Module 5: Protecting Information Resources

Learning Objectives
After studying this module, you should be able to:
1. Explain cybercrime and its impact on the global economy.
2. Describe information technologies that could be used in computer crimes.
3. Describe basic safeguards in computer, network, and cyber security.
4. Identify the ten most common intentional security threats.
5. Describe the nine security measures and enforcement that a comprehensive security system
should include.
6. Summarize the guidelines for a comprehensive security system, including business continuity
planning.

Section 5-1: Risks Associated with Information Technologies

Cybercrime's Impact on the Global Economy
• Research by Cybersecurity Ventures (2020): Cybercrime will cost the world economy $10.5
trillion annually by 2025.
• Costs Include:
• Loss of revenue from theft of identities, intellectual property, and trade secrets.
• Damage to companies' and individuals' reputations.
• Expenses for enhancing and upgrading networks after attacks.
• Opportunity costs due to downtime and lost trust.
• Job losses resulting from stolen trade secrets.
Misuse of Information Technologies
• Examples:
• Spyware: Secretly gathers information about users while they are connected to the
Internet.
• Adware: Collects user information to display targeted advertisements.
• Phishing: Fraudulent emails pretending to be from legitimate sources to capture personal
information.
• Pharming: Redirects users to fraudulent websites to steal personal information.
• Keystroke Loggers: Software or hardware devices that monitor and record keystrokes.
• Baiting: Promises rewards to trick users into providing sensitive information.
• Social Engineering: Tricks individuals into revealing private information.

Section 5-2: Computer, Network, and Cyber Security: Basic Safeguards

Three Aspects of Security
1. Confidentiality: Prevents unauthorized access to information.
2. Integrity: Ensures data is accurate and has not been tampered with.
3. Availability: Ensures systems are operational and accessible to authorized users.
Comprehensive Security System
• Three Levels of Security:
• Level 1: Protect front-end servers (e.g., email and web servers) against unauthorized
access.
• Level 2: Protect back-end systems to ensure confidentiality, accuracy, and integrity of
data.
• Level 3: Protect the corporate network against intrusions, denial-of-service attacks, and
unauthorized access.
• Fault-Tolerant Systems: Use hardware and software to ensure availability in case of system
failure.
• Examples: Uninterruptible Power Supply (UPS), Redundant Array of Independent Disks
(RAID), Mirror Disks.
Section 5-3: Security Threats: An Overview
Intentional Threats
1. Viruses: Self-propagating program code triggered by specific events or times.
2. Worms: Independent programs that spread across networks without being attached to a host
program.
3. Trojan Programs: Malicious code hidden inside legitimate programs.
4. Logic Bombs: Triggered at a certain time or event to release destructive code.
5. Backdoors: Programming routines allowing unauthorized access to systems.
6. Blended Threats: Combine characteristics of viruses, worms, and other malicious codes.
7. Rootkits: Conceal presence and actions from users and system processes.
8. Denial-of-Service (DoS) Attacks: Flood networks or servers with requests to prevent legitimate
access.
9. Social Engineering: Tricks individuals into revealing private information.
10. Cryptojacking: Secretly uses computing power to mine cryptocurrency.
Unintentional Threats
• Natural disasters, accidental deletion of data, structural failures.

