Threat Categories for Information Security: Prevention and Detection Techniques
VerifiedAdded on  2023/06/03
|13
|1796
|257
AI Summary
This article discusses various types of threats to information security and provides prevention and detection techniques. It covers accidental corruption, backup, encryption, theft, web security, viruses, and more.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: THREAT CATEGORIES
THREAT CATEGORIES
Name of the student:
Name of the university:
Author note:
THREAT CATEGORIES
Name of the student:
Name of the university:
Author note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1THREAT CATEGORIES
Threat
Category
Control Description Classification Type
Accidental
corruption
of
information
Security at
share-level
and file-
level
Permission to access files and
folders are restricted with the
help of permission button. Share
permissions are also required to
control user account (Jouini,
Rabai and Aissa 2014).
Physical Prevent
Backup
early and
backup
often
Information backup is conducted
regularly by using the wizard
mode that simplifies restoring
backups. The backup of
information is a much necessary
act that should be performed
effectively.
Physical and
Administrative
Prevent
EFS
encryption
Performance and security is
ensured by a combination of
symmetric and asymmetric
encryption
Product Prevent
Documents
password
protected
Individual documents are
protected by passwords that can
be opened only when the correct
password is provided. Each of
Physical Prevent and
detect
Threat
Category
Control Description Classification Type
Accidental
corruption
of
information
Security at
share-level
and file-
level
Permission to access files and
folders are restricted with the
help of permission button. Share
permissions are also required to
control user account (Jouini,
Rabai and Aissa 2014).
Physical Prevent
Backup
early and
backup
often
Information backup is conducted
regularly by using the wizard
mode that simplifies restoring
backups. The backup of
information is a much necessary
act that should be performed
effectively.
Physical and
Administrative
Prevent
EFS
encryption
Performance and security is
ensured by a combination of
symmetric and asymmetric
encryption
Product Prevent
Documents
password
protected
Individual documents are
protected by passwords that can
be opened only when the correct
password is provided. Each of
Physical Prevent and
detect
2THREAT CATEGORIES
the documents within the
computing systems should be
protected by use of passwords in
order to secure them from
unauthorized users.
Public key
infrastructur
e (PKI)
Data that is shared with someone
is protected by using public key
infrastructure
Product Prevent and
detect
IP security Sniffer software is used to detect
data that is being sent by hacker
Product Prevent
Appropriate
managemen
t for control
Rights Management Service can
be used to control data
corruption
Administrative Prevent
Threat
Category
Control Description Classification Type
Loss of
intellectual
property
Maintain
Confidential
ity
Important information is kept
confidential by making
nondisclosure agreements.
Administrative Prevent
Intellectual
Property
Audits
Regular audits will help in
ensuring security of intellectual
property (May, C., 2015)
Administrative Prevent
Keeping Evolving knowledge base is Physical Prevent
the documents within the
computing systems should be
protected by use of passwords in
order to secure them from
unauthorized users.
Public key
infrastructur
e (PKI)
Data that is shared with someone
is protected by using public key
infrastructure
Product Prevent and
detect
IP security Sniffer software is used to detect
data that is being sent by hacker
Product Prevent
Appropriate
managemen
t for control
Rights Management Service can
be used to control data
corruption
Administrative Prevent
Threat
Category
Control Description Classification Type
Loss of
intellectual
property
Maintain
Confidential
ity
Important information is kept
confidential by making
nondisclosure agreements.
