Page No.

Date

Nelwosk AND:Jnfoamation secuaity 262o)

TntiTndaoduction to Computes oinfoamdion

Secuxty v

iädions
Gecuait meanS Påctectionfrom unautho&izes information
USedin tomputex Fos paotection _of
Secuat
omhaam a unauthoaizeduse

Texms xelated -to computes

Sécuaity i ,:
cellediveifaacess
ornutez system Seuaity"meansthe
Sensdiveand Valuabl
and mechanismby
which

infoamation_ollapase_hyunauthoa .
ized adivities

Paaiectlon of omputex data

Tnfoamahion Secuay-iS
holdis
that the comeutex
ensuain.g_data sà-fetaoam coarupflon:
8: Daa Secuaity

ompaises ofiPaliceé adapied by

Delwoak secuaiiy
to pxevent, uhauthaais.ed dcess
pelulaak administëacia
misuse_and mad icadian2
 Page No.
Date

Computex Secutyp definéd

aspkevetiäni
of uhauthaaized adion by useas

112 Need of compuleä Secuityi

loday Use of camputea with inteanet

apidly Soiathattime iSéuàity Aintaeases
isichallens
nses
Todoay numbex iof Softulaxe too
Which help atackex doatack
knowledae otcomprtex fieldt
ayat
easily without .
muh
ompitex' Setuaib iscimpoant beause itkepl
infhamatian paoleted i Pt

Computex Secuaity 1sneed inmany aaeds

To Paesexve ompany/aalanizitionsiAsseis:-infoxi
is asses fox ampany so14 1S Dect esaay Ho
keep Sean
-Compcty_infaamalian

R Fox compelare benefitS:-Financial Service ee-tartmee

3 Considex Secuaihy ta be prime InRóalanci

Sofeuozding Technolo9y Assels in o33Dlzailen

Small busineSSUSec email Seayice hat Secuxe
wih he peasanail encayption toals
 Page No.
|Date

BasicG
_'
ecuaty confldemlaltyjlotesaity_
Painciples
0f 6ecuHYLANe
Pai
ailability
availa
and
EidendialiHycanfidentiality
mesns aciecilon of infoamatlan
FXom dnathaxised
teep dataiSecaet
teed:to
theae
1sNAec
aCtess to itSo Ust aigtPeaple canacess
LUSeNSA
an:eadadaccet sthedhl.
thatdada.t
when Someane
ishat
Cathoaized usegther.ctherewill e
who
lossof afldeniiality_ darta new
Xeseaach_data, medical InSuzance
ioveštmen
Rnduct specificmttarndaláia&Poxate
neëels tabe'mnfedentia
staatessaies

lass ofconidetiality OCU when inendiansal

'ritairtsve
Paivade infaamartlan
xeleaseO£
life:
ExanpleIniiXeal

aete
Usex B
Usex A

Usesc
 PageNo.
Date

ConsidexlGex A Sen messase Ha 0se

et hal messase Which was not desiaes exUse
1slasab£'canaldemliality. i
hente
.
.
hexe
hexe

2 Tnieguity_
Thiesalytefeks *o
KUstnoathiness os
_dalaiin deam'0f:undcethaaized 'chonge
banse
'ipic oxmodki
ILmaans unauthaaized USex onnot.ahl
mnke modificatianto da4hiii
ionly áuthaaized pexsanian_ edit orchdns
inFosmalion- aK-hdnge

2InfozmatlonCan beC0xAUfled when ihis

h1s PxesSend
faesen
on hediucxk when
insecuxe' Eoamation9e
modiri
inunexpected way Kesul inlasG of integait

Example in deal Lfe

Considex_online poyment System inwhich
Sex ASend loAT to USex A hut infaxmation
ls modieied without peamission o usea A

sex c'chanas ininformalian by Sending_

looó ousez Bmenced inteaxitY islossed

T3on Sfes100

Use A |ehanse Usex B3

CTaansfed too too-to

User C
 Page No.
Date

Availabiliyi

Souare

Nhen hey
Availability

hen

Tofoamation
xesulting
aesultin.

Example in xeal
neede
axe

liEe
i :
&éfexs ta abilityito

onlyatthoauze Useacan_accessit:
Availöbitit
acees
itis 'heeded ta authbiizel data

guasentees:thaf

(an:beLXASed
in loss of_availability
Sysièma
axe
p

axiunavailahle
a

available

Tnsidex hdckex has ihacked weß seyex

ofbonk
Pubit danweisian audhenticateduse hianl do
exhm e-bankins taansfex hut 'ntable tódoi4 do .
it
This 15 knonin: dssndtidvaitbhliky ef data to
Seninue
Pexson-

Non-Repudiotlon
Non-Repudiatlon_means USex lalex cannat deny
hat he oa Shepeafbxmed unauhoaized acdivity

SuPPose 15 Some SHuctlon Usex Sene

-thexe

message ahd laex hexeuse to it that he/she had

send thatmeSsage
Rep:Non- Repudiallon de-feas Sueh_PasibilHies
f denyingSomelhins, havins dane it_
A
Ex: Tneve sentthat msg whieh
Claim you haveseceYed
Ueyb
Vses A
 Page
No.

