Virus is a computer program or software that connect itself to another software or computer

program to harm computer system. When the computer program runs attached with virus it
perform some action such as deleting a file from the computer system. Virus can’t be controlled by
remote.
Worms:
Worms is also a computer program like virus but it does not modify the program. It replicate itself
more and more to cause slow down the computer system. Worms can be controlled by remote.

TrojanHorse:
Trojan Horse does not replicate itself like virus and worms. It is a hidden piece of code which steal
the important information of user. For example, Trojan horse software observe the e-mail ID and
password while entering in web browser for logging.

Difference between Virus, Worm and Trojan Horse:

Virus Worm Trojan Horse

Virus is a software or
computer program that Trojan Horse rather than
connect itself to another Worms replicate replicate capture some
software or computer itself to cause slow important information about
program to harm computer down the computer a computer system or a
system. system. computer network.

Worms are also But Trojan horse does not

Virus replicates itself. replicates itself. replicate itself.

Worms can be Like worms, Trojan horse

Virus can’t be controlled by controlled by can also be controlled by
remote. remote. remote.

While spreading
rate of worms are And spreading rate of Trojan
Spreading rate of viruses are faster than virus and horse is slow in comparison
moderate. Trojan horse. of both virus and worms.

The main objective The main objective of Trojan

The main objective of virus to of worms to eat the horse to steal the
modify the information. system resources. information.

Worms are
executed via Trojan horse executes
Viruses are executed via weaknesses in through a program and
executable files. system. interprets as utility software.
What is penetration testing?

Penetration testing (or pen testing) is a security exercise where a cyber-security expert attempts to
find and exploit vulnerabilities in a computer system. The purpose of this simulated attack is to
identify any weak spots in a system’s defenses which attackers could take advantage of.

This is like a bank hiring someone to dress as a burglar and try to break into their building and gain
access to the vault. If the ‘burglar’ succeeds and gets into the bank or the vault, the bank will gain
valuable information on how they need to tighten their security measures.

Who performs pen tests?

It’s best to have a pen test performed by someone with little-to-no prior knowledge of how the
system is secured because they may be able to expose blind spots missed by the developers who
built the system. For this reason, outside contractors are usually brought in to perform the tests.
These contractors are often referred to as ‘ethical hackers’ since they are being hired to hack into a
system with permission and for the purpose of increasing security.

Many ethical hackers are experienced developers with advanced degrees and a certification for pen
testing. On the other hand, some of the best ethical hackers are self-taught. In fact, some are
reformed criminal hackers who now use their expertise to help fix security flaws rather than exploit
them. The best candidate to carry out a pen test can vary greatly depending on the target company
and what type of pen test they want to initiate.

What are the types of pen tests?

 Open-box pen test - In an open-box test, the hacker will be provided with some
information ahead of time regarding the target company’s security info.

 Closed-box pen test - Also known as a ‘single-blind’ test, this is one where the hacker is
given no background information besides the name of the target company.

 Covert pen test - Also known as a ‘double-blind’ pen test, this is a situation where
almost no one in the company is aware that the pen test is happening, including the IT
 and security professionals who will be responding to the attack. For covert tests, it is
especially important for the hacker to have the scope and other details of the test in
writing beforehand to avoid any problems with law enforcement.

 External pen test - In an external test, the ethical hacker goes up against the company’s
external-facing technology, such as their website and external network servers. In some
cases, the hacker may not even be allowed to enter the company’s building. This can
mean conducting the attack from a remote location or carrying out the test from a truck
or van parked nearby.

 Internal pen test - In an internal test, the ethical hacker performs the test from the
company’s internal network. This kind of test is useful in determining how much damage
a disgruntled employee can cause from behind the company’s firewall.

How is a typical pen test carried out?

Pen tests start with a phase of reconnaissance, during which an ethical hacker spends time gathering
data and information that they will use to plan their simulated attack. After that, the focus becomes
gaining and maintaining access to the target system, which requires a broad set of tools.

Tools for attack include software designed to produce brute-force attacks or SQL injections. There is
also hardware specifically designed for pen testing, such as small inconspicuous boxes that can be
plugged into a computer on the network to provide the hacker with remote access to that network.
In addition, an ethical hacker may use social engineering techniques to find vulnerabilities. For
example, sending phishing emails to company employees, or even disguising themselves as delivery
people to gain physical access to the building.

The hacker wraps up the test by covering their tracks; this means removing any embedded hardware
and doing everything else they can to avoid detection and leave the target system exactly how they
found it.

Penetration testing stages

The pen testing process can be broken down into five stages.
 1.Planningandreconnaissance
The first stage involves:

 Defining the scope and goals of a test, including the systems to be addressed and the testing
methods to be used.
 Gathering intelligence (e.g., network and domain names, mail server) to better understand how a
target works and its potential vulnerabilities.

2.Scanning
The next step is to understand how the target application will respond to various intrusion attempts.
This is typically done using:

 Static analysis – Inspecting an application’s code to estimate the way it behaves while running.
These tools can scan the entirety of the code in a single pass.
 Dynamic analysis – Inspecting an application’s code in a running state. This is a more practical way
of scanning, as it provides a real-time view into an application’s performance.

