UNIT_1_-_Introduction_to_Cyber_Security_Updated.pptx

VISHNU PRIYA | CYBER SECURITY ESSENTIALS | BCA 1
UNIT 1: INTRODUCTION TO CYBER SECURITY
Prof.Vishnu Priya P M
Dept of Computer Science

UNIT 1 – INTRODUCTIONTO CYBER SECURITY
 Overview of Cyber Security, Internet Governance – Challenges and Constraints,
Cyber Threats: - Cyber Warfare-Cyber Crime-Cyber Terrorism-Cyber Espionage,
Need for a Comprehensive Cyber Security Policy, Need for a Nodal Authority, Need
for an International convention on Cyberspace- overview of information security-CIA
Triad.

WHAT IS CYBER SECURITY?
 Cyber or Computer Security is the protection of computing systems and the data that
these systems store or access.
 These systems include:
PC’s
Laptops
Smart Phones
Mobile Devices
Printers

WHY IS COMPUTER SECURITY IMPORTANT?
Computer Security allows the City of Albuquerque to carry out its mission by:
 Enabling staff to carry out their jobs,
 Decreases the threat of current and future vulnerabilities
 Supporting critical business processes
 Protecting personal and sensitive information

WHY DO I NEED TO KNOW ABOUT CYBER SECURITY?
 It is estimated that 10% of security safeguards are technical in nature. Firewalls
and Intrusion Detection devices are a few devices that can help prevent approximately
10% of security threats.
 The additional 90% of safeguards rely on each of us. By understanding and adhering to
these safeguards, we can reduce or eliminate most cyber security threats.
 Example: Locking your car doors is the 10%. Making sure nothing of value is left on
the seat, windows are rolled up and parking in a safe area account for the remaining
90%.

THE CIA OF CYBER SECURITY
There are many reasons why you should protect the information you use
on your computer.
Confidential: Ensuring that your information remains confidential and only those who
should access that information, can
Integrity: Knowing that no one has been able to change your information, so you can depend
on its accuracy (information integrity)
Availability: Making sure that your information is available when you need it (by making
back-up copies and, if appropriate, storing the back-up copies off-site)

WHAT DOESTHIS MEAN TO ME?
This means that everyone who uses a computer or mobile device needs to
understand how to keep their computer, device and data secure.
Information Technology Security is Everyone’s responsibility

QUESTIONS MODULE 1:
INTRODUCTION TO CYBER SECURITY
Question #1: Computer Security allows us to:
A. Enable staff to carry out their jobs,
B. Decrease the threat of current and future vulnerabilities
C. Support critical business processes
D. Protect personal and sensitive information
E. All of the above

QUESTIONS MODULE 1:
Question #1: Computer Security allows us to:
The Answer is E, All of the above
Computer Security allow us to:
A. Enable staff to carry out their jobs,
B. Decrease the threat of current and future vulnerabilities
C. Support critical business processes
D. Protect personal and sensitive information
E. All of the above

QUESTIONS MODULE 1:
Question #2: The Integrity of information means:
A. Ensuring that your information remains confidential and only those who
should access that information, can
B. Knowing that no one has been able to change your information, so you
can depend on its accuracy.
C. Making sure that your information is available when you need it (by
making back-up copies and, if appropriate, storing the back-up copies
off-site)

QUESTIONS MODULE 1:
The answer is B. Knowing that your information has not been changed.
Confidential: Ensuring that your information remains confidential and
only those who should access that information, can
Integrity: Knowing that no one has been able to change your information, so
you can depend on its accuracy.
Availability: Making sure that your information is available when you need
it (by making back-up copies and, if appropriate, storing the back-up copies off-
site)

THIS CONCLUDES MODULE 1: INTRODUCTIONTO CYBER
SECURITY
Continue on to module 2: Sensitive Data
Module 2 will provide information on Personal Identifiable
Information or PII and best practices in protecting this data
from theft.