Administrative Prevent
Intellectual
Property
Audits
Regular audits will help in
ensuring security of intellectual
property (May, C., 2015)
Administrative Prevent
Keeping Evolving knowledge base is Physical Prevent
3THREAT CATEGORIES
records protected
Threat
Category
Control Description Classification Type
Software
Piracy
Software
policy
Sets rules for acquiring a software Administrative Prevent
Anti-
piracy
statement
Employees sign anti-piracy
statement before joining a
company (Andrés and Asongu
2013). Compensation is provided
if software piracy occurs
Administrative Compensate
and prevent
Software
inventories
Details of intellectual property
should be recorded and
unannounced audits should be
performed
Physical Prevent
Software
licenses
renew
Renewal of software license is
done once the license expired
Product Prevent and
detect
Threat
Category
Control Description Classification Type
Theft of
information
Securing
sensitive
Sensitive data is kept in servers
with strong security such that
Product Prevent
and
records protected
Threat
Category
Control Description Classification Type
Software
Piracy
Software
policy
Sets rules for acquiring a software Administrative Prevent
Anti-
piracy
statement
Employees sign anti-piracy
statement before joining a
company (Andrés and Asongu
2013). Compensation is provided
if software piracy occurs
Administrative Compensate
and prevent
Software
inventories
Details of intellectual property
should be recorded and
unannounced audits should be
performed
Physical Prevent
Software
licenses
renew
Renewal of software license is
done once the license expired
Product Prevent and
detect
Threat
Category
Control Description Classification Type
Theft of
information
Securing
sensitive
Sensitive data is kept in servers
with strong security such that
Product Prevent
and
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4THREAT CATEGORIES
(hacker) data hackers cannot access them.
Sensitive data includes employee
information, financial data and
other confidential information
(Ienca and Haselager 2016)
detect
Data
Encryption
In-built encryption of some
software application and operating
system
Product Prevent
Updating
operating
system and
software
Anti-virus and other software
should be updated as soon as new
updates are released
Product Prevent
and
detect
Protection
by use of
strong
password
Passwords are used to protect
sensitive data
Product Prevent
and
detect
Threat
Category
Control Description Classification Type
Theft of
information
(employee)
Train
employees
Employees should be given training
about security policies of a
company so that they understand
ethical issues of the organization
Physical Prevent
(hacker) data hackers cannot access them.
Sensitive data includes employee
information, financial data and
other confidential information
(Ienca and Haselager 2016)
detect
Data
Encryption
In-built encryption of some
software application and operating
system
Product Prevent
Updating
operating
system and
software
Anti-virus and other software
should be updated as soon as new
updates are released
Product Prevent
and
detect
Protection
by use of
strong
password
Passwords are used to protect
sensitive data
Product Prevent
and
detect
Threat
Category
Control Description Classification Type
Theft of
information
(employee)
Train
employees
Employees should be given training
about security policies of a
company so that they understand
ethical issues of the organization
Physical Prevent
5THREAT CATEGORIES
Secure
data
Information should be protected
with the use of antiviruses and anti-
malwares
Product Prevent
and
detect
Securing
of
Connection
Different protocols should be used
such as TLS/SSL in order to secure
the sensitive data of employees
(Pierce, Snow and McAfee 2015)
Product and
Physical
Detect
and
Prevent
Data
should be
stored on
an
alternative
platform
before they
would be
discarded
Different data should be stored on
an alternative platform. The older
hard drives, USB flash devices and
memory cards should be physically
destroyed before they would be
discarded.
Physical Prevent
Threat
Category
Control Description Classification Type
Web site
defacement
Use of
Security
Tools
There should be an implementation
of a proper form of monitoring tool
within the use of websites. They
would thus be able to secure the
Product Detect
and
Prevent
Secure
data
Information should be protected
with the use of antiviruses and anti-
malwares
Product Prevent
and
detect
Securing
of
Connection
Different protocols should be used
such as TLS/SSL in order to secure
the sensitive data of employees
(Pierce, Snow and McAfee 2015)
Product and
Physical
Detect
and
Prevent
Data
should be
stored on
an
alternative
platform
before they
would be
discarded
Different data should be stored on
an alternative platform. The older
hard drives, USB flash devices and
memory cards should be physically
destroyed before they would be
discarded.
