Paging ( 5 mark)

Paging is a function of memory management where a computer will store

and retrieve data from a device’s secondary storage to the primary storage.
Memory management is a crucial aspect of any computing device, and
paging specifically is important to the implementation of virtual memory.

There are two different types of computer

memory; primary and secondary. Primary storage data is temporary and
is frequently accessed by applications or other hardware systems. It is
typically stored in random access memory (RAM) for fast retrieval.
Secondary storage is where data in a computer is kept for longer periods of
time. Secondary storage is typically slower than primary. A typical
example of secondary memory could be a solid-state drive (SDD), for
example.

Virtual memory, what paging is used for often, is a memory management

technique where secondary memory can be used as if it were a part of the
main memory. Paging acts as an important part of virtual memory, as it
allows programs in secondary storage to exceed the available size of the
physical storage.

How paging works

Paging works by writing data to, and reading it from, secondary

storage for use in primary storage. Paging is a basic function in memory
management for a computer's operating system (OS) as well -- this includes
Windows, Unix, Linux and macOSs.

In a memory management system that takes advantage of paging, the OS

reads data from secondary storage in blocks called pages, all of which have

1
identical size. The physical region of memory containing a single page is
called a frame. When paging is used, a frame does not have to comprise a
single physically contiguous region in secondary storage. This approach
offers an advantage over earlier memory management methods, because it
facilitates more efficient and faster use of storage.

Risk analysis ( 5 mark)

Risk analysis defines the review of risks related to the specific action or event.
The risk analysis is used to information technology, projects, security issues
and some other event where risks can be analysed based on a quantitative and
qualitative basis.

There are some steps followed by a risk analysis process are as follows −

 Establish the Risk Assessment Team − The risk assessment team

will be answerable for the collection, analysis, and documenting of
the assessment results to management. It is essential that some
aspects of the activity work flow be defined on the team, such as
human resources, administrative processes, automated systems, and
physical security.
 Set the scope of the Project − The assessment team should
recognize at the outset the goals of the assessment project,
department, or functional events to be assessed, the responsibilities
of the members of the team, the personnel to be interviewed, the
standards to be used, documentation to be inspected and operations
to be checked.
 Identify assets covered by the Assessment − Assets can involve,
but are not defined to, personnel, hardware, software, data (such as
classification of sensitivity and criticality), facilities and current

2
 controls that security those assets. It is the key to recognize all
assets related to the assessment project determined in the scope.
 Categorize Potential Losses − It can identify the losses that can
result from some type of damage to an asset. Losses can result from
physical damage, denial of service, alteration, unauthorized access
or disclosure. Losses can be intangible, including the loss of the
organizations’ credibility.
Firewall( 5 mark)
A firewall can be represented as a specific type of network security device or a
software program that monitors and filters incoming and outgoing network
traffic based on a represented group of security rules. It facilitates as a barrier
between inside private networks and outside sources (such as the public
Internet).

The objective of a firewall is to enable non-threatening traffic and avoid

malicious or unwanted data traffic for securing the computer from viruses and
attacks. A firewall is a cybersecurity tool that filters network traffic and
supports users block malicious software from accessing the web in infected
computers.

Firewalls can be executed in both hardware and software. Firewalls are

generally used to avoid unauthorized Internet users from accessing private
networks connected to the Internet, such as intranets. All messages accessing or
leaving the intranet move through the firewall, which determines each message
and blocks those that do not meet the defined security element.

Firewalls use multiple methods to control traffic flowing in and out of the
network which are as follows −

3
  Packet filtering − Packets (small chunks of data) are analysed
against a group of filters. Packets that create it through the filters
are sent to the requesting system and some discarded.
 Proxy service − Information from the Internet is fetched by the
firewall and then sent to the requesting system, etc.
 Stateful inspection − A current approach that doesn’t determine
the contents of each packet but instead compares specific key
element of the packet to a database of trusted information.

System Security Threats 10 mark

Computer security threats are potential threats to your computer’s efficient
operation and performance. These could be harmless adware or dangerous
trojan infection. As the world becomes more digital, computer security concerns
are always developing. A threat in a computer system is a potential danger that
could jeopardize your data security. At times, the damage is irreversible.

Types of Threats:
A security threat is a threat that has the potential to harm computer systems and
organizations. The cause could be physical, such as a computer containing
sensitive information being stolen. It’s also possible that the cause isn’t
physical, such as a viral attack.

1. Physical Threats: A physical danger to computer systems is a potential

cause of an occurrence/event that could result in data loss or physical damage. It
can be classified as:
 Internal: Short circuit, fire, non-stable supply of power, hardware
failure due to excess humidity, etc. cause it.
 External: Disasters such as floods, earthquakes, landscapes, etc.
cause it.

4
  Human: Destroying of infrastructure and/or hardware, thefts,
disruption, and unintentional/intentional errors are among the threats.
2. Non-physical threats: A non-physical threat is a potential source of an
incident that could result in:
 Hampering of the business operations that depend on computer
systems.
 Sensitive – data or information loss
 Keeping track of other’s computer system activities illegally.
 Hacking id & passwords of the users, etc.
The non-physical threads can be commonly caused by:

(i) Malware: Malware (“malicious software”) is a type of computer program

that infiltrates and damages systems without the users’ knowledge. Malware
tries to go unnoticed by either hiding or not letting the user know about its
presence on the system. You may notice that your system is processing at a
slower rate than usual. 
(ii) Virus: It is a program that replicates itself and infects your computer’s files
and programs, rendering them inoperable. It is a type of malware that spreads
by inserting a copy of itself into and becoming part of another program. It
spreads with the help of software or documents. They are embedded with
software and documents and then transferred from one computer to another
using the network, a disk, file sharing, or infected e-mail. They usually appear
as an executable file.
(iii) Spyware: Spyware is a type of computer program that tracks, records, and
reports a user’s activity (offline and online) without their permission for the
purpose of profit or data theft. Spyware can be acquired from a variety of
sources, including websites, instant chats, and emails. A user may also
unwittingly obtain spyware by adopting a software program’s End User License
Agreement.