• Cybersecurity is the protection to defend internet-connected devices and services from
malicious attacks by hackers, spammers, and cybercriminals. The practice is used by
companies to protect against phishing schemes, ransomware attacks, identity theft, data
breaches, and financial losses.
• Look around today's world, and you'll see that daily life is more dependent on technology
than ever before. The benefits of this trend range from near-instant access to information
on the Internet to the modern conveniences provided by smart home automation
technology and concepts like the Internet of Things.

• With so much good coming from technology, it can be hard to believe that potential
threats lurk behind every device and platform. Yet, despite society's rosy perception of
modern advances, cyber security threats presented by modern tech are a real danger.
• A steady rise in cybercrime highlights the flaws in devices and services we've come to
depend on. This concern forces us to ask what cyber security is, why it's essential, and
what to learn about it.
• So, what is cyber security and how serious are cyber security threats these days?

Cyber security is a discipline that covers how to defend devices and services from
electronic attacks by nefarious actors such as hackers, spammers, and cybercriminals.
While some components of cyber security are designed to strike first, most of today's
professionals focus more on determining the best way to defend all assets, from computers
and smartphones to networks and databases, from attacks.
Cyber security has been used as a catch-all term in the media to describe the process of
protection against every form of cybercrime, from identity theft to international digital
weapons. These labels are valid, but they fail to capture the true nature of cyber security
for those without a computer science degree or experience in the digital industry.
WHAT IS CYBER SECURITY

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks.
These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information;
extorting money from users; or interrupting normal business processes.
Cyber security refers to a set of techniques used to protect the integrity of networks, programs, and data
from attack, damage, or unauthorized access.
• The use of cyber security can help prevent cyber attacks, data breaches, and identity theft and can aid in
risk management.
• It aims to reduce the risk of cyber attacks and protect against the unauthorized exploitation of systems,
networks, and technologies.
• Cyber security refers to every aspect of protecting an organization and its employees and assets against
cyber threats.
• As cyber attacks become more common and sophisticated and corporate networks grow more complex,
a variety of cyber security solutions are required to mitigate corporate cyber risk.

• In simple words, Cyber security is the practice of protecting systems, networks, and
programs from digital attacks.
• These cyber-attacks are usually aimed at accessing, changing, or destroying sensitive
information; extorting money from users; or interrupting normal business processes.
• Cyber security is very important for today’s life. Cyber safety provides enhanced
cyberspace security, improves cyber resilience, speeds up cyber, data, & information
protection for businesses it protects individual private information, it protects networks &
resources & tackles computer hackers and theft of identity.

OVERVIEW OF CYBER SECURITY
Cyber security is the practice of protecting systems, networks, and data from digital attacks,
damage, or unauthorized access. It involves a range of technologies, processes, and practices
designed to secure information and infrastructure from cyber threats, such as hacking,
malware, ransomware, phishing, and other forms of cybercrime.
Key Areas of Cyber Security:
Network Security: Protecting the integrity, confidentiality, and availability of information
within a network. This includes securing wireless networks, firewalls, VPNs, and intrusion
detection systems.
Information Security: Safeguarding sensitive data from unauthorized access, breaches, and
theft. Encryption, access controls, and data privacy policies are commonly used.

Application Security: Ensuring that software and applications are secure from vulnerabilities and
threats, especially in web and mobile applications.
Endpoint Security: Protecting devices such as computers, smartphones, and other endpoints from
cyber threats through antivirus, anti-malware, and secure configurations.
Cloud Security: Safeguarding cloud-based infrastructure, platforms, and data storage from
breaches, outages, and targeted attacks.
Operational Security (OpSec): Focusing on the protection of critical processes and ensuring
secure management of operational systems and data.
Identity and Access Management (IAM): Controlling access to information and systems by
ensuring that the right users have appropriate access to resources.
Disaster Recovery & Business Continuity: Planning and implementing measures to recover from
cyber-attacks or disasters and ensure that operations continue with minimal downtime.