Physical Prevent
Threat
Category
Control Description Classification Type
Web site
defacement
Use of
Security
Tools
There should be an implementation
of a proper form of monitoring tool
within the use of websites. They
would thus be able to secure the
Product Detect
and
Prevent
6THREAT CATEGORIES
network connections and vital data.
They would also be able to provide
various forms of backups based on
physical devices or on the cloud
platform. This would also ensure
quality of performance.
WebOrion
Tool
This is a form of monitoring service
that would be able to offer visual
changes, content and monitoring of
the integration of the website
(Borgolte, Kruegel and Vigna 2015).
Product Detect
and
prevent
IPVTec
Tool
This is another form of monitoring
tool that helps in the detection of the
conditions where there would be
defacement of a particular website.
Product Detect
Wachete
Tool
This kind of the web detection tool
helps in the monitoring of the
concerned website within a time span
of every 24 hours.
Product Detect
and
Prevent
Visual
Ping
This is one of the technique that
would be able to monitor a particular
are within the concerned website.
Product Prevent
network connections and vital data.
They would also be able to provide
various forms of backups based on
physical devices or on the cloud
platform. This would also ensure
quality of performance.
WebOrion
Tool
This is a form of monitoring service
that would be able to offer visual
changes, content and monitoring of
the integration of the website
(Borgolte, Kruegel and Vigna 2015).
Product Detect
and
prevent
IPVTec
Tool
This is another form of monitoring
tool that helps in the detection of the
conditions where there would be
defacement of a particular website.
Product Detect
Wachete
Tool
This kind of the web detection tool
helps in the monitoring of the
concerned website within a time span
of every 24 hours.
Product Detect
and
Prevent
Visual
Ping
This is one of the technique that
would be able to monitor a particular
are within the concerned website.
Product Prevent
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7THREAT CATEGORIES
Threat
Category
Control Description Classification Type
Theft of
equipment
Use of Spy
Camera or
Web
Cameras
In the recent times, there have been
major forms of advancements in the
field of technology. The use of web
cameras would be of a major help
for the detection of the different
kinds of thefts.
Product Detect
and
Prevent
Track of
records of
every
equipment
Keeping a track of the records of
every kinds of equipment would
help in the identification of
equipment and would the prevent
the items from getting swapped and
wiped out (Clarin et al. 2014)
Physical Detect
and
Prevent
Attachment
of theft
indicator
The theft equipment would be able
to send out an alarm in such
situations when an unauthorized
access would be noticed.
Physical Detect
and
prevent
Threat
Category
Control Description Classification Type
Viruses,
worms,
Firewalls The IP address should have a filter
that would be able to detect any
Product Detect
and
Threat
Category
Control Description Classification Type
Theft of
equipment
Use of Spy
Camera or
Web
Cameras
In the recent times, there have been
major forms of advancements in the
field of technology. The use of web
cameras would be of a major help
for the detection of the different
kinds of thefts.
Product Detect
and
Prevent
Track of
records of
every
equipment
Keeping a track of the records of
every kinds of equipment would
help in the identification of
equipment and would the prevent
the items from getting swapped and
wiped out (Clarin et al. 2014)
Physical Detect
and
Prevent
Attachment
of theft
indicator
The theft equipment would be able
to send out an alarm in such
situations when an unauthorized
access would be noticed.
Physical Detect
and
prevent
Threat
Category
Control Description Classification Type
Viruses,
worms,
Firewalls The IP address should have a filter
that would be able to detect any
Product Detect
and
8THREAT CATEGORIES
Trojan
horses
form of unauthorized intrusion
within the network. They would thus
be able to restrict the access of
worms, Trojan horses and viruses
prevent
Antivirus
software
They would be able detect and form
of malware attacks that might get
installed within the system.
Product Prevent
Intrusion
systems
Different forms of intrusion systems
would be able to make use of
signature database based on the
identification of different kinds of
alerts based on incoming threats
(Conklin et al., 2015).
