PART B

• TITLE OF THE PROJECT:- Risks Related To Computer

Security And Preventive Measures

❖ BRIEF DESCRIPTION: -

• Although the phrases safety threat, safety event, and safety

incident are related, in the global cybersecurity those information
safety threats have different meanings.
• A security risk is a malicious act that targets to corrupt or scouse
borrow information or disrupt an organization's systems or the
entire organization.
• A security event refers to an incident during which employer
information or its network may also have been exposed.
• And an occasion that affects the information or network breach is
a security incident.
• As cybersecurity threats retain to evolve and come to be greater
sophisticated, enterprise IT has to continue to be vigilant when it
comes to defensive their data and networks.
• To do that, they first should recognize the forms of security
threats they may be up against.
 ❖ AIM OF MICRO PROJECT:
The micro-project aims to :-

• Nowadays due to various threats designing security in an

organization is an important consideration.

• It is essential to understand basic security principles, multiple

threats to security, and techniques to address these threats.

• We will be able to recognize potential threats to confidentiality,

integrity, and availability and implement various computer
security policies.

• This project will introduce basic cryptographic techniques,

fundamentals of computer/network security, Risks faced by
computers and networks, operating system security, secure
System design principles, and network security principles.

• Also, it will create awareness about the IT ACT and different

Cyber laws.

❖ COURSE OUTCOME INTEGRATED:

Course outcomes achieved are :-

• Identify risks related to Computer security and Information

hazard in various situations.

▪ Identify Risks related to Computer and Networks.

 ❖ ACTUAL PROCEDURE FOLLOWED:

• GROUP FORMATION: - The Details of Micro Project Was

Discussed. A Group Of 5 Members Was Formed and Group
Leaders Were Selected. The Schedules of Plan “A”,” B” &
“Presentation” Were Finalized. The Various Micro-Project
Topics Related to Subject Were Discussed Our Guide Gave Us
the Opportunity to Select the Topic of Our Choice.

• FINALIZATION OF MICRO-PROJECT: - We Selected the

Topic for Micro-Project. We Discussed About the Topic with
Our Guide Regarding the Concept Which We Were Going to
Apply in The Project. We Individually Tried to Explain the
Basic Platform of Project.

• PLANNING: - After Finalization of The Project We Started

Working on the project. We Started the Planning Phase. We
Discussed Among Ourselves Regarding the Resources
Required to complete the project In This Week We Completed
‘Part A Plan’ Of the Micro-Project Which Is Nothing but An
Initial Description About The project. We Submitted It to The
Guide.

• SUBMISSION: - We Submitted Our Project Along With ‘Part A

& Part B’ To the Guide. We Submitted Soft Copy Too.
 ❖ Resources Used: -

Sr Name of
No Resources Specification Quantity Remarks
Required

Processor-
Intel
Hard Disk-1
Hardware
1 Computer Tb 1 Used
Ram-16 GB
Operating
System-
Windows 10

Microsoft Software
2 Version 2110 1
word Used
 ❖ OUTPUTS OF MIRCROPROJECT

✓ Risks Related to Computer Security And Preventive

Measures

❖ INTRODUCTION:-

• Although the phrases safety threat, safety event, and safety

incident are related, in the global cybersecurity those information
safety threats have different meanings.
• A security event refers to an incident during which employer
information or its network may also have been exposed.
• And an occasion that affects the information or network breach is
a security incident.
• As cybersecurity threats retain to evolve and come to be greater
sophisticated, enterprise IT has to continue to be vigilant when it
comes to defensive their data and networks.
• To do that, they first should recognize the forms of security
threats they may be up against.

1. Insider Threats :-

• An insider threat happens when people near an organization

who have authorized access to its network deliberately or
accidentally misuse that access to negatively have an effect on
the organization's important data or systems.
• Careless personnel who do not follow their organizations'
business regulations and rules cause insider threats.
• For example, they'll inadvertently e-mail client data to outside
parties, click on phishing hyperlinks in emails or share their
login records with others.

• Contractors, business companions, and third-party companies

are the supply of different insider threats.

• Some insiders intentionally pass security measures out of

convenience or ill-taken into consideration trying to become
extra productive.

• Malicious insiders intentionally elude cybersecurity protocols to

delete information, thieve data to sell or take advantage of later,
disrupt operations, or in any other case harm the business.

➢ Preventing Insider Threats:-

• Restricts employees' access to most effective the precise assets

they want to do their jobs.

• Teach new personnel and contractors on safety awareness earlier

than letting them access the network.

