ASSIGNMENT 1

SEPTEMBER 2023 SEMESTER

SUBJECT CODE : CIS300

SUBJECT TITLE : INTERNET SECURITY

LEVEL : BACHELOR

STUDENT’S NAME : AJAY BALAMI

MATRIC NO. : C30105210041

PROGRAMME : BICT (Hons)

ACADEMIC :
FACILITATOR

LEARNING CENTRE : VIRINCHI, NEPAL

Question 1

There is a growing concern of Internet safety for all internet users nowadays.

Elaborate the statement above with any THREE (3) basic methods of securing your computer
from harm, especially from hackers and virus creators.

[15 Marks]
Answer:

Internet security refers to the measures and practices taken to protect computer systems,
networks, and data from unauthorized access, attacks, and damage on the internet.

Securing your computer from potential harm, especially from hackers and virus creators, is
crucial to protect your personal and sensitive information. Here are three basic methods to
enhance the security of your computer:

i. Encryption:

Encryption is a crucial cybersecurity technique that involves converting sensitive information

into a secure and unreadable format using algorithms and cryptographic keys. This process
ensures that only authorized parties with
the appropriate decryption keys can
access and understand the original
data. In the context of securing a
computer from hackers and virus
creators, encryption serves as a
formidable defense by protecting data at
rest, in transit, and during
communication. It is employed to
encrypt files, folders, and entire hard
drives, preventing unauthorized access Fig: Encryption and Decryption to
critical information. (ICO, 2020)

Additionally, encryption protocols like SSL/TLS secure online communications, while Virtual
Private Networks (VPNs) use encryption to establish secure connections over the internet. By
incorporating encryption into a comprehensive security strategy, individuals and organizations
can safeguard their sensitive data and enhance the overall resilience of their computer systems
against potential threats.
 ii. Firewalls:

Firewalls act as a barrier

between your computer and
potential unauthorized access
from the internet or local
networks. A firewall
monitors and controls
incoming and outgoing
network traffic based on
predetermined security
Fig: Encryption and Decryption
rules. Most operating (Tyson, 2019)
systems come with built-in
firewalls, and it's essential to ensure that they are enabled. Additionally, you can set up rules
to specify which applications are allowed to communicate over the network, providing an
extra layer of protection against unauthorized access.

iii. Regular Software Updates and Patch Management:

Keeping your operating system,

software applications, and plugins up
to date is crucial for security.
Developers release updates and
patches to fix vulnerabilities that
could be exploited by hackers. Enable
automatic updates when possible, and
regularly check for updates manually
to ensure that your system is protected
against known security flaws.
Attackers often target outdated
software to exploit vulnerabilities, so timely updates are an effective way to minimize these
risks.
In conclusion, a comprehensive security approach, combining the use of firewalls, antivirus
software, regular updates, and encryption, creates a robust defense system against potential
harm from hackers and virus creators. These methods work in tandem to fortify your
computer's security, safeguarding both your personal and professional data from various
cyber threats.
Question 2

a) There are several ways to categorize an Intrusion Detection System (IDS) depending on
the type and location of the sensors and the engine’s methodology to generate alerts.

Based on Figure 1, elaborate how sensors, console and engine are implemented in IDS.

Figure 1

Answer:

An Intrusion Detection System (IDS) is a security technology designed to monitor network or

system activities for malicious or suspicious behavior. The primary purpose of an IDS is to
identify and respond to potential security threats in real-time. There are two main types of IDS:
Network-based Intrusion Detection Systems (NIDS) and Host-based Intrusion Detection
Systems (HIDS). Both types typically consist of three main components: console, sensors, and
engine.

1. Console:

The console is the component of the IDS that provides the user interface and management
functionality. It allows security administrators to configure and customize the IDS, view alerts
and reports, and manage the overall system.Security administrators use the console to define
detection policies, set up alert thresholds, and customize responses to specific types of
incidents. The console serves as the central point of control for the IDS and provides a user-
friendly interface for monitoring and managing the security of the network or system.
 2. Sensors:

Sensors are responsible for collecting and analyzing data from the monitored network or
system. In a network-based IDS (NIDS), sensors are strategically placed at various points on
the network to capture and inspect network traffic. In a host-based IDS (HIDS), sensors are
deployed on individual hosts or devices to monitor activities occurring on those specific
systems. Sensors pass the collected data to the detection engine for analysis. They play a
crucial role in detecting anomalies or patterns indicative of a security incident.

3. Engine:

The detection engine is the core of the IDS, responsible for analyzing the data collected by
sensors and making decisions about whether a particular activity is normal or indicates a
security threat. The engine uses predefined rules and signatures to compare the observed
behavior against known attack patterns or deviations from normal behavior. If the engine
identifies suspicious or malicious activity based on its analysis, it generates alerts and, in some
cases, can initiate automated responses or notifications to security personnel. The detection
engine is continuously updated with new signatures and rules to stay current with emerging
threats.

In summary, an Intrusion Detection System is a multi-component security solution that

includes a console for management, sensors for data collection, and an engine for analysis and
decision-making. Together, these components work to identify and respond to security
incidents in real-time, helping organizations enhance their overall cybersecurity posture.

b) Identify and briefly explain the detection technique, as shown in Figure 2.

Figure 2
 [10 Marks]
[Total : 15 Marks]

END OF ASSIGNMENT QUESTION