5
Date

Accounability

Xespansibililes
A meaDna

fox
hat eveay individua
oxk hith Inmartion system should hove
have
infsgmatlon
issuaonce5
h
Ste

X ThePe3son in chaa4e Of inforrnodisn

nilon
Should pe:Cearnin
pez-foam Peaiodic check toibe ceahin Seuaia
eolin 1s beiná:allayiedii i1 the

6 Reliability
ealibilityiisatlarhute.of any mmputy
basedcampoment dhat contin 10uskA Pexfóamdc
to ta its speci£ich
tni
IF eSayi.paoduet ilsixehoble.thenpiodN
iSfxee faomHechnicaleaxaxs_

.
 Page No.
Date

AND Thaeatanal
Risk
event,ox adian thatcóuld
Aaiskisdo e
do imputea haxdwae
GoUSe
loss g
QAdamage cejsofuae, data ele.

' o
hxedst analy6is
is andlysis of
paabalit
amd canseiuen.ce dfi don ing
TUaence actfona atoo
aHem:

AGSebts
Ass
Tnanuifoamaction _GRUGiHY tesSeruait,
Compute
nelwoakSecuaHyan asset isan seruaity
detoidevire o
alhex ompanenisOf envkonmentthat ae Xelated to
acivHles

AaGp-1sshauld be paoiecled fxomunauthoaized

alagun
dateaS
hiseaHajdestaúcttann

Asseéslseneaaly nrludehdbdidbe'aneranfidend

7a6Sess: ofi žómputea: SY$lem canate1oR1ze as

follocul'
Hoxduiouelincuder comPuled sstanéSu data
StoMate Comm
unic deyLres..

2Goftuoae inthucde idjaSustemuilities

ppltch
dala includinsdatabase, passuoše eit
 Page No.
|Date

22 Vulneaabiliyi
1s Hlauw in
Vulneacability
sysiem
implemematian aa opéaadian and monood
gernenddear
ould be exploitedto violiie the aiyslem. A
aemisecurh
Paliey
Vulneaability weakness in
1s secuaity
,
Campulersystem hat Peamit_ Unauthoalvad
ed ulhoaled dte
otces

eX: Tmteanek baousesCould hove a

Vulneas
thet caashes the ba0w Sex_OX allovW SóMeah'ey
ead ox .capy fllesEaom conhputex Mben u we
isit hejr:SHe

follovwina axe Sevexal Sypes Of Vulnexabilkiee

Compctex Sysiem

dcda

:
Tt
hinss
can be couapled Sa.that Îtdoes'the dons

Valtues
0X 4Ves

T car betome
Should
infoamalinn
Such dccess
Wong answexS:Fo eX:atoKed
máydiffed FŠam what they should
be because they have been.impaapea imaditled
lenkyie Foa aXmple
not have_access
dvailablerthanush
Sornshe wha_
to Some axall of he
nettiidsK Ohtain_

3T ecame un
Using Susem
ailabte iáx vey sloWTha
od Delu axk begom es impótsthle.
is
 -
Page No.
(Date

Atheeat iafox vialolion

15Poternlie of
hxeats:-
ih exsts: when thexe 1s C1&cumslante.
thatcaulel brtach Secuaitto and ca0Sehoam:

d n dislinauish woype of alacki .2

wecan An adtempt a'alteslchangemadify
Ach xesauace 0xaffectheix apex
Hem
ive tack'Aniatlempt
all to leiàh ox'malke
nfar
Pasive i matlon fxomthe Sysiem +hat noi affech
use o£
.Sustem

Risk
Risk is the posihilHy of Something advezse
hoppening
Risk19 any event OXdcilonS hat Coule aause
X Jass: af 0a-dámaieHo computex Systerm 'haadwaxe

A gompues

i
SeruaityXisk 1aianythins that con
confideniiality intesxity _pd Vallablity

r
nesativelyaffect
LOtdata
12
ofomputed Sectiaty aisk uould be
Xamples
misconfi uaed Softuaae Unpcitched o'5
i

Risk defineas Follove

Risk# ASSeis. x Theeatxyunesabl1*
 Page
No.
Dato

Tnahove definclion=

dAsses-lsIt isxesoux tePåores ix

ao:
o on,same-thing hat isíimpoatanxodut oh to
2:Thxea Peason 0 Hhing
ikey toase
Ddanselike eaathqluake\atack an
Peason' wehe

Vulnexabllit
TLGiabáeancéráE SaSuads
4Sofe9uOzds Paotecdion
mechanism taaedie
5:£xpas ue E islo4Sdue-to aisk
ute zie

125 Risk Analysis

Kisk-14 Poenlial of osins.1S0mething

Kisk anslusis 1S pXocess-of
and Hsopezalionalcontext of Ina sustm
examinins
deleaming Passihle
exposuae nnd Posible hakathey cotus

ZA Secuaity aisk analsis is Paoceduae -fox -eshima

Xisk 4o compttex
Hhieat : Kelated assestandlosG becuseof
:
KiSk analysis_ls dane in followin hxcemalinsHag
Asset evalu
2 Anlysis ofAh*eat yunmahilHy
Select of Safe1uaad
 PageNo.
Date

a
tyepe. Risk Anatusic.
Thexei
daeHua
Hative
e
Analysis
tative Riak Analysis9:-
luanihotiy

iaataive Risk
and
Anàlysis.
Hexe
anganize
e
identify theaisk andd
he aisk_ac
find
accaading to_
Lits_impart
HsPaobabilHy
Hexe we sive numb£aStopziositized het
X1Sk

dualitaHive RiskiAnalysis:

n
imf
Pae

no
Hexe nNe identify hiskand
hexe ASsets can aateel as
imfoatatsi
tfinsd

cAHicalh-Veay im

yulnezabiltHies can be Xated bosed on howitis

Axedfixed saan Shauld be fixesfix
Thaeats can be Soted based an
Scaleofi likely_
Ualikeh Vezy likely ec:i

