Cyber security detailed ppt and understand

docpain605501 218 views 32 slides Jul 17, 2024
Slide 1
Slide 1 of 32
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30
Slide 31
31
Slide 32
32

About This Presentation

cyber security

Size: 904.85 KB
Language: en
Added: Jul 17, 2024
Slides: 32 pages

Slide Content

Cyber Security Introduction

Index What is cyber security? What is cyber attack? Types of cyber attack Types of cyber security What is Hacking? What is Ethical Hacking? Grey hat hackers?

1. What is Cyber Security? Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It is also known as information technology security or electronic information security. As we know that there are two sides of a coin. Similarly internet also has it’s own disadvantages that is termed as Cyber crime. Hence the crime happened on the internet is known as cybercrime.

2. What is Cyber Attack? A cyber-attack is a deliberate attempt by external or internal threats or attackers to exploit and compromise the confidentiality, integrity and availability of information systems of a target organization or individual(s). Cyber-attackers use illegal methods, tools and approaches to cause damages and disruptions or gain unauthorized access to computers, devices, networks, applications and databases.

3. Types of Cyber Attacks Cyber attacks come in a wide variety and the following list highlights some of important ones that criminals and attackers use to exploit software:- Malware Ransomware Injection attacks(SQL injection, command injection) Man in the middle attacks Phishing Denial of Service Remote code execution Brute force attack

4. Types of Cyber Security There are three main types of cyber security:- Cloud security Network security Application security So, let us discuss them in detail . 1.Cloud security Cloud based data security has become a popular option over the last decade because of its enhanced privacy. 2. Network security Guard our internal network against outside threats by using firewall which increases our network security. 3. Application security We can download antivirus software to save our internal nodes of our network. For example, when we download any malicious file from internet so our antivirus software warns us and detects the thread which can harm our personal computer or any device.

5. What is Hacking? Hacking is an attempt to exploit a computer system or a private network. Simply put, it is the unauthorized access to or control over computer network security systems for some illegal purpose. They can destroy steal or even prevent authorized users from accessing the system. In a hacking survey of Asia the countries like Pakistan & China used to hack Indian government websites, so most of the hackers found in these two countries. These hackers are also known as black hat hackers.

6. What is Ethical Hacking? Ethical Hackers are also known as the “white hat hackers” who do not intend to harm the system or organization but they do so, officially to penetrate and locate the vulnerabilities providing solutions to fix them and ensure safety. Ethical computer hacker or a computer security specializes in penetration testing and other testing methods that ensure the security of an organization’s information systems. Ethical hacking is a term just penetration testing. So, finally a white hat hacker hacks under good intentions with permission and a black hat hacker, who often unauthorizedly has malicious intent. White hat hackers may also work in teams called ‘sneakers’.

7. Grey hat hackers Definition: The grey hat hackers are the combination of the white and black hat hackers. They hack without any malicious intention but for fun. They perform the hacking without any approval form the targeted organization.

What is Malware? Malware (Malicious Software) is any software intentionally designed to cause damage to a computer, server, client, or computer network. By contrast software that causes unintentionally harm due to same deficiency is typically described as a software bug. A wide variety of malware types exist including computer viruses, worms, trojan horses, spyware, adware, rogue software, wiper and scareware. A range of antivirus software, firewalls and other strategies are used to help protect against the introduction of malware to help detect it if it is already present, and to recover from malware associated malicious activity and attacks.

What is Ransomware? Ransomware is a form of malware that encrypts a victim’s files. The attacker then demands a ransom from the victim to restore access to the data upon payment. Users are shown instructions for how to pay a fee to get the decryption key. Ransomware is a type of malicious software cyber-criminals use to block us from accessing our own data. Ransomware attacks are common these days. We should always report a ransomware attack to law enforcement.

Injection attack An injection attack is a malicious code injected in the network which fetched all the information from the database to the attacker. This attack type is considered a major problem in the web security. Using SQL injection a hacker will try to enter a specifically crafted SQL commands into a form field instead of the expected information. The intent is to secure a response from the database construction, such as the table names.

Denial of service A Denial-of-Service(DOS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. Flood attacks occur when the system receives too much traffic for the server to buffer causing them to slow down and eventually stop. Some common examples of DOS attacks are UDP flooding, SYN flooding and DNS amplification. Victims of DOS attacks often target web servers of gigh0provile organizations such as banking, commerce, and media companies, or government and trade organizations. Through DOS attacks do not typically result in the theft or loss of significant information or other assets, they can cost the victim a great deal of time and money to handle.

Phishing Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The word phishing was coined around 1996 by hackers stealing America Online accounts and passwords. By analogy with the sport of angling, these Internet scammers were using e-mail lures, setting out hooks to "fish" for passwords and financial data from the "sea" of Internet users. Phishing is a cybercrime that uses tactics including deceptive emails, websites and text messages to steal confidential personal and corporate information. Victims are tricked into giving up personal information such as their address, date of birth, name and social insurance number.

