Presentation

on
Network And Information
Security
(22620)
By

Ms.Pritee H. Raut
(Assistance Professor)

COMPUTER ENGINEERING DEPARTMENT

G. H. RAISONI POLYTECHNIC,NAGPUR
 UNIT-1

Introduction To Computer And Information

Security
(MARKS-14)
 Define Computer Security
 Computer security deals with the prevention and detection of unauthorized
action by user of a computer system.

NEED OF COMPUTER SECURITY

1. To Protect Personal Information

2. To Protect Organization Properties
3. To Prevention From Data Theft
4. To Prevent From Viruses And Malware
 SECURITY BASICS(4m)
 Confidentiality:
The degree of confidentiality determines the secrecy of the information. The principle
specifies that only the sender and receiver will be able to access the information
shared between them. Confidentiality compromises if an unauthorized person is able to
access a message. For example, let us consider sender A wants to share some
confidential information with receiver B and the information gets intercepted by the
attacker C. Now the confidential information is in the hands of an intruder C.
 Authentication:
Authentication is the mechanism to identify the user or system or the entity. It ensures
the identity of the person trying to access the information. The authentication is mostly
secured by using username and password. The authorized person whose identity is
preregistered can prove his/her identity and can access the sensitive information.
 Integrity:
Integrity gives the assurance that the information received is exact and accurate. If the
content of the message is changed after the sender sends it but before reaching the
intended receiver, then it is said that the integrity of the message is lost.
 Non-Repudiation:
Non-repudiation is a mechanism that prevents the denial of the message content sent
through a network. In some cases the sender sends the message and later denies it. But the
non-repudiation does not allow the sender to refuse the receiver.

 Availability:
The principle of availability states that the resources will be available to authorize party at
all times. Information will not be useful if it is not available to be accessed. Systems should
have sufficient availability of information to satisfy the user request.
 Risk And Thread Analysis
What’s an asset?

 An asset is any data, device or other component of the environment

that is valuable, because it contains sensitive data or can be used to
access information.
For example, an employee’s desktop computer, laptop or company phone
would be considered an asset.
 What’s a threat?(2m)
A threat is any incident that could negatively affect an asset.
OR
A threat is a negative event or action that can impact a computer system or application.
Threats can be intentional or accidental

There are three main types of threats:

1. Natural threats, such as floods, hurricanes, or tornadoes
2. Unintentional threats, like an employee mistakenly accessing the wrong
information
3. Intentional threats, such as spyware, malware, adware companies.
 What’s a vulnerability?(2m)
 A vulnerability is a weakness that can be exploited by cybercriminals to gain
unauthorized access to a computer system.
 These weaknesses, known as bugs, can be used by criminal hackers to access to
sensitive information.

Examples of Vulnerabilities
 A weakness in a firewall that can lead to malicious hackers getting into a computer
network
 Lack of security cameras
What is risk?(2m)
Risk is defined as the potential for loss or damage when a threat exploits a
vulnerability. Examples of risk include:
 Financial losses
 Loss of privacy
 Damage to your reputation
 Legal implications
 Even loss of life
Risk can also be defined as:

Risk = Threat x Vulnerability

 countermeasure

 In computer security a countermeasure is an action, device, procedure, or technique

that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by
minimizing the harm it can cause, or by discovering and reporting it so that corrective
action can be taken.
 What is viruse?

 A virus is a computer code or program, which is capable of affecting your computer

data badly by corrupting or destroying them.

 Computer virus has the tendency to make its duplicate copies , and also spread it
across every folder and damage the data of your computer system.

 A computer virus is actually a malicious software program or "malware" that, when

infecting your system, replicates itself by modifying other computer programs and
inserting its own code.
 Types of Virus
1. Boot Sector Virus
2. Parasitic Virus
3. Memory Resident Virus
4. Nom-Resident Virus
5. Stealth virus
6. Micro virus
7. Polymorphic Virus
8. Companion virus
9. Email virus
10. Metamorphic virus
11. Overwrite Virus
Boot Sector Viruses

This type of viruses has ability to hide in boot sector. The viruses will load
into memory when there is booting system and trying to read from hard
disk. Boot sector viruses are more spread since old time when floppy disk
was popular. But now we hardly seen them since many of them only can
spread through floppy disk.

