Makindo Medical Notes.com

Overview of Computer Security

Computer security, also known as cybersecurity, involves protecting computer systems, networks, and data from theft, damage, and unauthorized access. It encompasses various technologies, processes, and practices designed to safeguard information and ensure the integrity, confidentiality, and availability of data.

Key Concepts in Computer Security

• Confidentiality:
  • Ensures that sensitive information is accessible only to authorized users.
  • Protects data from unauthorized disclosure.
• Integrity:
  • Maintains the accuracy and consistency of data over its entire lifecycle.
  • Prevents unauthorized modifications to data.
• Availability:
  • Ensures that information and resources are accessible to authorized users when needed.
  • Prevents disruptions to services and data access.
• Authentication:
  • Verifies the identity of users, devices, and systems before granting access.
  • Ensures that only legitimate users can access resources.
• Authorization:
  • Determines what an authenticated user is allowed to do.
  • Grants permissions based on user roles and privileges.
• Non-repudiation:
  • Ensures that a party in a communication cannot deny the authenticity of their signature on a document or a message they sent.
  • Provides proof of origin and integrity of data.

Types of Threats

• Malware:
  • Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems.
  • Includes viruses, worms, trojans, ransomware, spyware, and adware.
• Phishing:
  • Attempts to obtain sensitive information by disguising as a trustworthy entity in electronic communications.
  • Commonly involves emails or messages that appear to be from legitimate sources.
• Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks:
  • Attempts to make a computer or network resource unavailable to its intended users by overwhelming it with a flood of illegitimate requests.
  • DDoS attacks use multiple compromised systems to launch the attack.
• Man-in-the-Middle (MitM) Attacks:
  • Attackers intercept and possibly alter communication between two parties without their knowledge.
  • Often used to steal information or inject malicious content.
• Zero-Day Exploits:
  • Attacks that exploit previously unknown vulnerabilities in software or hardware.
  • Pose significant risks because there are no existing defenses or patches available.
• Social Engineering:
  • Manipulating individuals into divulging confidential information or performing actions that compromise security.
  • Includes techniques like pretexting, baiting, and tailgating.

Security Measures

• Firewalls:
  • Hardware or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
  • Acts as a barrier between a trusted internal network and untrusted external networks.
• Antivirus and Anti-Malware Software:
  • Detects, prevents, and removes malicious software from computer systems.
  • Provides real-time protection and regular system scans.
• Encryption:
  • Converts data into a coded format to prevent unauthorized access.
  • Ensures data confidentiality and integrity during storage and transmission.
• Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS):
  • Monitor network traffic for suspicious activity and alert administrators (IDS).
  • Actively block or prevent detected threats (IPS).
• Multi-Factor Authentication (MFA):
  • Requires multiple forms of verification (e.g., password, fingerprint, security token) before granting access.
  • Enhances security by combining something you know, something you have, and something you are.
• Security Patches and Updates:
  • Regularly updating software and operating systems to fix vulnerabilities and improve security.
  • Critical for protecting systems against known threats and exploits.

Network Security

• Virtual Private Networks (VPNs):
  • Create secure connections over public networks by encrypting data traffic.
  • Ensure privacy and protect data from eavesdropping and interception.
• Network Segmentation:
  • Divides a network into smaller segments to limit the spread of attacks and improve security management.
  • Controls access to sensitive data and critical systems.
• Access Control Lists (ACLs):
  • Define rules for allowing or denying traffic to specific network resources.
  • Used to enforce security policies and control network access.

Data Security

• Data Loss Prevention (DLP):
  • Monitors and protects data from unauthorized access, use, and transmission.
  • Prevents sensitive data from being leaked or stolen.
• Backup and Recovery:
  • Regularly backing up data to secure locations to ensure recovery in case of data loss or corruption.
  • Critical for business continuity and disaster recovery planning.

User Education and Awareness

• Security Training:
  • Educating users about security best practices and common threats.
  • Reduces the risk of human error and social engineering attacks.
• Strong Password Policies:
  • Encouraging the use of strong, unique passwords for different accounts.
  • Implementing regular password changes and using password managers.

Summary

Computer security is a critical aspect of modern computing, aiming to protect systems, networks, and data from threats and attacks. Key concepts include confidentiality, integrity, and availability, while common threats range from malware to social engineering. Security measures such as firewalls, encryption, IDS/IPS, and user education are essential for safeguarding information and maintaining system integrity.