Cyber Security: Scams, Browser Security, Malware Prevention, DoS Attacks, Hacking Tools and Cryptography Methods
VerifiedAdded on 2023/06/11
|12
|2636
|382
AI Summary
This article covers various aspects of cyber security such as scams, browser security, malware prevention, DoS attacks, hacking tools and cryptography methods. It provides insights on how to secure your network and prevent cyber attacks. The article is relevant for students studying computer science, cyber security or related courses in universities and colleges.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: CYBER SECURITY
Cyber Security
[Name of the Student]
[Name of the University]
[Author note]
Cyber Security
[Name of the Student]
[Name of the University]
[Author note]
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1CYBER SECURITY
Question 1:
A. Top internet scams:
Some of the scams conducted over the internet mainly includes the following:
Phishing email scams: It has been seen almost more than one-third of the security
incidents has taken place due to the phishing emails or malicious attachments. This type
of attack has been faced by company employee and by individuals as well. This type of
scam has continued to evolve and this acts as a significant online threat for both the users
as well as organizations where the malicious attacker gains access of the various sensitive
information.
The Nigerian Scam: This can be considered as one of the oldest and the most popular
scam which is mostly used by a member of a Nigerian family by making use of the
wealth to trick various peoples. This type of attack is also known as the Nigerian 419.
This type of scam mainly involves the sending of an emotional letter, email, text message
or social networking message which generally comes from the scammer who is asking
for help in order to retrieve a lot of money from the bank and by paying a little amount of
initial small fees for the paper and for the legal matters. It is generally promised by the
scammer that they would provide huge amount of money if someone helps them.
Greeting cards scam: It has been seen that we receive greeting cards via email in different
occasions which seems to be coming from a friend or from someone we care about. This
is also one of the oldest scam which is generally used by the malicious attackers to inject
malware which would followed by the harvesting of the valuable data of the user.
Question 1:
A. Top internet scams:
Some of the scams conducted over the internet mainly includes the following:
Phishing email scams: It has been seen almost more than one-third of the security
incidents has taken place due to the phishing emails or malicious attachments. This type
of attack has been faced by company employee and by individuals as well. This type of
scam has continued to evolve and this acts as a significant online threat for both the users
as well as organizations where the malicious attacker gains access of the various sensitive
information.
The Nigerian Scam: This can be considered as one of the oldest and the most popular
scam which is mostly used by a member of a Nigerian family by making use of the
wealth to trick various peoples. This type of attack is also known as the Nigerian 419.
This type of scam mainly involves the sending of an emotional letter, email, text message
or social networking message which generally comes from the scammer who is asking
for help in order to retrieve a lot of money from the bank and by paying a little amount of
initial small fees for the paper and for the legal matters. It is generally promised by the
scammer that they would provide huge amount of money if someone helps them.
Greeting cards scam: It has been seen that we receive greeting cards via email in different
occasions which seems to be coming from a friend or from someone we care about. This
is also one of the oldest scam which is generally used by the malicious attackers to inject
malware which would followed by the harvesting of the valuable data of the user.
2CYBER SECURITY
B. Mozilla Firefox v3.6 Browser:
Some ways of securing the browser has been listed below:
Anti-Malware: Firefox is associated with providing protection against various kind of
viruses, worms, Trojan horses and spyware which are generally delivered over the Web.
In case if an user computer is accidentally falla in front of an attack site, then it would be
instantly associated with warning the user and would also provide the information why it
isn’t safe to use.
Anti-Virus Software: Firefox has the capability of getting easily integrated with your
antivirus software used in the Windows. When a file is being downloaded by making use
of this browser then the antivirus program would be associated with automatically
checking the file in order to protect the computer from any kind oft viruses and other
malware.
Private Browsing: This browser also provides the facility of private browsing which
helps in securing the browsing history. It is very easy to use this mode. This modes is
greatly suited for doing online banking on a computer which is being shared or while
checking email in an Internet café.
Customized Security Settings: This browser is associated with Controlling the different
levels of scrutiny for the various kind of site along with providing a enter exception.
Besides this the browser also consists of Customize settings related to the loading images,
passwords, cookies and installing add-ons in order to have a fully empowered Web
experience.
B. Mozilla Firefox v3.6 Browser:
Some ways of securing the browser has been listed below:
Anti-Malware: Firefox is associated with providing protection against various kind of
viruses, worms, Trojan horses and spyware which are generally delivered over the Web.