Companion Viruse
Companion Viruses is create a new program instead of modifying an
existing file

Macro Virus
These viruses are not executable, it affect Microsoft word like documents.
They can spread through email.
Parasitic Virus

it attached itself to executable code and replicates itself. When the infected code is
executed, it will find other executable code or program to infect

Resident Viruses
Resident Viruses or known as Memory Resident Viruses is malicious module. The viruses can replicate
module and installing malicious code into computer memory (RAM). The viruses are commonly
classified into two main categories: Fast Infectors and Slow Infectors.
Nonresident Viruses
This type of virus executes itself and terminated or destroyed after specific time

Polymorphic Viruses:
Polymorphic Virus is similar to encrypted viruses; polymorphic viruses encrypt their codes and use
different encryption keys every time. Some polymorphic viruses are hardly to detect by antivirus
software using virus signature based, because it do not remain any identical after replication.
A particularly infamous polymorphic backdoor trojan – the Storm Worm discovered in 2007 – could
alter its identity every 10 to 30 minutes. The speed of the change made it a headache for cyber-
security experts trying to stamp out the threat.
Example: Pseudonym, 1260
 Stealth Viruses

Stealth Viruses is some sort of viruses which has ability to hide itself from some
antivirus software programs. Therefore, some antivirus program cannot detect them.

Metamorphic virus
This type of virus keeps rewrite itself every time . It may change their behavior as well as
appearance code.

Email virus
Virus gets executed when email attachment is open by recipient . Virus sends itself to everyone on
the mailing list of sender

Overwriting Virus
an overwrite virus is a computer virus that overwrites a file with its own code, helping spread the
virus to other files and computers. An overwrite virus deletes user data - documents, pictures,
videos etc ..in such a way that they cannot be recovered.
 Phases of virus/Lifecycle
 What(6m)
are typical phases of operation of a virus or worm?
 Dormant phase: The virus is idle. but during this stage, the virus does not take any
action. The virus will eventually be activated by some event
 Propagation stage: The virus places an identical copy of itself into other programs or
into certain system areas on the disk. Each infected program will now contain a clone of
the virus, which will itself enter a propagation phase.
 Triggering phase: The virus is activated to perform the function for which it was
intended. condition may be a particular date, time, size on disk exceeding a
threshold, or opening a specific file.

 Execution phase: The function is performed . It can be destructive such as deleting

files on disk, crashing the system, or corrupting files.
 What is worm
 A computer worm is a type of malware that spreads copies of itself from
computer to computer. A worm can replicate itself without any human
interaction, and it does not need to attach itself to a software program in order to
cause damage
 It usually doesn’t target files on an individual computer. Instead, it takes on
entire networks in an attempt to create large botnets.
 A worm makes multiple copies of itself which then spread across the network or
through an internet connection. These copies will infect any inadequately
protected computers and servers that connect—via the network or internet
 virus
A Virus is a malicious executable code
attached to another executable file
which can be harmful or can modify or
delete data.
The main objective of virus is to modify
the information.
It needs human action to replicate..
It is more harmful.
Antivirus software are used for
protection against viruses.
Its spreading speed is slower as
compared.
Worms
A Worm is a form of malware that
replicates itself and can spread to
different computers via Network.
The main objective of worms to eat the
system resources.
It does not needs human action to
replicate.
It is less harmful as compared.
Worms can be detected and removed by
the Antivirus and firewall.
Its spreading speed is faster
 What is Trojan Horse
 Trojan horse is a malware that hides itself within another program like
games or documents and harms the system. As it is masked within another
program that appears harmless, the user is not aware of the threat.
 After it executes, this allows cyber criminals to perform many actions on the
user’s computer like deleting data from files, modifying data from files, and
more.

 Trojans can be found in MP3 songs that the user may have downloaded, or
downloading games from an unsecured website, or the advertisement that
pops up when the user is browsing the page.
Some features of the Trojan horse are as follows :
 It steals information like a password and more.
 It can be used to allow remote access to a computer.
 It can be used to delete data and more on the user’s computers.
How to prevent this virus:

The most basic prevention method: –

• Do not download anything like the images, audios from an unsecured website.
• Do not click on the ads that pop up on the page with some advertisements for online games.
• Do not open any attachment that has been sent from an unknown use.