Beneits OF Risk anolsS

Risk oncahysig on helP anoa3nizaion to
iMPAOve Secuait in many Wa
Coneaaing finacial oasnkational imget,1t
IdeifiesXade and Campaaes the ayexall_
Mpack of zick zelatedto aasniz
 Page
No.
Date

22.Tthelp-tobidentity sap niinfoxmatior

and deteamine next Steps ta elimin
.
isK Of etuaHy-

8 impaoye cammunielond decisiannaki.

impaave setuaitiypoiaes ond incareo

ahbut aiskdnd secuaiky: measuxes be
- : beh
emplaaau

Risk 'Manasemeat

Risk manasement 1s PAatesg oF

ldetiE
analysis andeithex_aceptance 03mtigceion
o
uncextainit in_dec'sian iakin." t
Riski managementis the paPss fa
identifins,a3seing op paioitizini aisk:d
diéter
kinda

EXaMple_ of RisK
:in
fixe Dama9e Cause toaistem due a Fire
paemises_Mbexe_ infosm" is
paeSexve

2 floodi=Datacertér'hub seis_aftededi siue

tofliood

1
 Page
No.
Date

Compenen
teof Ris

Risk
Manasemer

Manasement
i
HSSesmlen
RisK Ris,ontzol
Risk identieicn ) Riskr
RiSk analysis 2)Risk Plonnins
Risk Paiaatiz 9)_Rist Resalutioo
mánhosin9

Risk Assesment
1Risk idendifiaisthe-flásd istep inhe
Jve
pXOaive xigk
xi. maDa9ement p30reSs IH1s
vminin9he pXnsaaM AKAS 1and each Pzacessof
caidiat
Hechnical
Hechnical pzocesso
assaciatecl wiHhaisk2
idendiAdauments hat
Risk andysisispAucessàt
Aonsex te individual anahyzins he
f Octuzal oa business pased
humon CauSe events
hy potentia

9Fozitpaofessiona ls itlsDeces.axy to idenhie-

nthamatioo assels In dagP, theclasify a nd
Paioat ize them_

Risk contaol-
TisPxoceas oF selecins and applyini
aHza |_todecease aisk of azg info systemn-
 Page
No0.
Date

Avoidance:Appl S0-feauad halelimi

Seduce Xisk

n5-fexepcei TxanSfexr als k do o-thex

edo
oxany

MHalion Redure impac-ishauldthsy he Ndlt

A:Ae explbiHed
iv)

i
AcEephante Undeastand -fhe onisequenas
slsk wHhout contaol:-

Ris ontaolincdudé fallóuaing staajeg.

LSlep:
.
RisK Plannin4 oeclding Seguence,drtteunk
Xrskdoxesoalueiaki
Step2Selecting appaopziette stxatexty
Slep8 RiSK Nontaaing check whethez seledee
istadeaay fox handle aisk ls-y¥oakins ox hat
 Page No.
Dato

hiata
System thxt 1s that leads to los
Phys da
utes to haadware
data
data ox
oPhysical
damase_0f as,aisk +hat hich anpålenliolly
is_decin.
aasniz4n.
Compute2 Su.siemand
Seuaitythxeat
damase
axeaVixuses, w03ma ete.
Se
SecuaityHhxns
Sevexa

YHViuses
vižus 1s otypeof_comPufex pa09aam +hat
AA hroutez edaeplicale
ekecuted by madfyin
1tself athex
when m :and inseatlng its own_lode
computex pxo1Ka
Comote
fhat atach itself toothe
viusismaliciaus_s0ftwaše
Spftuinae and may damaiethe Sa£uaxe fundionality.

when SoftulaxeeXecutes

A Camputex Vizus14SeH= Xeplocatinupxolzam tha Spaea4

b inseating copies th HselF-inta anattiex executablécode

éade on:Pxosxam, rhish iscapable of

Vius_1S comMpulex

.
offectinsomguler_dala or into-bu (oaxiphin9 ax destzoy
them .

Vlus bas.Cpablityi tamáke 1copies o.Spead acoS

Plezy foldex o damage compuiex susem
 Page
No.
Date

1-34phoses Of Vixuses

Duains Viaus Lferiutle yt9oes

nes thaoug
thxoushtoll
toux Stose fallDu

Daamat s
phose
inthis.rphase ylaus 3emain ide.
ii Viaus 4et actnated dependina_an
A
i
EVenti 03adián
lii)Nat oll viaus have this Stoge_

Popoiaion_heviau9
Phase
StoatpaoPóIating.hat is

i
muHiplying: tselF
nA pieceiof codeoP1esitsclf earhcaP
Gtoat copyins naKe caples

aisaeainsphase=
A Doamant phose Viaus nave int
Hais phaséhen elset activated ithe èvent
tiias: WaitinAfax detintialized
The tzigaexing phase con be caused
byvoalety ofi System event_ inedudin9 caut of a
he Dumbez oftimes-thatthis coPy 0f
vixus has made apies _of itself
Executien phase T this.Fhase visussaats i.
implerme
 Viguses
' PageNo.
Date

1.
Vidus
1.e Viaus:
Maco e
Viru
3.Sousce
viatusS
4Encaypted

Dealins
wthViauses

Thexe axe VaxiouS ways todeal with vius.

uxes
VIxus
anbe
bexeplated by00d back.up_pao.ced

Locae wihese -the visus is

Delectiora

Tdentify therviaus
Tdentifin

Remova Remove all -tauces, aestoae odder

etecion ofivixis Anvores lacatng+he viaus, having

known that Viaus has attacked.Then we needto
idenHieyhesperifie:Vlzus4hat has.attack. we
Need to aemove iti

