*NETWORK AND INFORMATION

SECURITY*
1.DEFINITION OF SECURITY

“computer security” deals with the prevention and detection

of unauthorized actions by users of a computer system .

2.NEED OF SECURITY

- The public is becoming dependent on computer and network ,

so they are also interested in the security of these same computers
and networks.

- As a result of this increased attention by the public, several new

terms have encryption, and firewalls are now frequently seen in
mainstream news publications and have found their way into
casual conversations.

- With more use of computers and network on daily basic to

conduct everything like making purchases etc ensuring that
computers and networks are secure has become of paramount
importance.

- Medical information , financial information and data relating to

the type of purchases are stored in a computer system. So this
information remains private to the general public, and it is one of
jobs of security to help with the protection of our privacy.

- Computer and network security is essential to function effectively

and safely in today’s highly automated world.

3.ASSSETS

- The world risk that circumstances in which an organization’s

information system is confront with a threat and vulnerability
converting.

1
- All function of system can be known as an asymmetric threat
environment. Condition are likely to be different for every situation
and every organization. How the security challenges evolve is
directly related to the organization’s infrastructure, reality and
settings. Preparing for unexpected risk is the key of security
assurance.

There are two fundamental types of risk analyses : quantitative

and qualitative.

1.QUANTIATIVE RISK ANALYSIS

-A process for assigning a numeric value to the probability of loss based

on known risks, on financial value of the assets and on probability of
threats. It is used to determine potential direct and indirect costs to the
company based on values assigned to company assets and their
exposure to risk.

2.QUALITAIVE RISK ANALYSIS

- Itis a collaborative process of assigning relative values to assets,

assessing their risk exposure, and estimating the cost of controlling the
risk analysis in that it utilizer relative measures and approximate costs
rather than precise valuation and cost determination.

4.VIRUSES

-A virus is code or program that attaches itself to another code or

program which causes damage to the computer system or to the
network.
4.1 PHASE OF VIRUSES (LIFE CYCLE OF VIRUSES )

1DORMANT PHASE : The virus is idle and eventually activated by some

event.

2PROPAGATION PHASE: The virus places an identical copy of itself into

other programs or into certain system areas on the disk.

3TRIGGERING PHASE: The virus is activated to perform the function for

which it was intended.

4EXECUTION PHASE : The function is perfomed.

2
Dormant Propagation Triggering Execution
Phase of virus

5.WORMS

-A worm is a special type of virus that can replicate and use memory,
but cannot attach itself to other program.

DIFFERENCE BETWEEN WORM AND VIRUS

Virus
A virus is a piece of code that
attach itself to legitimate
program.
Virus modifies the code.
It dose not replicate itself.
Virus is a destructive in nature.
Virus may need a trigger for
execution.
worm
A worm is a malicious program
that spread automatically.
Worm does not modify the code.
It replicate itself.
Worm is non destructive in nature.
Worm does not need any trigger.

6.ATTACKS

Attack is a path or way by which hacker can gain to computer system

without your knowledge.

TYPES OF ATTACKS

1. Active attack
2. Passive attack

1. ACTIVE ATTACKS

In active attack, the content of the original message are modified in

some way. These attacks cannot be prevented easily.

Types of active attacks

1. Interruption
2. Modification
3. Fabrication

3
 2. PASSIVE ATTACKS

Passive attacks are those, where attacker aims to obtain information

that is in transit. In passive attacks, attacker does not involve any
modification to the contents of original message. So, the passive
attacks are hard to detect.

Types of passive attacks

1. Release of message contents

2. Traffic analysis

7. DENIAL OF SERVICE (DOS)

- Denial of service (DOS) attacks is a types of attack which can exploit

a known vulnerability in a specific application or operating system, or
may attacks features or weaknesses in particular protocols or services.

- By this attack, the attacker is attempting to deny authorized users

access to specific information or to the computer or network system or
network itself.

- The aim of this attacks can be simply prevent access to the target
system, or the attack can be used in combination with other actions in
order to a computer or network.

- OS attacks are conducted using a single attacking system.

8. SNIFFING

- A sniffer is an application that can capture network packets. Sniffers

are also know as network protocol analyzers.

- objective of sniffing is to steal:

*Password

*Email text

*File in transfer

- A network sniffer is software or hardware device that is used to

observe traffic as; it passes through a network on shared broadcast
media.