Product Detect
Web
Application
Firewall
These kinds of firewall have the
potential for detecting the
application layer attacks. They
would also help in reducing the
attacks.
Product Detect
and
prevent
Threat
Category
Control Description Classification Type
Elevation of
privilege
Environmen
t Checks
They would detect the operating
systems platform and thus would
Product Detect
Trojan
horses
form of unauthorized intrusion
within the network. They would thus
be able to restrict the access of
worms, Trojan horses and viruses
prevent
Antivirus
software
They would be able detect and form
of malware attacks that might get
installed within the system.
Product Prevent
Intrusion
systems
Different forms of intrusion systems
would be able to make use of
signature database based on the
identification of different kinds of
alerts based on incoming threats
(Conklin et al., 2015).
Product Detect
Web
Application
Firewall
These kinds of firewall have the
potential for detecting the
application layer attacks. They
would also help in reducing the
attacks.
Product Detect
and
prevent
Threat
Category
Control Description Classification Type
Elevation of
privilege
Environmen
t Checks
They would detect the operating
systems platform and thus would
Product Detect
9THREAT CATEGORIES
perform security patches within the
OSs (Kapravelos et al. 2013).
Decrypter The code that would be encrypted
would be decrypted with the aid of
the detector.
Prevent Detect
and
prevent
API
Resolver
These API resolver would be able
to determine the working of the
code and also understand the
position-independent codes (Aafer,
Du and Yin 2013).
Product Detect
and
prevent
EoP exploit
DLL
After the primary form of
environmental checking process
has been conducted, the routine
based on exploitation would be
able to prevent the corruption of
the memory of the computer. They
would also be able to privilege the
execution of the codes.
Threat
Category
Control Description Classification Type
Fire/Flood Use of fire
and flood
Different kinds of techniques
based on flood and fire should be
Physical and
Administrative
Prevent and
Compensate
perform security patches within the
OSs (Kapravelos et al. 2013).
Decrypter The code that would be encrypted
would be decrypted with the aid of
the detector.
Prevent Detect
and
prevent
API
Resolver
These API resolver would be able
to determine the working of the
code and also understand the
position-independent codes (Aafer,
Du and Yin 2013).
Product Detect
and
prevent
EoP exploit
DLL
After the primary form of
environmental checking process
has been conducted, the routine
based on exploitation would be
able to prevent the corruption of
the memory of the computer. They
would also be able to privilege the
execution of the codes.
Threat
Category
Control Description Classification Type
Fire/Flood Use of fire
and flood
Different kinds of techniques
based on flood and fire should be
Physical and
Administrative
Prevent and
Compensate
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10THREAT CATEGORIES
resistant
techniques
properly used for prevention of
such kinds of attacks. There
should be an efficient of the fire
resistant techniques such as the
use of fire extinguishers and
other safety equipment within
each industry. This would help in
the prevention of the information
systems from getting prone to
attacks.
Ensuring a
safe place
for
organisation
Each organisation should be built
on a place where there would be
safety of work (Itradat et al.
2014). Safety is a much needed
concept within organisations,
which should be acquired by
them in order to secure the
information.
Physical and
Administrative
Prevent and
compensate
resistant
techniques
properly used for prevention of
such kinds of attacks. There
should be an efficient of the fire
resistant techniques such as the
use of fire extinguishers and
other safety equipment within
each industry. This would help in
the prevention of the information
systems from getting prone to
attacks.
Ensuring a
safe place
for
organisation
Each organisation should be built
on a place where there would be
safety of work (Itradat et al.
2014). Safety is a much needed
concept within organisations,
which should be acquired by
them in order to secure the
information.
Physical and
Administrative
Prevent and
compensate
11THREAT CATEGORIES
References
Aafer, Y., Du, W. and Yin, H., 2013, September. Droidapiminer: Mining api-level features for
robust malware detection in android. In International conference on security and privacy in
communication systems (pp. 86-103). Springer, Cham.