Section 5-4: Security Measures and Enforcement: An Overview

Biometric Security Measures
• Use physiological elements unique to individuals.
• Examples:
• Facial Recognition
• Fingerprints
• Hand Geometry
• Iris Analysis
• Palm Prints
• Retinal Scanning
• Signature Analysis
• Vein Analysis
• Voice Recognition
Nonbiometric Security Measures
1. Callback Modems: Verifies user access by logging off and calling back at a predetermined
number.
2. Firewalls: Combines hardware and software to act as a filter between a private network and
external computers.
• Types:
• Packet-Filtering Firewalls
• Application-Filtering Firewalls
• Proxy Servers
3. Intrusion Detection Systems (IDS): Identifies and alerts about unauthorized access attempts.
Physical Security Measures
• Includes devices for securing computers and peripherals from theft.
• Examples:
• Cable Shielding
• Corner Bolts
• Electronic Trackers
• Identification (ID) Badges
• Proximity-Release Door Openers
• Room Shielding
• Steel Encasements
Access Controls
• Protect systems from unauthorized access.
• Terminal Resource Security: Automatically signs users off after inactivity.
• Passwords: Combinations of numbers, characters, and symbols.
• Best Practices:
• Change passwords frequently.
• Use complex passwords (at least 12 characters).
• Avoid writing down passwords.
• Do not use common names or dictionary words.
Virtual Private Networks (VPNs)
• Provide secure "tunnels" through the Internet for transmitting messages and data via a private
network.
• Uses encryption protocols like Layer Two Tunnelling Protocol (L2TP) or Internet Protocol Security
(IPSec).
Data Encryption
• Transforms data into a scrambled form (ciphertext) that cannot be read without a decryption key.
• Types:
• Symmetric Encryption: Same key for encryption and decryption.
• Asymmetric Encryption: Uses public and private keys.
E-Commerce Transaction Security Measures
• Critical Factors:
• Authentication
• Confirmation
• Nonrepudiation
Computer Emergency Response Team (CERT)
• Developed by the U.S. Department of Defence to handle network intrusions and attacks.
• Provides guidelines, conducts research, and offers awareness training.
Zero Trust Security
• Requires every person and device accessing a network to be secure, regardless of location.
• Principles:
• Verify before access.
• Least-privilege access.
• Microsegmentation.
• Multifactor Authentication (MFA).

Section 5-5: Guidelines for a Comprehensive Security System

Employee Training
• Employees are essential for the success of any security system.
• Conduct training sessions and provide certificates upon completion.
Risk Analysis
• Assess which resources are most important and require the strongest protection.
• Consider financial techniques like Return on Investment (ROI).
Disaster Recovery Plan (DRP)
• Lists tasks to restore damaged data and equipment.
• Steps:
• Back up all files.
• Review security and fire standards periodically.
• Test the disaster recovery plan with trial data.
• Set up alternative sites (cold or hot sites).
Key Recommendations
1. Develop clear security policies and procedures.
2. Post the security policy in visible places.
3. Raise employees' awareness of security problems.
 4. Use strong passwords and avoid reusing them.
5. Install software patches and updates regularly.
6. Revoke terminated employees' access immediately.
7. Keep sensitive data locked in secure locations.
8. Exit programs promptly and never leave logged-on workstations unattended.
9. Limit computer access to authorized personnel only.
10. Compare communication logs with billing periodically.

Key Terms
Term Definition

Access Controls Designed to protect systems from unauthorized access.

Adware Collects user information to display targeted advertisements.

Asymmetric Encryption Uses public and private keys for encryption and decryption.

Improve security by transmitting tokens among connected

Authentication Tokens
applications.

Ensures systems are operational and accessible to authorized

Availability
users.

Backdoors Programming routines allowing unauthorized access.

Promises rewards to trick users into providing sensitive

Baiting
information.

Biometric Security Measures Use physiological elements unique to individuals.

Hackers specializing in unauthorized penetration of information

Black Hats
systems.

Combine characteristics of viruses, worms, and other malicious

Blended Threats
codes.

