This document defines network and information security and discusses various threats. It defines security as protecting systems, hardware, information and data. It outlines the principles of confidentiality, integrity and availability. It describes passive attacks like traffic analysis and active attacks like masquerading, replay and denial of service. It discusses vulnerabilities like malicious software, trap doors, logic bombs, Trojan horses, viruses and worms. It provides details on each of these threats and ways to prevent infections from malicious software.