5
Adware is a sort of spyware that is primarily utilized by advertising. When you
go online, it keeps track of your web browsing patterns in order to compile data
on the types of websites you visit.
(iv) Worms: Computer worms are similar to viruses in that they replicate
themselves and can inflict similar damage. Unlike viruses, which spread by
infecting a host file, worms are freestanding programs that do not require a host
program or human assistance to proliferate. Worms don’t change programs;
instead, they replicate themselves over and over. They just eat resources to
make the system down.
(v) Trojan: A Trojan horse is malicious software that is disguised as a useful
host program. When the host program is run, the Trojan performs a
harmful/unwanted action. A Trojan horse, often known as a Trojan, is malicious
malware or software that appears to be legal yet has the ability to take control of
your computer. A Trojan is a computer program that is designed to disrupt,
steal, or otherwise harm your data or network.
Computer Virus 5 mark

Computer viruses are unwanted software programs or pieces of code that

interfere with the functioning of the computer. They spread through
contaminated files, data, and insecure networks. Once it enters your system, it
can replicate to produce copies of itself to spread from one program to another
program and from one infected computer to another computer. So, we can say
that it is a self-replicating computer program that interferes with the functioning
of the computer by infecting files, data, programs, etc.

There are many antiviruses, which are programs that can help you protect your
machine from viruses. It scans your system and cleans the viruses detected
during the scan. Some of the popular antiviruses include Avast, Quickheal,
McAfee, Kaspersky, etc.

Types of Computer Virus:

Overwrite Virus:

It is the simplest computer virus that overwrites the code of the host computer
system's file with its own malicious code. The content of the infected file is
6
replaced partially or completely without changing the size of the file. Thus, it
destroys the original program code by overwriting it with its defective code.
The infected files must be deleted or replaced with a new copy as this virus
cannot be removed or disinfected.

Append Virus:

As the name suggests, this virus appends its malicious code to the end of the
host program's file. After that, it alters the file's header in a way that the file's
header is redirected to the start of the malicious code of the append virus. Thus,
this code is executed each time the program runs. However, it does not destroy
the host program; rather, it modifies it in a way that it holds the virus code and
enables the code to run itself.

Macro Virus

Macro virus alters or infects the macros of a document or data file. It is

embedded as a macro in a document and adds its codes to the macros of the
document. The virus spreads when infected documents or data files are opened
in other computers.

It also spreads through software programs, which execute macros such as Ms

Word, Ms Excel. Each time a document is opened using these programs, other
related documents will also get infected.

The first macro virus, which was named concept, spread through emails with
attached Ms Word documents. It infected MsWord 6.0 and Ms Word 95
documents, which were saved using Save As option. Fortunately, it did not
cause any harm, except for displaying a message on the screen.

Boot Virus

Boot virus or boot sector virus alters the boot sector program stored in the hard
disk or any other storage device such as floppy disks. It replaces the boot sector
program with its own malicious version. It infects the computer only when it is
used to boot up the computer. If it enters after the boot-up process, it will not
infect the computer. For example, if someone forgets to remove the infected
floppy disk when the pc is turned off and then turns on this pc, it runs the
infected boot sector program during the booting process.

Usually, it enters into your system through corrupt media files, infected storage
devices, and insecure computer networks. The spread of this virus is very rare
these days due to the decline in the use of floppy disk and use of boot-sector
safeguards in the present-day operating systems.

7
Resident Virus

The resident virus stays permanently in the primary memory (RAM) of the
computer. When you start the computer, it becomes active and corrupts the files
and programs running on the computer.

Computer Security and its Challenges ( 10 mark)

There are three main objectives of computer security, which are also referred
has CIA triads.
1. Confidentiality
2. Integrity
3. Availability
1. Confidentiality :
 Data confidentiality – 
It is a property which ensures that any private information that can be
harmful if it is disclosed to any unauthorized person should only be
disclosed to a legit authorization so that no one can take advantage of
someone’s personal information.
 Privacy – 
It is the property of the digital world that ensures that one can have
the right that any information which is related to them should be
stored by whomsoever they want and no other person should look
through their information or share it without their consent. If
information is shared without consent it is a breach of privacy which
is a punishable offence.
2. Integrity :
 Data integrity – 
It ensures that the system and information is changed in the way that
user want and it is not breached by any third party with an intent to
harm.
 System integrity – 
This ensures that the system should work in the manner as it is
designed to perform and its performance is not manipulated by
anyone else, that is any third party which manipulated the system to
work according to their wishes rather than the users.
3. Availability : 
This ensures that system should work fine and should denied access to an
authorized user. 
Computer Security Challenges :
1. Security is not simple it requires a lot of research and money
2. Potential attacks on the security features need to be considered.
3. Procedures used to provide particular services are often counter-
intuitive.
8
4. It is necessary to decide where to use the various security
mechanisms.
5. Requires constant monitoring.
6. Security mechanisms typically involve more than a particular
algorithm or protocol.
7. Security is essentially a battle of wits between a perpetrator and the
designer.
8. Little benefit from security investment is perceived until a security
failure occurs.
9. Strong security is often viewed as an impediment to efficient and
user-friendly operation.