Professional Documents
Culture Documents
DEEKSHITH S
ENG20CS0086
● Users
● Systems
● Applications
● Data
● firewalls
● intrusion detection systems (IDS)
● intrusion prevention systems (IPS)
● anti-virus software
● encryption
● restricting access to networks
This layer aims to prevent an attack from happening in the first place.
● Backup
● Encryption
● Patching systems
● Updating systems
● Upgrading systems
● Data storage
This layer aims to prevent data from being stolen or lost by unauthorized individuals. So if an
attack occurs through the system.
The main concern here is to ensure that the data cannot be accessed. By anyone other than
authorized users who are using authorized devices within authorized locations.
● multi-factor authentication
● application hardening
● penetration testing
● code reviews
● vulnerability assessment
Hackers can exploit these vulnerabilities leading to loss of money or confidential information.
Which can result in serious repercussions to brand reputation and customer loyalty.
This layer aims to prevent attacks against applications themselves through firewalls. Also,
IDS/IPS tools inspect traffic to applications for malicious content.
● Encryption
● Tokenization
● MFA mechanisms
This layer also provides a level of protection for data that is at rest or in motion. This is
accomplished through encryption, tokenization, and multi-factor authentication (MFA).
This layer also provides a level of protection for endpoints themselves and the data that is stored
on them.
So like business impact analysis (BIA), risk assessments, disaster recovery planning. It is
already done and it will be too late to reverse the effects of the attack and prevent any further
attacks.
Confidentiality:
hacking :
A commonly used hacking definition is the act of compromising digital devices and networks
through unauthorized access to an account or computer system. Hacking is not always a
malicious act, but it is most commonly associated with illegal activity and data theft by cyber
criminals.
Hacking refers to the misuse of devices like computers, smartphones, tablets, and networks to
cause damage to or corrupt systems, gather information on users, steal data and documents, or
disrupt data-related activity.
A traditional view of hackers is a lone rogue programmer who is highly skilled in coding and
modifying computer software and hardware systems. But this narrow view does not cover the true
technical nature of hacking. Hackers are increasingly growing in sophistication, using stealthy
attack methods designed to go completely unnoticed by cybersecurity software and IT teams.
They are also highly skilled in creating attack vectors that trick users into opening malicious
attachments or links and freely giving up their sensitive personal data.