Computer Security

Presented by:
First and last name

Teacher:
Name of the Teacher

University
Faculty
Subject
City
Date
 Table of contents

Introduction.....................................................................................................................................2

Objectives..........................................................................................................................................3

General Objective..........................................................................................................................3

Specific Objectives...................................................................................................................3

Glossary of Terms......................................................................................................................4

Computer security

Principles of Information Security

Confidentiality......................................................................................................................8

Integrity

Availability

Risk Factors.....................................................9

Security mechanisms..............................................................................................................10

Classification according to its function..................................................................................................10

Passwords....................................................................................................................................12

Election Key Rules...................................................................................................12

Firewalls

Types of Firewall

Personal Firewalls...............................................................................................................15

Packet filtering................................................................................................................15

Graphically:.............................................................................................................................16

Dual-Homed Host...................................................................................................................16
 Screened Host.........................................................................................................................17

Screened Subnet.....................................................................................................................18

Firewall Restrictions.......................................................................................................18

Benefits of a Firewall..........................................................................................................19

Limitations of a Firewall..........................................................19

Encryption...................................................................................................................................21

Uses of Encryption.........................................................21

Encryption Methods...........................................................................................................21

HASH Algorithm

Secret Key or Symmetric Cryptography.............................................................................22

Asymmetric Algorithms (RSA) ............................... 22

Digital Signature..........................................................................................................................22

Advantages offered by the Digital signature

File Encryption............................................................................................................23

Types of Ciphers.......................................................................................................................24

Authentication.............................................................................................................................24

Antivirus

What should be taken into account to qualify an antivirus?

The best antivirus software currently available

Backups....................................................................................................28

Conclusions

Bibliographic References.............................................................................................................31
 Introduction

Computer security is understood as a set of rules, procedures and

tools designed to ensure availability, integrity, confidentiality, and correctness
use of information in information systems.

Every day, more and more malicious individuals try to access our data.
equipment. In most cases, unauthorized access to a computer network or equipment
what it contains can cause serious problems. One of the possible consequences of unauthorized access
authorized is the loss of data.

This is a common situation and can cause a lot of confusion, especially if not
we keep our backups updated. Although we are updated, we do not
all data can always be recovered. Another more devastating problem is theft of
sensitive and confidential information. The disclosure of information about your customers by
from a company could result in a multimillion-dollar lawsuit against you or, more
specifically, your example, the passwords of the email accounts with which
we share information.

As computers continue to evolve, it is essential to understand

the necessary resources to protect information systems. In this publication,
we will discuss the importance of cybersecurity and refer to the methods
existing to protect computer systems and the information they contain from unauthorized access
authorized, damage, modification or destruction.
 Objectives

General Objective

Understanding the basics of cybersecurity, emphasizing the

main problems faced by computer users.

Specific Objectives

Understand the concepts of Integrity, reliability, and availability of the

information.

Raise awareness about the risks that organizations and computer users face.
they face in terms of information security

Enhance knowledge about computer security in general.

 Glossary of Terms

Adware. A program that automatically displays advertisements to the user during their
installation or use and thereby generates benefits for its creators. It becomes malware in the
moment when it starts to collect information about the computer it is on
(HACKER, 2018).

Antivirus. Solution designed to detect, block, and eliminate malicious code.

(virus, trojans, worms, etc.), as well as protecting the equipment from other dangerous programs or
malware (HACKER, 2018)...

Risk analysis. Process to identify threats and vulnerabilities of the

information assets, as well as the likelihood of occurrence and their impact. The
the objective is to determine the appropriate controls to address the risk (HACKER, 2018)...

Authentication. Procedure to verify that someone is who they claim to be when

access an online service. Functionality for secure communication (HACKER, 2018)...

Backup. A copy of security that is made of the information, with the purpose of
recover the data in case the systems suffer damage or accidental loss of
stored data (HACKER, 2018).

Cybersecurity. A set of technologies, processes, and practices designed to protect

networks, computers, programs, and data from attacks, damage, or unauthorized access. In a
computer context, includes cybersecurity and physical security (HACKER, 2018)...

Cookie. A file that stores behavioral data of a website and that

They are placed on the user's device. In this way, the website can check the previous activity.
from the user (HACKER, 2018)...
 Firewall. Security system of software and/or hardware placed in
the limits of the corporate network with the aim of allowing or denying Internet traffic, from
according to a set of cybersecurity rules and policies (HACKER, 2018)...