4
9. OPERATING SYSTEM UPDATES

HOTFIX

- Normal this is a term given to a small software update designed

to address a particular problem like buffer overflow in an
application that system to attacks.
- Hotfix are typically developed in reaction to a discovered
problem; they are produced and than released rather quickly.

PATCH

- This term is generally applied to a more formal, larger software

update that may software problems.
- Patches often contain improvements or additional capabilities
and fixed for known bugs. Patches are usually developed over a
longer period of time.

SERVICE PACK

- Usually this is given to a large collection of patches and hotfix that

are rolled into a single, rather large package.
- Service packs are designed to bring a system up to the latest
known, good level all at once, rather than requiring the user or
system administrator to download several of updates separately.

10. CRITERIA FOR INFORMATION CLASSIFICATION

Following are the criteria used to classification of information.

1. Value : it is the common criteria of information classification.

When the information is more valuable for organization then that
information should be classified.
2. Age : age states that classification of information might be
lowered if the information’s value decreases over time.
3. Useful life: useful life states that if the information has been made
out-of-date due to new information or any other reasons than
that information can regularly be declassified.
4. Personal association: the information which is personally
associated with particular individual or it is addressed by a
privacy law then such information should be classified.

5
11. BASICS PRINCIPAL OF INFORMATION SECURITY

1. Confidentiality : confidentiality measures are designed to

prevent unauthorized disclosure of information. The purpose
of the confidentiality principal is to keep personal
information private and to ensure that it is visible and
accessible only to those individuals who own it or need it to
perform their organizational function.
2. Integrity: consistency includes protection against
unauthorized changes to data. The principle of integrity
ensure that date is not accurate and reliable and is not
modified incorrectly, whether accidentally or maliciously.
3. Availability: availability is the protection of a system ability to
make software system and dada fully available when a user
needs it. The purpose of availability is to make the
technology infrastructure, the applications and the data
available when they are needed for an organization’s
customers.

12. USER NAME AND PASSWORD

- When user logged on to a computer, he performs two tasks :

* Identification: enter username and password.

*Authentication: prove that you are who claim to be.

- After entering username and password, the computer will compare

this input against the entries stored in password file.

- Login is successful if username and password is valid and if wrong then

login is fail.

- Many system count the fail login attempt and prevent or deny next
attempt when threshold has been reached.

- Now a day, many computer system use identification and

authentication through username and password as first step of
protection.

13. PASSWORD ATTACKS

*PIGGYBACKING

6
- Piggybacking is the simple approach of following closely behind a
person who has just used own access card or pin to gain physical
access to a room or building.

- In this way an attacker can gain access to the facility without knowing
the access card. E.g. access of wireless internet connection by
bringing one’s own computer within range of another’s wireless
connection and using that without subscriber’s explicit permission.

*SHOULDER SURFING

-Shoulder surfing is a similar procedure, where an attackers position

themselves in such a way that he is able to observe the authorized user
entering the correct access code.

-This attack is by direct observation techniques, like looking over some

one when he is entering a pin or password etc.

-Both of this attack can be easily countered by using simple procedures

to ensure no body follows you to closely or is in a position to observe
your actions.

14. TYPES OF BIOMETRIC

• Fingerprint
• Hand print
• Retina
• Voice/speech patterns
• Signature and writing patterns
• Keystrokes

*FINGERPRINT

- A fingerprint is the pattern of ridges and furrow on the surface of the

fingertip and it is unique across the entire human population.

- Fingerprint involves a finger size identification sensor with a very low

cost biometric chip.

- Automated fingerprint recognition and matching system extract a

number of features from the fingerprint for storage as a numerical
substitute for the full fingerprint pattern.

7
- This is the best option for most used of biometric verification and it is a
specially attached to specific computer and network assets.

*VOICE/SPEECH PATTERNS

- This types of verification using speech/voice is uniquely interesting

because no specialization recording device required.

- Voiceprint verification is completely a part of the algorithms and

analysis software. This mechanism can be able to use for phone-based
applications such as voice response systems and time card entre.

- The use of voice verification will increases the possibility to protect

remote date reporting application and hence will be more convenient
in the criminal justice and healthcare industries.

15.DEFINITION

- Access is the ability of a subject to interact with an object.

Authentication, deles with verifying the identity of a subject.