In case if an user computer is accidentally falla in front of an attack site, then it would be
instantly associated with warning the user and would also provide the information why it
isn’t safe to use.
Anti-Virus Software: Firefox has the capability of getting easily integrated with your
antivirus software used in the Windows. When a file is being downloaded by making use
of this browser then the antivirus program would be associated with automatically
checking the file in order to protect the computer from any kind oft viruses and other
malware.
Private Browsing: This browser also provides the facility of private browsing which
helps in securing the browsing history. It is very easy to use this mode. This modes is
greatly suited for doing online banking on a computer which is being shared or while
checking email in an Internet café.
Customized Security Settings: This browser is associated with Controlling the different
levels of scrutiny for the various kind of site along with providing a enter exception.
Besides this the browser also consists of Customize settings related to the loading images,
passwords, cookies and installing add-ons in order to have a fully empowered Web
experience.
3CYBER SECURITY
Question 2:
A. The different kind of virus, malware and spyware mainly includes the following along
with the ways how they can be prevented:
Adware: This is a type of malware that is associated with delivering advertisements and
the most common example includes the pop-up ads on the website along with the
advertisements which are displayed by the software. Many times it has been seen that the
software and the applications are associated with providing of free versions of the
software which are generally coming as bundles along with the malware. A great amount
of adware is sponsored or authored by the advertisers or by the servers which acts as a
revenue generating tool.
Bot; this can be considered as a software program which are generally created for the
purpose of performing specific operations automatically. Despite of this it has been seen
that many bots are there which has been created for relatively harmless purposes and the
increased amount of bot is being used in today’s world. This bots can be used in the
botnets which is generally used for attacks like DDoS attacks and other malicious attacks.
This happens mainly due to the reason that the spambots are associated with rendering
the advertisements present on the website this is one of the example of this type of virus.
Bug: Bug can be considered as a flaw that is associated with producing an undesired
outcome. These type of flaws are generally happening due to the human error and the
typically existing in the source code or the compilers in a program. The bugs which are
minor in size are associated with affecting slightly on the behavior of the program
whereas the result can go for a long period unless and until they are discovered. The bugs
which are significant might be leading to crashing or freezing of the system.
Question 2:
A. The different kind of virus, malware and spyware mainly includes the following along
with the ways how they can be prevented:
Adware: This is a type of malware that is associated with delivering advertisements and
the most common example includes the pop-up ads on the website along with the
advertisements which are displayed by the software. Many times it has been seen that the
software and the applications are associated with providing of free versions of the
software which are generally coming as bundles along with the malware. A great amount
of adware is sponsored or authored by the advertisers or by the servers which acts as a
revenue generating tool.
Bot; this can be considered as a software program which are generally created for the
purpose of performing specific operations automatically. Despite of this it has been seen
that many bots are there which has been created for relatively harmless purposes and the
increased amount of bot is being used in today’s world. This bots can be used in the
botnets which is generally used for attacks like DDoS attacks and other malicious attacks.
This happens mainly due to the reason that the spambots are associated with rendering
the advertisements present on the website this is one of the example of this type of virus.
Bug: Bug can be considered as a flaw that is associated with producing an undesired
outcome. These type of flaws are generally happening due to the human error and the
typically existing in the source code or the compilers in a program. The bugs which are
minor in size are associated with affecting slightly on the behavior of the program
whereas the result can go for a long period unless and until they are discovered. The bugs
which are significant might be leading to crashing or freezing of the system.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4CYBER SECURITY
Malware can be prevented from creating problem by following certain steps which mainly
includes the below listed ways:
Suspicious E-mail attachments should not be opened: one of the major source of malware
comes whenever a user opens a suspicious attachments that comes with the emails. The
major way of eliminating this by deleting the spam emails as soon as they come to our
inbox. The cyber criminals are associated with designing the emails in order to make
them look like an email from a reputable source but if we look at it properly then the
flaws can be detected. In case when there arises a feeling of suspicion then the email
must be first scanned with the anti-virus software. Suspicious emails should not be
opened unless and until it is made sure that they are not harmful.
Use of complex passwords: Use of strong passwords can prevent the hackers and
cybercriminals from hacking the system which would in turn make them incapable of
injecting any kind of malware to the system.
Stop running of untrusted programs: Whenever a user browses the web various pop-up
messages arrive on the screen and would be associated with asking the user to run a
program. The message might be showing download certain software or open an
attachment. So the best way of stopping this is by running programs which are known
and where it is coming from and what it actually is. Antivirus software should also be
used in order to ensure the intent and the safety of eth computer. The consequences might
be very harmful if the programs are accepted blindly.