The most common method:

The user has to install the anti-virus program. This anti-virus program has the capacity to detect
those files which are affected by a virus.
Intruders: (4m)
An Intruder is a person who attempts to gain unauthorized access to a system, to damage that system, or to
disturb data on that system. In summary, this person attempts to violate Security by interfering with system
Availability, data Integrity or data Confidentiality.

Three main classes of intruders:

i. Masquerader:

An individual who is not authorized to use the computer and who penetrates a system’s access controls to
exploit a legitimate user’s account

ii. Misfeasor:

A legitimate user who accesses data, programs, or resources for which such access is not authorized, or who is
authorized for such access but misuses his or her privileges
LegitImate user with no permission to access permission

iii. Clandestine user:

They try to steal and use the credentials of their supervisor

The masquerader is likely to be an outsider; the misfeasor generally is an insider; and

the clandestine user can be either an outsider or an insider.
Insiders :(4m)

An Insider threat is a malicious threat to an organization that comes from people within
the organization, such as employees, former employees, contractors or business
associates, who have inside information concerning the organization's security practices,
data and computer systems.

For example, a software engineer might have database access to customer information
and will steal it to sell to a competitor. This activity would be difficult to detect since the
software engineer has legitimate access to the database.
Types of Attack(4 or
6m)
Active attacks:

An Active attack attempts to alter system resources or effect their operations. Active
attack involve some modification of the data stream or creation of false statement.

Types of active attack

1. Masquerade
2. Modification of messages
3. Repudiation
4. Replay
5. DOS
 Masquerade –
 Masquerade attack takes place when one entity pretends to be different
entity. A Masquerade attack involves one of the other form of active
attacks.
 Modification of messages
It means that some portion of a message is altered or that message is
delayed or reordered to produce an unauthorised effect. For example, a
message meaning “Allow JOHN to read confidential file X” is modified as
“Allow Smith to read confidential file X”.
 Repudiation
 This attack is done by either sender or receiver. The sender or receiver
can deny later that he/she has send or receive a message. For example,
customer ask his Bank “To transfer an amount to someone” and later on
the sender(customer) deny that he had made such a request. This is
repudiation.
 Replay
 It involves the passive capture of a message and its subsequent the
transmission to produce an authorized effect. Replay Attack is a type of
security attack to the data sent over a network.
In this attack, the hacker or any person with unauthorized access,
captures the traffic and sends communication to its original
destination, acting as the original sender. The receiver feels that it is an
authenticated message but it is actually the message sent by the
attacker. The main feature of the Replay Attack is that the client would
receive the message twice, hence the name, Replay Attack.
Example:-

Suppose Alice wants to request Bob to transfer $100 from his account to
hers. Alice will send an authentic message to Bob to make this request.
Since Bob trusts Alice, he transfers her the amount. Unfortunately, Alice’s
initial transfer request was intercepted by an attacker who resends the
message to Bob. Bob sees a message he thinks is from Alice, so he again
transfers the required amount. However, this time the money is transferred
to the attacker instead of Alice. This is one example of how replay attacks
can be used to meet an attacker’s malicious intent.
 Denial of Service
 It prevents normal use of communication facilities. This attack may
have a specific target. For example, an entity may suppress all
messages directed to a particular destination. Another form of service
denial is the disruption of an entire network by disabling the network or
by overloading it by messages so as to degrade performance.
Passive attacks:
A Passive attack are those, where attacker aims to obtain information that is in
transit. In passive attack, attacker does not involve any modification to the content
of original message. So, passive attack are4 hard to detect

Passive Attacks are in the nature of eavesdropping on or monitoring of transmission.

The goal of the opponent is to obtain information is being transmitted.

Types of Passive

1. The release of message content

2. Traffic analysis
 The release of message

content
Telephonic conversation, an electronic mail message or a transferred
file may contain sensitive or confidential information. We would like to
prevent an opponent from learning the contents of these
transmissions.
Traffic analysis
 Suppose that we had a way of masking (encryption) of information, so
that the attacker even if captured the message could not extract any
information from the message.
 The opponent could determine the location and identity of
communicating host and could observe the frequency and length of
messages being exchanged. This information might be useful in
guessing the nature of the communication that was taking place.
 DOS(Denial of Service)(4m)
 DOS is an attack used to deny legitimate users access to a resource such as
accessing a website, network, emails, etc. or making it extremely slow.
 DoS is the Denial of Service. This type of attack is usually implemented by hitting
the target resource such as a web server with too many requests at the same time.
This results in the server failing to respond to all the requests. The effect of this can
either be crashing the servers or slowing them down.
 Cutting off some business from the internet can lead to significant loss of business or
money. The internet and computer networks power a lot of businesses. Some
organizations such as payment gateways, e-commerce sites entirely depend on the
internet to do business.
 Popular flood attacks include:
1. Buffer overflow attacks – the most common DoS attack. The concept is to
send more traffic to a network address than the programmers have built the
system to handle.