We need to semove all 4aace of Vizus aestoze he

affected iles toaaisna state hy.aintivikuš.sottwaxe- -
 PageNo.
Date

How to Pxevent lompudea Viaus 2

i f
install cuazent antl-yiaus anii-Spywaue sli
Hup ww
1)
+odate
Run daily samns of anti-viauS Slw
in) Resulaaly
i , and
ondkee Etep

Patch the apeaatingSyste me agpli n

on camputex-
i_Dontclick_an web link send via email ndall

.
Oan't donnlaad files faom iternet
vi) Tnstall haxdWae base fiaenal1

L,
3323Howto3emove Compuie Vizus2
Entex Safe Dmdd.e' sit
i Deletle tempoaaxy files
h) Donnlood aealtime viaus Sannez
iv)Reinstal) anyiie-oa pao12om domasé
by Vigus. US
1:83Noam6
-AcompuHea woam 15 SeH-aepllcaing
i maluor.
hah
Lompdexsi
Nozms
duplicede ifself
i ii
tasp3ead
ii ko:uninfectec so

o£teniUse Paati OF 0pedating system

that aae audomatlc and invisihle to
used 7

Attackes Use waamto dtomplish

j Tnstall. baikdoos an vichim compuex
fall ouwin'atask

2 woam maySlowdown the nlw

Woam self-conkain_pX 04aan that paad to other s
System Wheae viaus sSRxead to
p3o9dcm with10
Same Sysern._
 '
Page No.
Date

é 5seis PäoiKam that allows the

TaaianHoas lon.
fao M_xemate

:
contael
da: contael
us
Use.dsmputeg
aek to 1s hidden Pleace of cade
hi ylauus like
haase
T2
130aion dtiy itieg:that
attarcainperfoarm
Follouuing holuase
taaidnih
SIn amase: the iUsea'si campute Such.dscaashing,
of death etc:
:hluescaeen tatai
Modlfy:Üsea de
steak:isensitive
ke usexnamePajshakd.
4viewlng seKS Scaeenshots
Don lood bãauusing histoxy
simila
wa2aionion ho8se could silely sit"in "
Tna la by'altackina ta it
la11nskeenby
Code £oz
(ndefo exid op pa ssNaadtaaian
wheh theused entex
thisdetailsand infoam" to atatke
hazse captuae
hiHhaut khaledie of USea nhahad entezedt
the id o
Passwo ad

Theattaclke
login to
Canuse the ld
Syskem-

'
'
Passuwokd to9er.
 Page
No.
Date

_eIfexente be! Vaus Waams, Taoian hamzSe.

vixus Waam oan Haz

der Vlaus ista maliialis9-A tampudei wormJ
Softuase that altach isselE-zepliating_ Toian
is
1Hselfo othex Stu maluwaae that
and damase slu hat
duplicade itsele alla
funclionality when sluw ta spxead to atak
ceXecutes ii uninfected compuder Contaal
USestom

loe

Exe Dependsuan the Replicate itselt- 8)Doun

Xansfex Af file witmokuti humanach wo
Slwan
Repli"

Ocus
yesni iies es
executed.

No

Remoty No yes Yes

ConHaoll

Rae of Madezate Faste slow

Spandin9

mfe Initiadesby altachina 4ilizes Sysem AHach 1Hsele

a vixuS Jo aqn. Ox applien toa paoo
execuable-file. weakness
Puapose Modcof info Hat 4hecPU stea heker
mem orY info
 Page No.
Date

xS is a pexson_ who atemp to Iadin

An intaudea
txude lo:a tem'4o damdse}he Asiemn
laeks
dnatthoa Lhe data on Sysem..
OXdisttmb

InsidexsTnsidex is Pexsan_whobelonss o
Said aainizn
altark fxom inst.
nches SerUaity thxeatand
n4

0t Attack:
IyPes

o
AnHack is an1ntoamalian iseauitt thaied h
involues an tempt stain tHeelestaayTemave
Hhaut pezmissian
AX evalinfoxmatlm
L4a aeve

Atock daXeHypiay cateacaizedibosed:on thié

Peafoaim thyatackex An atack dan be
chion
actiye ox PassiVe.

s Types ofattack

Passive atack, tlve aHack

ReleaSe dfmessoge Unteauion
ContentS Fabaicatian
la ffie analysis Modficalisn

Replay
ATtea
 PageNo.
Date

1l_Pa59ive attack--

assivecattackdesisnéd:-to
: menis
Xecaxdnetwoak adiviyn i i
The saal af-atackea_ls abtain in
hat beinstaans.mitte m
The altack does hatInVolve modifi
Mesiage

Passive atacks axe haxdex to

detectbe
atackex does Dat pexfaam_any Modif a dH

2This type af attack Can classfied intatu

as Release.of messo3eicontentcf
.
*
taaffic
analysis.

Releas efme4sase:onten Nhen ne'sendant

connidedial ema message o aux
that he/she able to acessitoheaise the
faiepd wedesiaxe
ondent df:hessoae 2elasedroiaint Someaneeis.

Taaffi AnalyS15 When ura peaSan axe Cammunite

ach alhea uslA9 Code languase s6 tbat only eammun
Peasan cecode that messase
AHackea tay finel autpatHean of cadelanauste
dnd detade Such me ssose is ceilleeHaaffi Análys3

Message Rceives
Sendes

Afacke who sbseave.

message
 Page No.
Dato

1ense af MASsae cantents.