DNS. From English Domain Name Service. It refers to both the Name Service
Domain, like the server that provides that service. Its most important function is to translate.
intelligible names for people in IP addresses (Internet Protocol) to locate and
directing the systems in a much simpler way (HACKER, 2018)...

HTTP stands for Hypertext Transfer Protocol. It is about the

most used protocol for web browsing (HACKER, 2018).

Security incident. Any event that affects confidentiality, integrity or

availability of the company's information assets (HACKER, 2018).

Malware. From the English malicious software. It is a program aimed at causing damage.
or infiltrate without the consent of its owner into an information system. Virus,
worms, trojans, backdoors, and spyware (HACKER, 2018).

Metadata. A set of data and information related to a document. The

metadata is information that enriches the document to which it is associated (HACKER,
2018).

Security patch. Set of changes applied to software to correct

security vulnerabilities in programs or operating systems (HACKER, 2018).

Phishing. The scam committed through remote means where the scammer tries
to obtain confidential and sensitive information such as passwords or data from legitimate users
banking or internet service (HACKER, 2018).

Security policy. Decisions or security measures that a company decides to take.

regarding the security of your information systems, after assessing the value of your assets and
the risks to which they are exposed (HACKER, 2018).
 QoS is the acronym in English for Quality of Service. It is a set of
standards and mechanisms that ensure quality in information transmission (HACKER,
2018).

Ransomware. The cybercriminal takes control of the infected device and kidnaps the
encrypting information. In this way, he extorts the user with a monetary ransom in exchange.
to recover your data (HACKER, 2018).

Information security. Preservation of confidentiality, integrity and

availability of information; moreover, other properties such as authenticity, accountability,
No repudiation and reliability can also be considered (HACKER, 2018).

Spam. Emails that arrive in users' accounts, without them

they have requested. In general, they carry propaganda and are sent by unknown senders.
(HACKER, 2018).

Spyware. It is malware that collects information from a computer and then

send to a remote entity without the knowledge or consent of the owner of the
computer (HACKER, 2018).

SSL. Secure Sockets Layer. Secure cryptography protocol for communications.

secure through a network. It provides authentication and information privacy between
extremes over a network through the use of cryptography (HACKER, 2018).

Trojan. Malicious software that, when executed, does not show signs of harm.
operation in the systems. However, while the user performs routine tasks in their
computer, has the ability to open various communication channels with a team
remote malicious that will allow the attacker to control our system absolutely
(HACKER, 2018).

Virus. Malicious code that spreads or infects by inserting a copy of itself into
another program to become part of it. A virus cannot execute itself,
it requires that the hosting program be executed in order to perform its operations
(HACKER, 2018).

Vulnerability. Flaws or deficiencies in a program that can allow for a

una unauthorized user access the information or carry out unauthorized operations in a
remota (HACKER, 2018).

Zero-day. Vulnerabilities in systems or software programs that are only

known by certain attackers, are unknown to manufacturers and users. There is no
a security patch to fix them and they are very dangerous as the attacker can
to exploit them without the user being aware that they are vulnerable (HACKER, 2018).
 Cybersecurity

Computer security is the "discipline that is responsible for designing the rules, methods,

procedures and techniques aimed at providing safe and reliable conditions

data processing in computer systems. It relies on ensuring that resources of the

information system (hardware or software) of an organization is used for

the form she chose and the access to the information contained therein, as well as its modification,

only be viable for individuals who are accredited and within the parameters of their

authorization (Ramos & Hurtado, 2011).

Principles of Information Security

To achieve its objectives, information security is based on three principles, which

must comply with all computer systems:

Confidentiality. It relates to the 'privacy of information resources.'

stored and processed in a computer system," Based on this beginning, the

Computer stability instruments must defend the system against invasions and access.

by unauthorized persons or programs (Ramos & Hurtado, 2011).

Integrity. It is related to the "validity and consistency of information resources.

stored and processed in a computer system", Based on this beginning, the instruments

of IT stability must ensure that the update processes are in place

well synchronized and do not duplicate, so that all system resources manipulate

correctly the same data (Ramos & Hurtado, 2011).