EMERGINGTRENDS:
 Zero Trust Architecture: A security model based on the principle of not trusting any
entity inside or outside the network, enforcing strict identity verification and least-
privilege access.
 AI & Machine Learning in Cyber Security: Using AI to identify threats, automate
security processes, and enhance response times to cyber incidents.
 Ransomware Defense: Strategies to defend against increasingly sophisticated
ransomware attacks, which can lock users out of their data until a ransom is paid.

Ransomware attacks are a type of cybercrime where malicious software (malware) encrypts the victim's
data, rendering it inaccessible. The attacker then demands a ransom, typically in cryptocurrency, to provide
the decryption key needed to regain access to the data. These attacks can target individuals, businesses, and
even critical infrastructure, causing significant financial and operational disruption.
How Ransomware Attacks Work:
Infection:Ransomware typically infects a system through phishing emails, malicious attachments,
compromised websites, or exploiting vulnerabilities in software.
Encryption:Once the ransomware is executed, it begins encrypting the victim's files, making them
inaccessible. Some advanced ransomware variants can also spread across networks, affecting multiple
systems.
Ransom Demand: After the files are encrypted, the attacker displays a ransom note on the victim's screen,
demanding payment in exchange for the decryption key. The note usually includes instructions on how to
make the payment, often in cryptocurrency to maintain the attacker’s anonymity.
Payment and (Potential) Decryption: Victims are given a deadline to pay the ransom. Paying the ransom
does not guarantee that the attacker will provide the decryption key, nor does it ensure that the attacker hasn't
installed other forms of malware or backdoors on the system.

 Restoration or Data Loss: If the ransom is paid and the decryption key is provided, the
victim can decrypt their files. However, if the ransom is not paid, the victim may lose
access to their data permanently, unless they have backups.
Types of Ransomware:
 Crypto Ransomware: Encrypts files on the victim's system, requiring a decryption key
to restore access. Locker Ransomware: Locks the victim out of their device entirely,
demanding a ransom to unlock it.
 Double Extortion: In addition to encrypting data, the attacker also exfiltrates it and
threatens to publish it online if the ransom is not paid.

The following are the systems that can be affected by security breaches and
attacks:
Communication: Cyber attackers can use phone calls, emails, text messages, and
messaging apps for cyberattacks.
Finance: This system deals with the risk of financial information like bank and
credit card details. This information is naturally a primary target for cyber
attackers.
Governments: The cybercriminal generally targets government institutions to get
confidential public data or private citizen information.
Transportation: In this system, cybercriminals generally target connected cars,
traffic control systems, and smart road infrastructure.
Healthcare: A cybercriminal targets the healthcare system to get the information
stored at a local clinic to critical care systems at a national hospital.
Education: Cybercriminals target educational institutions to get their confidential
research data and information of students and employees.

INTERNET GOVERNANCE
 It is the development and application by Governments, the private sector and civil
society, in their respective roles, of shared principles, norms, rules, decision-making
procedures, and programmes that shape the evolution and use of the Internet.
 Internet governance refers to the rules, policies, standards, and practices that
coordinate and shape global cyberspace.

INTERNET GOVERNANCE
 The Internet is a vast network of independently-managed networks, woven together by globally
standardized data communication protocols (primarily, Internet Protocol, TCP, UDP, DNS, and BGP).
The common adoption and use of these protocols unified the world of information and communications
like never before. Millions of digital devices and massive amounts of data, software applications, and
electronic services became compatible and interoperable. The Internet created a new environment, a
complex and dynamic "cyberspace."
History: Evolution of Internet governance
 1969 – early 1990’s: Building the Internet – decentralized institutions, cooperative arrangements –
RFCs for standards, Postel’s IANA for names, numbers
 Early 90’s - 2002: Commercialization accelerates – Acceptable use policies – Domain name industry
takes off
 2003 - present: Entry of governments, WSIS, Governments take Internet seriously – WSIS, WGIG,
IGF, National IGFs, Net Mundial

