A

Micro Project On
“ Computer Security ”

Submitted By

08.Mahima Mogal

Under Guidance of
Mrs. J. C. Joshi

Diploma Course in Information Technology

(As per directives of I Scheme, MSBTE)

Sinhgad Institutes
Sinhgad Technical Education Society’s
SOU. VENUTAI CHAVAN POLYTECHNIC, PUNE - 411041
ACADEMIC YEAR 2023 - 2024
Maharashtra State Board of technical
Education Certificate
This is to certify that Mrs .Mahima Mogal with Roll No. 08 Six
Semester of Diploma in Information Technology of Institute Sou.
Venutai Chavan Polytechnic (Code:0040) has successfully
completed the Micro-Project in Network and Information Security
(22620) for the academic year 2023-2024.

Place: SVCP, Pune Enrolment No: 2100400213

Date: 01-04-2024 Exam Seat No:

Mrs. J.C.Joshi Mr. U. S. Shirshetti Dr. M. S. Jadhav

Course Teacher Head of Department Principal
 Annexure – I
Part A-Micro project proposal

A. BRIEF INTRODUCTION:

This project is a comprehensive guide to computer security. It covers the various threats you might
encounter online, including malware, phishing attacks, and social engineering. It also provides
steps you can take to protect yourself, such as using strong passwords, keeping software updated,
and being cautious about what you click on online. Overall, the project teaches you how to stay
safe in the digital world.

B. AIM OF THE PROJECT:

The project entitled “Computer Security” is aimed to develop a Project of Network and
information Technology.

C.INTENTED COURSE OUTCOME:

a) Identify risks related to Computer security and Information hazard in various situations.
b) Apply user identification and authentication methods.
c) Apply cryptographic algorithms and protocols to maintain Computer Security.
d) Apply measures to prevent attacks on network using firewall.
e) Maintain secured networks and describe Information Security Compliance standards.

D.RESOURCES REQUIRED:

Name of Resource
Sr. No. Specification
Required
1 Laptop Intel (R) Core i3- 8GB RAM
2 Operating system Windows 11
3 Software Word
ACTION PLAN:

SR.NO. DETAIL OF ACTIVITY WEEK

1 Discussion and finalization of topic 08-01-2024

2 Preparation and submission of Abstract 22-01-2024

3 Literature Review 05-02-2024

4 Collection of Data 12-02-2024

5 Discussion and outline of Content 26-02-2024
6 Editing and proof Reading of Content 11-03-2024

7 Compilation of Report and Presentation 18-03-2024

8 Final submission of Micro Project 01-04-2024

GROUP MEMBERS:

Roll. No. Name of group members

08 Mahima Mogal
 Annexure II
Part B- Micro-Project
1. Rationale

Computer network security is an important aspect in today's world. Now days due to various threats
designing security in organization is an important consideration. It is essential to understand basic
security principles, various threats to security and techniques to address these threats. The student
will be able to recognize potential threats to confidentiality, integrity and availability and also able
to implement various computer security policies. This course will introduce basic cryptographic
techniques, fundamentals of computer/network security, Risks faced by computers and networks,
security mechanisms, operating system security, secure System design principles, and network
security principles. Also, it will create awareness about IT ACT and different Cyber laws.

2. Course Outcome Addressed

a) Identify risks related to Computer security and Information hazard in various situations.

3. Actual Method Followed

The process for this micro project is to make a “computer security”.

We collect information and organize by following points:

1. Collect the information on Overview Management.

2. Show the information to faculty.

3. First make a raw report and then correct it.

4. Then prepare a project on “computer security”.

5. Make a presentation on the “computer security”.

6. Make pdf of report and print it.

7. We learn more about Network Information Security.

 ANNEXURE III
Evaluation Sheet for the Micro Project
Academic Year: 2023-2024 Name of the Faculty: Mrs. J. C. Joshi
Course: Network & Information Security Course Code: 22620 Semester: Six
Title of the project: “computer security”

COs addressed by Micro Project:

S. No Course Outcomes

A. Identify risks related to Computer security and Information hazard in various situations.

Major learning outcomes achieved by students by doing the project

(a) Practical outcome:

• Install and configure antivirus software on any system.
• Apply security to file, folder or application using access permission and verify.

(b) Unit outcomes in Cognitive domain:

1a. Explain the importance of the given component of computer security.

1c. Explain the given type of attacks related with security.

Comments/suggestions about team work /leadership/inter-personal communication (if any)

Marks out of 6 for Marks out of 4 for

Roll performance in performance in
No Name of the Student group activity oral/ presentation Total Marks out
(D5 Col.8) (D5 Col.9) of 10

08 Mahima Mogal

(Name & Signature)

Introduction
In the modern digital landscape, computer security stands as a critical bastion against an ever-evolving
array of threats. As technology advances and interconnectivity deepens, the importance of safeguarding
systems, data, and networks cannot be overstated. Cyber threats loom large, ranging from the insidious
infiltration of malware to the deceptive tactics of phishing attacks and the disruptive impact of
ransomware. Moreover, the perpetrators behind these threats continuously refine their methods,
displaying an alarming level of sophistication. The consequences of security breaches extend far beyond
mere inconvenience, encompassing data theft, financial loss, and irreparable damage to an organization's
reputation. Thus, organizations must adopt proactive measures to fortify their defenses and mitigate the
risks posed by cyber adversaries.