Availability. It relates to the 'continuity of access to resources of

stored and processed information in a computer system," Based on this beginning, the

Instruments of IT stability should reinforce the permanence of the computer system.

in ideal activity conditions for users to access the data with the frequency and

dedication they require, this beginning is fundamental in computer systems whose

commitment to the customer is to provide persistent service (Ramos & Hurtado, 2011).

Risk Factors

Environmental and/or Physical: Rains, floods, natural disasters (earthquakes),

storms, heat, among others.

Technological: Hardware or software failures, air conditioning, electrical problem,

computer virus attack, etc.

Humans: Robbery, fraud, revelation, sabotage, vandalism, hackers, counterfeiting,

password tampering, etc.

 Safety mechanisms

A computer stability mechanism is a "technique or tool used to

strengthen the confidentiality, integrity, and/or availability of a computer system.” There is

various and different mechanisms of computer stability. Their selection depends on the type

of the system, of its functionality and of the hazard components that threaten it (Postigo,

2020).

Classification according to its function

• Preventive: They act before an event occurs (to stop unwanted agents).

• Detectives: They act before an event occurs (presence of unwanted agents)

in some component of the system).

• Corrective actions: They take place after the event has occurred (to correct the consequences).

One way to minimize security gaps is to ensure that only the

authorized individuals have the ability to access a certain machine. Companies use

a wide variety of technical tools to detect your authorized personnel. "The PCS

security guards have the possibility to carry out certain stability checks,

among others" (Postigo, 2020). In the functionality of the implemented security system, it will

to be able to enter a system in functionality to:

Something that has: Key, smart card (encoded digital identification) through

a memory chip.
 2. Something I know: Password, Identification number, Alphanumeric combination, or

personal history.

Something that does: Signature or writing speed and error patterns.

4. Automated Verification through Signatures (AVS)

The advantages of biometric technology have the potential to remove the need

to have a card to enter. Although cost reductions have decreased the price

initial of the cards in recent years, the real benefit of eliminating them is based on the

reduction of the work related to its management. Using a biometric device the prices of

management is smaller, the maintenance of the reader is done, and one person takes care of

keep the database updated. In addition to this, the biometric properties of a

non-transferable personal tickets

Digital Fingerprint Based on the premise that no two fingerprints are alike, this

The system has been 'used since the last century with excellent results' (Postigo, 2020).

Each fingerprint has small arches, angles, loops, swirls, etc. (Called

minutiae) properties and the relative position of all of them is what is examined to implant the

identification of a person. It is accepted that 2 people do not have more than 8 minutiae.

equivalents and each one has more than 30, which makes the procedure very reliable.
 Passwords

Passwords are the most commonly used instruments to restrict access to systems.
computer scientists." However, they are only effective if chosen carefully, most of the
PC users choose passwords that are easy to guess: The name of their partner, the name of
a child or a pet, words related to jobs or hobbies or letters and numbers
followed by the keyboard (Senra, 2022).

An analysis found that the preferred passwords in the United Kingdom are Fred-God.
what was in America, Love-sexy. Hackers know and exploit such clichés, which is why
a cautious customer should not use them. Several security systems "do not allow that the
users use real words or names as passwords, thus avoiding that the
hackers manage to use dictionaries to guess them. Even the best password should
change periodically (Senra, 2022).

Many login passwords are easily obtained because they involve the name or
another familiar piece of information about the client and, moreover, this is never (or rarely) changed. In this situation the

"and it simplifies and involves any time of trial and error." Other times attacks are made
systematic (even with some PCs at the same time) through special programs and 'dictionaries'
that test millions of likely keys, in quite short times, until discovering the
adequate password (Senra, 2022).

Dictionaries are files with millions of words, which have the possibility of
are likely user passwords. This document is used to find that password
in brute force tests.

Election Key Guidelines

Do not use passwords that are words (even if they are foreign), or names (that of the...
client, fictional characters, family members, pets, brands,
metropolis, sites, or another related one.
Do not use entirely numeric passwords with any meaning (phone number, ID number, date
of origin, car registration, etc.
Do not use popular technical terminology.
Choose a password that mixes letters and alphanumeric numbers (uppercase and
lowercase) and numerical.
They must be long, 8 letters and numbers or more.
Having different passwords on different machines and different systems is feasible.
use a base password and certain logical variations of it for various
machines.
This allows that if a password from one system is compromised, all the other systems do not get compromised.

for using the same password.

