of 50
7/30/2019 MODUL ICT 2
1/50
7/30/2019 MODUL ICT 2
2/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
3/50
1.3.3.1
State at least four type security measuresand it function to overcome the identified
computer threats appropriately.
1.3.3.2
Define the security procedures correctly.
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
4/50
Today, people rely on computers to create,store and manage Critical information. It isimportant that the computer and the datathey store are accessible and available
when needed. It Is Also important thatusers take measures to protect theircomputers and data from lost, damageand misused. Security measures mean theprecautionary measures taken toward
Possible danger or damage. There are 6type of security Measures.
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
5/50
TYPEAntivirus
Anti-Spyware
Cryptography Firewall
Data Backup
Humanaspects
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
6/50
Data Backup is a program of file duplication. Backupsof data applications are necessary so that they can
be recovered in case of an emergency.Depending on the importance of the information,
daily, weekly or biweekly backups from a hard diskcan be performed.
TYPE 1
TYPE 2
TYPE 3
TYPE 5
TYPE 4
TYPE 6
7/30/2019 MODUL ICT 2
7/50
Cryptography is a process of hiding information byaltering the actual information into different
representation, for example, an APA can bewritten as I? X.
Almost all cryptosystems depend on a key such as apassword like the numbers or a phrase that can be
used to encrypt or decrypt a message.The traditionaltype of cryptosystem used on a computer network is
called a symmetric secret key system.
TYPE 1
TYPE 2
TYPE 3
TYPE 5
TYPE 4
TYPE 6
7/30/2019 MODUL ICT 2
8/50
An antivirus program protects a computer againstviruses by identifying and removing any computer
viruses found in the computer memory, onstorage media or incoming e-mail files.
An antivirus program scans for programs that
attempt to modify the boot program, the operatingsystem and other programs that normally are read
from but not modified.
TYPE 1
TYPE 2
TYPE 3
TYPE 5
TYPE 4
TYPE 6
7/30/2019 MODUL ICT 2
9/50
IDENTIFYING VIRUSTwo technique are used to identify the virus.
VIRUS SIGNATURE INOCULATING A PROGRAM FILE
Also called a virus
definition is aspecific pattern of thevirus code.
The antivirus program records
information such as the file size and filecreation date in a separate inoculationfile.
The antivirus program then uses thisinformation to detect if a virus tampers
with the data describing the inoculatedprogram file.
If an antivirus program identifies an infected file, it attemptsto remove its virus, worm or Trojan horse. If the antivirusprogram cannot remove the infection, it often quarantines theinfected file. Quarantine is a separate area of a hard disk that
holds the infected file until the infection can be removed. Thisstep ensures other files will not become infected. Patents forinventions Utility, design or plant patents that protectinventions and improvements to existing inventions
TYPE 1
TYPE 2
TYPE 3
TYPE 5
TYPE 4
TYPE 6
7/30/2019 MODUL ICT 2
10/50
Spyware is a program placed on a computer without
the users knowledge. It secretly collects informationabout the user. The spyware program communicatesinformation to the outside source. An anti-spywareapplication program sometime called trackingsoftware or a spybot is used to remove spyware.
Among of the popular anti-spyware programs are: Spybot Search and Destroy Ad-aware Spyware Blaster
TYPE 1
TYPE 2
TYPE 3
TYPE 5
TYPE 4
TYPE 6
7/30/2019 MODUL ICT 2
11/50
Firewall is a piece of hardware or software whichfunctions in a networked environment to prevent some
communications forbidden by the securitypolicy. Firewall implement a security policy. It might
permit limited access from in or outside the networkperimeters or from certain user or for certain activities.
TYPE 1
TYPE 2
TYPE 3
TYPE 5
TYPE 4
TYPE 6
7/30/2019 MODUL ICT 2
12/50
TYPE 1
TYPE 2
TYPE 3
TYPE 5
TYPE 4
TYPE 6
7/30/2019 MODUL ICT 2
13/50
Human aspects refer to the user and also the intruderof a computer system. It is one of the hardest aspects
to give protection. The most common problem is
the lack of achieving a good information securityprocedure.
TYPE 1
TYPE 2
TYPE 3
TYPE 5
TYPE 4
TYPE 6
7/30/2019 MODUL ICT 2
14/50
TYPE 1
TYPE 2
TYPE 3
TYPE 5
TYPE 4
TYPE 6
7/30/2019 MODUL ICT 2
15/50
DATA PROTECTION
We need to protect the data in the computer as itmay somehow get lost or corrupted due to someviruses or mishap like fire, flood, lightning, machine
failures and even human errors.
There are a few ways to protect the informationnamely:
make backup files detect the virus and clean the computer
warn others on virus attacks
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
16/50
1) BACKUP FILES
Users can do backups of file systems by: keeping the duplicated files in external storage such as in
the floppy disk and thumb drive
do backup frequently
2) DETECT VIRUS AND DO CLEANUP
A computer virus is able to affect and infect the way theComputer works. Viruses can be detected when we run anantivirus program. We can also delete the infected files anddocuments.
3) WARN OTHERS ON VIRUS ATTACK
We can warn others on virus attacks or new viruses bysending e-mails to them.
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
17/50
DETECTING ILLEGAL ACCESS TO SYSTEMS
The computer system is able to detect any illegal accessto the system by a user who does not have anyauthorisation. Basically, a corporation will simply use
tcpwrappers and tripwire to detect any illegal access totheir system. User's access will be reviewed periodicallyby computer operations.On going internal audits will bemade to ensure detection of violations of security andunauthorised modifications to software and data .
