Lecture No.

1
Information Security:
In Information security, Information any important data that needs
protection. This includes things like password, Bank details, personal
files and Company Secrets.
To keep information safe, we follow three main rules
• Confidentiality
• Integrity
• Viability
Hackers try to steal or damage information, so we use security methods
like password encryption, firewalls and antivirus software to it safe.
Computer Security:
Computer Security means keeping computer and data safe from hacker’s
viruses and other cyber thread. Its helps protect.
Privacy: Only the right people can see the information.
Accuracy: The data should not be changed without permission.
Access: The system should work when needed.
Phase of Security:
Type of attacks:
• Active Attack
• Passive Attack
Cyber Attacks:
Cyber-attacks are mainly classified in active and passive attack based on
how they effect a system.

Lecture No. 2
Active Attacks:
An active attack is a type cyber security where hacker modify, Damages data or system. The
attackers are tries to change, Delete or Control information, causing direct harm.

Key Features:
1. The hacker actively interacts with the system.
2. The attack can be detected because it causes problems.
3. The goal is to steal change or destroy data.

Example:
1. Hacking a website: To change to content.
2. Sending Malware: viruses to damage files.
3. Phising emails: That truck people into giving passwords.

Passive Attack:
A passive attack is type of cyber-attack where a hacker secretly watches or collects data
without making any changes. The attacker does not harm or modify the system, making the
attack hard to detect.

Key Feature:
1. The hacker only observes and does not change data.
2. The attack is difficult to detect because everything looks normal.
3. The goal is to steal private information without being noticed.

Example:

1. Eaves dropping (Secretly listening to network traffic)

2. Shoulder Surfing (Watching Someone type their passwords)
3. Traffic Analysis (Studying data patterns to guess sensitive information)
Lecture No. 3
Security Mechanism:
A security mechanism is method or tool used to protect computer network and data from cyber
threads it helps prevent detect or respond to attack.

Main Goal of Security Mechanism:

1. Protect data from hackers.

2. Ensuring privacy So any the right people can access information.
3. Detect and Stop attack before they cause harm.

Types of Security Mechanisms:

1. Encryption:
Convert data into a Secret Code/ Cipher text prevent unauthorized access

Example:

Security Websites use http to protect your data

2. Authentication:
Confirm the identity of user before giving access

Example: passwords finger prints face recognition

3. Access controls:
Limits who can see or change information.

Example: A bank employee can’t access your personal account details

4.Two-factor-authentication:
Add an extra layer of security by requesting a second step to login

Example: After entering your Passwords, you get a one-time code on your phone
Lecture No. 4
Why computer incidents are so widespread:
Computer incidents such as cyberattacks, data, breaches, malware, infection and hacking attempts
have become increasing common. This rise is due to various factors, including the rapid growth of
technology, weak security policy and more advanced cybercriminal strategy.

1. More people use technology:

More people use the internet, Smart phones and computer every day. More devices mean more
chances for hacker to attack

Example:

If millions of people use online banking hackers try to their passwords.

2. Weak Security habits:

Many people use Weak passwords like “1234”. Some don’t update software leaving security
holes open. Many falls for fake emails and share personal details.

Example:

If you use the same passwords everywhere one hack can expose all your accounts.

3. Hacker Are Smarter:

Hackers use advance tools to break into system. The Create new viruses and Scams to steal
money and data.

Example:

Ransomware locks your files and money to unlock them.

Lecture No. 5
4. Remote work & online Storage
Many people work from home using unsafe Wi-Fi, Business store
data online (cloud storage) making them bigger targets.
Example:
A hacker can break into company system through and employes
home Wi-Fi.
5. Hackers Target Big Company Government.
Banks, Hospital and Government Offices have valuable data.
Hackers try to steal money secrets or personal information.
6. How can we stop these attacks:
• Use strong password for every accounts
• Turn on multi factor authentication for extra security.
• Update software and antivirus Regularly.
• Use VPN then use public Wi-Fi.
• Business Should train employee in cyber security awareness.

Lecture No. 6
Implementing Trustworth Computing:
Trustworth computing means making sure computer & network are
secure, reliable and private for user.
It includes:
• Using password & encryption to protect data.
• Keep software updated to fix security weakness.
• Ensure that only authorized users can access sensitive information.
Risk Assessment:
Risk assessment means finding possible security threads before they cause
problem.
It includes:
• Checking for work spots in a system.
• Understanding how hackers might attack.
• Create a plain to reduce risk before happen.
Example:
A company check its network security to see if hackers can easily break
in.
Establishing a security policy:
A security policy is set of rules to keep information safe.
It includes:
• Who can access certain files & data.
• How to protect password & account.
• What to do if a cyberattack happens.
Example:
A company make rules that employee must change password every three
months.
Lecture No. 7
Encryption Techniques:
1. Symmetric Encryption
Symmetric encryption is a method of protecting information. So that
only people with the right. can read it. It's called symmetric because the
same key is used to both lock & unlock the message.
Example:
Think of like a special kind of lockbox where you and your friends both
have the same key you put a letter inside lock the box, with the key send
it to your friend and they use the same key to open it and read the letter.
Challenges:
In symmetric Encryption both people need to have the same key, and
must share it in the safe way. If someone steal or guess the key. They can
easily read & change the message that's why it is important to keep the
key secret.
2. Asymmetric Encryption:
Asymmetric encryption is a method of keeping message safe using two
different keys. A public key and private key. These key like a pair, one
key lock only other can unlock. The public key can be shared with
everyone. but the private key is kept secret & only known by the owner.
 3. Hash Function:
A hash function is a special kind of information that takes any amount of
data (like password or file) and turn it into a short, fixed length code
called a hash. Hash Function one way you can’t reverse them to get the
original input.
Example:
Hash functions are used in many placed especially in security when you
create a password website do not store your real passwords instead, they
store its hash. when you login, your password is hashed again and
compared to the stored hash. If the match you are in this way even if
someone steals the database, they cannot easily find your original
password.

Lecture No. 8
A good hash function has three main qualities:
• It gives the same output for the same input.
• It’s very hard to guess the input from the output.
• Even small change in input gives a completely different hash.
Efficiency of Operation:
Efficiency of operation means how quickly & effectively a task or
process is completed using the least amount of time, energy or resources.
In computing or digital system, it refers to how fast an algorithm runs,
how little memory it uses or how smoothly a system performs its job.
Example:
If two programs can do same job, but one finishes in 1 sec and other
takes 10 sec, the first one is more efficient.
Efficiency is very important in fields like cryptography, networking and
software development, where speed and resources use matter a lot. It
helps system run faster. some battery and makes the user experience
better.

Lecture No. 9
CIA (Confidentiality Integrity Availably):
Confidentiality:
Keeping information secretly only the right people can access it.
Example:
Using password to protect personal data.
Integrity:
Ensuring information is accurate and not changed by unauthorized
people.
Example:
Use digital signatures to verify files
Availably:
Make sure information is accessible when need.
Example:
Protecting server from cyber-attacks.