They must be simple to remember so as not to be forced to write them down.
examples are: Combine short words with any number or punctuation character:
I am 2, you are 3
To use an acronym from a simple sentence to remember: A flow of stirred water
Fishing Profit: ArRGdP
Increase a number to the acronym for greater stability: A9r7R5G3d1P
Better even if the sentence is not famous: So far I have not forgotten my password:
aHoelIo
Choose a nonsensical word, although pronounceable: taChunda72, AtajulH, Wen2Mar
Make letter replacements with signs or numbers: In Stability Better Prevent than
Heal.
 Firewalls

Perhaps one of the most advertised elements when it comes to establishing security is

these elements. Although they should be one of the systems that requires the most attention,

are far from being the final solution to security problems. Indeed, 'a firewall is a

Gateway with a blockage, these devices are only used by large corporations" (Sain, 2018).

A gateway is a device, often a computer, that allows interconnection.

networks with protocols and architectures different at all levels of communication. It is

normally a computer team configured to provide machines with a local network

connected to it through access to an external network” (Sain, 2018).

Certain firewalls take advantage of this ability that all incoming information and
outgoing should go through them to provide extra stability services such as the
encryption of the network traffic. It is understood that if 2 Firewalls remain connected, both
they have to "dialogue" the same encryption-decryption process to establish the
communication (Sain, 2018).

Types of Firewall

Packet Filtering
Application Proxy-Gateways
Dual-Homed Host
Screened Host
Screened Subnet
Package Inspection
 Personal Firewalls. These Firewalls are applications accessible to end users.
they yearn to connect to an insecure external network and keep their PC safe from attacks that
They can cause anything from a simple 'hang' or virus infection to the loss of all your
stored information (Sain, 2018).

Packet filtering. Filtering packets through ports and protocols enables

Establish which services will be accessible to the client and through which ports. It may be allowed.
surf the WWW (port 80 open) however not enter file transfer via FTP
(port 21 closed) (Sain, 2018).

They have the advantage of being economical, have a high level of performance and are
transparent for users connected to the network. However, it has weaknesses such as:

It does not safeguard the higher layers of the OSI model.

The application needs are difficult to translate as protocol filters and

ports.
They are unable to hide the topology of private networks, which exposes the network to
outside world.
His auditing skills tend to be limited, as does his ability to
occupancy record.
They cannot withstand complicated stability policies such as user authentication and
access control with preset schedules.
Application Proxy-Gateways: To bypass weaknesses related to filtering
of packages, the developers made application programs delegated to filter the
connections (Sain, 2018).

The Proxy, installed on the Bastion Node, acts as an intermediary between the buyer and the
real application server, being transparent to the two parts.

Once a customer wants a service, they do it through the Proxy. This one performs the
request to the real server returns the results to the buyer. Its functionality has been that of
examine the network traffic for content that violates its stability.
Graphically:

Dual-Homed Host. They are devices that "remain connected to both perimeters"

(interior and exterior) and do not allow IP packets to pass

Packages), which is why it is proposed that they work with "IP Forwarding disabled" (Sain, 2018).

Image 1.Dual-Homed Host.

information-security/the-information-security2#firewalls

An internal user who wishes to make use of an external service must connect.

first to the Firewall, where the Proxy will handle your request, and based on the configuration

imposed on that Firewall, it will connect to the requested external service and will act as a bridge between

this and the internal user. That is, two connections are used.

One from the internal machine to the Firewall and the other from there to the machine that

hostel the exterior service.

 Image 2.Screened Host. Taken from: https://www.monografias.com/trabajos82/la-
computer-security/the-computer-security2#firewalls

Screened Host. In this case, the router is combined with the bastion host and the level

the security principle comes from the Bastion packet filtering, the only accessible system

from the outside, it makes application proxies, filters the considered blocking packets

dangerous and allows only a small amount of services" (Sain, 2018).

Image 3.Screened Subnet. Taken from: https://www.monografias.com/trabajos82/la-

cybersecurity/the-cybersecurity2#firewalls
 Screened Subnet. This design aims to "isolate the most attacked machines and more

vulnerable in the firewall, bastion nodes." To achieve this, the demilitarized zone (DMZ) is created.

so that without the access of an intruder to the equipment, one cannot fully access the subnet

protected. Multiple DMZ levels can be defined by adding multiple routers, but

emphasize that the rules for each level must be different, otherwise the level will be reduced to

one (Sain, 2018).