Regular scanning of the systems by making use of anti-virus software: All the system
should be regularly scanned by making use of anti-virus software. This would help in
Malware can be prevented from creating problem by following certain steps which mainly
includes the below listed ways:
Suspicious E-mail attachments should not be opened: one of the major source of malware
comes whenever a user opens a suspicious attachments that comes with the emails. The
major way of eliminating this by deleting the spam emails as soon as they come to our
inbox. The cyber criminals are associated with designing the emails in order to make
them look like an email from a reputable source but if we look at it properly then the
flaws can be detected. In case when there arises a feeling of suspicion then the email
must be first scanned with the anti-virus software. Suspicious emails should not be
opened unless and until it is made sure that they are not harmful.
Use of complex passwords: Use of strong passwords can prevent the hackers and
cybercriminals from hacking the system which would in turn make them incapable of
injecting any kind of malware to the system.
Stop running of untrusted programs: Whenever a user browses the web various pop-up
messages arrive on the screen and would be associated with asking the user to run a
program. The message might be showing download certain software or open an
attachment. So the best way of stopping this is by running programs which are known
and where it is coming from and what it actually is. Antivirus software should also be
used in order to ensure the intent and the safety of eth computer. The consequences might
be very harmful if the programs are accepted blindly.
Regular scanning of the systems by making use of anti-virus software: All the system
should be regularly scanned by making use of anti-virus software. This would help in
5CYBER SECURITY
detection of any kind of malware and would also be associated with blocking and
deleting of the malwares and viruses.
Question 3:
A. DoS or Deial of service: Denial of service can be considered as an attack which is a
security event that generally occurs when the attackers are associated with taking actions
in order to prevent the authorized user from getting access to the computer that has been
targeted. This type of attacks are generally associated with flooding the servers systems
or networks by the various kind of unwanted traffic in order to overwhelm the resources
of the victim along with making it difficult for the authorized users to use them, this type
of attack can be often dealt with by simply rebooting the system but the flooding attacks
can be difficult be recover.
A number of strategies has been put forward by the experts in order to deal with this and
this starts with the preparation of an incident response plan. Whenever an suspicion is
detected then the organizations should be immediately contacting the ISP or the Internet
Service Provider for the purpose of determining if there exists any kind of DoS attack or
not. In case if there is DoS attack then the ISP can easily mitigate it by rerouting or by
throttling the malicious traffics and by using the load balances in order to reduce the
effects that an attack is having.
B. Figure for securing the network:
detection of any kind of malware and would also be associated with blocking and
deleting of the malwares and viruses.
Question 3:
A. DoS or Deial of service: Denial of service can be considered as an attack which is a
security event that generally occurs when the attackers are associated with taking actions
in order to prevent the authorized user from getting access to the computer that has been
targeted. This type of attacks are generally associated with flooding the servers systems
or networks by the various kind of unwanted traffic in order to overwhelm the resources
of the victim along with making it difficult for the authorized users to use them, this type
of attack can be often dealt with by simply rebooting the system but the flooding attacks
can be difficult be recover.
A number of strategies has been put forward by the experts in order to deal with this and
this starts with the preparation of an incident response plan. Whenever an suspicion is
detected then the organizations should be immediately contacting the ISP or the Internet
Service Provider for the purpose of determining if there exists any kind of DoS attack or
not. In case if there is DoS attack then the ISP can easily mitigate it by rerouting or by
throttling the malicious traffics and by using the load balances in order to reduce the
effects that an attack is having.
B. Figure for securing the network:
6CYBER SECURITY
Fig: Architecture for securing the Network
Question 4:
A. The different kind of hacking tools mainly includes the following:
Nmap: Nmap or the Network mapper is a free source utility which is generally
used for the purpose of exploring a network along with being use for security
auditing. This has been designed for the purpose of scanning the large
network at a rapid rate. Despite of this it works fine most against a single host.
This is associated with the usage of the Raw IP packets in novel ways for the
purpose of determining the hosts that are available in the network along with
the services that are offered by the hosts and the OS and many more. This
works in almost every computers but still there exists console as well as
graphical version of this.
Nessus Remote Security Scanner: This generally works with the clint-server
framework. This is one of the most popular vulnerable scanner which is used
by almost 75000 organization all across the globe. By using this many of the
Fig: Architecture for securing the Network
Question 4:
A. The different kind of hacking tools mainly includes the following:
Nmap: Nmap or the Network mapper is a free source utility which is generally
used for the purpose of exploring a network along with being use for security
auditing. This has been designed for the purpose of scanning the large
network at a rapid rate. Despite of this it works fine most against a single host.
