Chapter 1 - Overview of Key Concepts

Introduction to Computer Security

03/05/2025 1
 Basic Concepts of Computer Security
• Computer security refers to the protection of computer
systems, networks, and data from unauthorized access,
theft, damage, or disruption.
• It involves ensuring the confidentiality, integrity, and
availability of information, often referred to as the CIA
Triad.
– Confidentiality: Ensuring that sensitive information is
accessible only to authorized individuals.
• Example: A company encrypts its employee records so that
only HR personnel can access them.
– Integrity: Ensuring that data is accurate and unaltered.
• Example: A bank uses checksums to verify that transaction
data has not been tampered with during transmission.
03/05/2025 2
 – Availability: Ensuring that systems and data are accessible
when needed.
• Example: A cloud service provider ensures 99.9% uptime so
that users can access their data at any time.

03/05/2025 3
 Threats, Vulnerabilities, Controls, and Risk
• Threats: Potential dangers that could harm a system or
data.
– Threats can be intentional (e.g., hackers) or unintentional
(e.g., natural disasters).
– Example:
• A hacker attempting to steal credit card information from an
online store. (Intentional)
• Unintentional threats often arise from human error, lack of
training, or oversight, natural disaster, software bug etc.
• Vulnerabilities: Weaknesses in a system that can be
exploited by threats.
– Example: A software application with unpatched security
flaws.
03/05/2025 4
• Controls: Measures put in place to reduce the risk of
threats exploiting vulnerabilities.
– Example: Installing antivirus software to detect and
remove malware.
• Risk: The likelihood of a threat exploiting a vulnerability
and the potential impact of such an event.
– Example: If a company's database has weak passwords
(vulnerability) and is targeted by hackers (threat), the risk
of a data breach is high.

03/05/2025 5
 Goals of Computer Security
• The primary goals of computer security are to ensure
the CIA Triad (Confidentiality, Integrity, Availability).
• Additional goals include:
– Authentication: Verifying the identity of users or systems.
• Example: Using a username and password to log into an
email account.
– Non-repudiation: Ensuring that a user cannot deny having
performed an action.
• Example: Digital signatures on contracts ensure that the
signer cannot later deny signing.
– Accountability: Tracking user actions to hold them
responsible.
• Example: Logging user activity on a server to monitor for
03/05/2025 6
suspicious behavior.
 Security Attacks
• A security attack is any action taken to compromise the
security of a system.
• Attacks can be classified as passive or active.
– Passive Attacks: Involve eavesdropping or monitoring
without altering the system.
• Example: A hacker intercepts and reads unencrypted emails.
– Active Attacks: Involve altering or disrupting the system.
• Example: A Distributed Denial of Service (DDoS) attack
overwhelms a website with traffic, making it unavailable to
users.

03/05/2025 7
 Security Policies, Services, and Mechanisms
• Security Policies: A set of rules and procedures that
define how an organization protects its systems and data.
– Example: A company policy requires employees to change
their passwords every 90 days.
• Security Services: Tools or processes that enforce
security policies.
– Example: Encryption services protect sensitive data during
transmission.
• Security Mechanisms: Specific techniques or
technologies used to implement security services.
– Example: Using AES (Advanced Encryption Standard) to
encrypt data.
03/05/2025 8
 Prevention, Detection, and Recovery
• These are the three main strategies for managing security
incidents.
– Prevention: Measures taken to stop security incidents
before they occur.
• Example: Installing a firewall to block unauthorized access
to a network.
– Detection: Identifying security incidents as they happen or
after they occur.
• Example: Using an Intrusion Detection System (IDS) to
monitor network traffic for suspicious activity.
– Recovery: Restoring systems and data after a security
incident.
• Example: Restoring data from backups after a ransomware
03/05/2025 attack. 9
• Examples and Scenarios
– Scenario for Prevention: A company uses multi-factor
authentication (MFA) to prevent unauthorized access to its
systems.
– Scenario for Detection: An IDS alerts the IT team when it
detects unusual login attempts from a foreign IP address.
– Scenario for Recovery: After a malware attack, a
company restores its systems using backups and patches
the vulnerability that was exploited.

03/05/2025 10
 Discussion Questions
1. Why is the CIA triad important?
2. What is the difference between a threat and a
vulnerability?
3. How do security mechanisms help prevent security
breaches?

03/05/2025 11