart from this, appropriate
resources are required for furnishing awareness and training.
COBIT framework: Control objective for information and related technology is developed
for managing and IT governance. This can be used by Utility Firm like a supportive tool which
will bridge gap with control needs, business risks along with technical issues. It is responsible for
making sure that quality, control and reliability is attained in information (Conklin and et. al,
2015). This framework is responsible for developing plans, delivery, management, and
supporting, acquiring, implementing, monitoring and evaluating systems for attainment of
appropriate levels of security. It will lead Utility Firm to uphold security levels as well as make
sure that their devices are protected from threats.
Task 4
Identification of distinct objects that are present in active directory for managing user account.
Active directory refers to directory services which are formulated for Windows domain
network by Microsoft. This comprises of set of services and processes that involves distinct kind of
directories on the basis of identity related services. It is used for management of computers and other
devices which are present on network (Fisch, White and Pooch, 2017). This denotes primary
features of windows server and operating system which executes on both local servers and internet
based servers. Real world entities such as computers as well as users are represented as objects in
active directory where each has capability to contain other objects. Utility Firm is liable for
managing access to information and application that is speckled around internal and external
application system. The access has to be provided to enhanced number of entities that is present
inside as well as outside but it must be ensured that security is not compromised and sensitive
information is not exposed.
International management and access (IMF) implies an approach which is responsible for
management of complete spectrum of risks for attaining desired outcomes. The needs are evolving in
continuous way in context of access and identity. For an example, within Utility Firm admin

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
credentials have to be kept with them only so that anyone else cannot alter any kind of information.
Similar to this each employee within firm possess their credentials as well as access to some
information (Gupta, Agrawal, and Yamaguchi, 2016). Utility Firm can install active directory
through usage of certain steps, they have been specified beneath:
Server manager can be opened from task bar and now within dashboard, look for an option to
add roles and features.
The wizard is launched that enables to make modifications in window server instances.
Within option installation type screen (Manku and Vasanth, 2015). Now go for role or
feature based option and press on click next
Now, current server has to been chosen as a default then click on next. In screen present on
server roles, check box will be preferred for active directory domain services.
A message will be displayed on screen for installation of additional roles or features, services
to install domain services. This comprises of lightweight directory, federation, management
of rights, federation. Now press on add features for having some extra capabilities.
In select feature screen, click on check boxes that are present next to service feature AD DS
installation process and then clack next.
Review information which is present within AD DS tab then click on next. Moreover,
information will be reviewed to confirm the process of installing selections screen then click
on install.
Active directory groups can be used for collecting user, computer accounts and other groups in
manageable groups (Peltier, 2016). It simplifies administration and network maintenance. There are
two groups that can be used by Utility Firm for ensuring security of their devices as well as systems.
They are specified beneath:
Distribution group: They are being used by Utility Firm within their email applications in
which they can exchange servers to send email to collecting users. As they are not security
enabled, thus they are not listed in discretionary access control lists (DACLs).
Security groups: They are liable for furnishing effectual ways to assign access to resources
present in network. With respect to this, Utility Firm can allot user rights in active directory
that are assigned for identification of what can be done by members in domain scope. User
rights may be automatically assigned for few groups that are installed for assisting
administration in peculiar domain (Peltier, 2013). Furthermore, permissions have to be
assigned to secure groups in context of resources that can be accessed as per requirements.
Document Page
Creating unique password for admin account is critical step for making system secured from any
kind of threats. To ensure this, it is crucial for Utility Firm to modify default administrator account
name with exclusive one. Relevant security strategies have to be applied by which access to powers
can be limited. Furthermore, unique passwords must be used instead of dictionary words. For adding
groups or users window, certain steps can be used by admin within Utility Firm for making sure that
only authenticated individuals possess access to services (Pfleeger and Pfleeger, 2012). They are
mentioned below:
Make a click on add groups or users window and then enter names in dialogue box as well as
select domain users or groups.
It can be done by entering user or group name that is present in domain of system then clik
on name by which standard box will be opened which is selected.
Press on OK which will denote that domain users or groups are added which is done
manually for making sure its authenticity.
Task 5
Describe code of conduct that is required by IT professionals.
The principles or procedures associated with what is right and wrong morally is defined as
ethical consideration. A social aspect implies elements which are apprehensive in context of
communities, individuals, society and groups that are involved in intervention within economic
framework (Pieprzyk, Hardjono and Seberry, 2013). Legal consideration denotes substitute of
valuable assets or data that legally binds within certain contracts. All of them are related with
situations, trends and conflicts which exist in market in context of peculiar technology. An
example can be considered with respect to Utility Firm, when users fill up details in form then it
has to be kept confidential. But in case it is essential then by their (individuals) consent this can
shared. It is both ethically and legally appropriate that enables them to render their services
effectually. Some aspects have to be considered by Utility Firm, they are:
Privacy: The data of Utility Firm which is present on internet allow individuals to
acknowledge what is being delivered to them by peculiar firm. Furthermore each user
furnishes their details that are present in network. This is either on servers or network of
firm or may be on cloud. It may be secured but there is probability that unauthorised
Document Page
users have access to private accounts or emails (Shim, Qureshi and Siegel, 2013). For
this, employers track activities that are carried out by their employees.