2. SYN flood – sends a request to connect to a server, but never completes the
handshake. Continues until all open ports are saturated with requests and
none are available for legitimate users to connect to.
Distributed Denial of Service (DDoS)
(4m)
 A Distributed Denial of Service (DDoS) attack is an attempt to
make an online service or a website unavailable by overloading it
with huge floods of traffic generated from multiple sources.
 Unlike a Denial of Service (DoS) attack, in which one computer
and one Internet connection is used to flood a targeted resource
with packets, a DDoS attack uses many computers and many
Internet connections, often distributed globally in what is referred
to as a botnet.
What are Botnets?
Attackers build a network of hacked machines which are known as botnets,
by spreading malicious piece of code through emails, websites, and social
media. Once these computers are infected, they can be controlled
remotely, without their owners' knowledge, and used like an army to launch
an attack against any target.
 Backdoors and
Trapdoors(4m)
 Backdoor is a term that refers to the access of the software or hardware of a computer
system without being detected. The backdoor can be created by the developer themselves
so that they can quickly and easily make changes to the code without the need to log in to
the system.
 A back door in an operating system would provide access to all system functions in the
computer.
 However, backdoors can be used by hackers in cyberattacks to steal personal information
and data.

 A backdoor attack is a type of malware that gives cybercriminals unauthorized access to a

website. Cybercriminals install the malware through unsecured points of entry, such as
outdated plug-ins or input fields. Once they enter through the back door, they have access
to all your company’s data, including customers’ personal identifiable information (PII).

 As the name suggests, a backdoor attack is stealthy, and cybercriminals often slip in
undetected.
 Sniffing(2m or 4m)

 Sniffing is the process of monitoring and capturing all the packets

passing through a given network using sniffing tools. It is a form
of “tapping phone wires” and get to know about the
conversation. It is also called wiretapping applied to the
computer networks.
 Data packets captured from a network are used to extract and
steal sensitive information such as passwords, usernames, credit
card information, etc. Attackers install these sniffers in the
system in the form of software or hardware. There are different
types of sniffing tools used and they include Wireshark,
Ettercap, BetterCAP, Tcpdump, WinDump, etc.
How to Prevent Sniffing Attacks
Untrusted networks: users should avoid connecting to unsecured networks, which
includes free public Wi-Fi. These unsecured networks are dangerous since an attacker can
deploy a packet sniffer that can sniff the entire network. Another way an attacker can sniff
network traffic is by creating their own fake–free public Wi-Fi.

Encryption: Encryption is the process of converting plaintext into cipher text in order to
protect the message from attackers. Before leaving the network, the information should be
encrypted to protect it from hackers who sniff into networks. This is achieved through the
use of a virtual private network (VPN).

Network scanning and monitoring: Network administrators should scan and monitor
their networks to detect any suspicious traffic. This can be achieved by
bandwidth monitoring or device auditing.
 Spoofing (6M)
 when someone or something pretends to be something else in an attempt to gain our
confidence, get access to our systems, steal data, steal money, or spread malware.
 Spoofing is a type of attack on computer device in which the attacker tries to steal the
identity of the legitimate user and act as another person. This kind of attack is done to
breach the security of the system or to steal the information of the users.

 Example:
 Hackers normally change their IP addresses to hack a website so that the hacker can’t be
traced.

Types of spoofing attacks (4m)

 Email spoofing
 Caller ID spoofing
 IP spoofing
 Website spoofing
 Text message spoofing
Different ways of spoofing are:

Email Spoofing: Email spoofing occurs when an attacker uses an email

message to trick a recipient into thinking it came from a known and/or trusted
source. These emails may include links to malicious websites or attachments
infected with malware, or they may use social engineering to convince the
recipient to freely disclose sensitive information.

