1. What are the threats to Information System Security? Discuss each threat.

Information System Security encounters risks to data confidentiality, integrity, and

availability. Common threats:
 Malware: Viruses, worms, Trojans, ransomware, and spyware invade systems,
steal data, and disrupt operations.
 Social engineering: Manipulating people to get information or systems.
Phishing and impersonation are examples.
 Unauthorized Access: Hackers exploit weaknesses in networks, systems, and
applications to obtain access. They can steal data, change or remove it, interrupt
services, or utilize stolen systems for additional assaults.
 Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks:
These attacks overload systems or networks with traffic or requests, making
them inaccessible to normal users.
 Insider threats can be deliberate or unintended. Malicious insiders may steal or
leak sensitive data, while incompetent workers may accidently release data or
fall prey to social engineering assaults.
 Physical Threats: Hardware, storage media, and other important information
system components can be stolen, damaged, or destroyed. Data loss, system
unavailability, and unwanted access might ensue.
 Data Breaches: Unauthorized parties’ access sensitive data. Data breached for
financial gain, identity theft, or other criminal objectives.
 Advanced Persistent Threats (APTs): These sophisticated, targeted assaults
monitor, infiltrate, and exfiltrate data over time. They avoid detection by
circumventing security.
 System and Software Vulnerabilities: Attackers can use system and software
vulnerabilities to obtain unauthorized access or disrupt systems. These
vulnerabilities must be patched regularly.
 Mobile and Wireless Security Risks: Mobile devices and wireless networks are
portable, have minimal security safeguards, and can be intercepted or accessed.
To mitigate these threats, organizations need strong security policies, regular
updates and patches, employee training, strong access controls, encryption, network
monitoring, and incident response plans.
2. What is old generation Threats and New Generation Threats?

Old Generation dangers: Early internet and IT dangers. These risks predated improved
security safeguards and changed with technology. Older dangers include:
 Viruses: These dangerous programs proliferate and infect other files or systems,
inflicting damage or interrupting activities.
 Worms: Self-replicating malware that exploits network flaws to infect multiple
systems without human intervention.
 Trojans: Trojans, named after the Greek legendary horse, trick users into
downloading them by posing as legitimate software. Installed, they can execute
unlawful actions or provide attacker’s backdoor access.
 Phishing: Phishing attacks use false emails or texts to steal passwords, credit card
numbers, and login credentials.
 Spam: Unsolicited mass emails with fraudulent or harmful information.
Technology and dangers have created new generation threats. They target people,
organizations, and systems using complex methods and changing trends. Modern risks
include:
 Ransomware: Ransomware encrypts files and demands a ransom to unlock them.
Due of its profitability and widespread influence, it is a major danger.
 Advanced Persistent Threats (APTs): Skilled, resourced attackers launch covert,
focused assaults. They want long-term network access to steal data or spy.
 Insider Threats: Insider threats have been around for a long time, but the current
generation has realized their potential. By leaking data, stealing IP, or accidentally
disclosing critical information, malicious insiders or incompetent staff might do
significant damage.
 Fileless Malware: Untraceable fileless malware runs in memory without leaving
traces on the hard disk. It leverages legitimate apps or operating systems to do
crimes.
 IoT Threats: The quantity of connected devices increases the attack surface. IoT
risks entail hacking and exploiting networked devices including smart home,
medical, and industrial control systems.
 Supply Chain Attacks: Attackers hack trusted vendors or suppliers to inject
malware or backdoors into software upgrades or components. They can infiltrate
many systems or organizations via hacked software.
 Cloud security risks include unauthorized access, data breaches,
misconfigurations, and cloud service misuse as cloud computing becomes more
prevalent.
3. What is Infection Method and Action Method?

Infection Method: In the realm of cybersecurity, the infection method refers to the
techniques used by malicious software, such as malware, to infiltrate and gain access to a
targeted system or network. It encompasses various strategies employed by attackers to
spread their malware, including email attachments, drive-by downloads, malicious
websites or links, exploiting vulnerabilities, social engineering, and removable media.
Understanding the infection method helps security professionals identify potential entry
points and vulnerabilities that attackers may exploit, enabling them to implement
appropriate safeguards and preventive measures.
Action Method: The action method pertains to the activities performed by malware once
it has successfully infected a system or network. These actions depend on the specific
type and purpose of the malware. Common actions include data theft, remote control by
unauthorized individuals, system modifications to evade detection, formation of botnets
for malicious purposes, encryption of files for ransomware attacks, and capturing
sensitive information through keylogging or screen capture. By comprehending the action
method of malware, security practitioners can devise effective response plans and
implement countermeasures to mitigate the impact and limit the spread of malware within
an infected environment.

4-5. In your own idea/experience, how can you prevent viruses from attacking

your system?

Preventing viruses from attacking your system requires a proactive and multi-layered
approach to cybersecurity. Firstly, install reputable antivirus software and keep it updated
to detect and remove known threats. Secondly, regularly update your operating system,
applications, and plugins to patch vulnerabilities. Thirdly, practice safe browsing habits,
such as being cautious of suspicious links and email attachments. Additionally, educate
yourself about the latest cybersecurity threats and employ strong passwords with multi-
factor authentication. Lastly, back up your important data regularly to ensure quick
recovery in case of an attack. By implementing these preventive measures, you can
significantly reduce the risk of viruses and protect your system from potential damage
and data loss.