SALEM UNIVERSITY LOKOJA, NIGERIA

COLLEGE OF INFORMATION AND COMMUNICATION TECHNOLOGY

COURSE TITLE: CERTIFIED SECURE COMPUTER USER

COURSE CODE: CIT 101
CREDIT UNIT: 1

Course content of certified secure computer user

 The Certified Secure Computer User (CSCU) certification typically covers a

range of topics related to computer security and best practices for ensuring
data and system safety. The course content may vary depending on the
organization or training provider offering the certification, but here are some
common topics you can expect to be covered:
 Introduction to Security:
-fundamentals of computer and network security.
 Securing Operating Systems: Best practices for securing various operating
systems, including Windows, Linux, and macOS.
 Network Security:
 Aspect of network security
 Security Threats: .
 System Security
 Type of system security: .
 Data Encryption
 Types of data encryption
  Password cracking and types of password cracking
 Fundamental concepts of security
 Layers of security
 Basic computer security checklist

INTRODUCTION TO SECURITY

Security is the practice of safeguarding assets, information, and resources from

threats and risks. The primary goal of security is to protect against unauthorized
access, damage, theft, or harm to individuals, organizations, or systems. Security
measures can include encryption, access controls and security policies, all
designed to mitigate potential threats and maintain a safe environment.

Security is the state of wellbeing of information and infrastructure.

Why security

1. Computer security is important for protecting the confidentiality,

integrity, and availability of computer systems and their resources

2. Evolution of technology has focused on the ease of use while the

skill level need ed for exploits has decreased.

3. Computer administration and management have become more

complex which produces more attack avenues
 4. Network environments and network-based applications provides
more attack paths.

What to Secure

 Hardware

Laptops, desktop PCs, CPU, hard disk, storage devices, cables etc.

 Software

Operating system and software applications

 Information

Personal identification such social security number (SSN), passwords,

credit card number etc.

 Communications

Emails, instant messengers, and browsing activities.

Fundamentals of computer and network security

Computer and network security are crucial in protecting data and systems from
unauthorized access, data breaches, and cyber threats. Here are some
fundamental concepts:
1. Authentication: The process of verifying the identity of users or systems
trying to access a network or computer. Common methods include
passwords, biometrics, and two-factor authentication.
2. Authorization: After authentication, determining what actions and
resources users or systems are allowed to access based on their
permissions.
3. Encryption: The process of converting data into a coded format to prevent
unauthorized access. Common encryption methods include AES and RSA.
4. Firewalls: Security mechanisms that control incoming and outgoing
network traffic based on an organization's previously established security
policies.
5. Intrusion Detection and Prevention Systems (IDS/IPS): Tools that monitor
network traffic for suspicious activity and can either alert administrators
(IDS) or take automated actions to block threats (IPS).
6. Vulnerability Assessment: The process of identifying and assessing
weaknesses in a system's security, often through automated scanning tools.
7. Patch Management: Keeping software and systems up to date with the
latest security patches and updates to fix known vulnerabilities.
8. Security Policies: Written guidelines and rules that define an organization's
security objectives, responsibilities, and procedures.
9. Phishing Awareness: Training users to recognize and avoid phishing emails
and websites, which are common tactics used by cybercriminals to steal
information.
10. Network Segmentation: Dividing a network into smaller, isolated segments
to limit the spread of threats and reduce the attack surface.
 11.Incident Response: A plan and process for responding to security incidents,
including steps to contain, mitigate, and recover from breaches.
12.Backup and Disaster Recovery: Regularly backing up data and having a plan
in place to recover it in case of data loss or system failure.
13.Security Updates and Patching: Regularly applying security updates and
patches to software and systems to fix known vulnerabilities.
14.User Education and Awareness: Training users and employees on security
best practices to reduce human error-related security risks.
15.Antivirus and Anti-malware: Software that scans for and removes malicious
software and viruses from computers and networks.
16.Physical Security: Protecting physical access to computer systems and data
centers to prevent unauthorized access.
17.Security Auditing and Logging: Monitoring and recording events and
activities on systems for later analysis and auditing.
18.Penetration Testing: Ethical hacking to identify vulnerabilities by simulating
real-world attacks on a system or network.
19.Zero Trust Security: A security model that assumes no trust, even within an
organization's network, and verifies every access request.
20.Security Complian ce: Adhering to industry-specific security standards and
regulations (e.g., GDPR, HIPAA) to ensure legal and ethical data handling.