Caller ID Spoofing: With caller ID spoofing, attackers can make it appear as

if their phone calls are coming from a specific number either one that is known
and/or trusted to the recipient, or one that indicates a specific geographic
location. Attackers can then use social engineering often posing as someone
from a bank or customer support to convince their targets to, over the phone,
provide sensitive information such as passwords, account information, social
security numbers, and more.

Website Spoofing: Website spoofing refers to when a website is designed to mimic an existing
site known and/or trusted by the user. Attackers use these sites to gain login and other personal
information from users.
IP Spoofing: Attackers may use IP (Internet Protocol) spoofing to disguise a
computer IP address, thereby hiding the identity of the sender or impersonating
another computer system. One purpose of IP address spoofing is to gain access
to a networks that authenticate users based on IP addresses.

ARP Spoofing: Address Resolution Protocol (ARP) is a protocol that resolves

IP addresses to Media Access Control (MAC) addresses for transmitting data.
ARP spoofing is used to link an attacker’s MAC to a legitimate network IP
address so the attacker can receive data meant for the owner associated with
that IP address. ARP spoofing is commonly used to steal or modify data but can
also be used in denial-of-service and man-in-the-middle attacks or in session
hijacking.

DNS Server Spoofing: DNS (Domain Name System) servers resolve URLs
and email addresses to corresponding IP addresses. DNS spoofing allows
attackers to divert traffic to a different IP address, leading victims to sites that
spread malware.
b Explain in brief IT
How to protect against spoofing attacks

 Never click on an unfamiliar link or download an attachment

 Turn on your spam filter to stop the majority of spoofing emails
 Ensure your firewalls are setup
 Only visit sites with a proper SSL certificate
 Never give out your personal information online
Man in the Middle (MITM)
Attack
A man-in-the-middle attack , generally occure when attackers are able to
place themselves in the middle of two other hosts that are communicating
in order to view and modify the traffic.
 For example, a fake banking website may be used to capture financial login
information. The fake site is “in the middle” between the user and the
actual bank website.
 Replay
 Replay attacks are the network attacks in which an attacker spies the
conversation between the sender and receiver and takes the
authenticated information e.g. sharing key and then contact to the
receiver with that key. In Replay attack the attacker gives the proof of
his identity and authenticity.

Example:

Suppose in the communication of two parties A and B; A is sharing his

key to B to prove his identity but in the meanwhile Attacker C eavesdrop
the conversation between them and keeps the information which are
needed to prove his identity to B. Later C contacts to B and prove its
authenticity.
Example
The figure above shows the overview of a replay attack. Let’s look at an example to
understand the attack better.

Suppose Alice wants to request Bob to transfer $100 from his account to hers. Alice will
send an authentic message to Bob to make this request. Since Bob trusts Alice, he transfers
her the amount. Unfortunately, Alice’s initial transfer request was intercepted by an
attacker who resends the message to Bob. Bob sees a message he thinks is from Alice, so
he again transfers the required amount. However, this time the money is transferred to the
attacker instead of Alice. This is one example of how replay attacks can be used to meet an
attacker’s malicious intent.
 TCP/IP
Hijacking(4M)
 TCP/IP Hijacking is when an authorized user gains access to a genuine network connection
of another user. It is done in order to bypass the password authentication which is
normally the start of a session.

Example
 An attacker monitors the data transmission over a network and discovers the IP’s of two
devices that participate in a connection.
 When the hacker discovers the IP of one of the users, he can put down the connection of
the other user by DoS attack and then resume communication by spoofing the IP of the
disconnected user.
TCP/IP hijacking is a type of man-in-the-middle attack. The intruder can determine the IP
addresses of the two session participants, make one of them inaccessible using a DoS
attack, and connect to the other by spoofing the network ID of the former.

