GyaanVibe is a focused educational platform dedicated to helping SSC CGL aspirants crack Tier 1 & Tier 2 exam with a strategic, day-wise, and well-structured preparation approach.
SSC CGL Preparation – Day 16
Computer Basics: Network and Information Security Threats
π· What is Network and Information Security?
- Network Security: Protects the infrastructure and data in a network from unauthorized access, misuse, or theft.
- Information Security: Ensures the confidentiality, integrity, and availability of data.
π· Common Network and Information Security Threats
πΉ 1. Malware
- Short for Malicious Software.
- Types:
- Virus β Attaches to programs/files and spreads.
- Worm β Replicates and spreads over networks without user action.
- Trojan Horse β Appears legitimate but contains harmful code.
- Ransomware β Locks/encrypts data and demands payment to unlock.
- Spyware β Secretly collects user data.
- Adware β Displays unwanted ads, often tracks user behavior.
πΉ 2. Phishing
- Fraudulent emails/websites that mimic legitimate ones to steal:
- Usernames
- Passwords
- Bank details
- Often contains urgent messages or fake links.
πΉ 3. Denial of Service (DoS) Attack
- Overloads a server/network, making it unavailable.
- DDoS (Distributed DoS): Attack from multiple sources at once.
πΉ 4. Man-in-the-Middle (MitM) Attack
- Hacker intercepts communication between two systems.
- Can read or alter the transmitted data.
πΉ 5. SQL Injection
- Hacker enters malicious SQL code in web forms to access or manipulate databases.
πΉ 6. Brute Force Attack
- Automated attempt to guess passwords using multiple combinations.
πΉ 7. Zero-Day Exploit
- Targets vulnerabilities unknown to the software vendor.
- Extremely dangerous as thereβs no patch available.
πΉ 8. Social Engineering
- Manipulating people to reveal confidential information (e.g., through impersonation).
πΉ 9. Keylogger
- Records every keystroke on the keyboard.
- Used to steal passwords, personal info.
πΉ 10. Spoofing
- Disguising as a trusted source to trick users.
- Email spoofing
- IP spoofing
- Website spoofing
π· Effects of Security Threats
| Impact | Description |
|---|---|
| π Data Breach | Confidential data gets leaked |
| π° Financial Loss | Unauthorized transactions, ransom payments |
| β οΈ Identity Theft | Attacker uses stolen personal info |
| π Service Disruption | Websites or networks become unavailable |
| πΌ Reputation Damage | Organization loses trust |
π· Basic Prevention Methods (Covered in Day 17)
- Using firewalls and antivirus.
- Strong passwords and two-factor authentication.
- Avoiding suspicious links/emails.
- Regular software updates and backups.
π· Important Terms to Remember
| Term | Meaning |
|---|---|
| Virus | Needs a host file to spread |
| Worm | Spreads independently over networks |
| Trojan | Disguised as legitimate software |
| Ransomware | Encrypts data, demands payment |
| Spyware | Secretly monitors user activity |
| Phishing | Tricks users into revealing private info |
| DDoS | Distributed attack causing system failure |
| Brute Force | Guessing password combinations |
| SQL Injection | Hacking databases using code injections |
| Keylogger | Records keystrokes |
| Zero-Day Attack | Exploits unknown vulnerabilities |
π· For SSC CGL β Focus Points
β
Difference between malware types
β
Meaning of phishing, spoofing, ransomware
β
Understanding DoS/DDoS and social engineering
β
Recognize basic security terminology