- Access control is the ability to specify, to control and to the host

systems or application in term availability, integrity and confidentiality.

16.AUTHENTICATION MECHANISM

- Authentication mechanism is used to prove the identity of the user.

- User authentication is performed during the log on process when user

submits a username and password.

- The job of authentication mechanisms is to make sure that only valid

user are admitted.

• Something-you-know
• Something-you-have
• Something-about-you

17.AUTHENTICATION AND AUTHORIZATION

o Authentication: verification that the credentials of user or other

system entity are valid.
o Authorization: the granting of a permission to a system entity to
access a system entity to access a system resource. This function
determines who is trusted for a given purpose.
8
18. POLICIES-DCA,MAC

1.Discretionary access control (DCA)

- Discretionary access control are “a means of restricting access to

objects based on the identity of subjects and/or groups to which they
belong.”

- It control the access based on the identity of the requester and on

access rules stating what requester are or are not allowed to do.

- The control are discretionary in the sense that a subject with certain
access permission is capable of passing that permission indirectly on
the any other subject.

- If the system is having discretionary access control then, the owner of

an object can decide with other subjects may have access to the
object and what specific access they may have.

2.Mandatory access control (MAC)

- Mandatory polices decide access on the basic of subject and object

in the system. Each user and each object in the assigned a security
level.

- Generally, this system is used in environments where different levels of

security classification are there and is much more restrictive of what a
user is allowed to do.

-Definition for mandatory access control is “a means of restricting

access to object based on the sensitivity of the information contained
in the objects and the formal authorization of subjects to access
information of such sensitivity”.

- In MAC, it is the job of operating system not a job of owner/ subject to

decide which access is to be granted to another subject.

19. PLAINTEXT

- The plaintext is also known as clear text mean anyone who knows the
language can easily read the message.

- The original message is known as plaintext.

9
20. CIPHERTEXT

When the plaintext is codified with the help of any suitable scheme,
then the resultant message is known as ciphertext

The coded message is known as ciphertext.

21.CRYPTOGRAPHY

Cryptography is an ancient art and science of writing in secret

message. In areas like date and telecommunications, cryptography is
most important when communication over any un-trusted medium; it
include – any network, particularly the internet.

Cryptography, not only protects date from alteration, but it can also be
used for authentication of user.

Readable Cryptograp Unreadabl

message
22. CRYPTANALYSIS hic system e message

The process of typing to break any ciphertext message to obtain the

original message itself is known as cryptanalysis.

It is the technique of decoding message from a non-readable format

back to readable format without knowing how they are converted into
non-readable format.

Unreadabl Cryptanaly Readable

e message sis message

23. SUBSTITUTION TECHNIQUE

1. Caesar’s cipher

It is also known as a Caesar’s cipher. It is simple and well known

encryption techniques.

Here, letter of the plaintext is replaced by a letter with some fixed

number of positions from the alphabets.

Example:
10
 (1)Plain: ABCDEFGHIJKLMNOPQRSTUVWXYZ

Cipher: DEFGHIJKLMNOPQRSTUVWXYZABC

(2)Plaintext: “COME HOME TOMORROW”

Ciphertext: “FRPH KRPH WRPRUURZ”

2. Modified caesar’s cipher

In this version an alphabet ‘A’ can be replaced by any other alphabet

in the English alphabet set i.e. B to Z. so for each alphabet in starting we
have 25 possibilities of replacement.

An attack on a ciphertext message, wherein the attacker attempts to

use all possible permutations and combination is known as a Brute-
Force-attack.

Example:

Columnar technique

Plaintext – “ALL IS WELL FOR YOUR EXAM”

Col-1 Col-2 Col-3 Col-4 Col-5 Col-6

A L L I S W

E L L F O R

Y O U R E X

A M

Reading pattern(4,6,1,2,5,3)
Cipher text- IFRWRXAEYALLOMSOELLU

24.TRANSPOSITION TECHNIQUE ALGORITHM

1. Write the plaintext message row-by-row in a rectangle of a pre defined size.

2. Read a message column-by-column. However, it can be any order like 2,3, etc.
3. The message thus obtained is the ciphertext message.