Types of Phishing There are many different types of phishing attacks. These include the classic email attack, social media attacks, and oddly-named attacks like smishing and vishing. The basics of phishing rely on the gullibility of human beings. Phishing – usually done by email Spear phishing – finely-targeted email Whaling – very targeted email, usually towards executives Internal phishing – phishing attacks originating from within an organization Vishing – done by phone calls Smishing – done by text messages Social media phishing – Facebook or other social media posts Pharming – compromising a DNS cache  

How to prevent phishing? There are some very specific things we can do as individuals to protect ourselves: Enable two-factor authentication (2FA) on any account that you can Use anti-malware programs Use firewalls Be suspicious of pop-ups and pop-unders Be suspicious of email attachments from known and unknown sources Be suspicious of text messages or IMs from known and unknown sources that want you to click through to some destination or result in a query about your personal information Don’t give out your personal information. Period. Unless there is a very good reason someone needs it.

Two Factor Authentication Two-factor authentication (2FA), sometimes referred to as two-step verification   or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves. 2FA is implemented to better protect both a user's credentials and the resources the user can access. Two-factor authentication provides a higher level of security than authentication methods that depend on single-factor authentication (SFA), in which the user provides only one factor -- typically, a password or passcode. Two-factor authentication methods rely on a user providing a password as the first factor and a second, different factor -- usually either a security token or a biometric factor, such as a fingerprint or facial scan.

Two Factor Authentication continued… Two-factor authentication adds an additional layer of security to the authentication process by making it harder for attackers to gain access to a person's devices or online accounts because, even if the victim's password is hacked, a password alone is not enough to pass the authentication check. Two-factor authentication has long been used to control access to sensitive systems and data. Online service providers are increasingly using 2FA to protect their users' credentials from being used by hackers who stole a password database or used phishing campaigns to obtain user passwords.

How does two factor authentication work? The user is prompted to log in by the application or the website. The user enters what they know -- usually, username and password. Then, the site's server finds a match and recognizes the user. For processes that don't require passwords, the website generates a unique security key for the user. The authentication tool processes the key, and the site's server validates it. The site then prompts the user to initiate the second login step. Although this step can take a number of forms, the user has to prove that they have something only they would have, such as biometrics, a security token, an ID card, a smart phone or other mobile device. This is the inherence or possession factor. Then, the user may have to enter a one-time code that was generated during step four. After providing both factors, the user is authenticated and granted access to the application or website.

What is Defamation? Defamation can be understood as the wrongful and intentional publication of something either in the written or oral form about a person to harm his reputation in the society . Types of Defamation Defamation can be bifurcated into two categories that are – Libel  – A   statement that is defamatory and is published in a written form. Slander  – A defamatory statement spoken that means a verbal form of defamation. Thus, the fundamental distinction between both the types is the medium in which they are expressed that is, one is expressed in a written form while the other in oral form.

Cyber Defamation? Cyber defamation is a new concept but the traditional definition of defamation is injury caused to the reputation of a person in the eyes of a third party, and this injury can be done by verbal or written communication or through signs and visible representations. Cyber defamation intention is to lower the reputation of the person against whom the statement has been made.

Computer Virus A computer virus is a type of malicious code or program written to alter the way a computer operates and is designed to spread from one computer to another. A virus operates by inserting or a attaching itself to a legitimate program or document. A computer virus is a type of malware that attaches to another program(like a document), which can replicate and spread after a person first runs it on their system. For example we could receive an email with a malicious attachment, open the file unknowingly and then the computer virus runs on our computer. Brain was the first PC virus, began infecting, 5.2” floppy disks in 1986. As secure list reports it was the work of two brothers, Basit and Amjad Farooq Alvi, who ran a computer store in the Pakistan.

Computer Worms A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It will use this machine as a host to scan and infect other computers. When these new worm invaded computers are controlled, the worm will continue to scan and infect other computers using these computers as hosts, and this behaviour will continue. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost corrupt or modify files on a targeted computer. Worms spread more speedily as compare to virus.

Software Piracy Piracy or the illegal duplication of copyrighted software is the most common computer crime. Millions of computer users have made copies of programs that they have not legally bought. Copying software is as easy as duplicating a cassette tape or photocopying a book. Many people do this because they are not aware that this unauthorized copying is illegal but many people do fully aware that they are doing something illegal. Theft of software through the illegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original. Illegal downloads from internet.

Buying Pirated software have a lot to lose: Getting untested software that may have been copied thousands of times. Potentially contain hard-ware infecting viruses No technical support in case of software failure No warranty protection No legal right to use the product

VPN The virtual private network or VPN, is an encrypted connection over the internet from a device. The encrypted connection helps ensure that sensitive data is safely transmitted. It prevents unauthroized people from eavesdropping on the traffic and allows the user to conduct work remotely. VPN technology is widely used in corporate environment.Traffic on the virtual network is sent securely by establishing an encrypted connection across the internet known as a tunnel. VPN traffic from a device such as a computer, tablet, or smart phone is encrypted as it travels through the tunnel.

References www.kaspersky.com www.synopsys.com www.eccouncil.org “Cryptography & Network Security” 4 th edition book written by the author “ Atul Khate ”.
Tags
Categories
General
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 218
  • Slides 32
  • Age 502 days
Related Slideshows
Pray For The Peace Of Jerusalem and You Will Prosper 22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
Don_t_Waste_Your_Life_God.....powerpoint 26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf 31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
Fertility awareness methods for women in the society 14
Fertility awareness methods for women in the society
Isaiah47
29 views
Chapter 5 Arithmetic Functions Computer Organisation and Architecture 35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
syakira bhasa inggris (1) (1).pptx....... 5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views
View More in This Category