Security model

Threat चिन्ने, access बचाउने, system monitor गर्ने

Cyber security मा attack को नाम मात्र होइन, त्यसको defense पनि सम्झनुहोस्।

ThreatAccessFirewallSignature

Syllabus Focus

  • Introduction to cyber security.
  • Common threats: social engineering and DDoS.
  • Malware: phishing, spyware, viruses, worms and trojans.
  • Identity and access control.
  • Firewall, IDS and IPS.
  • Email filtering and antivirus software.
  • Digital signature concept and applications.

Standard definitions

Cyber Security

Standard definition: Cyber security is the practice of protecting systems, networks, applications and data from digital attacks, unauthorised access, damage or disruption.

Simple meaning: Computer, network र data लाई attack, चोरी, बिगार्ने काम वा unauthorized access बाट बचाउने अभ्यास।

Social Engineering

Standard definition: Social engineering is the manipulation of people into revealing confidential information or performing actions that compromise security.

Simple meaning: मान्छेलाई झुक्याएर password, OTP, access वा confidential information लिनु।

DDoS Attack

Standard definition: A distributed denial-of-service attack uses many compromised devices to flood a service with traffic and make it unavailable to legitimate users.

Simple meaning: धेरै devices बाट एकैचोटि traffic पठाएर website/service बन्द जस्तो बनाउने attack।

Malware

Standard definition: Malware is malicious software designed to damage, disrupt, spy on or gain unauthorised access to computer systems.

Simple meaning: Computer लाई हानी गर्ने bad software।

Phishing

Standard definition: Phishing is a fraudulent technique that uses deceptive messages or websites to steal credentials or sensitive information.

Simple meaning: Fake email/link/site बाट password वा data चोर्ने तरिका।

Firewall

Standard definition: A firewall is a hardware or software security control that monitors and filters incoming and outgoing network traffic based on predefined rules.

Simple meaning: Network को gatekeeper हो; rule अनुसार traffic allow वा block गर्छ।

IDS

Standard definition: An intrusion detection system monitors network or system activity to detect suspicious behaviour or known attack patterns and generate alerts.

Simple meaning: Attack जस्तो गतिविधि छ कि भनेर हेर्ने र warning दिने system।

IPS

Standard definition: An intrusion prevention system detects malicious traffic and actively blocks or prevents the detected threat in real time.

Simple meaning: IDS जस्तै detect गर्छ, तर threat भेटेपछि तुरुन्तै block पनि गर्छ।

Digital Signature

Standard definition: A digital signature is a cryptographic mechanism used to verify the authenticity, integrity and non-repudiation of a digital message or document.

Simple meaning: Digital document कसले पठायो र बीचमा परिवर्तन भयो कि भएन verify गर्ने electronic signature।

Access Control

Standard definition: Access control is a security mechanism that determines who is allowed to access specific systems, data or resources and what actions they can perform.

Simple meaning: कसले के access गर्न पाउँछ भन्ने permission control गर्ने व्यवस्था।

Antivirus Software

Standard definition: Antivirus software is a security program that detects, prevents and removes malware from computer systems.

Simple meaning: Virus/malware पत्ता लगाउने, रोक्ने र हटाउने software।

Email Filtering

Standard definition: Email filtering is the process of inspecting incoming or outgoing email to block spam, phishing, malware or policy violations.

Simple meaning: Spam, phishing वा harmful email रोक्न email जाँच्ने system।

Spyware

Standard definition: Spyware is malware that secretly monitors user activity or collects information without proper consent.

Simple meaning: चुपचाप user को activity वा data हेर्ने bad software।

Trojan

Standard definition: A trojan is malware disguised as legitimate software to trick users into installing or running it.

Simple meaning: राम्रो program जस्तो देखिएर भित्र हानी गर्ने malware।

Threat vs defense

Phishing

Fake message/site बाट password चोर्ने प्रयास; link जाँच्नुहोस्।

Malware

Virus, worm, trojan, spyware; antivirus र update चाहिन्छ।

Firewall

Network traffic rule अनुसार allow/block गर्ने सुरक्षा gate।

Digital signature

Document/message को identity र integrity verify गर्ने method।

Daily safe-use checklist

  • Unknown attachment खोल्नु अघि sender verify गर्नुहोस्।
  • Strong password र two-factor authentication प्रयोग गर्नुहोस्।
  • Operating system, browser र antivirus update राख्नुहोस्।
  • Public computer मा logout गर्न नबिर्सनुहोस्।