TYPES OF SECURITY

It encompasses various aspects, including

1 physical security: is the protection of personnel, hardware, software, networks

and data from physical actions and events that could cause serious loss or
damage to an enterprise, agency or institution. This includes protection from fire,
flood, natural disasters, burglary, theft, vandalism and terrorism .

2 cybersecurity: Cybersecurity is the protection of internet-connected systems

such as hardware, software and data from cyberthreats. The practice is used by
individuals and enterprises to protect against unauthorized access to data
centers and other computerized systems.

3 personnel security: Personnel security protects your people, information, and

assets by enabling your organisation to: reduce the risk of harm to your people,
customers and partners. reduce the risk of your information or assets being lost,
damaged, or compromised.

Network Security refers to the measures taken by any enterprise or organization

to secure its computer network and data using both hardware and software
systems. This aims at securing the confidentiality and accessibility of the data and
network. Every company or organization that handles a large amount of data, has
a degree of solutions against many cyber threats.

The most basic example of Network Security is password protection which the
user of the network oneself chooses. In recent times, Network Security has
become the central topic of cyber security with many organizations inviting
applications from people who have skills in this area. The network security
solutions protect various vulnerabilities of the computer systems such as:

Users

Locations

Data

Devices
Applications

Benefits of Network Security

Network Security has several benefits, some of which are mentioned below:

 Network Security helps in protecting clients’ information and data

which ensures reliable access and helps in protecting the data from
cyber threats.
 Network Security protects the organization from heavy losses that
may have occurred from data loss or any security incident.
 It overall protects the reputation of the organization as it protects
the data and confidential items.

Working on Network Security

The basic principle of network security is protecting huge stored data and
networks in layers that ensure the bedding of rules and regulations that have to
be acknowledged before performing any activity on the data.

These levels are:

Physical Network Security

Technical Network Security

Administrative Network Security

These are explained below:

1. Physical Network Security: This is the most basic level that includes protecting
the data and network through unauthorized personnel from acquiring control
over the confidentiality of the network. These include external peripherals and
routers that might be used for cable connections. The same can be achieved by
using devices like biometric systems.

2. Technical Network Security: It primarily focuses on protecting the data stored

in the network or data involved in transitions through the network. This type
serves two purposes. One is protected from unauthorized users, and the other is
protected from malicious activities.

3. Administrative Network Security: This level of network security protects user

behavior like how the permission has been granted and how the authorization
process takes place. This also ensures the level of sophistication the network
might need for protecting it through all the attacks. This level also suggests
necessary amendments that have to be done to the infrastructure.

Types of Network Security

The few types of network securities are discussed below:

Access Control

Antivirus and Anti-Malware Software

Cloud Security

Email Security

Firewalls

Application Security

Intrusion Prevention System(IPS)

1. Access Control: Not every person should have a complete allowance for the
accessibility to the network or its data. One way to examine this is by going
through each personnel’s details. This is done through Network Access Control
which ensures that only a handful of authorized personnel must be able to work
with the allowed amount of resources.

2. Antivirus and Anti-malware Software: This type of network security ensures

that any malicious software does not enter the network and jeopardize the
security of the data. Malicious software like Viruses, Trojans, and Worms is
handled by the same. This ensures that not only the entry of the malware is
protected but also that the system is well-equipped to fight once it has entered.
3. Cloud Security: Now a day, a lot of many organizations are joining hands with
cloud technology where a large amount of important data is stored over the
internet. This is very vulnerable to the malpractices that few unauthorized dealers
might pertain to. This data must be protected and it should be ensured that this
protection is not jeopardized by anything. Many businesses embrace SaaS
applications for providing some of their employees the allowance of accessing the
data stored in the cloud. This type of security ensures creating gaps in the
visibility of the data.

4. Email Security: Email Security depicts the services, and products designed to
protect the Email Account and its contents safe from external threats. For
Example, you generally see, fraud emails are automatically sent to the Spam
folder. because most email service providers have built-in features to protect the
content.

5. Firewalls: A firewall is a network security device, either hardware or software-

based, which monitors all incoming and outgoing traffic and based on a defined
set of security rules accepts, rejects, or drops that specific traffic. Before Firewalls,
network security was performed by Access Control Lists (ACLs) residing on
routers.

6 Application Security: Application security denotes the security precautionary

measures utilized at the application level to prevent the stealing or capturing of
data or code inside the application. It also includes the security measurements
made during the advancement and design of applications, as well as techniques
and methods for protecting the applications whenever.