Case Studies
Case Study 5-1: Vulnerabilities of Medical Devices
• Key Points:
• Connected medical devices (IoMT) are becoming targets for malware.
• Risks include altered medical records, exposure of sensitive patient data, and potential
harm to patients.
• Manufacturers must improve security features and coordinate with healthcare providers.
Case Study 5-2: Security Breach at Equifax
• Key Points:
• Hackers exploited a vulnerability in Apache Struts CVE-2017-5638.
• The breach impacted over 148 million people.
• Equifax failed to modernize its security system and address known vulnerabilities.
• Steps Taken: Hired a new chief information security officer and invested $200 million in
data security infrastructure.
Module Summary
1. Cybercrime Impact: Cybercrime will cost the global economy $10.5 trillion annually by 2025.
2. Information Technologies in Crimes: Examples include spyware, adware, phishing, pharming,
etc.
3. Basic Safeguards: Confidentiality, integrity, and availability (CIA triangle).
4. Common Security Threats: Viruses, worms, Trojan programs, logic bombs, backdoors, blended
threats, rootkits, DoS attacks, social engineering, cryptojacking.
5. Security Measures: Biometric, nonbiometric, physical security measures, access controls,
VPNs, data encryption, e-commerce transaction security, CERT, zero trust security.
6. Comprehensive Security Guidelines: Employee training, risk analysis, disaster recovery
planning.

Review Questions
1. What are six examples of information technologies that could be used in computer crimes?
• Spyware, adware, phishing, pharming, keystroke loggers, baiting.
2. What is the CIA triangle?
• Confidentiality, Integrity, Availability.
3. What are the three most common security threats?
• Viruses, worms, Trojan programs.
4. What are the three most common security measures?
• Firewalls, antivirus software, encryption.
5. What are 10 guidelines that should be included in a comprehensive security system?
• Develop clear security policies, post policies visibly, raise awareness, use strong
passwords, install updates, revoke terminated employees' access, keep sensitive data
secure, exit programs promptly, limit access, compare communication logs.
6. Explain business continuity planning.
• Outlines procedures to keep an organization operational after a disaster or network attack.
7. What are five examples of biometric security measures?
• Facial recognition, fingerprints, hand geometry, iris analysis, palm prints.
8. Define zero trust security. What are three of its principles?
• Zero trust security requires verification for every access attempt.
• Principles: Verify before access, least-privilege access, microsegmentation.

Projects
1. Create a one-page document for students to increase their security awareness.
2. Write a paper on three high-profile companies affected by security breaches.
3. Outline recommendations for dealing with Denial-of-Service (DoS) attacks.
4. Identify companies using biometric security measures and discuss their
advantages/disadvantages.
5. Offer recommendations for improving online transaction security.
Central Topic:
Protecting Information Resources