Effective computer security encompasses a multifaceted approach, spanning various domains to create a
comprehensive defense posture. Access control mechanisms play a pivotal role in regulating entry to
systems and sensitive data, relying on robust authentication, authorization, and encryption protocols.
Meanwhile, network security measures such as firewalls, intrusion detection systems, and virtual private
networks serve as bulwarks against external threats seeking to infiltrate organizational infrastructure.
Similarly, endpoint security strategies aim to secure individual devices, including computers and
smartphones, against malware and unauthorized access. By deploying antivirus software, endpoint
detection and response solutions, and mobile device management platforms, organizations can bolster
their resilience at the device level. Additionally, prioritizing data protection through encryption,
masking, and data loss prevention solutions ensures that sensitive information remains shielded from
prying eyes. These security measures, coupled with ongoing awareness training, incident response
protocols, and compliance with regulations, collectively fortify organizations against the relentless
onslaught of cyber threats.

• Computer security threats

1)Viruses
Viruses are malicious programs designed to replicate and infect files and programs on a user's computer
without their knowledge or consent. These harmful entities operate by embedding themselves into
legitimate software and spreading to other files and systems. Their ultimate goal is to disrupt the victim's
computer's functionality or render it completely inoperable. Viruses can cause a range of damaging
effects, including data corruption, system instability, unauthorized access, propagation across networks,
and resource drain. To protect against viruses, users should employ robust antivirus software, keep their
operating systems and software up to date with the latest security patches, exercise caution when
downloading files or clicking on links from unknown sources, and regularly scan their systems for
malware infections. Additionally, practicing safe browsing habits and implementing proper security
measures can help minimize the risk of virus infections and mitigate their potential impact.
 2)Worm
Worms are self-replicating malware that spread across computer networks, exploiting vulnerabilities in
operating systems, applications, or network protocols. Unlike viruses, worms do not require a host
program to attach themselves to; they can propagate independently, often at a rapid pace. Once a worm
infects a system, it can exploit security vulnerabilities to install backdoors, steal sensitive information, or
launch distributed denial-of-service (DDoS) attacks.

3) Phishing

Phishing is a cyber attack method that involves tricking individuals into divulging sensitive information
such as usernames, passwords, credit card numbers, or other personal data by masquerading as a
trustworthy entity in electronic communication. Phishing attacks typically occur through email, instant
messaging, social media, or fraudulent websites that mimic legitimate ones. These deceptive
communications often contain urgent messages or enticing offers designed to manipulate recipients into
clicking on malicious links or attachments, thereby compromising their security.
Phishing attacks can have severe consequences, including identity theft, financial fraud, and
unauthorized access to sensitive accounts or systems. Moreover, phishing campaigns can target both
individuals and organizations, posing a significant threat to data privacy and security.

5) Rootkit

A rootkit is a type of malicious software that is designed to conceal its presence or the presence of other
malware on a compromised system. Rootkits achieve this by gaining privileged access to the operating
system (often through exploiting vulnerabilities or using stolen credentials) and manipulating system
files, processes, and system calls to evade detection by antivirus software and security mechanisms.
Rootkits can be used by attackers to maintain persistent access to compromised systems, steal sensitive
information, execute unauthorized commands, and undermine the integrity of the system. They are often
employed as part of advanced, targeted attacks aimed at high-value targets, such as government
agencies, financial institutions, or large enterprises.
Detecting and removing rootkits can be challenging due to their stealthy nature and ability to evade
traditional security measures. However, several techniques can help mitigate the risk of rootkit
infections, including regularly scanning systems with rootkit detection tools, monitoring system logs for
suspicious activity, implementing least privilege access controls to limit the impact of compromised
accounts, and maintaining strict patch management practices to address known vulnerabilities that
rootkits may exploit.

5) Keylogger

A keylogger, also known as keystroke logging or keyboard capturing, is a type of surveillance software
or hardware that records the keystrokes typed by a user on a keyboard. Keyloggers can capture a wide
range of information entered by users, including usernames, passwords, credit card numbers, emails,
instant messages, and other sensitive data.

Keyloggers can be deployed through various means, including software installed on a computer or
mobile device, hardware devices inserted between the keyboard and computer, or remotely through
malware infections. Once installed, keyloggers operate stealthily in the background, silently recording
all keystrokes entered by the user and transmitting the captured data to a remote attacker.

To defend against keyloggers, individuals and organizations should employ several preventive measures.
This includes regularly updating antivirus and antimalware software to detect and remove keylogger
infections, using endpoint security solutions that include keylogger detection capabilities, implementing
security awareness training to educate users about the risks of keyloggers and safe computing practices,
and using virtual keyboards or secure input methods for entering sensitive information, particularly on
public or shared devices. Additionally, employing encryption for sensitive data and practicing good
password hygiene, such as using strong, unique passwords for each account, can help mitigate the risk of
keylogger attacks.
COMPUTER SECURITY IMPORTANCE?

