IT Security and Physical Security

Assignment
Name: Sarang. R
SapID: 500095669
B:3

Ans 1: A vulnerability assessment is a systematic review of security

weaknesses in an information system. It evaluates if the system is susceptible
to any known vulnerabilities, assigns severity levels to those vulnerabilities,
and recommends remediation or mitigation, if and whenever needed.

Examples of threats that can be prevented by vulnerability assessment

include:

1. SQL injection, XSS and other code injection attacks.

2. Escalation of privileges due to faulty authentication mechanisms.
3. Insecure defaults- software that ships with insecure settings, such as a
guessable admin passwords.

Ans 2:An IT security audit reveals underlying vulnerabilities and security

risks in an organisation's IT assets. Identifying risks, however, has a positive
rippling effect on the organisation's overall security. How? We discuss them
point by point below:
1. Weighs your current security structure and protocols and helps you
define a standard for your organisation with the audit results.
2. Mitigates hacker-risks by discovering potential hacker entry points and
security flaws well in advance.
3. Verifies how compliant your 1T infrastructure is with top regulatory
bodies and helps you conform in accordance.
Finds lag in your organisation's security training and awareness and
helps you make informed decisions towards its betterment.
Ans 3: There are four classes of fire extinguishers-A, B, Cand D - and each

class can put out a different type of fire.

Class A extinguishers will put out fires in ordinary combustibles
including wood, cloth, rubber, paper, as well as many plastic materials.
Class B extinguishers are for use on flammable liquids like grease,
gasoline, solvents, lacquers, alcohols, oils and other similar substances.
Class C extinguishers are suitable for use only on electrically energized
equipment fires.
Class D extinguishers are designed for use on flammable metallic
substances like potassium and sodium.

Ans 4:1. Motion-sensor lights are a great way to add security lighting to
outdoor areas like entry doors, backyards, or swimming pool areas without
spending too much on your electric bills. Things to consider when installing
motion activated lights include the range in which you want the motion
sensor to detect activity and the size of the area that needs to be illuminated.
Another consideration is whether to use LED or incandescent bulbs. LED
bulbs cost more to purchase initially but have a much longer lifespan and use
considerably less energy.
2. LED flood lights are a source of very bright white light that covers a broad
area. These lights can be combined with a motion-sensor. They are generally
used in areas like the perimeter of homes, playgrounds, stadiums, or
warehouses. LED flood lights are extremely long-lasting and use a lot less
energy. The benefits of LED bulbs over incandescent bulbs has been well
documented over the years. While the cost of an LED bulb is higher at first,
the costs of operating a fixture with an LED light over the long-term is
generally much lower.
3. Solar flood lights are powered by the sun and a battery. During the day, the
sun charges the battery which powers the light in the evening. Solar flood
lights generally use LED bulbs and can be combined with motion-sensors.
The biggest advantage of solar flood lights is that they don't require any
wiring to set up. Just find a location that gets ample light and voila, you're up
and running. If you're considering a solar light, consider the quality of the
solar light you're investing in. Higher quality solar flood lights may be more
expensive, but they generally produce brighter light, have better battery
capacity, and are much more durable.
Ans 5: This Security Officer job description template is optimised for posting
to online job boards or careers pages and easy to customise for your company.
Similar job titles include Security Specialist and Facility Security Officer.
Security Officer responsibilities include
Patrolling premises regularly to maintain order and establish presence
Monitoring and authorising entrance of vehicles or people in the
property
Removing wrongdoers or trespassers from the area

Ans 6: VIRUS(Vital Information Resources Under Siege) is the malware that

supports Spyware-the process in which personal details are kept an eye on to
hack the accounts and reveal personal data. Virus can be a simple program
that affects the computer system and allows the hacker to get into your files.
Virus is nothing on its own and thus needs a host. The host helps the virus
get into other systems and execute it when triggered. The common route is
through emails, where the attachments contain the virus. Going into the
detailed structure of a 'virus', it has two parts the transmission mechanism
part that controls its transfer mechanism and the payload, the part
responsible for its execution. This second part is again divided into two parts
namely infection program mechanism and actual destructive component, this
part contains the virus code. Virus has the characteristics of self-replicating
and being non-detectable, which makes it easier for hackers to make viruses
to earn money illegally. When it comes to malware, not only the viruses but
the Trojan horse, Ransomware, worms also are included. Viruses are self-
replicating while Trojans are not, Ransomware done for ransom while worms
do not need a host, which makes it differ from viruses.
The typical life-cycle of a computer virus takes place in four stages; the
dormant phase, the propagation phase, the triggering phase, and the
execution phase.
During the dormant phase, the virus has accessed its victim's computer or
software, but it does not do anything yet. The virus will wait until a "trigger"
gives it the command to execute. This trigger could be anything from a
predefined date to the user taking a specific action, like double-clicking an
icon.
In the propagation phase, the virus is fruitful and multiplies. The virus will
start to insert copies of itself into other programs or areas on the disk. These
copies are often altered in some way to make detection more difficult.
The triggering phase is designated when the virus changes from being
dormant to being activated.
Finally, during the execution phase, the virus gets to work. The virus's
payload is released, and the end user will begin to notice problems with their
computer such as deleted files, the system-crashing, or endless popups on the
Screen.

Ans 7: Firewalls prevent unauthorised access to networks through software

or firmware. By utilising a set of rules, the firewall examines and blocks
incoming and outgoing traffic. Fencing your property protects your house
and keeps trespassers at bay; similarly, firewalls are used to secure a
computer network. Firewalls are network security systems that prevent
unauthorised access to a network. It can be a hardware or software unit that
filters the incoming and outgoing traffic within a private network, according
to a set of rules to spot and prevent cyberattacks. Firewalls are used in
enterprise and personal settings. They are a vital component of network
security. Most operating systems have a basic built-in firewall. However,
using a third-party firewall application provides better protection.
Firewalls ilter the network traffic within a private network. It analyses
which traffic should be allowed or restricted based on a set of rules. Think of
the firewall like a gatekeeper at your computer's entry point which only
allows trusted sources, or IP addresses, to enter your network. A firewall
welcomes only those incoming traffic that has been configured to accept. It
distinguishes between good and malicious traffic and either allows or blocks
specific data packets on pre-established security rules. These rules are based
on several aspects indicated by the packet data, like their source, destination,
content, and so on. They block traffic coming from suspicious sources to
prevent cyberattacks.