Main Branches:
1. Cybercrime and Its Impact
• Costs to Global Economy
• $10.5 trillion annually by 2025
• Loss of revenue (identity theft, intellectual property)
• Damage to reputations
• Job losses due to stolen trade secrets
• Examples of Cybercrime
• Spyware, Adware, Phishing, Pharming, Baiting, Quid Pro Quo
• Ransomware, Cryptojacking
2. Security Threats
• Intentional Threats
• Viruses, Worms, Trojan Programs
• Logic Bombs, Backdoors, Blended Threats
• Rootkits, Denial-of-Service (DoS) Attacks
• Social Engineering, Cryptojacking
• Unintentional Threats
• Natural Disasters, Accidental Data Deletion
• Structural Failures
3. Basic Safeguards
• CIA Triangle
• Confidentiality: Prevent unauthorized access
• Integrity: Ensure data accuracy
• Availability: Ensure system accessibility
• Three Levels of Security
• Level 1: Front-end servers (e.g., email, web servers)
• Level 2: Back-end systems (e.g., internal databases)
• Level 3: Corporate network protection
4. Security Measures
• Biometric Security Measures
• Facial Recognition, Fingerprints, Hand Geometry
• Iris Analysis, Palm Prints, Retinal Scanning
• Signature Analysis, Vein Analysis, Voice Recognition
• Nonbiometric Security Measures
• Callback Modems, Firewalls, Intrusion Detection Systems (IDS)
• Physical Security Measures
• Cable Shielding, Corner Bolts, Electronic Trackers
• ID Badges, Proximity Release Door Openers, Room Shielding
• Access Controls
• Strong Passwords, Terminal Resource Security
• Virtual Private Networks (VPNs)
• Secure "tunnels" through the Internet
• Data Encryption
• Symmetric vs. Asymmetric Encryption
• E-commerce Transaction Security
• Authentication, Confirmation, Nonrepudiation
• Computer Emergency Response Team (CERT)
• Handles network intrusions and attacks
• Zero Trust Security
• Verify before access, Least-privilege access, Microsegmentation
5. Guidelines for Comprehensive Security
• Employee Training
• Awareness programs, Certifications
• Risk Analysis
• Identify critical resources, Financial techniques (ROI)
• Disaster Recovery Plan (DRP)
• Backup files, Test recovery plans, Set up alternative sites
• Business Continuity Planning
• Procedures to keep operations running during disasters
6. Key Concepts
• Confidentiality
• Protect sensitive information
• Integrity
• Ensure data accuracy and prevent tampering
• Availability
• Ensure systems are operational and accessible
• Fault-Tolerant Systems
• UPS, RAID, Mirror Disks
• McCumber Cube
• Evaluates information security across states (Transmission, Storage, Processing)
7. Real-World Applications
• Case Study: Vulnerabilities of Medical Devices
• IoMT devices at risk (e.g., pacemakers, X-ray machines)
• Risks: Malware, Unauthorized access, Altered medical records
• Recommendations: Regular updates, Block Internet access
• Case Study: Security Breach at Equifax
• Exploited Apache Struts CVE-2017-5638 vulnerability
• Lessons: Modernize security systems, Segment databases
8. Future Trends
• Replacing Passwords
• Biometrics, Zero Login, Brain Passwords, DNA Identification
• Emerging Technologies
• Authentication Tokens, Implanted Microchips
Module 4 – INF1505

Cybercrime refers to illegal activities carried out

What is cybercrime? using computers, networks, or the internet.
According to research, it will cost the global
economy $10.5 trillion annually by 2025.

What are three examples of unintentional security Examples include accidental data deletion,
threats? structural failures, and natural disasters like
floods or earthquakes.

The CIA triangle refers to three core principles of

information security: Confidentiality (preventing
Define the CIA triangle.
unauthorized access), Integrity (ensuring data
accuracy), and Availability (ensuring systems are
operational).

Phishing involves sending fraudulent emails that

What is phishing? appear legitimate to trick recipients into revealing
personal information such as passwords or credit
card numbers.

Pharming redirects users to fake websites by

What is pharming?
altering DNS settings, allowing attackers to steal
sensitive information.

A logic bomb is malicious code triggered at a

Describe a logic bomb.
specific time or event, often causing damage to
systems or data.

A rootkit is malware designed to hide its presence

What is a rootkit?
and actions from users and system processes,
making it difficult to detect.

Zero trust security requires every person and

What is zero trust security? device accessing a network to be verified,
regardless of location, ensuring no implicit trust
within or outside the organization.

A firewall is a combination of hardware and

What is a firewall? software that acts as a filter between a private
network and external networks, including the
Internet.
 Symmetric encryption (uses the same key for
Name two types of encryption.
encryption and decryption) and asymmetric
encryption (uses public and private keys).

Ransomware is malware that encrypts files on a

What is ransomware?
victim's computer and demands payment in
exchange for restoring access.

Social engineering involves manipulating

What is social engineering? individuals to divulge confidential information
through tactics like deception, impersonation, or
psychological manipulation.

A Distributed Denial-of-Service (DDoS) attack

What is a DDoS attack? floods a website with excessive traffic from
multiple sources, overwhelming it and preventing
legitimate access.

Biometric authentication uses physiological

What is biometric authentication?
characteristics like fingerprints, facial
recognition, or voice patterns to verify identity.

A password manager generates, stores, and

What is a password manager? manages secure passwords for various accounts
while requiring only one master password for
access.