7. Intrusion Prevention System(IPS): An intrusion Prevention System is also known

as Intrusion Detection and Prevention System. It is a network security application
that monitors network or system activities for malicious activity. The major
functions of intrusion prevention systems are to identify malicious activity, collect
information about this activity, report it, and attempt to block or stop it.
Data encryption is a crucial security technique that transforms plaintext
(readable) data into ciphertext (unreadable) using mathematical algorithms and
encryption keys. This process ensures the confidentiality and privacy of sensitive
information, making it challenging for unauthorized parties to access the data.

Types of data encryption

1. Encryption Algorithms: Encryption relies on complex mathematical

algorithms, such as AES (Advanced Encryption Standard), These algorithms
determine how data is transformed into ciphertext and back into plaintext.

2. Encryption Keys: Encryption requires encryption keys—secret values used

to perform the encryption and decryption processes. There are two main types:
symmetric and asymmetric keys.

 Symmetric Encryption: In symmetric encryption, the same key is used for

both encryption and decryption. It's faster but requires secure key
management.
 Asymmetric Encryption: Asymmetric encryption uses a pair of keys: a public
key for encryption and a private key for decryption. This approach is widely
used for secure communications and digital signatures.

3. Data at Rest: Encrypting data at rest means protecting files and data stored
on devices or servers, preventing unauthorized access if the physical device is
stolen or compromised.

4. Data in Transit: Encryption is used to secure data as it travels over networks

or the internet. Protocols like SSL/TLS are commonly used for encrypting web
traffic, ensuring that data remains confidential during transmission.
5. End-to-End Encryption: This ensures that data is encrypted on the sender's
side and only decrypted on the recipient's side, this preventing service providers
from accessing the plaintext.

6. Data in Use: Protecting data while it's being processed in memory or

applications is another layer of security, although it's more challenging to
implement.

7. Key Management: Proper key management is essential for encryption. It

involves generating, storing, and protecting encryption keys to prevent
unauthorized access. Key rotation and secure storage are critical components.

Advantages of Data Encryption:

1. Encryption is a low-cost solution.

2. Data encryption keeps information distinct from the security of the
device on which it is stored. Encryption provides security by allowing
administrators to store and send data via insecure channels.
3. Regulatory Fines Can Be Avoided With Encryption
4. Remote Workers Can Benefit from Encryption
5. If the password or key is lost, the user will be unable to open the
encrypted file. Using simpler keys in data encryption, on the other
hand, makes the data insecure, and anybody may access it at any time.
6. Encryption improves the security of our information.
7. Consumer Trust Can Be Boosted by Encryption

Disadvantages of Data Encryption:

1. If the password or key is lost, the user will be unable to open the
encrypted file. Using simpler keys in data encryption, on the other
hand, makes the data insecure, and anybody may access it at any time.
 2. Data encryption is a valuable data security approach that necessitates
a lot of resources, such as data processing, time consumption, and the
use of numerous encryption and decryption algorithms. As a result, it is
a somewhat costly approach.
3. Data protection solutions might be difficult to utilize when the user
layers them for contemporary systems and applications. This might
have a negative influence on the device’s normal operations.
4. If a company fails to realize any of the restrictions imposed by
encryption techniques, it is possible to set arbitrary expectations and
requirements that might undermine data encryption protection.

SYSTEM SECURITY

The security of a computer system is a crucial task. It is a process of ensuring the

confidentiality and integrity of the OS. Security is one of most important as well as
the major task in order to keep all the threats or other malicious tasks or attacks
or program away from the computer’s software system.

A system is said to be secure if its resources are used and accessed as intended
under all the circumstances, but no system can guarantee absolute security from
several of various malicious threats and unauthorized access.

The security of a system can be threatened via two violations:

Threat: A program that has the potential to cause serious damage to the system.

Attack: An attempt to break security and make unauthorized use of an asset.

Security violations affecting the system can be categorized as malicious and

accidental threats. Malicious threats, as the name suggests are a kind of harmful
computer code or web script designed to create system vulnerabilities leading to
back doors and security breaches. Accidental Threats, on the other hand, are
comparatively easier to be protected against. Example: Denial of Service DDoS
attack.

Security can be compromised via any of the breaches mentioned:

Breach of confidentiality: This type of violation involves the unauthorized reading

of data.

Breach of integrity: This violation involves unauthorized modification of data.

Breach of availability: It involves unauthorized destruction of data.

Theft of service: It involves the unauthorized use of resources.

Denial of service: It involves preventing legitimate use of the system. As

mentioned before, such attacks can be accidental in nature.