25. COMPARISON OF SUBSTITUTION CIPHER AND TRANSPOSITION CIPHER

Substitution cipher Transposition cipher

In cryptography, a substitution cipher is a In cryptography, a transposition cipher is a
method of encryption by which units of method of encryption by which the positions

11
plaintext are replaced with ciphertext held by units of plaintext.
according to a regular system.
Method of substitution is used. Method of transposition is used.
Plaintext : Plaintext:
ABCDFGHIJK WE ARE DISCOVERED. FLEE AT ONCE.
Ciphertext : Ciphertext:
FGHIJKLMNOP WECLR TEERD SOEEF EAOCA IVDEN
Where, n=5
Easy to understand. Difficult to understand.

26. STEGANOGRAPHY – PROCEDURE

- Steganography is a technique of hiding a large amount of secret

message within on ordinary message and the extraction of it at its
destination.
- Steganography takes cryptography a step further by hiding an
encrypted message; so that no one suspect it exists. Ideally,
anyone scanning your date will fail to know it contains encrypted
data.
- In modern digital steganography, data is encrypted using
encryption algorithm.
- Encrypted data is inserted into cover media.
- Encrypted date will be added in cover media using stego-key.
The following formula provides the description of steganographic
process. Stego-key Stego-medium
+ + =
Cover-media Hidden-
date
Terminologies used in steganography :
1. Cover medium: date within which a message is to be
hidden.
2. Stego medium: date within which a message has been
hidden.
3. Message: date that is or will be hidden within a stego-
medium or cover-medium respectively.
4. Redundant bits: bits of date in cover-medium that can be
modified without compromising that medium’s integrity.

27. DATE ENCRYPTION STANDARD (DES)

12
Steps

1. 64 bit plaintext block is handed over to an initial permutation (IP)

function.
2. Initial permutation is performed on plaintext.
3. IP produces two halves of permuted block.
Left plaintext (LPT)
Right plaintext (RPT)
4. Each LTP and RTP goes through 16 rounds of encryption process,
each with its own key.
5. In the end LTP and RTP are rejoined and final permutation (FP) is
performed on the combined block.
6. The result is 64 bit ciphertext.

28. DIGITAL SIGNATURE

- A digital signature is an electronic.

- It is used to authentication the identity of the singer of a
document.
- It has ability to ensure that the original content of the message or
document that has been sent is unchanged.
- Digital signature are can be used with any kind of message and
easily transportable.
- If a message with digital signature arrived means that the sender
cannot easily repudiate it later.
- A digital signature can be used with encrypted or plaintext
message, so that receiver can be ensured the identity of the
sender and the message received is original or tempered.
- A digital certificate contains the digital signature of the certificate
issuing authority (CA); hence anyone can verify that the
certificate is real or fake.
- Digital signature are based upon both hashing function and
asymmetric cryptography. Both method play an important role
when signing digital document.
Sender’s
privet key

Hash ----------------- Encryption Digital

function ---------------- signature

13
 Black diagram of digital signature

29. COMPARISON OF SYMMETRIC KEY CRYPTOGRAPHY AND ASYMMETRIC

KEY CRYPTOGRAPHY

Symmetric key cryptography Asymmetric key cryptography

Single key is used for encryption and
decryption.
Also known as single key cryptography.
Key should be agreed by both- sender
and receiver.
Less security.
Simple to implement.
Ex- Date Encryption Standard (DSE).
Two separate keys are used for encryption
and decryption.
Known as public and private key encryption.
No need to agree on keys.
More security.
Hard to implement as compare to symmetric
key cryptography.
Ex- Digital Signature.

30. NEED OF FIREWALL

- A firewall can be hardware, software or a combination of both,

which will inspect network traffic passing through it and either
accept or reject the message based on a set of rules.
- The firewal is a partition between private (trusted) network and
public (un-trusted) network and it will inspect all traffic (packets)
which is passing through it.

31. TYPE OF FIREWALL

1. PACKET FILTER
2. STATEFUL PACKET FILTER
3. APPLICATION GATEWAY
4. CIRCUIT GATEWAYS

1. PACKET FILTER

- A router as part of a firewall usually perform packet filtering.

- A packet filtering router applies a set of each and every incoming
IP packet and then decides either to forward or discard the
packet.
- Typically the router is configured to filter packet going towards
and coming from the internal network.
- Filtration rules are based on information of a network packet.

14
 o Source IP address
o Destination IP address
o Source and destination transport-level address
o IP protocol field
o Interface

Advantages

- Simplicity
- Transparency to the users
- High speed

Disadvantages

- Difficulty of setting up of packet filtering rules.