A Trojan program disguises itself as legitimate

What is a Trojan program?
software but contains malicious code intended to
.
harm systems or steal data

Sniffing involves capturing and recording network

What is sniffing?
traffic, often used by hackers to intercept
sensitive information.

Spoofing occurs when an attacker pretends to be

What is spoofing?
someone else, often by falsifying IP addresses,
email addresses, or other identifiers.
 Business continuity planning outlines procedures
What is business continuity planning?
to keep an organization operational during and
after disasters or attacks.

A DRP lists tasks required to restore damaged

What is a disaster recovery plan (DRP)?
data and equipment following a disaster, ensuring
minimal disruption to operations.
Test: Module 5 – Protecting Information Resources

Part 1: Multiple-Choice Questions (20 Questions)

1. What is the primary purpose of a firewall?
a) To store data securely
b) To act as a filter between a private network and external networks
c) To generate passwords
d) To monitor employee activity
2. Which of the following is NOT part of the CIA triangle?
a) Confidentiality
b) Integrity
c) Availability
d) Consistency
3. What is ransomware?
a) A type of malware that deletes files
b) A type of malware that blocks access to a system until a ransom is paid
c) A virus that spreads through email
d) A worm that replicates itself
4. Which of the following is an example of biometric security?
a) Password
b) Fingerprint scan
c) ID badge
d) Firewall
5. What is phishing?
a) Sending fraudulent emails to steal personal information
b) Encrypting data
c) Installing firewalls
d) Using antivirus software
6. What is the main difference between symmetric and asymmetric encryption?
a) Symmetric uses one key; asymmetric uses two keys
b) Symmetric is faster; asymmetric is slower
c) Symmetric is more secure; asymmetric is less secure
d) Symmetric is used for small data; asymmetric is used for large data
7. What is a logic bomb?
a) A virus that spreads through email
b) Malicious code triggered by a specific event or time
c) A worm that replicates itself
d) A Trojan program
8. Which of the following is NOT a principle of zero trust security?
a) Trust but verify
b) Least-privilege access
c) Microsegmentation
d) Unlimited access
9. What is the purpose of a disaster recovery plan (DRP)?
a) To ensure employees are trained
b) To restore damaged data and equipment after a disaster
c) To monitor network traffic
d) To install firewalls
10. Which of the following is NOT a common intentional security threat?
a) Virus
b) Worm
c) Natural disaster
d) Trojan program
11. What is cryptojacking?
a) Stealing cryptocurrency
b) Secretly using a user’s computing power to mine cryptocurrency
c) Encrypting data
d) Deleting files
12. What is the most important aspect of a password?
a) Length
b) Complexity
c) Memorability
d) Both a and b
13. What is a virtual private network (VPN)?
a) A public network
b) A secure tunnel through the Internet for transmitting data
c) A type of firewall
d) A biometric security measure
14. Which of the following is NOT a type of hacker?
a) White hat
b) Black hat
c) Blue hat
d) Gray hat
15. What is social engineering?
a) Using technical skills to hack systems
b) Using psychological manipulation to trick people into revealing private information
c) Installing firewalls
d) Encrypting data
16. What is the purpose of a business continuity plan?
a) To keep an organization operational during a disaster
b) To monitor employee activity
c) To install antivirus software
d) To encrypt data
17. What is a denial-of-service (DoS) attack?
a) Flooding a network with service requests to prevent legitimate access
b) Encrypting data
c) Deleting files
d) Installing firewalls
18. Which of the following is NOT a biometric security measure?
a) Fingerprint scan
b) Facial recognition
c) Password
d) Voice recognition
19. What is the Sarbanes-Oxley Act primarily concerned with?
a) Data encryption
b) Maintaining data integrity and availability in financial organizations
c) Installing firewalls
d) Monitoring employee activity
20. What is the main goal of zero login?
a) To eliminate passwords entirely
b) To use multiple passwords
c) To require physical security measures
d) To install firewalls
Part 2: True or False Questions (20 Questions)
1. Symmetric encryption uses two keys, one public and one private.