Image 4.Screened Subnet. Taken from: https://www.monografias.com/trabajos82/la-seguridad-

it/security/it-security2#firewalls

Firewall restrictions

The most important part of the firewall's job is to allow or deny certain services.

It is carried out based on the different users and their locations:

Internal users with denied access to restricted services: it allows you

specify a list of networks and addresses that are called trusted (approved). When

These users entering from the inside will be able to access some of the external services.
 that have been defined (Sain, 2018).

•External users admitted from abroad: This is the most sensitive situation in

tracking terms. Typically, "external users need access to

consulting services on the internal network for one reason or another." Generally, access

third parties are used to provide internal services to the network (Sain, 2018).

Benefits of a Firewall

Firewalls manage access between two networks, and if they did not exist, all computers

the network would be exposed to attacks from the outside. The Firewall is the ideal point to

monitor the security of the network and generate alarms for attack attempts, the administrator will be

the person responsible for reviewing these monitoring reports.

Firewalls are also important from the perspective of carrying the statistics.

of the bandwidth (consumed) by the network traffic, and which processes have had the most influence on that

traffic, in this way the network administrator can restrict the use of these processes and

save or better utilize the available bandwidth (Sain, 2018).

Limitations of a Firewall

The biggest limitation of a firewall is simply the holes it doesn't cover, which, already

Whether accidentally or not, they will be discovered by an intruder. Firewalls are not 'systems

intelligent, they operate according to the parameters implemented by the designer,

that if a package is not within those parameters as a dangerous threat,

he will simply let it pass. Even more dangerous is an intruder who crosses through the back door,

opening another hole and erasing evidence or signs of the original attack (Sain, 2018).
 Another limitation is that firewalls are "non-human", which means that if an intruder

manage to enter an organization and find a password or a firewall vulnerability and

spread that information, the firewall will not notice. Firewalls "also do not provide

tools to prevent the filtering of software or files infected with viruses, although the

The machine hosting the firewall may be equipped with the appropriate antivirus software.

Finally, the firewall is vulnerable, it cannot protect people on the internal network.

Firewalls work better when they complement internal defenses (Sain, 2018).
 Encryption

Encryption is a process of information or text that is encoded and not decrypted in some.

Formats. Unless the necessary data is explained, the result is difficult to determine.

This is a security measure, so third parties cannot easily achieve it.

store or transfer confidential information.

Optionally, there may also be a 'decoding process in which the

Information can be interpreted back to its original state." Although there are methods of

irreversible encryption. The term encryption is a literal translation into English and does not exist in

Spanish, the most correct way to use the term is encryption (Tominaga, 2022).

Uses of Encryption

Some of the most common uses of encryption are storage and transmission of

confidential information, such as passwords, legal identification numbers, numbers of

credit cards, administrative accounting reports, and private conversations.

Encryption Methods

In order to encrypt a data, three different mathematical processes can be used.

HASH algorithms, symmetric and asymmetric.

 HASH algorithm. The algorithm performs mathematical calculations on the data that

they compose the document and create a unique number called MAC. The same document always

it will give the same MAC (Tominaga, 2022).

Secret or Symmetric Key Cryptography. They use 'document encryption and ignore

the keys of the document”. The entire document with a key must be disturbed during the process

inverse and use the same key. It is important to emphasize that the key must be transferred to the

data. (Tominaga, 2022).

Asymmetric Algorithms (RSA). They require two keys, a private one (unique and personal,

known only by its owner) and another public, both connected by a mathematical formula

complex that cannot be reproduced. The concept of public key cryptography was

introduced by Whitfield Diffie and Martin Hellman to solve the problem of the systems

traditional ones that distribute keys through insecure channels. The user generates the keys

public and private ones as necessary by entering your PIN code. (Tominaga, 2022).

Digital signatures allow you to guarantee certain security concepts.

what is important when working with documents in digital format, such as identity or

authenticity, integrity, and non-repudiation (Tominaga, 2022).

Advantages offered by the Digital signature

Information integrity: The integrity of the document is the protection against the

intentional or accidental data modification. The sender protects the document by

add a checksum value, and the receiver must perform the same
 calculation in the received document and compare the calculated value with the sent value

by the sender.