• While Internet connectivity generated innovative new services, capabilities, and unprecedented forms of sharing and
communication, it also created new forms of crime, abuse, surveillance, and social conflict. Internet governance is
the process by which cyberspace participants resolve conflicts over these problems and develop a workable order.
• Internet governance is the complementary development and application by governments, the private sector, civil
society, and the technical community, in their respective roles, of shared principles, norms, rules, decision-making
procedures, and activities that shape the evolution and use of the Internet.
Eight challenges for the future
1.The pace and changing nature of the internet
2.The internet as part of digitalization
3.The concentration of digital power
4.Digital geopolitics (and the environment)
5.Shaping the digital future
6.The future of regulation
7.Multilateralism and multistakeholderism Multilateralism refers to the involvement of multiple countries in global decision-making, while multistakeholderism includes not just governments but also private companies, civil society, and individuals in shaping digital policy. Both approaches are critical for creating inclusive and effective governance of the internet.
8.Participation in decision-making

INTERNET GOVERNANCE – CHALLENGES AND CONSTRAINTS:
 Internet governance refers to the mechanisms, policies, and principles that guide the
use and development of the Internet.
 It involves various stakeholders, including governments, private sector entities,
technical experts, and civil society, working together to ensure the effective
functioning, security, and accessibility of the global network. However, managing the
complexities of the Internet comes with challenges and constraints.

Challenges and Constraints:
 It involves various stakeholders, including governments, private sector entities, technical experts,
and civil society, working together to ensure the effective functioning, security, and accessibility
of the global network. However, managing the complexities of the Internet comes with
challenges and constraints.
1. Global Nature: The Internet operates globally, making it challenging to establish universally
accepted rules and regulations that cater to the diverse needs and legal frameworks of different
countries.
2. Cybersecurity Threats: The increasing frequency and sophistication of cyber threats pose a
significant challenge to Internet governance. Addressing issues such as hacking, data breaches,
and cyber attacks requires international cooperation.

3. Privacy Concerns: Balancing the need for security with individuals' right to privacy
is a constant challenge. Issues such as data collection, surveillance, and the protection of
personal information create tensions in Internet governance discussions.
4. Content Regulation: Determining what content is acceptable or legal on the Internet
is a complex task, with different countries and cultures having varying perspectives on
issues such as hate speech, misinformation, and online extremism.
5. Digital Divide: The uneven distribution of Internet access and resources globally
creates a digital divide. Bridging this gap and ensuring equal access for all is a persistent
challenge.

6. Intellectual Property: Protecting intellectual property rights while fostering
innovation is a delicate balance. Disputes over copyright infringement, patent issues,
and digital piracy contribute to the challenges in Internet governance.
7. Net Neutrality: The concept of net neutrality, which advocates for equal treatment of
all Internet traffic, faces challenges as some entities seek to prioritize or throttle certain
types of content or services.
8. Fragmentation: Divergent regulations and policies among countries can lead to the
fragmentation of the Internet. This may hinder the seamless flow of information and
services across borders.

9. Emerging Technologies: Rapid advancements in technologies such as artificial
intelligence, blockchain, and the Internet of Things present new governance
challenges, including ethical considerations and potential risks.
10. Lack of Universal Standards: The absence of universally agreed-upon
standards for various aspects of the Internet, including protocols, cybersecurity
measures, and data governance, poses challenges to creating a cohesive global
framework.

CYBER THREATS:
1. Cyber Warfare:
 Cyber warfare refers to the use of digital attacks -- like computer viruses and hacking --
by one country to disrupt the vital computer systems of another, with the aim of creating
damage, death and destruction.
 Future wars will see hackers using computer code to attack an enemy's infrastructure,
fighting alongside troops using conventional weapons like guns and missiles.
 Cyber warfare involves the actions by a nation-state or international organization to
attack and attempt to damage another nation's computers or information networks
through, for example, computer viruses or denial-of-service attacks.

What Is CyberWarfare?
Cyber warfare is usually defined as a cyber attack or series of attacks that target a country. It has the potential to wreak
havoc on government and civilian infrastructure and disrupt critical systems, resulting in damage to the state and even
loss of life.