- Lack of authentication.

2. APPLICATION GATEWAYS

- An application-level gateway is also known as proxy server. This is

because it acts like a proxy and decides about the flow of
application level traffic.
- An internal user contacts the application level gateway using a
TCP/IP application, such as telnet or FTP or HTTP.
- The application level gateway will asks the user/host about the
remote host with which the he wants a connection for
communication.
- When the user provides all information like a valid user ID and
authentication information, the gateway contacts the
application on the remote host and relays TCP segments
containing the application date between the two endpoints.

Advantages

- It has high security then packet filtering.

- It only need to scrutinize a few allowable application.
- It is easy to log and audit every incoming traffic.

Disadvantages

15
 The additional overhead for each connection because there are
two separate connection between the end user and with the
gateway. The gateway should examine and forward all traffic in
both direction.

3. CIRCUIT GATEWAYS

- It can be a specialized function that performs an application

level gateway for certain applications.
- I will not allow an end-to-end TCP connection, but it will set up
two TCP connections.
o One between a TCP user on an inner host and a
gateway.
o One between a gateway and a TCP user on an outside
host.

32. FIREWALL POLICIES

- Firewall policies allow all type of traffic but block some service like
telnet/SNMP, and port numbers those are used by an attacker.
- Restrictive policies block all traffic passing through firewall and
allow only traffic which are useful such as HTTP, POP3, SMTP, or
SSH.
- If network administrator forget to block something then it might
be exploited after some time without your knowledge.

33. CONFIGURATION

A firewall is a combination of packet filter and application level

gateway. Based on three types of configuration.

1. Screened host firewall, single-homed bastion

- Here, the firewall configuration consists of two parts- a
packet filter and an application level gateway.
- A packet filter router will insure that the incoming traffic is
allowed only if it is intended for the application gateway, by
examining the destination address field of each incoming IP
packets.
2. Screened host firewall, dual-homed bastion
- In this type of configuration, the direct connection between
the internal host and the packet filter are avoided.

16
 - Here, the packets filter connects only to the application
gateway, which in turn has a separated connection with
the internal hosts.
3. Screened subnet firewall
- This type of configuration offers highest security among the
possible configuration.
- In this type, two packet filters are used, one between the
internet and application gateway and other in between
application gateway and the internal network.

34. LIMITATION OF FIREWALLS

1. Firewall cannot protect against attacks that bypass the firewall.

2. Firewall dose not protect against insider threat like employees

innocently cooperates with an external attackers.

3. Firewall cannot protect against the transfer of virus infected

programs or files.

4. It may not be able to protect against viruses and infected file since it
may not be possible to scan all incoming traffic.

35. DMZ (DEMILITARIZED ZONE)

- it is a computer host or small network inserted as a, “neutral

zone” in a company’s private network and the outside public
network.
- It avoids outside users from getting direct access to a company’s
date server. A DMZ is an optional but more secure approach to a
firewall. It can effectively acts as a proxy server.
- The typical DMZ configuration has a separate computer or host in
network which receives request from users with the private
network to access a web sites or the public network.
- Then a DMZ host initiates sessions for such requests on the public
network but it is not able to initiate a session back into the private
network. It can only forward packets which have been
requested by a host.

36. INTRUSION DETECTION SYSTEM (IDS)

17
 - Intrusion detection is the process of monitoring the events
happening in a computer system or network. Intrusion detection
process analyses them for possible incidents, which are threats of
violation of computer security policies, standard security
practices or acceptable use policies.
- An intrusion
- An intrusion detection system (IDS) is same like burglar alarm
system installed in a house. In case of an intrusion, the IDS system
will provide some type of warning or alert.
- Then an operator will tag events of interest for next investigation
by the incident handing team.

IDS TYPES

1. Network based IDS

- This examines activity on the network itself. It has visibility only
into the traffic monitoring it crossing the network link and
typical has no idea of what happening on individual systems.
2. Host based IDS
- This examines activity on an individual system like a mail
server, web server, or individual PC. It concerned only with
an individual system and usually has no visibility into the
active on the network or system around it.
- A host based IDS check log files, audit trails and network
traffic coming into or living specific host.
- HIDS can operate in real time, looking, for activity as it arises,
or batch mode, looking for activity on a periodic basic.