Authenticity of the message origin: this security aspect protects the recipient.

from the document and ensures that the message is generated by an identified party

as the same sender in the document and cannot impersonate the system user

(Tominaga, 2022).

Encrypting data on a PDA. The importance of protecting our data from prying eyes.

indiscreet or providing minimal privacy has become a hot topic. The

PDAs are often used as small portable offices to store valuable data, and

protecting that data is very important. Many PDA users do not use protection with

password to initiate access, thinking that they can leave this confidential data in the hands

from others if the device is lost or neglected (Tominaga, 2022).

File Encryption

Windows XP Professional offers an alternative to protect this data and prevent it from

loss. The Encrypted File System (EFS) is responsible for encrypting files. These

files can only be read when the user who created them is 'logged in' to their

computer (presumably our password will be secure). In fact, anyone who

gain access to our machine will never be able to access our encrypted files, even if

they are computer administrators (Tominaga, 2022).

Types of Ciphers

Cipher assigned to a process with a different name. The aim of the cipher is to take

unencrypted data, called plaintext, and generate an encrypted version of it. There is

two types of encryption: stream cipher and block cipher (Tominaga, 2022).

Data stream encryption: when encrypting through data streams, encrypt simultaneously

a clear bit of text. The simplest example of a stream cipher is the combination of data

(one bit at a time) with another block of data, called padding. The transmission numbers are

perfect for real-time data such as voice and video (Tominaga, 2022).

Block ciphers: these operate on blocks somewhat larger than the plaintext.

they format and form an encrypted text block, generally the output block is of the same

size as the input block (Tominaga, 2022).

Authentication

This process is another way to maintain security communication between the

computers. Authentication is used to verify that the information comes from a source to

another. Basically, if the information is true, you know who created it and it has not been altered. The

Encryption and authentication go hand in hand to create a secure environment.

There are several ways to authenticate a person or information on a computer:

Password: using a username and a password provides the method

the most common authentication. This information is entered when you turn on your
 computer or open a program. Security file control to confirm

that overlap. If so, access is allowed (Tominaga, 2022).

Access card: these cards can be very simple as if a card of

credit with tape with identity verification information. There are more

complexes, including the digital chips with this information (Tominaga, 2022).

Digital signature: basically, it is a method to ensure the authenticity of the

electronic elements (emails, text files, etc.). One of the

the most well-known forms is DSS (Digital Signature Standard), which is based on encryption

of public key that uses DSA (Digital Signature Algorithm). The DSA algorithm

consists of a private key known only by the sender (signer) of the document

and a public key. If anything changes in the document after placing the signature

digital, changes the value with which the digital signature is compared, which invalidates the signature

(Tominaga, 2022).
 Antivirus

Antivirus are 'simple tools designed to detect and remove viruses.

"computer scientists." They were born in the eighties of the last century. A computer virus occupies a

minimum disk space (size is essential to avoid detection), runs without it

user knowledge and functions to replicate itself, that is, it copies itself and infects

files, partitions or boot sectors on hard drives and floppy disks to expand as much as possible

as soon as possible (Díaz-Aparicio, 2020).

Basically, the purpose of a virus is to cause damage to an infected computer.

Generally, the antivirus software has a component that loads into memory and stays there.

to verify all files that are opened, created, modified, and executed in real-time. For this

they have components that inspect email attachments

outgoing and incoming

JavaScript) that can be executed in a web browser (Díaz-Aparicio, 2020).

Basically, the antivirus software compares the code of each file with a database of

data on known virus codes, so it is important to update it regularly so that

no new viruses are detected. Advanced features have also been added, such as searching the

typical behavior of a virus (a technique called heuristics) or scanning the networks

computer science in search of viruses. There is a new AI-based technology called TruPrevent that

can detect unknown viruses and intruders.

 Below we present the basic features of the best antivirus of

market.

What should be taken into account to qualify an antivirus?

An antivirus must be evaluated based on different characteristics such as, capacity of

detection of known and unknown malware, constant and effective updates

scanning and monitoring speed, providing great possibilities to experts and simplicity to the

inexperienced, effective help documentation. (Díaz-Aparicio, 2020).

Symbolism of the main characteristics of each one:

E - Quick in scanning/monitoring
A– Good update capability
D– Good ability to detect viruses
R– Good capacity for removal
S – Minimum resource consumption for the system

H– Many tools and facilities available

G– Free personal version (not for commercial use) (Díaz-Aparicio, 2020).