O
Relea4e
Read conte nt of-meGsase-Faom
AtoB

dfhex
Tpteanetoa med1
commnC um
B
bTad-fLAnalsis
.. 4 Obsesvei.aHe50;Of. meSsag e
.Fsom :A:toD

Intsnet o oM)
media3.

Adive AHack:i

An_acie atásk invalve chanains theinfozm

insame wayby Canductlng Sme Paocess on
infoamD,

Act ive'attack asethe ättáck

to modIEythe
nm
iwhith
infoz ie
aHacketaies
Ceale d false messaS e.
Active atacR cannotPaevented s1ly
 Page
No.
Date

Rece i ver
Sende

AHacke CmodFY TESSase*

fi A edive Ateck

afatatk in-the-foam _af inteaaupi

This tyre Hexauptian
Madi_axe explain below.
Tnteauplion adttack:- his 1a alsa mlled masquexo

attatk: his atcick happen whenunauth oaized tk

User
Pxetends to be oth Usea

Means'A send messoge to B:butatackesc PRel

aS t A foa B
is_

Messag e faome that apfear f

Send.to, be -fdom A

BRecieves
Sendex

Modifle_ attack in_class itied intoxeploy atak

nd aHex?_af messa9e
 Page No.

tar_look faamBob
faom Bob-

a affack:- Alice

ckrric
KEPayattar
Aeguest 'ohobsea ving
ualysteal
eplay OUppaseiscontinio Bab Bob
vin

tou9tán Alice
Bob ustánAlice
be-Alire:and
ben. lso:looF
osend1oatoAt#sehatmeattackes
i

7communiC"
to: BohBob 169imethtthis
he
he
1ice hence a3ain
asain
n gend
génd
dndjestha.also:come fadm_oAllce_hence
e Becaue of Replay atlack
Jegueshd ta ta Alice: looF Receiveto
endi Bobaccaunt
J0a send from_B
loo to
Jo Aackex:
an ataaker
Alite

.
Sena200
end tooF s*suesE
sensain

Requestloo

lo0 pecewe4o Alice

.r Re4yeS+ l00 H0 Bobb (Bobthink

206Ewan
to
Alice
take 230
afeekèry,
Bab
Alice
ooz Bob
ReUestl0o+o
SHecas thecommheth
Alice Beb)
AHtacke&
T RePlay ettaokK
 Page
No.
Date

bel" Acdlye
Compaaision opassive
.. ack
adtack
.

ActiveHáeki

3
Ackive
he
ateettheix

Maditi
Atack

opex.

inhe in

A]ways cause
SysHem
es tothang
'System AesAtIaLe'dxi.

damae to
2.
(' t

o fassiveatHau
pa&sivei.ctack

Usèof ab mate
xeade
infonm
the'syedem -but
nat:
-
inPluente.s.does

Hodifi.inin
does not
3 Do notcaue
hasm.
takeplat
txda

any
enre
Systen

Thaead o inesaity and A Thxectt tocopfidndil

availability

Vidim etifoamed ghaut 5 Vcdim unauwaxe ahoutt

aHak ctack.
Emphasis an Deletn 6 Empbos1s on paeven
EX Mosuešade, Replay TReleoSeof mesSagé_
contenlstàofiL
analysis ete
 Page No.
Date

DenialTSeIvIce»
DosaHaikis á malitious aemp
nial ef
Sexvices
ox nektuoak unavailab toustaxe
tO_make
sexyex
aaupting h -seauice_Of host+-
h
bytempoaaally-Lnte
tempoaa
toheÎnteanet
nectec-o
nateel

DO5 attackIschdßa.cezized hy usina single

i pos atta
Dos
dex:Dosattatk tyYPically funclion hyiFla.adins
mputea
saeted machine iwith uselesstxafic xesues+_
AXmataaffic is unable tó ipxoccessed aresul
udl to _Useas.
Seavice-
in Denlalo
A Dos Hack 16 WhexeaHackex_aHempt to Preven
to acLess nlu
uthentir USex

atdatk is ised:to take 3eYange df

ms any potner
campany

6upease A comPany ls Selling highest pxofitable paxoduct

B is also seling Same PXOduct butthey _axe ot
Company
os6:S0B company decide fotake Xevan9e CanLny
Cend muHiple xesuest to the sezve
of ALcompany
hence Acompan SexvexisbuSy to 9ive_Xeply a
B xegueste due to which As
customex Not ableto
Xeach theA'scompany Sesver This Is known
to
as Dos attack
busy EPly70
Asae USeX
_muHiple no ofge1
T
Scxves A 7unable to
seveA SeFresPonse
atacked
CB Company)
 Page
No.
Date

1: Disdaibuted Das

DietaihuleelDosis disiaibuted yex

DDos atacka.chieve.effectiver
nessby
eness by
mulHiple comfeaomiseo
edcompues system
em
il
f attack asia s
S OLE
pDos attack Xeguise_an Hackexto Sain
netwoak of oðlinemachineiin bxdes to cContx
o
onattalk
Computexs and-othed machineo8e inferted
malwose, tugning eáchinto bottonpct_CZoa

The attackex then_hosXemate e oveathe

COnYaOLOvezthe9
ofhoisit'solled botnet ga

hen ifaddaess o victim is taaeted by

botnet,
each bot will Xespond'by sending aeguestto 4he
taxget to Potentiall aUsetazieled sezvexani
to ovefloy apaclty desuHIns denial ot Seyira
t:hoamal:
the
' taaffic

taafflc caeatee due to DDos isdiFicalt1ha

nasma taffic

ODos attack taaset online Services dwebste.

The pamady things s

muiple comphed (ohb
Sen d muHiple eques-to vidim machine hene
adenia aof sexvice ke
 Page No.