Advantages

- Operating system specific and detailed signatures.

- Examine date after it has been decrypted.
- Very application specific.
- Determine whether or not an alarm may impact that
specific.

Disadvantages

- Should a process on every system to watch.

18
 - High cost of ownership and maintenance.
- Uses local system resources.
- Very focused view and cannot relate to activity around
it.
- If logged locally, could be compromised or disable.

36. HONEYPOTS

- Honeypots are the innovation in intrusion detection technology.

- A honeypot is a computer system on the internet which is
specifically set up to attract and “trap” people who are
attempting to penetrated (attackers) other critical systems.
- The honeypot system is designed with sensitive monitors and
event loggers, which will detect the accesses and collect the
information about the attacker’s activities.
- There are two different kinds of honeypots.
1. Production honeypot
Used by companies and corporations for the purpose of
researching the aims of hackers as well as diverting and
mitigating the risk of attacks on the overall network.
2. Research honeypot
Used by non-profit organization and education institutions for
the sole purpose of researching the motives and tactics of the
hacker community for targeting different networks.

37. KERBEROS

- Kerberos is a network authentication protocol and it is provide

strong authentication for client/server application. It uses secret
key cryptography.
- The internet is an insecure place. Internet uses different protocols
but they do not provide any security. There are tools which “sniff”
the password of the network and it is commonly used by
malicious hackers. Hence, the application which send an
unencrypted password over the network are extremely
vulnerable.
- Ther are some sites that use firewall to solve their network security
problems but unfortunately, firewalls assume that attackers are on
the outside, which is often a very bad assumption.

38. KERBEROS PROTOCOL

19
 I. User : The client workstation.
II. AS: Authentication server (AS) is used to verify the user while login
process, i.e. Authentication. It shared the unique secret password
with every user.
III. TGS: Ticket Granting Server (TGS) is responsible to certify the proof
of identity after authentication.
IV. SS: Service Server (SS) who is providing services to clients like
network printer, file sharing or application program.

39. KERBEROS WORKING

- It encrypted the date with a symmetric key. A symmetric key is a

type of authentication where both the client and server agree up
on the use of a single encryption/decryption key for data
transmission.
- When using encryption key, the details are actually sent to a key
distribution center(KDC), rather then sending the detail directly
each other.

40. MODES – TRANSPORT AND TUNNEL

1. Transport : This method encryption only the data portion of the

packet, thus enabling an outsider to see source and destination IP
addresses. This protection the data being transmitted, but allows
knowledge of the transmission itself. Protection of a data portion of a
packet is referred to as content protection.

- In this mode, IPSec takes the transport layer payload, adds IPSec
header and trailer encrypts the whole thing and then adds the IP
header. Thus, the IP header is not encrypted.
Transport layer
Transport layer
payload

Network layer

IPsec H IPsec IPsec T

payload

IPH IP Payload

IPSec transport mode

20
2. Tunnel: This provides encryption of source and destination IP
addresses, as well as of the data itself. This provides the greatest
security, but it can only be done between IPSec server because the
final destination needs to be known for delivery. Protection of the
header information is known as context protection.

- It accepts an IP datagram with IP header and adds IPSec header and

trailer to it. Then it will encrypt the whole packet and add the new IP
header to the encrypted datagram.
Transport layer

Transport layer
payload

Network layer
IP H IP payload

IPsec H IPsec IPsec T

payload

IPH IP Payload

IP tunnel mode

41. PROTOCOLS – AH AND ESP

1. Authentication header (AH)

- The AH, when added to an IP datagram, ensures the
integrity of date the authentication of data’s origin and
optional anti-replay service. By protecting the non-
changing elements in the IP header, the AH protects the IP
address, which enables data origin authentication.
2 Encapsulating security payload (ESP)
- ESP provides security services for the higher level protocol
of the packet not the IP header.
- This protocol provides date confidentiality. The ESP
protocol also defines a new header to be inserted into the
IP packet. ESP processing also include the transformation

21
 of the protected data into an unreadable encrypted from.
Under normal circumstances, the ESP will be inside AH i.e.
encryption happens first and then authentication.