2. CYBER CRIME
 Cybercrime is any type of illegal activity that takes place via digital means. Data theft is, of
course, one of the most common types of cybercrime, but cybercrime also includes a wide
range of malicious activity as well, such as cyberbullying or planting worms or viruses.
 Cybercrimes are divided into two different categories as follows:
 Those that cause intentional damage
 Those that can cause unintentional damage

2. CYBER CRIME
 A cybercrime is a criminal act in which someone targets a computer or a network of devices
in order to gain illegal rights, steal data from them, frauds etc. This type of crime is carried
out using technology which primarily takes place online.
 Some cybercrime even include the following:
 Harassment
 Cyber-stalking
 Bullying
 Cybercrime or a computer-oriented crime is a crime that includes a computer and a
network.
 The computer may have been used in the execution of a crime or it may be the target.

 Cybercrime is the use of a computer as a weapon for committing crimes such as
committing fraud, identity theft, or breaching privacy.
 Cybercrime, especially through the Internet, has grown in importance as the computer
has become central to every field like commerce, entertainment, and government.
 Cybercrime may endanger a person or a nation’s security and financial health.
 Cybercrime encloses a wide range of activities, but these can generally be divided into
two categories:
• Crimes that aim at computer networks or devices. These types of crimes involve
different threats (like viruses, bugs, etc.) and denial-of-service (DoS) attacks.
• Crimes that use computer networks to commit other criminal activities. These types
of crimes include cyberstalking, financial fraud, or identity theft.

Prevention of Cyber Crime:
Below are some points by means of which we can prevent cyber crime:
 Use strong password –Maintain different password and username combinations for each account and resist the
temptation to write them down. Weak passwords can be easily cracked using certain attacking methods like Brute
force attack, Rainbow table attack etc, So make them complex. That means combination of letters, numbers and
special characters.
 Use trusted antivirus in devices –Always use trustworthy and highly advanced antivirus software in mobile and
personal computers. This leads to the prevention of different virus attacks on devices.
 Keep social media private –Always keep your social media accounts data privacy only to your friends. Also make
sure only to make friends who are known to you.
 Keep your device software updated –Whenever you get the updates of the system software update it at the same time
because sometimes the previous version can be easily attacked.
 Use secure network –Public Wi-Fi are vulnerable. Avoid conducting financial or corporate transactions on these
networks.

CYBER THREATS
3. Cyber Terrorism
 Cyber terrorism is the use of the computer and internet to perform violent acts that
result in loss of life.
 This may include different types of activities either by software or hardware for
threatening the life of citizens.
 In general, Cyber terrorism can be defined as an act of terrorism committed through
the use of cyberspace or computer resources.

CYBER THREATS
 Cyber terrorism is the convergence of cyberspace and terrorism. It refers to
unlawful attacks and threats of attacks against computers, networks and the
information stored therein when done to intimidate or coerce a government or its
people in furtherance of political or social objectives.
 Examples are hacking into computer systems, introducing viruses to vulnerable
networks, web site defacing, Denial-of-service attacks, or terroristic threats made via
electronic communication.

4. Cyber Espionage
 Cyber espionage is primarily used as a means to gather sensitive or classified data, trade
secrets, or other forms of IP that can be used by the aggressor to create a competitive
advantage or sold for financial gain.
 In some cases, the breach is simply intended to cause reputational harm to the victim by
exposing private information or questionable business practices.
 Cyber espionage attacks can be motivated by monetary gain; they may also be deployed in
conjunction with military operations or as an act of cyber terrorism or cyber warfare.
 The impact of cyber espionage, particularly when it is part of a broader military or political
campaign, can lead to disruption of public services and infrastructure, as well as loss of life.

4. Cyber Espionage
 Cyber Espionage Targets
 The most common targets of cyber espionage include large corporations, government
agencies, academic institutions, think tanks, or other organizations that possess valuable IP
and technical data that can create a competitive advantage for another organization or
government.
 Targeted campaigns can also be waged against individuals, such as prominent political
leaders and government officials, business executives, and even celebrities.