Date

victimn
mach îne
with
AHacke ea etaae2: Zombles
Botmas} attock +hèvidi'

Fi9 B DoS attack+

harkda0S-
Aback dooa istechnique inwhich 'aSustem
Iity hanism 1 bypasGe undetectiv iy to cess a
coputex o HSdnta.
A backd.co acess method 1S Somelimesesis
AXhatten_ by_pao9A0Mex Nho deyelap paaiaam
backdoax 6alsA ENONn o'sHaopdaan:

A develapes caeate_backdo on so that an appli

OXPexatin4 System con beaccess ed foz aoubleshoce

Developes somelmes use backdoo _duaing deyelop

whleh 1 Not emoved fsom Produc code
pesfor backdoos is nethus
PSonefoPula ool s to
 Page No.
Dato

4:6 A Man inthemlddeatackk:

Tia atype ofattack nheeUnautho
1hto onvrSation_be4n
him/hexself
insext
A Mm atack_exploitsHhe e
xealtime
od ofdaa
d
tàansfex
paacesin

0f tàansactionconyeasatlon
EX: inseted hir
Tnthefollouwing the_atackea
at ta-fEic het" client cese
inbethe £law
attacker hasintexaupted int mmmuni be4n

ua endpainls he/she an
insext nzong infor
natian
data taans-feacd bet"them:
andinteaaupt
Man inhe mjddle flow
NaamalAáw
client
clien
seSponsSe eg uet baoken
conne
se&ves3

Sever
fig Man in-themiddle altalk-
 Pa

NO.
Date

Page
No.
Date

Lan -faoman tinknown

e Cammuniatt.
be pooinisat of
ixom_khaNn,
UStedi'souace.

unathorize. being ar
ime 4wozed honecollwebate
phoi
Hea snafflns an
of ema11s, Ipaddaas
paoces
data: Can applyaasCompute
amaln NameAjsiam (DNS)
ing
paalng Sueh DDar
metechnlCal paatacal[ARP)2
Resaludian
Resalr ined ace
Adass 9al-unauihoaizs
used to tocomputex
R
him|heasel 1stechnigue send messaIe
SezveK atackez
bein Spocfing
mPuter
Nheze: e thatMessaie comin9
Indirate
he_ anipaddaess
nlth User.
ifoamatian
matth0312e6 yes af_SpocfI ng atack
this.
sexeaal dHFexent
dde usetoacamplish
flow The aa. thoaized Useg cOn Ip sfhofing
Saxe
ARP Spoofin)

thatUnatuth Mathod:
SoMP tomman
,clien paetend
megns Whereattackex
baoken
Connec
2p TnpSPao£iiVe
SpodFinst

Sea iP addaessa
AeSpanSe-o
asit 1sHaom SeaveK Send
To Aoam al taseSUPpose Ipadddess 1saf
patket Sogace
uiimthen in
SeveL
addaess isaf
Victim
and destlnatlon
P
9e2Ve

Tn Noamal-Ca9e,
dl Sepxsc
SoudTP: 192-684
desfJP192 l68 241

Client
(Victim)
Serve 199:l6RIo. T32-T68 2149
JpacldlaesS
 Page No.
Date

S00fing-isad of cionFaom'an_unknown_
ins
z as be
being fxom khantdusSted 'Souace.'
aS
fnuae
apply-ta emai1s,_pphone collNebgile
ins con
SDehnicalSuchas os_Compute snoffing anIPaddaess.
paatacal[ARP)2DomalnName aislemt
tezi
some Resalution
Resa
Adaess
is to9ain-unatulhoizeda
is techniqueused
SpoOfing whexe:attackez send mess:e comp o
toampHle addaess icate that mesSase coming
Hh an
thoaizea uSex
pam
seye3al d gesafSpoofing ctlack
Theae aae
haUnauthozize.d Useg On_Use_taacamplsh this
Son
(omman mcthods_axe saoting Ip
ARpSPoofin

pPoáfing4
Tn Ip Spao-flh9 meansWhedë altackex Paetend
stisfaom sezvex iP addaessS
Tn_p.aama case Suppase SeaVeK send aeSpanse Jo
yictimhen in Patket So03ce Ipaddaess 1is af
geavea and desHlnatlon iP address is of Vicim.

Tn Noamal:ca9e. dlsSepzscm
SouaP:192-16840
desl Tr1S2168-243S

Client
Server Victim)
JpaddlaeSS 199-l68-14o 2-7682149
 (Page
No.
Dole

InJpspacfing taseaacker
t-send Packet_whexe Gouxre paeenod

vicdim think thatt pocket

Jdaess
'addae6S.and deinIs clien ip:addae
S:1SSeDYaK
i
Sen
ome faao
sex Vex but actually in
atackex :Machinei-
aeality packe Obni m
come ania
Pxom
actlacker Sfoaf the9e8VEI
Tplatddes
paelend as iaeavea _P'addses$ an
Oue Lo Ip spaafing Hacker modie
deteteiipfoamA od1EyNade
...
. IPaddsess 13

facket|50uace
l68.1

|
atackex dest
199-68
132-16a2

Packe
Souace
aes192148 243 4
-
,A.
A2:l6a-/:4S desaddress

fisIfApaafing
Victim
192-1682-49

ARP SPoOfIng:- ARP Mos addess Dsollian oool

each machine sbhaulo have heixannIPaddžess
and MAC addaess
Cach machine haye itànn tahle which camain
Cpnected miachins Ipaddsas and mAcaddaess
intheannedad Nlw
 Page No.
Dete