This is associated with the usage of the Raw IP packets in novel ways for the
purpose of determining the hosts that are available in the network along with
the services that are offered by the hosts and the OS and many more. This
works in almost every computers but still there exists console as well as
graphical version of this.
Nessus Remote Security Scanner: This generally works with the clint-server
framework. This is one of the most popular vulnerable scanner which is used
by almost 75000 organization all across the globe. By using this many of the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7CYBER SECURITY
organizations has realized a significant cost saving while auditing the
business-critical enterprise devices as well as applications.
John the Ripper: This is a tool which is associated with faster password
cracking and is available in various versions. The main purpose of using this
tool is for the purpose of detecting the weak Unix password.
Nikto: This is an Open source web server which is associated with performing
comprehensive test against other web servers for multiple items which almost
includes around more than 3200 potentially dangerous files. This also versions
of over 625 servers along with the existence of version specified problems on
over 230 servers. This is capable of scanning items as well as plugins which
are frequently updated and can be automatically updated. This can be
considered to be a good CGI scanner besides this there also exists certain
other tools that are well compatible with this tool, Nikto.
B. There exists three types of cryptography methods for the purpose of securing the
network and this mainly includes the following:
Symmetric Cryptography: This method mainly includes the enciphering and
deciphering keys which ate generally identical or er simply related to each
other which means it is easy to derive one from the other. Both this keys are to
be kept as secrets and in case if any one of them is compromised the securing
the network is totally impossible. The exchange of keys is done between the
users. The distribution of the keys created problems which is generally solved
by the asymmetric systems.
organizations has realized a significant cost saving while auditing the
business-critical enterprise devices as well as applications.
John the Ripper: This is a tool which is associated with faster password
cracking and is available in various versions. The main purpose of using this
tool is for the purpose of detecting the weak Unix password.
Nikto: This is an Open source web server which is associated with performing
comprehensive test against other web servers for multiple items which almost
includes around more than 3200 potentially dangerous files. This also versions
of over 625 servers along with the existence of version specified problems on
over 230 servers. This is capable of scanning items as well as plugins which
are frequently updated and can be automatically updated. This can be
considered to be a good CGI scanner besides this there also exists certain
other tools that are well compatible with this tool, Nikto.
B. There exists three types of cryptography methods for the purpose of securing the
network and this mainly includes the following:
Symmetric Cryptography: This method mainly includes the enciphering and
deciphering keys which ate generally identical or er simply related to each
other which means it is easy to derive one from the other. Both this keys are to
be kept as secrets and in case if any one of them is compromised the securing
the network is totally impossible. The exchange of keys is done between the
users. The distribution of the keys created problems which is generally solved
by the asymmetric systems.
8CYBER SECURITY
Asymmetric Cryptography: there exists several practical problems related to
the generation, distribution and protection of the large number of keys. A type
of cipher was proposed which uses two different keys: one key used for
enciphering can be made public, while the other, used for deciphering, is kept
secret. The two keys are generated such that it is computationally infeasible to
find the secret key from the public key.
C. The best cryptographic method that is suggested for the purpose of securing the
computer is the Asymmetric cryptography. This is would be best choice as it
eliminated the problems faced by the symmetric cryptography method.
Asymmetric Cryptography: there exists several practical problems related to
the generation, distribution and protection of the large number of keys. A type
of cipher was proposed which uses two different keys: one key used for
enciphering can be made public, while the other, used for deciphering, is kept
secret. The two keys are generated such that it is computationally infeasible to
find the secret key from the public key.
C. The best cryptographic method that is suggested for the purpose of securing the
computer is the Asymmetric cryptography. This is would be best choice as it
eliminated the problems faced by the symmetric cryptography method.
9CYBER SECURITY
Bibliography:
Al Ameen, M., Liu, J., & Kwak, K. (2012). Security and privacy issues in wireless sensor
networks for healthcare applications. Journal of medical systems, 36(1), 93-101.
Cohen, G., Meiseles, M., & Reshef, E. (2012). U.S. Patent No. 8,099,760. Washington, DC: U.S.
Patent and Trademark Office.
Fire, M., Goldschmidt, R., & Elovici, Y. (2014). Online social networks: threats and solutions.