Andrés, A.R. and Asongu, S.A., 2013. Global dynamic timelines for IPRs harmonization against
software piracy (No. 01/2013). Development Research Working Paper Series.
Clarin, B.M., Bitzilekis, E., Siemers, B.M. and Goerlitz, H.R., 2014. Personal messages reduce
vandalism and theft of unattended scientific equipment. Methods in ecology and evolution, 5(2),
pp.125-131.
Conklin, W.A., White, G., Cothren, C., Davis, R. and Williams, D., 2015. Principles of
computer security. McGraw-Hill Education Group.
Ienca, M. and Haselager, P., 2016. Hacking the brain: brain–computer interfacing technology
and the ethics of neurosecurity. Ethics and Information Technology, 18(2), pp.117-129.
Itradat, A., Sultan, S., Al-Junaidi, M., Qaffaf, R., Mashal, F. and Daas, F., 2014. Developing an
ISO27001 Information Security Management System for an Educational Institute: Hashemite
University as a Case Study. Jordan Journal of Mechanical & Industrial Engineering, 8(2).
Jouini, M., Rabai, L.B.A. and Aissa, A.B., 2014. Classification of security threats in information
systems. Procedia Computer Science, 32, pp.489-496.
Kapravelos, A., Shoshitaishvili, Y., Cova, M., Kruegel, C. and Vigna, G., 2013, August.
Revolver: An Automated Approach to the Detection of Evasive Web-based Malware.
In USENIX Security Symposium (pp. 637-652).
References
Aafer, Y., Du, W. and Yin, H., 2013, September. Droidapiminer: Mining api-level features for
robust malware detection in android. In International conference on security and privacy in
communication systems (pp. 86-103). Springer, Cham.
Andrés, A.R. and Asongu, S.A., 2013. Global dynamic timelines for IPRs harmonization against
software piracy (No. 01/2013). Development Research Working Paper Series.
Clarin, B.M., Bitzilekis, E., Siemers, B.M. and Goerlitz, H.R., 2014. Personal messages reduce
vandalism and theft of unattended scientific equipment. Methods in ecology and evolution, 5(2),
pp.125-131.
Conklin, W.A., White, G., Cothren, C., Davis, R. and Williams, D., 2015. Principles of
computer security. McGraw-Hill Education Group.
Ienca, M. and Haselager, P., 2016. Hacking the brain: brain–computer interfacing technology
and the ethics of neurosecurity. Ethics and Information Technology, 18(2), pp.117-129.
Itradat, A., Sultan, S., Al-Junaidi, M., Qaffaf, R., Mashal, F. and Daas, F., 2014. Developing an
ISO27001 Information Security Management System for an Educational Institute: Hashemite
University as a Case Study. Jordan Journal of Mechanical & Industrial Engineering, 8(2).
Jouini, M., Rabai, L.B.A. and Aissa, A.B., 2014. Classification of security threats in information
systems. Procedia Computer Science, 32, pp.489-496.
Kapravelos, A., Shoshitaishvili, Y., Cova, M., Kruegel, C. and Vigna, G., 2013, August.
Revolver: An Automated Approach to the Detection of Evasive Web-based Malware.
In USENIX Security Symposium (pp. 637-652).
12THREAT CATEGORIES
May, C., 2015. The global political economy of intellectual property rights: The new enclosures.
Routledge.
Pierce, L., Snow, D.C. and McAfee, A., 2015. Cleaning house: The impact of information
technology monitoring on employee theft and productivity. Management Science, 61(10),
pp.2299-2319.
May, C., 2015. The global political economy of intellectual property rights: The new enclosures.
Routledge.
Pierce, L., Snow, D.C. and McAfee, A., 2015. Cleaning house: The impact of information
technology monitoring on employee theft and productivity. Management Science, 61(10),
pp.2299-2319.
1 out of 13
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.