SECURITY POLICIES:
 Security policies are a formal set of rules which is issued by an organization to ensure
that the user who are authorized to access company technology and information assets
comply with rules and guidelines related to the security of information.
 A security policy also considered to be a "living document" which means that the
document is never finished, but it is continuously updated as requirements of the
technology and employee changes.
 We use security policies to manage our network security. Most types of security
policies are automatically created during the installation. We can also customize
policies to suit our specific environment.

SECURITY POLICIES:
 Need of Security policies-
 1) It increases efficiency.
 2) It upholds discipline and accountability
 3) It can make or break a business deal
 4) It helps to educate employees on security literacy

SECURITY POLICIES:
 There are some important cyber security policies recommendations describe below-
 Virus and Spyware Protection policy:
• It helps to detect threads in files, to detect applications that exhibits suspicious behavior.
• Removes, and repairs the side effects of viruses and security risks by using signatures.
 Firewall Policy:
• It blocks the unauthorized users from accessing the systems and networks that connect to the
Internet.
• It detects the attacks by cybercriminals and removes the unwanted sources of network
traffic.

SECURITY POLICIES:
 Intrusion Prevention policy:
• This policy automatically detects and blocks the network attacks and browser attacks.
• It also protects applications from vulnerabilities and checks the contents of one or
more data packages and detects malware which is coming through legal ways.
 Application and Device Control:
• This policy protects a system's resources from applications and manages the
peripheral devices that can attach to a system.
• The device control policy applies to both Windows and Mac computers whereas
application control policy can be applied only to Windows clients.

50
NEED FOR A COMPREHENSIVE CYBER SECURITY POLICY
 A comprehensive cyber security policy is crucial for any organization to protect its information
assets and ensure business continuity. It provides a structured approach to managing and
safeguarding sensitive data from cyber threats.
 Key elements include:
• Risk Assessment: Identifying and evaluating potential risks and vulnerabilities.
• Access Control: Defining who can access what information and under what circumstances.
• Incident Response: Procedures for responding to and managing security breaches.
• Compliance: Ensuring adherence to relevant laws, regulations, and standards.
• Training: Educating employees about security practices and their roles in maintaining
security.
VISHNU PRIYA | CYBER SECURITY ESSENTIALS | BCA

NEED FOR A NODAL AUTHORITY
 A nodal authority is a central body or individual responsible for overseeing and
coordinating cyber security efforts within an organization or across a sector. Its role
includes:
• Coordination: Ensuring that all cyber security initiatives are aligned and
effectively managed.
• Policy Development: Creating and updating cyber security policies and procedures.
• Incident Management: Leading responses to security incidents and breaches.
• Compliance Oversight: Monitoring compliance with laws and regulations.
• Awareness and Training: Promoting security awareness and providing training.

CYBERSPACE:
 A global domain within the information environment consisting of the interdependent network of
information technology systems infrastructures including the Internet, telecommunications networks,
computer systems, and embedded processors and controllers.
 Cyberspace is "the environment in which communication over computer networks occurs."
 Cyberspace is the global domain within the information environment consisting of the interdependent
network of information technology infrastructures, including the Internet, telecommunications networks,
computer systems, and embedded processors and controllers. Among many other things, cyberspace
enables users to conduct business, communicate, socialize, connect, exchange ideas, play games,
participate in social forums, and share information. Cyberspace can be viewed as three layers (physical,
logical, and social) made up of five components (geographic, physical network, logical network, cyber
persona, and persona).

NEED FOR AN INTERNATIONAL CONVENTION ON CYBER SPACE
 1. Global Nature of the Internet
 Interconnected World: The internet connects people all over the globe, making cyberspace a shared
environment. Because it's so interconnected, an issue that starts in one country can quickly spread to others.
 International Cybercrime: Cybercrime is a global problem. Hackers can attack from anywhere in the world,
making it difficult for one country to fight cybercrime alone. An international agreement would help
countries work together to catch and punish cybercriminals.
 2. Rising Cyber Threats
 Cyber Attacks: Attacks on computers and networks are becoming more frequent and severe. These attacks
can disrupt services, steal personal data, and cause significant financial damage. An international agreement
could set rules to prevent such attacks and protect everyone's data.
 State-Sponsored Cyber Activities: Some cyber attacks are carried out or supported by governments. These
can target other countries' critical systems, like power grids or communication networks. A global
agreement would help to prevent such actions and promote peace in cyberspace.