2. A firewall is a combination of hardware and software that acts as a barrier between a private
network and external networks.
3. Phishing involves sending legitimate emails to steal personal information.
4. The CIA triangle includes confidentiality, integrity, and availability.
5. Ransomware encrypts files and demands payment to restore access.
6. A logic bomb is triggered by a specific event or time.
7. Zero trust security assumes all devices and users are trusted by default.
8. A disaster recovery plan (DRP) outlines procedures for keeping an organization operational during
a disaster.
9. Social engineering relies on technical skills to hack systems.
10. Cryptojacking involves secretly using a user’s computing power to mine cryptocurrency.
11. A virtual private network (VPN) provides a secure tunnel through the Internet for transmitting data.
12. White hats are hackers who specialize in unauthorized penetration of systems.
13. Business continuity planning is only necessary for large organizations.
14. A denial-of-service (DoS) attack floods a network with service requests to prevent legitimate
access.
15. Biometric security measures include fingerprint scans and facial recognition.
16. The Sarbanes-Oxley Act requires IT professionals to document and test the effectiveness of
security measures.
17. A rootkit is a series of software tools that enable unauthorized access to a computer or network
system.
18. Intrusion detection systems (IDS) can protect against both external and internal access.
19. Passwords should be written down and stored in a visible location.
20. Zero login assumes devices will be smart enough to recognize users by their unique features.
Part 3: Fill in the Missing Word Questions (20 Questions)
1. A __________ is a type of malware that blocks access to a system until a ransom is paid.
2. The __________ triangle includes confidentiality, integrity, and availability.
3. A __________ is a combination of hardware and software that acts as a filter between a private
network and external networks.
4. __________ is the practice of breaking up security perimeters into small zones.
5. A __________ attack floods a network with service requests to prevent legitimate access.
6. __________ is a type of social engineering that involves sending fraudulent emails to steal personal
information.
7. A __________ is a malicious program hidden inside a popular program.
8. __________ is the process of converting plaintext into ciphertext.
9. A __________ is a series of software tools that enable unauthorized access to a computer or
network system.
10. __________ is a cryptographic protocol that ensures data security and integrity over public
networks.
11. A __________ is a secure tunnel through the Internet for transmitting data.
12. __________ is the practice of using psychological manipulation to trick people into revealing
private information.
13. A __________ is a plan that outlines procedures for restoring damaged data and equipment after a
disaster.
14. __________ is the process of secretly using a user’s computing power to mine cryptocurrency.
15. A __________ is a type of hacker who specializes in unauthorized penetration of systems.
16. __________ is the process of verifying the identity of a user or device.
17. A __________ is a type of security measure that uses physiological characteristics to verify
identity.
18. __________ is the process of ensuring that data has not been altered during transmission.
19. A __________ is a plan that outlines procedures for keeping an organization operational during a
disaster.
20. __________ is the practice of giving users only the access they need to perform their jobs.
Answers
Multiple-Choice Answers
1. b
2. d
3. b
4. b
5. a
6. a
7. b
8. d
9. b
10. c
11. b
12. d
13. b
14. c
15. b
16. a
17. a
18. c
19. b
20. a
True or False Answers
1. False
2. True
3. False
4. True
5. True
6. True
7. False
8. False
9. False
10. True
11. True
12. False
13. False
14. True
15. True
16. True
17. True
18. True
19. False
20. True
Fill in the Missing Word Answers
1. Ransomware
2. CIA
3. Firewall
4. Microsegmentation
5. Denial-of-service (DoS)
6. Phishing
7. Trojan program
8. Encryption
9. Rootkit
10. Transport Layer Security (TLS)
11. Virtual private network (VPN)
12. Social engineering
13. Disaster recovery plan (DRP)
14. Cryptojacking
15. Black hat
16. Authentication
17. Biometric security measure
18. Integrity
19. Business continuity plan
20. Least-privilege access