IP Spoofing: IP spoofing is a technique which is used to gain unauthorized access to

computers where the intruder sends a message to a computer with an Ip address
indicating that the message is coming from a trusted host.
 Operating System
 Security
Hotfix – A work-around or solution to customer-reported issues. Trend Micro develops and releases hot fixes to
specific customers only. Typically, hotfixes are made to address a specific customer situation and may not be
distributed outside the customer organization.
Hotfixes can also solve many of the same issues as a patch, but it is applied to a “hot” system—a live system—to fix an
issue:

1. Immediately
2. Without creating system downtimes or outages.

 Patch - A patch is a program that makes changes to software installed on a computer. Software companies issue
patches to fix bugs in their programs, address security problems, or add functionality.Publicly released update to fix a
known bug/issue

 Service Pack – Large Update that fixes many outstanding issues, normally includes all Patches, Hotfixes,
Maintenance releases that predate the service pack.
A service pack is a collection of updates, fixes and/or enhancements to a software program delivered in the form of a
single installable package. Installing a service pack is easier and less error-prone than installing a high number of
patches individually, even more so when updating multiple computers over a network. Service packs are usually
Information classification (4M)
• Information classification is a process used in information security to categorize data based on
its level of sensitivity and importance. The purpose of classification is to protect sensitive
information by implementing appropriate security controls based on the level of risk
associated with that information.
• Information classification, also known as data classification, is how corporate information is
classified into specific significant categories so that critical data remains protected and safe.
In a business, vast data volumes are handled every day – invoice records, email lists,
customer information, user data, order history, etc. Obviously, all data is not equally
important, and some information will need higher protection than the other.

• They should be saved in different folders, and only individuals of a particular department
should be given access to the files so that they can work with the data. This
ensures information security and easy access to the files as and when needed.
 Information Classification(4m
and6m)
 Public: Information that is not sensitive and can be shared freely with anyone.
 Internal: Information that is sensitive but not critical, and should only be shared within the
organization.
 Confidential: Information that is sensitive and requires protection, and should only be shared with
authorized individuals or groups.
 Secret: Information that is extremely sensitive and requires the highest level of protection, and
should only be shared with a select group of authorized individuals.
 Top Secret: Information that if disclosed would cause exceptionally grave damage to the national
security and access to this information is restricted to a very small number of authorized
individuals with a need-to-know.
Information classification also includes a process of labeling the information with the appropriate
classification level and implementing access controls to ensure that only authorized individuals can
access the information. This is done through the use of security technologies such as firewalls,
intrusion detection systems, and encryption.
Criteria for Information
Classification
(4M

sample)
Value – the most frequently used criteria for classifying information is the value of
data. If the information is so valuable that their loss could create significant
organizational problems, it needs to be classified.
 Age – if the value of certain information declines over time, the classification of the
information may be lowered.
 Useful Life – if the information is available to make desired changes as and when
needed, it can be labeled ‘more useful’.
 Personal Association – information that is linked to specific individuals or is
addressed by privacy law needs to be classified.
 Summer-2024

 Differentiate between viruses and worms(4m)

 Define assets(2m)
 Explain DOS with neat dig.(4m)
 Define the following terms(4m)
(i) Authentication
(ii)Authorization
 Explain any three criteria for classification of information.(6m)
 Winter-2024

 List any four virus categories.(2m)

 Give examples of active and passive attacks(two each) (2m)
 Explain basic principle of information security(4m)
 State the criteria for information classification .explain
information classification.(6m)
 Explain following attack with example(6m)
1. Sniffing
2. Spoofing
3. phishing
 WINTER-
2022
(2M)
 DEFINE COMPUTER SECURITY AND STSTE ITS NEED.
 DESCRIBE SNIFFING ATTACK.
(4M)

 DEFINE RISK.DESCRIBE QUALITATIVE AND QUANTITATIVE RISK

ANALYSIS.
(6M)
 DEFINE VIRUS AND DESCRIBE THE PHASES OF VIRUS.
 EXPLAIN ANT THREE CITERIA FOR CLASSIFICATION OF INFORMATION.
 Summer 2022

{2M}
1.Define :
i. Confidentiality
ii. accountability

3.Differentiate between virus and worms

{4m}
4.define following terms:
I. Operating system
II. Hot fix
III. Patch
IV. Service pack

{6m}

5 Define information. Explain basic principle of information security .

6.Explain DOS with neat diagram
 Summer-
2019 (2m)
1. Explain the term insider and intruder
2. Define virus and logic bomb
(6m)
Explain the term:
i. Assets
ii. Vulnerability
iii. Risks
(8m)
3. Explain man-in-the middle and tcp/ip hacking attack.
 Summer-
2018

(4m)
1. What is computer security and its need.
2. Explain security basics in detail (CIA).
3. Explain the term:
i. Assets
ii. Vulnerability
iii. Risks
iv. Threat

6m)

1. Describe insider and intruder .who is more dangours.