Digital ownership: This assist data to move such as sending of an email involves
transmitting message. This leads to certain legal, ethical and social backlash. With
respect to this, questions such as digital realm can be build up by owner as information
can be directly copied and pasted. For this, it is critical to protect intellectual property
rights.
Data gathering: Each employee within firm knows the fact that there data is tracked
while they are on network. It can be acknowledged by taking example such as within US
legislation have been passed for watching activities of individuals for security concerns.
It is legally appropriate but in context of ethical and social aspects it is not apt (Stallings
and et. al, 2012). This can lead to debates like what data can be gathered from individuals
and how it is done. Furthermore, with reference to Utility Firm there has to be consent of
employees that they are being observed. In addition to this, whether they know reasons
behind why there information is monitored and for what it is needed. There exist various
questions which must be addressed by Utility Firm by which there employees will not be
engaged within illegal practices within working premises.
Security liabilities: Digital security cannot be attained easily as technology is rapidly
evolving by which hackers are also getting proficient by making use of vulnerabilities
that are present in system. Security system of digital networks is digitalised for protection
of crucial assets and information (Tan, 2016). This impelling security can be achieved by
intensified surveillance. All systems have various risks that leads to what kind of risks
can be accepted along with their impact that is created and what freedom will be
compromised. It denotes that Utility Firm have to ensure that they possess effectual
system so that they are maintained ethically.
Access costs: Net neutrality is a trendy concept which is a legislative issue that leads to
question related with access. Proponents needs that internet must be kept open and some
look forward to be tiered access to ensure that their activities are not observed. This leads
to ethical question related with digital exchange whether it is universally right or not
(Vacca, 2012). The cost related with access can hinder growth of business as well as
expression of users.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Conclusion
From above it can be concluded that, computer security implies process that is being used
for preventing and detecting unauthenticated usage of system. It is being utilised for securing
system from physical or non-physical attacks by which intruder can have unauthorised access.
For this preventive measures can be taken up by which it can be ensured that third person do not
get access to system. For making sure that system is not compromised firm can opt for threat
intelligence that involves information which can be used for addressing threats who are targeting
organisation. Activity directory is being used for management of computers and other devices
which are present on network. In addition to this, IT professionals have to consider social, legal
and ethical aspects associated with security.
Document Page
References
Books & Journals
Basta, A. and CISSP, C., 2013. Computer security and penetration testing. Cengage Learning.
Boyle, R.J. and Panko, R.R., 2014. Corporate computer security. Prentice Hall Press.
Carroll, J.M., 2014. Computer security. Butterworth-Heinemann.
Conklin, W.A. and et. al, 2015. Principles of computer security. McGraw-Hill Education Group.
Fisch, E. A., White, G. B. and Pooch, U.W., 2017. Computer system and network security. CRC
press.
Gupta, B., Agrawal, D.P. and Yamaguchi, S. eds., 2016. Handbook of research on modern
cryptographic solutions for computer and cyber security. IGI global.
Manku, S. and Vasanth, K., 2015. Blowfish encryption algorithm for information security. ARPN
journal of engineering and applied sciences, 10(10), pp.4717-4719.
Peltier, T. R., 2016. Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. Auerbach Publications.
Peltier, T.R., 2013. Information security fundamentals. CRC press.
Pfleeger, C.P. and Pfleeger, S.L., 2012. Analyzing computer security: a
threat/vulnerability/countermeasure approach. Prentice Hall Professional.
Pieprzyk, J., Hardjono, T. and Seberry, J., 2013. Fundamentals of computer security. Springer
Science & Business Media.
Shim, J., Qureshi, A.A. and Siegel, J.G., 2013. The International Handbook of Computer
Security. Routledge.
Stallings, W. and et. al, 2012. Computer security: principles and practice (pp. 978-0). Upper
Saddle River, NJ, USA: Pearson Education.
Tan, Y., 2016. Artificial immune system: applications in computer security. John Wiley & Sons.
Vacca, J.R., 2012. Computer and information security handbook. Newnes.
Vorobiev, E. G. and et. al, 2017, May. Analysis of computer security incidents using fuzzy logic.
In 2017 XX IEEE International Conference on Soft Computing and Measurements
(SCM) (pp. 369-371). IEEE.
Online
What is a DDoS Attack. 2019. [Online]. Available through: <https://sucuri.net/guides/what-is-a-
ddos-attack/>.
The Top 9 Cyber Security Threats That Will Ruin Your Day. 2019. [Online]. Available through:
<https://www.thesslstore.com/blog/the-top-9-cyber-security-threats-that-will-ruin-your-
day/>.
1 out of 15
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]