Computer Security: Elements, Issues, and Frameworks
Added on 2023-01-18
15 Pages5037 Words1 Views
Web Development
|
|
|
Computer Security
Table of Contents
Introduction......................................................................................................................................3
Task 1...............................................................................................................................................4
Assess elements of computer security along with instances for providing countermeasures.....4
Task 2...............................................................................................................................................6
Acknowledge key computer security issues by making use of threat intelligence concept........6
Task 3...............................................................................................................................................6
Evaluate cyber security frameworks for protecting computers from threat................................6
Task 4...............................................................................................................................................7
Identify distinct objects which are present within active directory for management of user
account........................................................................................................................................7
Task 5...............................................................................................................................................7
Explicate code of conduct which is needed for IT professionals................................................7
Conclusion.......................................................................................................................................7
References........................................................................................................................................7
Introduction......................................................................................................................................3
Task 1...............................................................................................................................................4
Assess elements of computer security along with instances for providing countermeasures.....4
Task 2...............................................................................................................................................6
Acknowledge key computer security issues by making use of threat intelligence concept........6
Task 3...............................................................................................................................................6
Evaluate cyber security frameworks for protecting computers from threat................................6
Task 4...............................................................................................................................................7
Identify distinct objects which are present within active directory for management of user
account........................................................................................................................................7
Task 5...............................................................................................................................................7
Explicate code of conduct which is needed for IT professionals................................................7
Conclusion.......................................................................................................................................7
References........................................................................................................................................7
Introduction
Protection of information as well as computer system from any kind of theft,
unauthorised usage and harm is referred to as computer security. This is process which can be
utilised for prevention along with detection of unauthenticated use of system (Conklin and et. al,
2015). Basically, it implies controls which are placed for rendering integrity, availability and
confidentiality for computer system. It comprises of controlling physical access to hardware,
securing against harm which is done by code injection, data and network access. This report is
based on utility company's website which is attacked via a botnet. It is being utilised for carrying
out DDoS attacks, send spam as well as allow intruder for having access to devices along with
connection. This report comprises of elements of computer security, key issues, frameworks and
investigate active directory for users. Furthermore, code of conduct needed for IT professionals
will be illustrated.
Task 1
Assess elements of computer security along with instances for providing countermeasures.
Anything which leads to any kind of corruption or loss of physical damage or data to
infrastructure or hardware is referred to as computer system threat. The risk that is liable for
harming the organisation along with systems is defined as as security threat (Fisch, White and
Pooch, 2017). This can be carried by physical or non-physical attacks through which intruder get
access to any kind of unauthorised access. Incident which leads to physical or loss alteration to
computer system is referred to as physical threat. For an example stealing data contained within
the system. Non-physical threats comprises of corrupting data, security breaches, illegal tracking
of actions that are being carried on computer system, and various others.
In context of utility company's website, the botnet attack is being carried out which is
being utilised for performing DDoS attack and various other activities which are harmful of
organisation. At present scenario, it has it is one of biggest threat towards security systems as this
comprises of systems which are interconnected in a coordinated manner for carrying out
malicious activities. The threats have been provided below along with countermeasures which
can be taken by organisation:
Distributed denial-of-servicee attack: It denotes a malicious attempt which creates an
impact on normal traffic of a network or service, targetted server by overwhelming target
Protection of information as well as computer system from any kind of theft,
unauthorised usage and harm is referred to as computer security. This is process which can be
utilised for prevention along with detection of unauthenticated use of system (Conklin and et. al,
2015). Basically, it implies controls which are placed for rendering integrity, availability and
confidentiality for computer system. It comprises of controlling physical access to hardware,
securing against harm which is done by code injection, data and network access. This report is
based on utility company's website which is attacked via a botnet. It is being utilised for carrying
out DDoS attacks, send spam as well as allow intruder for having access to devices along with
connection. This report comprises of elements of computer security, key issues, frameworks and
investigate active directory for users. Furthermore, code of conduct needed for IT professionals
will be illustrated.
Task 1
Assess elements of computer security along with instances for providing countermeasures.
Anything which leads to any kind of corruption or loss of physical damage or data to
infrastructure or hardware is referred to as computer system threat. The risk that is liable for
harming the organisation along with systems is defined as as security threat (Fisch, White and
Pooch, 2017). This can be carried by physical or non-physical attacks through which intruder get
access to any kind of unauthorised access. Incident which leads to physical or loss alteration to
computer system is referred to as physical threat. For an example stealing data contained within
the system. Non-physical threats comprises of corrupting data, security breaches, illegal tracking
of actions that are being carried on computer system, and various others.