means atlacker denaHsTpaddtregs

addaess ta abyDmadines
ABP Spafins
ARP
d MAL hine ufdale Hheig able-n-ithralacker
a_neaxbyand mAC addaeGS.
p
Pad ddaess
e ta which duain9 comrnunic betutcen machme
J ackesfiastly9et all he packet
that attakeK anmanipulale nith_data
5o that
$end incoaaed
infam
and

inHfing
anEtins 1S toam 0f t dHlC manitoalna using
sniftea
means hen_comunic be Sendes.anod
gnifft
Recel v is ains alackex can setall infoxmn -hat
het" hem
Xansfex
Taansfexoing i-foam" is uSeaname PasSryord
and 1sin
paintertthenatacseasily 9et all
iDfoxm
And atackex Pezfeam unauthaaizecl acdiyities.
S0 Htex_can be ethea aclve aa possive in natuae-
Passive sn£fing mhis2£fic is lacked but
alHeaed in _any Waypa9SNe Shifflns allan 1isllnin9

R Acdive SninS Jn hislaaffic isnot ønly 1ocke

ond monteaed but i+
mdalsa aHegd in sama ury
asdeleamines atack.
 Page
No.
oate

Nelwaxk Snisetn9 nValveslising

+hat aealime:ManHaáia9 ond ana Sniffer
hoto,
oals
-data packet Eloin9 Aver nejwbxk
anaysigaf

2APacket Snikfer e-fers to S/u that

all nlo Pocket:IF Usés: ne wort adapate
to-capture all DIU Mcket: This'exploi4
e
guxe
ca
xploital
fossedin plain textfoamiat îns

2|Packe s£fes toalUsed by n]w administh.

sOEE each facket ofdatd aaYel gvex in
nlwi
monitoaing dianose netwa ak lssues

2Cyber
om
o
. caiminals use hesetoal
Detuwoxk l3df£ian

backex USes Packet sniffing

Dollelt UsES Pa sSLOaads
fax

XNw
stelin9

snisn
ota
 PageNo.
Date

1411 Encayelion_Alacki
Tncase Of encaypillon atHack
abiectire ofaltackex is to -find aut
aut nain
plet
ploin
cipheadextCencaypted dext) Faa-his a e
thisatac
need tofind secaeat dexypllon key. on

Bdsed imetha.dology uses attock k on

aney
ypos
axe Caea0aizad as follow
Ciphes o
dext nly_AHack Ccan) In Ihis_a
dccessaniy ciphex dext He daes n. kn
hove acess_abaut ejuivelent plaintex.
to SdccessfulLNhen__oIxesPeding Plain4..
ex_
deleamine faom_cipheatext:

nawn plaindext AHack(KPA) :-Jn-his hisoltot

altort

has _plaintext fox So me fast OfCIphex text.

the
ask is todecaypt destof cipheatext tsing p
plalat
This deleamine Via key-

chossen Plaidext Attack CcPA)'

Het a£ his choice eDAYted S0
n
4hisatakes_hoc
hebas ciphex te
plaindext pair oF N1S cheise this simply dasto
detamioe enceyption key

Dicllenaay AHacki This atack has Voaiastsal

ofnhlch îpvoNes ompilingdidonaa y aHackez bui|
citona2y f ciphdtexCoasespoins paintei wh
eaan hy Alm oVe of+tme.
Period
 Page No.
Date

attack BEA):-mthi atacediesto

aute
foaceattak_LBE2):=Ti-
4} key yatempeling
The
all key TE
8E256 fOssiblekeig.
sa 8E25s
lang Sa
deteamfne 1ang
Key isKbit weciphex textand theal90 nanN adtemp
ckex
keyAneby
ane
all2
m Haln Man in d.hemdde md Reply alat
faevtausPages _
also
descaifllan_Xetca
".

LE toamad1on
Tnioamaion 1sdozta 4hataagnlzed in meaings..)
fashlon Hhaisi
in-foamationlsdata
_1Accoaade cftimaly
Spetific e 0Xiniz cd toa puapase.
g.paesented niHhin_a comext hat 3ve ts meanin
A onlead to incASe unclegstandina R
decxedse uDceatonity

Th foma+lon iscombinatlo af n thaee_faads

Data tiScollertian of all tyPes o
infoxmation nhicb can be
shaed and used
as pex XeJulaemen eXPeKsanal doata.
2 khowleslge- baed an data tha is
oaanized andSummeaizedl: Tt Caaaig aut by
expeaiantes empla yee in_aasniz
Ation tis
usécto pass sequiaed Infonm
to pexSon who Needs it
vith heip df infoam
System
 Page
No.
Date

Concepl ofInfoamattsn Syseim(Is)

AS lnfoamaian syisem issetiósi
Component hat callec paacess and dishic
to indexatn
Aiskanbute
Suppaat decisian makins in caanizn
) Thfoamation aystem aaept dedafar
and manipulate he datata paadure inf nm enia
is Used tasalve pxáblem ax busIness neer!.
A) paeviaus days infazmallan axe'
manually but nawday infoamation_syslems
maimin
omputeaized DBMs Used axe
do manae the au
and aetaive of data in_sysiem
HTDfdamion Of haxd hes
System consist
data Q-APplikatianda manaae în
Tnfoamalion Syalem usualhy develap
business -Ainction suchi as administa
e infoam
Suri
Suppaa
Eimn«e_
acountin xesauàce caani ínevexyAxanizn.

