1.

Piece of code infect your device for damaging is computer virus

2. A software is set on your computer for spying on each action spyware
3. A weakness is in a system and can be exploit zero day
4. Computer security also known as information security And cyber security
5. Computer security aims for protecting digital information from theft or damage
6. Security goals are divided into confidentiality , availability and integrity (CIA)
7. Confidentiality try to hide information , keep information secret , revealing only to
authorized users
8. Weakness in security system that can be used to damage the system or steal
information is called Vulnerability
9. Integrity is the information that can be trusted And try to detect or prevent
unauthorized modification
10. Availability is access to information and resources and services are always available
to authorized users
11. Threat is a possible danger that might make use of a vulnerability
12. An assault on system security or any action compromises the security is Attack
13. Categories of vulnerabilities if:
Corrupted data mean loss of integrity
Leaky mean loss of confidentiality
Unavailable or very slow mean loss of availability
14. Use of the vulnerability and threats is called Attack
15. Types of attack are passive and active
16. Active attack affect on system operation while passive attack doesn’t affect on
system
17. Adversary one who is implements attack
18. Types of threats :
Disclosure: is unauthorized access to information
this threat to (Confidentiality – Integrity – Availability – All)

Deception: is acceptance of false data

This threat to (Confidentiality – Integrity – Availability – All)

Disruption: is interruption of correct operation

This threat to (Confidentiality – Integrity – Availability – All)

Usurpation: is unauthorized system control

This threat to (Confidentiality – Integrity – Availability – All)
19. Communication security try to prevent Attack or detect Attack
20. Write the types of attack on each diagram

21. An asset of the system is destroyed or becomes unavailable or disrupting traffic is

interruption which is an attack on (Confidentiality – Integrity – Availability – All)
22. Faking data or unauthorized party inserts into a system is fabrication which is an
attack on (Confidentiality – Integrity – Availability – All)
23. Overhearing over a communication line is interception which is an attack on
(Confidentiality – Integrity – Availability – All)
24. Corrupting transmitted data or tampering or change data before it reach its
destination is Modification which is an attack on (Confidentiality – Integrity –
Availability – All)
25. Passive attack that the attacker obtaining information without any modification and it
is (easy – difficult) to detect
26. Categories of passive attack is release of message contents And traffic analysis
27. Categories if active attack are masquerade , replay , modification of message and
denial of service (DOS)
28. Release of message is also called Snooping While traffic analysis is called Spoofing
29. Snooping refers to unauthorized access to data or interception of data
30. Spoofing refers to obtaining some other of information by monitoring online traffic
31. In traffic analysis (Spoofing) the attacker can determine the location and identity Of
the host
32. Modification of data is type of (Passive - Active) attack

33. When an entity pretends to be different entity is (Replay – Masquerade –

Modification of message) which is an attack on (Confidentiality – Integrity –
Availability – All)

34. Some portions of message are altered is (Replay – Masquerade – Modification of

message) which is an attack on (Confidentiality – Integrity – Availability – All)

35. Involves the passive capture of data and retransmission to produce an unauthorized
effect (Replay – Masquerade – Modification of message) which is an attack on
(Confidentiality – Integrity – Availability )

36. Snooping and traffic analysis (spoofing) are attack on (Confidentiality – Integrity –
Availability – All)

37. DOS is attack on (Confidentiality – Integrity – Availability – All)