Information security is the avoidance and protection of computer assets from unauthorized access, use, modification, degradation, destruction, and multiple threats. There are two main sub-types including physical and logical. Physical information security contains tangible protection devices. Logical information security contains non-physical protection.Information security defines protecting information and information systems from unauthorized access, use, acknowledgment, disruption, alteration or destruction. Governments, military, financial institutions, hospitals, and private businesses amass a big deal of confidential data about their employees, users, products, research and monetary status.Computer systems are vulnerable to several threats that can inflict multiple types of damage resulting in essential losses. This ... Read More

Any type of asset that is not operating optimally and is mission-critical or important to the organization, including data that are not backed-up, is known as vulnerability, while anything imperfect is known as weakness. Any type of counter measure that becomes fairly automated and meets the expectations of upper management is known as control.There are several types of controls in a computer security environment, and threats, are as follows −Malicious Software − Malicious software is also referred to as malware. It is a software that carry harm to a computer system. Malware can be in the structure of worms, viruses, ... Read More

Zombie computer is a computer under grab of a spammer who has infected the computer connected to a network with malware so that it facilitates as a tool of a spammer by sending out hundreds of emails from the owner’s email address. Therefore, an innocent user’s computer sends hundreds of spam messages without the awareness of the user. The spammers arrange zombie computers into small teams known as botnets. These botnets send spam such as phishing attempts, viruses and worms.Computers become element of a zombie network through malicious application (malware) that is unknowingly installed by users or automatically installed through ... Read More

A Password attack contains multiple techniques used by hackers to steal passwords. There are some password attacks are as follows −Brute-force − It is method in which a hacker attempt to guess a password by frequently entering in new set of words and phrases compiled from a dictionary to steal the password. It is making complex to guess usernames and passwords can avoid it.Packet sniffers − Packet sniffers are the technique used to capture data streams over a network to acquire sensitive information like usernames, passwords, credit card numbers, etc. Therefore, packet sniffers are also malicious forms of threats to ... Read More

Attacks can be defined by the relationship between threat, vulnerability, and damage. It can prevent attacks from viruses and worms, a current version of antivirus software must be used. Security threats associated with computer crime or abuse such as −Computer Viruses − The computer virus defines specifically as malware adding malicious programs into existing reports or programs. It circulates itself by several means. Viruses are treated as the general type of network security threat. Almost 90% of viruses are circulating through a connection on e-mails. However, a cautious user action can avoid the circulate of virus because virus needed a ... Read More

Security Information Management (SIM) products are also defined as Security Information and Event Management or Security Event Management. It can automate the manual procedure of collecting security-specific event-log data from file systems, security appliances, and multiple network devices.Security Information Management (SIM) is a heterogeneous product, and therefore SIM rollouts contain complex technical integration and political negotiations. The structure of the SIM tool doesn’t imply creating a lot of difference either.Even if a solution doesn’t need an installed agent to get data from a system, it still generally needed a configuration change or privileged account to receive the data it needs ... Read More

There are various advantages of Information Management Security which are as follows −MIS is a formal system for supporting management with precise and timely data necessary for decision-making. The system supports data on the past, present, and project future and on appropriate events within and external the organization.It can be represented as a planned and integrated system for gathering relevant records, transforming them into the right data, and supplying the same to the concerned administration. The objective of MIS is to support the right data to the right person at the right time.The advantage of a Security Information Management (SIM) ... Read More

Security information management is a type of software that automates the set of event log data from security devices, including firewalls, proxy servers, intrusiondetection systems, and anti-virus applications. The goals of Security Information Management are to avoid interruptions to business events and provide the correct and secure services of computer and network facilities.All Security Information Managements gather data from the sources inside the network. Some will gather data from outside sources as well, ranging from public threat recognition services to proprietary correlation networks. Security Information Management, to a high extent, adds value with its capacity of discovering patterns in network ... Read More

Security information management is a type of software that automates the collection of event log data from security devices, such as firewalls, proxy servers, intrusion detection systems, and anti-virus software. The goals of Security Information Management are to avoid interruptions to business events and provide the correct and secure services of computer and network facilities.Information technology is not only the necessity of our lives but it has more essential for our business as well. The essential asset of an organization is Information and to provide confidentiality and integrity of the valuable and important information and operational procedure in an organization, ... Read More

SIM stands for Security Information Management. Security information management is a type of software that automates the set of event log data from security devices, including firewalls, proxy servers, intrusion-detection systems and anti-virus applications.The SIM interprets the logged information into the correlated and simplified structure. Some SIM mechanism supports security documenting, analysis, and documenting for Sarbanes-Oxley, HIPAA, Basel II, FISMA, and Visa CISP compliance audits.A SIM automates group and analysis of data from some security elements in a network. Instead of having to view logs and alerts from the firewall, IDS, anti-virus, VPN, and some security systems, a security manager ... Read More