hasdwaxeF SOftWdse-

Data Penple-

Sl03eddata 2Paoredures

.
-
+ia- concept+ of Jnfom'sygem.
 Page No.
Date

data ondn
andin-foamdion-E
bet dala
Compaaision
Infoamation
Oata 1
3pala susedas nput
computex System
the
Jnfoamation
aE data.
119 0ulput_

foa
1 is unpaocessedfac Infoamatian "is_paacecel
Data data

Datd does
natdepends 8Tnfozmaion _depends an
datai
on infoamation
Data 1SDa+:SpeciflC:
5Tnfoamariion js a
pedHsic
Oes not cazaryaL5:nfaamation must
Dat'o
meanin9
Cadxy lesical meaning

TData is aan madesial Infoams paaduct ater

p&acesS ing_

Dateu Data Oata

Paocess ing

Jnfoam"
 (Page
No.
Dato

T'62 Infoamallonclazsific classify

The main_aeasanfoa
nt and infoama
isimpoatant ndSame
same:
because
inEoam Ata
ma
not be impóatant_ is toimpPo
aveCongi
Aim af anazzniz
i
of infoam toaeduce
indeiaityAvailability
#oinfoam classifieAis
Used o pxeyent
mfoam Una
axessto system-
of classiFie'af info.
Reason/ Advanto1e
:Ithelts Oxgni2atlon fax Seuxity Paateehion. n
ioxani? to fdentiFy info
lite sen
helps SensHive

3 Tt suppoat CIA(CoNfedentialit4Inteai
Help to paotect
Peasonal 1nfoxm?.
Aa
4 infoam
6 Tt heles: ta cdotaal sensi1tive
infoxm
Heip-to_paotect confidenial
access

classifi evelS:-
/63
1 OpenUnclassifiedlpuhlic
Infoamatlan. Ís nat classifled andhat
Senstve
Infaamadian acessible to both extana
a nd integnalPoatlesof oaani-n
tpat affectofidentlalidy
 Page No.
Date

Tnteana but dhclassified:

amatian is
aaties and inieanal Qccessible to bath
emplayess
2ighis èxtenn.
withContdolacress ana
1nfosm is Jet discloseeH
totheozanization Hwill not
damase
CoDAdentialSensitive
infoamatiod is
employee of 0aniz essible
hHh_Stait acessanly'toithe
4SecxetHishly senstive
TOthis'
this'
= aish+.

unduthoa ized
d infoama cancause damase Ce
to thsaidess-to
ss to
-the
thhe
nalional SecuaHyi Kaudy'e

Sop Secaet
Highest levelof
Infoamation_class
itoamation in_defenseoxanz ifi-ex
n

63 Cxitesia foalassfi of infoamation

Vaue Value 1s camman ca HeIld
foaclassitin
Valuable infoe m"Of
dassisied ex: calleie Stident
034nízactian shauld be
list classIAY accaading
Ho depastment

AgeIn infoamation is cldssfied accozding_

Jhis
to lime peaiod ex extain înfoam is elaliq fox
CRztain pealod i peziadis ovex info is
not useful
 8:Useful lfe:-Tf validtiy 03 deadline
line o
o
Page
Date
.
isavex due to chonse in înfoanaian the
must he disclaS5ified ît.
ex eazliexdiploma Scheme is
s scheme i56infoam classifÍed 6siheme
acnr t
cCOBdinal

Peasonal ASsociadion

Infoxmation which personally

inith Paaticula individual hen such infoa
be shu
5 Public
classified

'
Thfoamation-igclassifiedanthis
doz
Public infoamttlon is nat Sensitive. alsg
Tit isacess.ec by unauthoaišed Use
use
not affectHhe Secuaity eX:Infoamn" aivenan wiy
neb
O ony 0xiniz

6 aivate
-Tmpoatant infoametlo0 of oa9nl2 an be
kept Sepeaatély

ihfpam
Upouthoaized
xelatecdto
t
Usex cahnot acess ex
paoject 9oin4 oa9ig'ke pt
Sexetfaàm dthexr oz9nil:
 Page No.
Date

Basicaincipales nfcamsellon
Secuaity
Scuaity medns o pactecE infoamlor suhem

The ,
unauthoaized
Secuaity
usexs like altackex.
Isp8oiect
basic aim|10alsDf
infoam
înbamatior
Summeaised In hxee painiples
like
aom

axe
InteszsidyAvailabiliiy conigendialit

Confidentia

Idesait
ANaikai

g:
CTA explain
Gaals of seuai
în_delall Paeviaugly Pzaefex
Secuai Related Rasic Teams

1Diaita signatuze: A disHal code Cgeneaates and

)hy publle key
an
eudhenHccettd
entaptian which attach o
:
aansmtaed documenk to Yeaify Hs
electaanically

tonients.and sendex'sidentity-

Non-Repudiaton Non-Repudiodlon is_assuaante hat

Someone cannoi deny Samelhin9

8: Caypto32aphy Aat of Watin9 orsolvIn3 code,

 Page
No
Date

Encayetion £ncayetion is the Canvexso

intoafoxm alled_ciphen feetthe
ed pee CannaA
acces asilyby unóuthaalsed people

5:Cipher lscmdedtext--

Paoæs ar
b. Deczyplian=DeaAYPtLON_ls
back Intaits ozisnal
encaypted data oamss
Con undexstood
DenialOf seavlce hCompLHdna dei.
o:
af
ttock is adempt to
machine oa nluxa
maRe machine Sexa
itended useas.
unovel loble to Hs

BStesanaixophy hepaadiseNan-secaet
of concealin
ina mesta
cnet
o3inFozmalian_Hhi0athear

'
textoa

SPoofin9: SPoofing is ottacker usíng"samek

nebodyel
TPaddaess
,