The best antivirus software currently

KAV (Kaspersky Anti-virus) – E A D R H: A complete system to prevent,

detect and eliminate hundreds of viruses and trojans. One of the most effective antivirus programs and

considered by many as the best virus detector. The program scans recursively

multiple formats of compressed files. It can even decrypt and search for EXE files

protected/encrypted. One of its strengths is the detection of polymorphic viruses or

unknowns, but this does not prevent it from creating a huge database of viruses. It can even

detect and deactivate viruses in memory (Díaz-Aparicio, 2020).

Norton Anti-Virus – A D R H: Norton AntiVirus is the latest tool from Symantec

that protects against all types of viruses, Java applets, ActiveX controls, and all kinds of code

malicious open. Like most antivirus software, Norton AntiVirus protects you while

browse the Internet, recover information from floppy disks or CDs on your LAN and verify the files

email attachments, which is one of the major contributors to infections of the

system in current times (Díaz-Aparicio, 2020).

Panda Antivirus Titanium 2005 with TruPrevent is more than

a complete solution that will not only protect us from all known intruders, but also,

thanks to the new TruPrevent tool, it will protect us even from intruders (Díaz-Aparicio,

2020).

Backups

Even the most advanced security systems cannot guarantee protection against

complete data at 100%. A surge or drop in voltage can even erase the best data.

protected in an instant. UPS (uninterruptible power supply) can protect the

computers to prevent data loss during a power outage, the cheapest ones can be used

at home for temporary power outages.

Surge protectors do not work during a power outage, but

they protect the equipment from damage due to surges, which prevents costly repairs

later. Of course, disasters come in many forms. Vandalism, mistakes

humans, machine failures, fires, floods, lightning and earthquakes

can damage or destroy the data and hardware of the computer. Any security plan

the entire system must include a disaster recovery plan.

Regular backups are the best and most used in mainframes and

"PC" (Díaz-Aparicio, 2020). Backups are a way to protect your investment in

data. With multiple backups, the loss of information is less significant. Therefore,

In general, backups are usually made on tape, but depending on the case, they can be

to be done on floppy disk, CD, DVD, Zip, Jaz or magneto-optical disk, USB flash drive, or it can be done on

the remote backup center itself or over the Internet.

Data backups can be made, including the files that make up

part of the operating system. For this reason, backups are often used as the

last line of defense against data loss and, therefore, become the last

resource.

The purpose of a backup in a computer system is to "keep a

determined capacity for information to be recoverable from possible losses

(Díaz-Aparicio, 2020). For companies, this capability can become very important.

including criticism. There are companies that disappear because they cannot return their systems to the country.

before a major security incident.

 Conclusions

Despite the new and complex types of incidents that arise every day, still

There are security gaps that can be easily prevented with technology and in many

cases arise from a lack of awareness of the risks they represent. On the other hand, the

security incidents have an increasingly direct impact on people. Therefore,

An effective action is needed to raise awareness, train, and disseminate best practices.

It is necessary to maintain a state of vigilance and perpetual renewal: security is a

continuous process that requires knowledge of one's own experience. Organizations do not

You can see security as a process or product isolated from others. Security must be

part of the organization. The constant threats to systems, users, and companies must be

focus on the scope of vulnerabilities and the security tools they need to

face possible cyber attacks that can later cause large losses.

Attacks are more successful on the weakest and hardest to protect link, in this

case the people, which is one of the factors that contribute to the number of internal attacks.

Regardless of the process and technology, preventing attacks is ultimately

instance in the hands of the user.

 Bibliographic References

Díaz-Aparicio, J. D. (2020). Study on cybersecurity. Ed&TIC.

HACKER (2018). 62 terms you need to know to improve your cybersecurity.

Unable to access the content from the provided link.

improve-your-cybersecurity/100039

Information Security

Sain, G. (2018). What is computer security? Penal Thought Journal, 1-5.

Senra, J. M. V. (2022). Computer Security on the Internet and Social Networks (2nd edition).

Postigo Palacios, A. (2020). Cybersecurity (2020 edition). Ediciones Paraninfo, SA.

Tominaga García, Y. (2022). The encryption systems of touching in the security of text files.