NEED FOR AN INTERNATIONAL CONVENTION ON CYBER SPACE
 3. Need for Global Cooperation
 Shared Responsibility: No single country can handle all cyber threats on its own.
By working together, countries can share knowledge, resources, and strategies to
make the internet safer for everyone.
 Common Standards: An international agreement could establish common rules
and standards for cybersecurity, ensuring that all countries follow best practices
and work together to address cyber threats.

NEED FOR AN INTERNATIONAL CONVENTION ON CYBERSPACE
 An international convention on cyberspace would establish a global framework for addressing
cyber security issues. It would help:
• Standardization: Harmonize laws and practices across borders to tackle cyber threats more
effectively.
• Collaboration: Foster international cooperation between governments, organizations, and
other stakeholders.
• Incident Response: Provide mechanisms for joint response to cross-border cyber incidents.
• Legal Framework: Establish common legal standards for cyber crime and data protection.

Overview of Information Security - CIA Triad
The CIA Triad is a fundamental model in information security, consisting of:
•Confidentiality: Ensuring that information is only accessible to those authorized to view it.
Measures include encryption and access controls.
•Integrity: Maintaining the accuracy and completeness of information. This involves preventing
unauthorized changes and ensuring data consistency.
•Availability: Ensuring that information and resources are accessible to authorized users when
needed. This involves implementing backup solutions and disaster recovery plans.

Confidentiality
Confidentiality means that only authorized individuals/systems can view sensitive or classified
information. The data being sent over the network should not be accessed by unauthorized
individuals. The attacker may try to capture the data using different tools available on the Internet
and gain access to your information. A primary way to avoid this is to use encryption techniques to
safeguard your data so that even if the attacker gains access to your data, he/she will not be able to
decrypt it. Encryption standards include AES(Advanced Encryption Standard) and DES (Data
Encryption Standard). Another way to protect your data is through a VPN tunnel. VPN stands for
Virtual Private Network and helps the data to move securely over the network.

Integrity
The next thing to talk about is integrity. Well, the idea here is to make sure that data has not been
modified. Corruption of data is a failure to maintain data integrity. To check if our data has been
modified or not, we make use of a hash function.
We have two common types: SHA (Secure Hash Algorithm) and MD5(Message Direct 5). Now
MD5 is a 128-bit hash and SHA is a 160-bit hash if we’re using SHA-1. There are also other SHA
methods that we could use like SHA-0, SHA-2, and SHA-3.
Let’s assume Host ‘A’ wants to send data to Host ‘B’ to maintain integrity. A hash function will run
over the data and produce an arbitrary hash value H1 which is then attached to the data. When Host
‘B’ receives the packet, it runs the same hash function over the data which gives a hash value
of H2. Now, if H1 = H2, this means that the data’s integrity has been maintained and the contents
were not modified.

Availability
This means that the network should be readily available to its users. This applies to
systems and to data. To ensure availability, the network administrator should maintain
hardware, make regular upgrades, have a plan for fail-over, and prevent bottlenecks in a
network. Attacks such as DoS or DDoS may render a network unavailable as the
resources of the network get exhausted. The impact may be significant to the companies
and users who rely on the network as a business tool. Thus, proper measures should be
taken to prevent such attacks.

UNIT_1_-_Introduction_to_Cyber_Security_Updated.pptx

More Related Content

What's hot

Similar to UNIT_1_-_Introduction_to_Cyber_Security_Updated.pptx

More from vishnupriyapm4

Recently uploaded

UNIT_1_-_Introduction_to_Cyber_Security_Updated.pptx