Computers are very essential part of our daily lives and it plays important roles in our lives. So, the
security of a computer is important because it protects your information and helps to prevent from
viruses and malware. In this post, we will discuss on why is computer security important of our lives.
Computer security is also known as cyber security or IT security which mainly used for protection of
computer system such as hardware and software.

WHY IS COMPUTER SECURITY IMPORTANT?

The main purpose of the security is the preventing and detecting unauthorized access of computer
system. It guarantees to safe processing and storage of business, healthcare and sensitive information.
Cyber security provides the Confidentiality, Integrity and Availability for all components of a computer
system.

Here are the some reasons why is computer security important:

1. TO PROTECT PERSONAL INFORMATION
To prevent from cyber security risk you have to protect your personal information. IT security is the first
prime issue to protect your personal and others information. By the way you can keep your information
secure using the following tips:
o Use antivirus Software
o Update operating system
o Use strong password
o Backup your data
o Lock your computer
o Avoid Phishing Emails
o protect your personal information

2. TO PROTECT ORGANIZATION PROPERTIES

It is very important to ensure the organization’s computer data because every organization has many
sensitive assets and information. So, without computer or IT security you can’t guarantee the security of
organization properties.

3. TO PREVENTION FROM DATA THEFT

Data theft is act of stealing sensitive information such as bank account details, credit card information,
passwords, and documents which stored on computers, servers, or other devices. The most common
reasons of data breaches are as follows:
o Weak and stolen credentials
o Malicious insiders
o Application vulnerabilities
o Human Error
So, prevent from data theft you have to ensure your device security by using endpoint security, lock
down your computer, Identify critical data and use authentication.

0
4. TO PREVENT FROM VIRUSES AND MALWARE
Computer security is also important to protect from computer viruses and malware’s. A computer virus
or
malware can corrupt or delete your sensitive data, damage your hard disk and it spreads from one
computer to another using email program and others. So, you have to protect your computer from
viruses and malware using following these tips:
o Keep your software up to date
o Use free antivirus software
o Use a strong password
o Don’t click on links within emails
o Back up your computer
o Use a pop-up blocker

TYPES OF COMPUTER SECURITY

In this, we will focus on the different types of computer security such as application security, network
security, internet security, data security, information security and end user security.
1. APPLICATION SECURITY

Application security is the types of cyber security which developing application by adding security
features within applications to prevent from cyber attacks. The attacks can be SQL injection, denial of
service (DoS) attacks, data breaches or other cyber-attacks.
There are some application security tools and techniques such as firewalls, antivirus software,
encryption, and web application firewall which can help to prevent from cyber-attacks.
A web application firewall is designed to protect web applications by filtering and monitoring HTTP
harmful traffic. Here are the most used Web Application Firewalls are:
o Fortinet FortiWeb
o Citrix NetScaler App Firewall
o F5 Advanced WAF
o Radware AppWall
o Symantec WAF
o Barracuda WAF
o Imperva WAF
o Sophos XG Firewall
o SonicWallNSa
 2. INFORMATION SECURITY
Information security (IS) is the types of computer security which refers to the process and methodology
toprotect the confidentiality, integrity and availability of computer system from unauthorized access,
use, modification and destruction. Information security focuses on the CIA triad model, which ensure
confidentiality, integrity, and availability of data, without affecting organization productivity.

3. NETWORK SECURITY
Network security is other types of IT security which process of preventing and protecting against
unauthorized intrusion into computer networks. It is a set of rules and configurations which designed to
protect the confidentiality, integrity and accessibility of computer networks system and information
using both software and hardware technologies.

NETWORK SECURITY METHODS

There are different components or methods to improve network security. Here, we have mentioned the
most common network security components.
o Antivirus Software
o Application Security
o Behavioral Analytics
o Data Loss Prevention (DLP)
o Email Security
o Firewalls
o Mobile Device Security
o Network Segmentation
o Security Information and Event Management (SIEM)
o Virtual Private Network (VPN)
o Web Security
o Wireless Security
o Network Access Control (NAC)

4. ENDPOINT SECURITY
Human error is a major weak point which is easily exploited by cyber criminals. End users are becoming
the largest security risk in any organizations. However, end user has no fault of their own, and mostly
due to a lack of awareness and ICT policy. They can unintentional open the virtual gates to cyber
attackers. That’s why comprehensive security policies, procedures and protocols have to be understood
in depth by users who accessing the sensitive information. It is better to providing security awareness
training program to them and should cover the following topics:
Cyber security and its importance
o Phishing and Social Engineering attack
o Password creation and usages
 o Device Security
o Physical Security
o Learn More About Social Engineering Attack

5. INTERNET SECURITY

Internet security is the important types of computer security which has defined as a process to create set
of rules and actions to protect computers system that are connected to the Internet.
 Conclusion

The study explores how management principles are applied in small-scale industries to ensure
their success amidst challenges like limited resources and market volatility. By optimizing
resources, focusing on customer needs, strategic planning, and effective financial management,
these enterprises can compete