42. SIMPLE MAIL TRANSFER PROTOCOL (SMTP)

- Simple mail transfer protocol is a TCP/IP protocol that specific

how computers exchange electronic mail. It works with post
office protocol (POP).
- SMTP is “request/response” based, which means the email client
software at the sender’s end gives the email message to the SMTP
server.
- Actually, SMTP server transfers the message to the receiver’s SMTP
server. The job of SMTP’s mail is to carry the email message
between the sender and the receiver.

43. PRETTY GOOD PRIVACY (PGP)

- This is used for encryption and decryption of e-mail over the

internet.
- This protocol is used to send an encrypted digital signature
because of this receiver can verify the sender’s identity and he
understand that the message was not change during
transmissions.
- Pretty good privacy (PGP) is freely available and cost very low for
commercial version. Basically, it is widely used as a privacy
ensuring program by individuals and also by many organizations.
- PGP is developed by Philip R. Zimmermann in year 1991 and
become a standard for e-mail security.
- It can used to encrypt the files which are being stored hence they
are understand by unreadable by unauthorized users or intruders.

44. PUBLIC KEY INFRASTRUCTURE (PKI)

- A PKI is a structure which provides all of the essential components

for different types of users and entities for secure communication
in a predictable manner.
- A PKI is made up of different components like – hardware,
application, policies, services, programming interfaces,
cryptographic algorithms, protocol, users, and utilities, such
components work together and allow communication using
22
 public key cryptography and symmetric keys for digital signatures,
data encryption, and integrity.
- There is no need of constructing and implementing a PKI
application and protocol because the same type of functionality
is provided by different application and protocol.
- Registration authorities and certificate authorities in PKI
environments are providing a some service like R.T.O.

45. CYBER CRIME

- Cyber crime is a generic term that refers to all criminal activities

done using the medium of computers, the internet and the
worldwide web.
- Cybercrime, also known as computer crime it uses a computer as
an instrument for the further illegal things, such as committing
fraud, trafficking in child pornography and intellectual property,
stealing identities, or violating privacy.

1.Financial 2. Piracy 3.Hacking

4.Cyber-terrorism 5. Online pornography 6.Sabotage

46. HACKING

- Hacking is one of the most well-known types of crime. A hacker is

someone who find out and exploits the weaknesses of a
computer system or network.
- It is refers to the unauthorized access of another’s computer
system. These intrusions are often conducted in order to launch
malicious program known as viruses, worms, and trojan horses
that can shutdown or destroy an entire computer network.
- Hacking is also carried out as way to take credit card numbers,
internet passwords, and other personal information.
- By accessing commercial database, hacker are able to steal
these of items from millions of internet users all at once.
- Different type of hacker:
I. White Hat
II. Black Hat
III. Grey Hat
IV. Elite Hat
V. Script Hat
23
47. CYBERSTALKING OR HARASSMENT

- Cyberstalking involves following a person online anonymously.

The stalker will virtually follow the victim, including his or her
activities.
- This kind of cybercrime involves online harassment where the user
is subject to a use online messages and email.
- Typical cyberstalk use social media, website and search engines
to intimidate a user and instil fear.
- Usually, the cyberstalk knows their victim and makes the person
feel afraid or concerned for their safety. Most of the victims of
cyberstalking are women and children.

48. PCI DSS

- The payment card industry data security standard (PCI DSS) is

administered by the PCI security standard council.
- The purpose of the standard is to decrease payment card fraud
across the internet and increase credit card data security.
- Organization that store transmit or process card holder data must
comply with PCI DSS. Compliance is regulated and enforced by
the ‘acquiring bank’ with which every organization must have a
merchant account.

49. COBIT FRAMEWORK

- The control objective for information and related

technology(COBIT) is “a control framework that link IT initiatives to
business requirements, organizes IT activities into a generally
accepted process model, identifies the major IT resources to be
leveraged and definition the management control objective to
be considered”.
- COBIT is a framework developed by ISACA (Information System
Audit and Control Association) in year 1996 for IT management
and IT governance.
- COBIT is a set of guidance material for IT governance that allow
managers to bridge the gap between control requirements,
technical issues and business risks.
- The main aim of COBIT is to research, develop, publicize and
promote an authoritative, up to date, international set of

24
 generally accepted information technology control objective for
day to day use by business managers, IT professionals and
assurance.

Which respond to
Drive the Business
requireme
Investments in nts

Enterprise COBI IT
T Resourc
Informatio
es
n

IT That
are used Processe
s
To deliver
by

COBIT Framework principles

25