IEEE Communications Surveys & Tutorials, 16(4), 2019-2036.
Fragkiadakis, A. G., Tragos, E. Z., & Askoxylakis, I. G. (2013). A survey on security threats and
detection techniques in cognitive radio networks. IEEE Communications Surveys &
Tutorials, 15(1), 428-445.
Grochocki, D., Huh, J. H., Berthier, R., Bobba, R., Sanders, W. H., Cárdenas, A. A., & Jetcheva,
J. G. (2012, November). AMI threats, intrusion detection requirements and deployment
recommendations. In Smart Grid Communications (SmartGridComm), 2012 IEEE Third
International Conference on (pp. 395-400). IEEE.
Javaid, A. Y., Sun, W., Devabhaktuni, V. K., & Alam, M. (2012, November). Cyber security
threat analysis and modeling of an unmanned aerial vehicle system. In Homeland
Security (HST), 2012 IEEE Conference on Technologies for (pp. 585-590). IEEE.
Kahate, A. (2013). Cryptography and network security. Tata McGraw-Hill Education.
Modi, C., Patel, D., Borisaniya, B., Patel, A., & Rajarajan, M. (2013). A survey on security
issues and solutions at different layers of Cloud computing. The journal of
supercomputing, 63(2), 561-592.
Pathan, A. S. K. (Ed.). (2016). Security of self-organizing networks: MANET, WSN, WMN,
VANET. CRC press.
Bibliography:
Al Ameen, M., Liu, J., & Kwak, K. (2012). Security and privacy issues in wireless sensor
networks for healthcare applications. Journal of medical systems, 36(1), 93-101.
Cohen, G., Meiseles, M., & Reshef, E. (2012). U.S. Patent No. 8,099,760. Washington, DC: U.S.
Patent and Trademark Office.
Fire, M., Goldschmidt, R., & Elovici, Y. (2014). Online social networks: threats and solutions.
IEEE Communications Surveys & Tutorials, 16(4), 2019-2036.
Fragkiadakis, A. G., Tragos, E. Z., & Askoxylakis, I. G. (2013). A survey on security threats and
detection techniques in cognitive radio networks. IEEE Communications Surveys &
Tutorials, 15(1), 428-445.
Grochocki, D., Huh, J. H., Berthier, R., Bobba, R., Sanders, W. H., Cárdenas, A. A., & Jetcheva,
J. G. (2012, November). AMI threats, intrusion detection requirements and deployment
recommendations. In Smart Grid Communications (SmartGridComm), 2012 IEEE Third
International Conference on (pp. 395-400). IEEE.
Javaid, A. Y., Sun, W., Devabhaktuni, V. K., & Alam, M. (2012, November). Cyber security
threat analysis and modeling of an unmanned aerial vehicle system. In Homeland
Security (HST), 2012 IEEE Conference on Technologies for (pp. 585-590). IEEE.
Kahate, A. (2013). Cryptography and network security. Tata McGraw-Hill Education.
Modi, C., Patel, D., Borisaniya, B., Patel, A., & Rajarajan, M. (2013). A survey on security
issues and solutions at different layers of Cloud computing. The journal of
supercomputing, 63(2), 561-592.
Pathan, A. S. K. (Ed.). (2016). Security of self-organizing networks: MANET, WSN, WMN,
VANET. CRC press.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10CYBER SECURITY
Perlman, R., Kaufman, C., & Speciner, M. (2016). Network security: private communication in a
public world. Pearson Education India.
Shostack, A. (2014). Threat modeling: Designing for security. John Wiley & Sons.
Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Kaâniche, M., & Laarouchi, Y. (2013, June).
Survey on security threats and protection mechanisms in embedded automotive networks.
In Dependable Systems and Networks Workshop (DSN-W), 2013 43rd Annual IEEE/IFIP
Conference on (pp. 1-12). IEEE.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security.
computers & security, 38, 97-102.
Perlman, R., Kaufman, C., & Speciner, M. (2016). Network security: private communication in a
public world. Pearson Education India.
Shostack, A. (2014). Threat modeling: Designing for security. John Wiley & Sons.
Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Kaâniche, M., & Laarouchi, Y. (2013, June).
Survey on security threats and protection mechanisms in embedded automotive networks.
In Dependable Systems and Networks Workshop (DSN-W), 2013 43rd Annual IEEE/IFIP
Conference on (pp. 1-12). IEEE.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security.
computers & security, 38, 97-102.
11CYBER SECURITY
D.
D.
1 out of 12
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.