Security System Goal:

Henceforth, based on the above breaches, this are the following security goals

Integrity:

The objects in the system mustn’t be accessed by any unauthorized user & any
user not having sufficient rights should not be allowed to modify the important
system files and resources.

Secrecy:
The objects of the system must be accessible only to a limited number of
authorized users. Not everyone should be able to view the system files.

Availability:

All the resources of the system must be accessible to all the authorized users i.e.
only one user/process should not have the right to hog all the system resources. If
such kind of situation occurs, denial of service could happen. In this kind of
situation, malware might hog the resources for itself & thus preventing the
legitimate processes from accessing the system resources.

Threats can be classified into the following two categories:

Program Threats:

A program was written by a cracker to hijack the security or to change the

behavior of a normal process. In other words, if a user program is altered and
further made to perform some malicious unwanted tasks, then it is known as
Program Threats.

Types of Program Threats:

Virus:

An infamous threat, known most widely. It is a self-replicating and malicious

thread that attaches itself to a system file and then rapidly replicates itself,
modifying and destroying essential files leading to a system breakdown.

Further, Types of computer viruses can be described briefly as follows:

– file/parasitic – appends itself to a file

– boot/memory – infects the boot sector

– macro – written in a high-level language like VB and affects MS Office files

– source code – searches and modifies source codes

– polymorphic – changes in copying each time

– encrypted – encrypted virus + decrypting code

– stealth – avoids detection by modifying parts of the system that can be used to
detect it, like the read system

call

– tunneling – installs itself in the interrupt service routines and device drivers

– multipartite – infects multiple parts of the system

Trojan Horse:

A code segment that misuses its environment is called a Trojan Horse. They seem
to be attractive and harmless cover programs but are really harmful hidden
programs that can be used as the virus carrier. In one of the versions of Trojan,
the User is fooled to enter confidential login details on an application. Those
details are stolen by a login emulator and can be further used as a way of
information breaches. One of the major as well as a serious threat or
consequences of the Trojan horse is that it will actually perform proper damage
once installed or run on the computer’s system but at first, a glance will appear to
be useful software and later turns out to be maliciously unwanted one.
Another variance is Spyware, Spyware accompanies a program that the user has
chosen to install and download ads to display on the user’s system, thereby
creating pop-up browser windows and when certain sites are visited by the user,
it captures essential information and sends it over to the remote server. Such
attacks are also known as Convert Channels

Trap Door:

The designer of a program or system might leave a hole in the software that only
he is capable of using, the Trap Door works on similar principles. Trap Doors are
quite difficult to detect as to analyze them, one needs to go through the source
code of all the components of the system. In other words, if we may have to
define a trap door then it would be like, a trap door is actually a kind of a secret
entry point into a running or static program that actually allows anyone to gain
access to any system without going through the usual security access procedures.

Logic Bomb:

A program that initiates a security attack only under a specific situation. To be

very precise, a logic bomb is actually the most malicious program which is
inserted intentionally into the computer system and that is triggered or functions
when specific conditions have been met for it to work.

Worm:
A computer worm is a type of malware that replicates itself and infects other
computers while remaining active on affected systems. A computer worm
replicates itself in order to infect machines that aren’t already infested. It
frequently accomplishes this by taking advantage of components of an operating
system that are automatic and unnoticed by the user. Worms are frequently
overlooked until their uncontrolled replication depletes system resources, slowing
or stopping other activities.

Types of System Threats –

Aside from the program threats, various system threats are also endangering the
security of our system:
1. Worm:
An infection program that spreads through networks. Unlike a virus, they target
mainly LANs. A computer affected by a worm attacks the target system and
writes a small program “hook” on it. This hook is further used to copy the worm
to the target computer. This process repeats recursively, and soon enough all
the systems of the LAN are affected. It uses the spawn mechanism to duplicate
itself. The worm spawns copies of itself, using up a majority of system resources
and also locking out all other processes.