In context of utility company's website, the botnet attack is being carried out which is
being utilised for performing DDoS attack and various other activities which are harmful of
organisation. At present scenario, it has it is one of biggest threat towards security systems as this
comprises of systems which are interconnected in a coordinated manner for carrying out
malicious activities. The threats have been provided below along with countermeasures which
can be taken by organisation:
Distributed denial-of-servicee attack: It denotes a malicious attempt which creates an
impact on normal traffic of a network or service, targetted server by overwhelming target
by flooding internet traffic. DDoS attacks are effectively attained through utilisation of
various compromised systems as a source for traffic attack. DDoS attack is liable for
testing the limits on network, application resources and web server by sending spikes of
counterfeit traffic (What is a DDoS Attack, 2019). Some attacks which may be built
includes short bursts associated with malicious pursuit on endpoints like search functions.
They are making use of army of zombie devices such as botnet. The goals is to slow it
down an disable it for legitimate users. Firms can opt for making use of website
application firewall which will aid them within keeping website away from malicious
traffic. Along with this, Sucuri firewall can be used, which will block the countries from
interacting with their website where maximum attacks are being carried out. Furthermore,
traffic must be monitored to analyse its peaks. The goal of DDoS is to syn flood through
which site becomes unresponsiveness, DNS amplification which will enable them to have
access within the websites with IP spoofing and black hole routing.
Malware: It is a file, malicious software or program which is harmful for users of
computer which is formulated with an intention of stealing, damaging as well as creating
mess. This is being circulated via different delivery methods. There are distinct types of
malware, they are: Emotet, ZeuS, GhOst, CoinMiner, Kovter and many others. Intruders
make use of Malware through variety virtual and physical means for spreading it by
infecting network and devices (Peltier, 2016). An example can be taken to understand
this like malicious programs are being delivered by USB drive or spread on internet via
drive-by download that are downloaded automatically without permission from user's.
The countermeasures that can be taken by utility firms include making use of anti-
malware and antivirus solutions, endpoint security measures and email spam filters.
Along with this, experts need to ensure that patches as well as cyber security updates are
updated and needs employee for undergoing continuous training to ensure that employees
do not get engaged with any kind of suspicious emails and limit application privileges.
They involves viruses, worms, spyware, trojan horse, rootkit and ransomware. Each have
different role in way to access the information in an unethical manner. Along with this,
there exist keyloggers through which activities of individuals can be monitored.
Phishing & social engineering attacks: The fraudulent attempts toward elicit sensitive
information which is attained from victim for performing some kinds of activities is
various compromised systems as a source for traffic attack. DDoS attack is liable for
testing the limits on network, application resources and web server by sending spikes of
counterfeit traffic (What is a DDoS Attack, 2019). Some attacks which may be built
includes short bursts associated with malicious pursuit on endpoints like search functions.
They are making use of army of zombie devices such as botnet. The goals is to slow it
down an disable it for legitimate users. Firms can opt for making use of website
application firewall which will aid them within keeping website away from malicious
traffic. Along with this, Sucuri firewall can be used, which will block the countries from
interacting with their website where maximum attacks are being carried out. Furthermore,
traffic must be monitored to analyse its peaks. The goal of DDoS is to syn flood through
which site becomes unresponsiveness, DNS amplification which will enable them to have
access within the websites with IP spoofing and black hole routing.
Malware: It is a file, malicious software or program which is harmful for users of
computer which is formulated with an intention of stealing, damaging as well as creating
mess. This is being circulated via different delivery methods. There are distinct types of
malware, they are: Emotet, ZeuS, GhOst, CoinMiner, Kovter and many others. Intruders
make use of Malware through variety virtual and physical means for spreading it by
infecting network and devices (Peltier, 2016). An example can be taken to understand
this like malicious programs are being delivered by USB drive or spread on internet via
drive-by download that are downloaded automatically without permission from user's.
The countermeasures that can be taken by utility firms include making use of anti-
malware and antivirus solutions, endpoint security measures and email spam filters.
Along with this, experts need to ensure that patches as well as cyber security updates are
updated and needs employee for undergoing continuous training to ensure that employees
do not get engaged with any kind of suspicious emails and limit application privileges.
They involves viruses, worms, spyware, trojan horse, rootkit and ransomware. Each have
different role in way to access the information in an unethical manner. Along with this,
there exist keyloggers through which activities of individuals can be monitored.
Phishing & social engineering attacks: The fraudulent attempts toward elicit sensitive
information which is attained from victim for performing some kinds of activities is
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Computer Security: Fundamentals, Examples, and Countermeasureslg...
|15
|5240
|98
IT Security: Types of Risks, Organizational Procedures, Impact of Firewall Configuration, Implementation of DMZ, Static IP and NATlg...
|18
|1181
|61
Computer Security: DDoS Attackslg...
|11
|2444
|233
Networking: Malicious Attacks, Social Engineering, Information Security Risks, Network Auditing, and Risk Assessment Managementlg...
|10
|3587
|73
Computer Security: Protecting Systems and Informationlg...
|15
|5076
|58
(PDF) Study of Botnets and their threats to Internet Securitylg...
|8
|1126
|478