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
18/50
TCPWRAPPERS
Tcpwrappers stop the attempted connection
examines its configuration files
will decide whether to accept or reject the request.
Tcpwrappers will control access at the application level,rather than at the socket level like iptables and ipchains.
The system will run tcpwrappers to log access to ftp, tftp,rch, rlogin, rexec and telnet
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
19/50
TRIPWIRE
Tripwire will detect and report on any changes in thethousands of strategic system files. The system will runtripwire to determine if system files have changed
PREVENTING ILLEGAL ACCESS TO SYSTEMS
Ways to prevent illegal access to systems:
1.Run anlpassword to make password cracking difficult.2.Run tcpwrappers to check if the name for an ip addresscan be provided by DNC
3.Use a callback system to prevent unauthorised use ofStolen passwords.
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
20/50
PREVENTING ILLEGAL ROOT ACCESS
To prevent any illegal root access, we should haveSudo, so that people can perform on some machinewithout getting access to the entire root if that is notrequired. In addition, with Sudo we did not have togive out the root password.
Sudo stands for (Superuser do) and is a program in Unix,Linux and similar operating systems such as Mac OS Xthat allows users to run programs in the form of anotheruser (normally in the form of the system's superuser).
Sudo allows a permitted user to execute a command asthe superuser or another user, as specified in thesudoers file.
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
21/50
PATCH
Patch supplies small updates to software, providedthat the source code is available.
Patch is a name of an UNIX utility. It applies a script
generated by the different program to a set of filesthat allows changes from one file to be directlyapplied to another file.
Resources are not enough to patch all security holesthat we hear about through the bugtraqlist.
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
22/50
Most complexCan audit
activitySomewhatcomplex
Screen basedon connection
rules
Sees onlyaddresses and
service protocol
service
Simple proxies cansubstitute for
complexaddressing rules
Screen based oninterpretation ofmessage content
SCREENING PROXY GATEWAY GUARD
Simplest
Sees full text ofcommunication
Sees full text ofcommunication
Auditing difficult Can audit activity
Screen based on behaviour
proxies
Complex addressing rulescan make configuration
tricky
Complex guard functionallycan limit assurance
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
23/50
NO STATEMENT TRUE FALSE
1 A Spyware application program is sometimes called
tracking software or a spybot
2 Spyware blaster is an example of firewallapplications
3 Proxy gateway is the simplest and in somesituations the most effective firewall
4 Screening Routers, Proxy Gateway and Guard aretype of Firewall.
5 Antivirus is a process that filters all traffic between aprotected or inside network and a less
trustworthy or outside network
6 Virus signature and inoculate a program file are thetechniques that are used to identify a virus
7 People run the antivirus program to detect viruses.
8 Tupperware and softwire are used to detect anyillegal access to the system.
9 Patch is the name of a UNIX utility that applies ascript generated by thedifferent program to a set of files
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
24/50
Daily backups of user file system
Warn others on virus attack
Detect virus and do clean up
Run antivirus programs to detectviruses
Keep copies in different storage
Send e-mails to other user on virusattack or new virus
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
25/50
1. Data Backup is ________________________
A : Used to store files
C : a computer virus
found on storage
media
D : a copy of
information that helps
in losing a file
B : a program of fileduplication
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
26/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
27/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
28/50
2. Firewall:I. implements a security policyII. keeps bad things outside a protected environmentIII. might permit limited access from in or outside thenetwork parameters or from certain users or for certainactivities
IV. identifies and removing any computer viruses found onstorage media, in the computer memory or incoming emailfiles
A : I, II and III
C : I, III and IV D : I, II, III and IV
B : I. II and IV
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
29/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
30/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
31/50
3. An antivirus program protects a computer against
viruses by __________
A : reading the operating
system and modifies it.
C : communicating and
passing the information to
the outsider
D : identifying & removing
any computer viruses
found on storage media,in
the computer memory
/incoming email files
B : installing a new virus
through the data receivedOBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
32/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
33/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
34/50
4. Which of the following statements is NOT TRUE aboutScreening Router?
A :Simplest
C :
Sees full text of
communication
D :
Screen bases on
connection rules
B :Auditing difficult
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
35/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
36/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
37/50
5. Which of the following are the features of HumanAspects?I. Individual Self Awareness.II. Organisation Self Awareness.III. Individual User Self Awareness.IV. Organisational User Self Awareness.
A :
I and IV
C :
II, III and IV
D :
All of the above
B :
II and III
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
38/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
39/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
40/50
6. Sudo stands for _______.
A :
Super soda
C :
Super document
D :
Systematic disease
B :
Superuser do
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
41/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
42/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
43/50
7. ________ is able to damage a program and infects theway the computer works.
A :
A sudo
C :
A system
D :
A libwarp
B :
A virus
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
44/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
45/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
46/50
8. _________ can determine if the system files havechanged.
A :Tripwire
C :
Courseware
D :
Tcpwrappers
B :Software
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
47/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
48/50
OBJECTIVE
INTRODUCTION
NOTE
EXERCISE
7/30/2019 MODUL ICT 2
49/50
Adakah anda pasti untuk keluar daripadaaplikasi ini?
YA TIDAK
The End.
Thank you.
7/30/2019 MODUL ICT 2
50/50
Are you sure to end this application?
YES NO