The basic functionality of the worm can be represented as:

2. Port Scanning:
It is a means by which the cracker identifies the vulnerabilities of the system to
attack. It is an automated process that involves creating a TCP/IP connection to
a specific port. To protect the identity of the attacker, port scanning attacks are
launched from Zombie Systems, that is systems that were previously
independent systems that are also serving their owners while being used for
such notorious purposes.
3. Denial of Service:
Such attacks aren’t aimed for the purpose of collecting information or
destroying system files. Rather, they are used for disrupting the legitimate use
of a system or facility.
These attacks are generally network-based. They fall into two categories:
– Attacks in this first category use so many system resources that no useful work
can be performed.
For example, downloading a file from a website that proceeds to use all
available CPU time.
– Attacks in the second category involve disrupting the network of the facility.
These attacks are a result of the abuse of some fundamental TCP/IP principles.
the fundamental functionality of TCP/IP.
Security Measures Taken –
To protect the system, Security measures can be taken at the following levels:

 Physical:
The sites containing computer systems must be physically secured
against armed and malicious intruders. The workstations must be
carefully protected.
 Human:
Only appropriate users must have the authorization to access the
system. Phishing (collecting confidential information) and Dumpster
Diving (collecting basic information so as to gain unauthorized access)
must be avoided.
 Operating system:
The system must protect itself from accidental or purposeful security
breaches.
 Networking System:
Almost all of the information is shared between different systems via a
network. Intercepting these data could be just as harmful as breaking
into a computer. Henceforth, Network should be properly secured
against such attacks

Certainly, let's dive deeper into some of the key aspects of system security:

Access Control: Access control is about managing who has permission to access a
system. This involves user authentication (verifying a user's identity) and
authorization (determining what actions or resources a user can access). Access
control mechanisms can include username and password combinations,
biometrics (like fingerprint or facial recognition), or smart cards.

File and Directory Permissions: Every file and directory on a system has
permissions that dictate who can read, write, or execute them. These permissions
are typically assigned to users and groups. For example, on Unix-based systems,
permissions are represented as read (r), write (w), and execute (x) for owner,
group, and others.

Operating System Security: Keeping the operating system secure is crucial. This
involves regularly applying security patches and updates provided by the OS
vendor. Vulnerabilities in the OS can be exploited by attackers, so prompt patch
management is essential.

Application Security: Applications, including web browsers, email clients, and

office software, must also be kept up to date. Software vendors release updates
to fix security vulnerabilities, so staying current helps protect against potential
threats.

System Logs: System logs record various events and activities on the computer.
These logs are essential for monitoring and auditing system security. Security
administrators can use log analysis tools to detect suspicious or unauthorized
activities.

Encryption: Encryption protects data from unauthorized access. Data can be

encrypted when it's stored on the system (data at rest) and when it's transmitted
over networks (data in transit). Technologies like HTTPS for web communication
and BitLocker for disk encryption are examples.

Patch Management: Patch management is the process of systematically applying

updates and patches to software and systems. This ensures that known
vulnerabilities are addressed promptly. Automated patch management tools can
streamline this process.
Incident Response Plan: An incident response plan outlines the steps to take
when a security incident occurs. It should include procedures for identifying,
containing, eradicating, and recovering from security breaches. Regular testing
and updates of the plan are crucial.

Remote Access Security: In today's interconnected world, remote access to

systems is common. Secure methods like Virtual Private Networks (VPNs) and
secure shell (SSH) are used to establish remote connections. Monitoring and
limiting remote access helps prevent unauthorized entry.

Vendor and Third-Party Security: Organizations often use third-party software and
hardware. It's important to assess the security of these products, as
vulnerabilities in them can impact the overall system. Vendors should have a
history of addressing security issues promptly.

Password cracking

Password cracking is the process of identifying or recovering an unknown or

forgotten password.

Types of password cracking

1. Guessing : trying different passwords until one works

2. Brute forcing: trying combinations of all the characters until the correct
password is discovered

3. Dictionary Attack : it uses pre-defined list of word

4. Shoulder surfing : watching someone type the password

5. Social Engineering: tricking people to reveal their password or other
information that can be used to guess the password.

Fundamental concepts of security

Precaution : Adhering to the preventative measures while using computer system

and application

Maintenance: managing all the changes in the computer applications and keeping
them up to date.

Reaction: acting timely when security incidents occur.

Layers of security

Physical security:
It safeguards the personnel, hardware, programs networks, and data from
physical threats

Network security:
- Protects the networks and their service from unauthorized modification,
destruction or disclosure.

System security:
- Protects the system and its information from theft, corruption,
unauthorized access or misuse.

Application security:
 Covers the use of software, hardware and procedural methods to protect
application from external threats.

User security:
Ensures that a valid user is logged in and that the logged-in user is allowed
to use an application program.

Basic computer security checklist

- Use of strong passwords
- Use of anti-virus systems
- Regular update of operating system and other installed applications.
- Regular backup of important files

- Use of encryption techniques and digital signatures

- Use of firewall and intrusion detection systems

- Following standard guidelines for internet activities

- Physical security of computing infrastructure

- Awareness of current security scenario and attack techniques