• Installation contractors and other freelancers with transient

accounts that expire on particular dates, inclusive of the dates at
the end of their contract;

• Enforce two-factor authentication, which calls for every user to

offer a 2D piece of figuring out information further to a password.
2. Viruses and worms :-

• Viruses and worms are malicious software programs (malware)

geared toward destroying an organization's systems, information,
and network.
• A PC virus is a malicious code that replicates by copying itself to
every other program, system or host file.
• A PC bug is a self-replicating software that does not should copy
itself to a host program or require human interaction to spread.
• Its principal function is to contaminate different computers even
as closing lively to the infected system.
• Worms frequently spread the use of parts of a working system
that might be automated and invisible to the user.
• Once a bug enters a system, it right now starts replicating itself,
infecting computer systems and networks that are not
competently protected.

➢ Preventing Viruses And Worms :-

• To decrease the chance of those types of data protection threats

caused by viruses or worms, companies need to set up antivirus
and antimalware software on all their systems and networked
devices and preserve that software program as much as date.
• In addition, organizations need to teach users not to download
attachments or click on hyperlinks in emails from unknown
senders and to avoid downloading free software programs from
untrusted websites.
• Users must additionally be very careful after they use P2P file-
sharing services and that they should not click on advertisements,
especially advertisements from unusual manufacturers and
websites.
3. Botnets :-

• A botnet is a collection of Internet-related devices, inclusive of

PCs, mobile devices, servers, and IoT devices which are inflamed
and remotely managed through a common form of malware.
• Typically, the botnet malware searches for susceptible devices
throughout the internet.
• The aim of the threat actor developing a botnet is to contaminate
as many related devices as possible, using the computing strength
and resources of these devices for automatic duties that normally
continue to be hidden from the customers of the gadgets.
• The hazard actors often cybercriminals that control those botnets
use them to send e-mail spam, interact in click-on fraud
campaigns and generate malicious traffic for disbursed denial-of-
service attacks.

➢ Preventing Botnets :-

• Monitor network overall performance and activity to locate any

abnormal network behavior.
• Keep the running system as much as date.
• Keep all software programs updated and set up any essential
security patches.
• Teach users not to interact in any activity that places them at risk
of bot infections or other malware.
• In addition, maximum firewalls and antivirus software
encompass simple gear to detect, save you and remove botnets.
4. Ransomware :-

• In a ransomware attack, the sufferer's computer is locked, usually

by encryption, which maintains the victim from the use of the
device or information that's saved on it.
• To regain access to the device or information, the sufferer has to
pay the hacker a ransom, usually in a virtual currency which
includes Bitcoin.
• Ransomware may be spread through malicious email
attachments, inflamed software program apps, infected outside
storage devices, and compromised websites.

➢ Preventing Ransomware :-

• To guard against ransomware attacks, users must often return up

their computing devices and update all software, which includes
antivirus software.
• Users must keep away from clicking on hyperlinks in emails or
starting email attachments from unknown sources.
• Victims must do the entirety possible to keep away from paying
the ransom.
• Organizations must additionally couple a traditional firewall that
blocks unauthorized access to computer systems or networks.
• In addition, restrict the information a cybercriminal can access by
segregating the network into distinct zones, every of which calls
for different credentials.
5. Malvertising :-

• Malvertising is a way cybercriminals use to inject malicious code

into valid online marketing and marketing networks and web
pages.
• This code usually redirects users to malicious websites or installs
malware on their computer systems or cell devices.
• Users' machines can also additionally get inflamed although they
do not click something to begin the download.
• Cybercriminals can also additionally use malvertising to install
quite a few moneymaking malware, such as crypto-mining
scripts, ransomware, and banking Trojans.
• Some of the websites of famous companies, inclusive of Spotify,
The New York Times, and the London Stock Exchange, have
inadvertently displayed malicious ads, placing users at risk.

➢ Preventing Malvertising :-

• To prevent malvertising, ad networks have to add validation; this

reduces the probability a user will be compromised.
• Validation should include Vetting potential clients by requiring
prison business paperwork; two-factor authentication; scanning
potential advertisements for malicious content earlier than
publishing an ad, or probably converting Flash advertisements to
animated gifs or different forms of content.
 ❖ REFERENCES

We Do Have Used A Few References During the Process of

Building Our Project. The References Used Are from Websites.

▪ The References Used Are:

----------WEBSITES----------

1. www.tutorialspoint.com

2. www.Wikipedia.com

3. www.google.com

----------Books----------
1. Shital. M. Mate (2017). Network and Information
Security (2nd ed.). Pearson.

2. Mrunal. R. Patangre (2023). Network and Information

Security (6th ed.). Pearson.
❖ Skills Developed/Learning Outcomes Of The
Microproject:-

• Research skills: The ability to collect, analyze, and interpret data

from various sources.
• Time management: The ability to organize and prioritize tasks to
meet project deadlines.
• Teamwork: The ability to work collaboratively with others to
gather information and conduct the survey.
• Communication skills: The ability to communicate the findings of
the risks effectively of different computers and networks.