3.GainingAccess
This stage uses web application attacks, such as cross-site scripting, SQL injection and backdoors, to
uncover a target’s vulnerabilities. Testers then try and exploit these vulnerabilities, typically by
escalating privileges, stealing data, intercepting traffic, etc., to understand the damage they can
cause.

4.Maintainingaccess
The goal of this stage is to see if the vulnerability can be used to achieve a persistent presence in the
exploited system— long enough for a bad actor to gain in-depth access. The idea is to
imitate advanced persistent threats, which often remain in a system for months in order to steal an
organization’s most sensitive data.

5.Analysis
The results of the penetration test are then compiled into a report detailing:
 Specific vulnerabilities that were exploited
 Sensitive data that was accessed
 The amount of time the pen tester was able to remain in the system undetected

What is a vulnerability assessment?

A vulnerability assessment is the process of defining, identifying, classifying and prioritizing
vulnerabilities in computer systems, applications and network infrastructures.

Vulnerability assessments also provide an organization with the necessary knowledge, awareness
and risk backgrounds to understand and react to threats to its environment.

A vulnerability assessment process is intended to identify threats and the risks they pose. They
typically involve the use of automated testing tools, such as network security scanners, whose
results are listed in a vulnerability assessment report.

Organizations of any size, or even individuals who face an increased risk of cyber attacks, can benefit
from some form of vulnerability assessment, but large enterprises and other types of organizations
that are subject to ongoing attacks will benefit most from vulnerability analysis.

Because security vulnerabilities can enable hackers to access IT systems and applications, it is
essential for enterprises to identify and remediate weaknesses before they can be exploited. A
comprehensive vulnerability assessment, along with a management program, can help companies
improve the security of their systems.

Importance of vulnerability assessments

A vulnerability assessment provides an organization with details on any security weaknesses in its
environment. It also provides direction on how to assess the risks associated with those weaknesses.
This process offers the organization a better understanding of its assets, security flaws and overall
risk, reducing the likelihood that a cybercriminal will breach its systems and catch the business off
guard.

Types of vulnerability assessments

Vulnerability assessments discover different types of system or network vulnerabilities. This means
the assessment process includes using a variety of tools, scanners and methodologies to identify
vulnerabilities, threats and risks.

Some of the different types of vulnerability assessment scans include the following:

Network-based scans are used to identify possible network security attacks. This type of scan can
also detect vulnerable systems on wired or wireless networks.

Host-based scans are used to locate and identify vulnerabilities in servers, workstations or other
network hosts. This type of scan usually examines ports and services that may also be visible to
network-based scans. However, it offers greater visibility into the configuration settings and patch
history of scanned systems, even legacy systems.
Wireless network scans of an organization's Wi-Fi networks usually focus on points of attack in the
wireless network infrastructure. In addition to identifying rogueaccess points, a wireless network
scan can also validate that a company's network is securely configured.

Application scans test websites to detect known software vulnerabilities and incorrect

configurations in network or web applications.

Database scans can identify weak points in a database to prevent malicious attacks, such as SQL
injection attacks.

 he following table illustrates the fundamental differences between penetration testing and
vulnerability assessments −

Penetration Testing Vulnerability Assessments

Makes a directory of assets and resources in a

Determines the scope of an attack.
given system.

Tests sensitive data collection. Discovers the potential threats to each resource.

Gathers targeted information and/or Allocates quantifiable value and significance to

inspect the system. the available resources.

Attempts to mitigate or eliminate the potential

Cleans up the system and gives final report.
vulnerabilities of valuable resources.

It is non-intrusive, documentation and Comprehensive analysis and through review of

environmental review and analysis. the target system and its environment.

It is ideal for physical environments and

It is ideal for lab environments.
network architecture.

It is meant for critical real-time systems. It is meant for non-critical systems.

Cyber risk management means identifying, analysing, evaluating and addressing your organisation’s
cyber security threats.

The first part of the cyber security risk management process is a cyber risk assessment. This risk
assessment will provide a snapshot of the threats that might compromise your organisation’s cyber
security and how severe they are.

Based on your organisation’s risk appetite, your cyber risk management programme then
determines how to prioritise and respond to those risks.

The cyber security risk management process

Although specific methodologies vary, a risk management programme typically follows these steps:
Identify the risks that might compromise your cyber security. This usually involves identifying cyber
security vulnerabilities in your system and the threats that might exploit them.

Analyse the severity of each risk by assessing how likely it is to occur and how significant the impact
might be if it does.

Evaluate how each risk fits within your risk appetite (your predetermined level of acceptable risk).

Prioritise the risks.

Decide how to respond to each risk. There are generally four options:

Treat – modify the risk's likelihood and/or impact typically by implementing security controls.

Tolerate – make an active decision to retain the risk (e.g., it falls within the established risk
acceptance criteria).

Terminate – avoid the risk entirely by ending or completely changing the activity causing the risk.

Transfer – share the risk with another party, usually by outsourcing or taking out insurance.

Since cyber risk management is a continual process, monitor your risks to ensure they are still
acceptable, review your controls to ensure they are still fit for purpose, and make changes as
required. Remember that your risks continually change as the cyber threat landscape evolves, and
your systems and activities change.