Final answer:
Computer security refers to the protection of computer systems and data from unauthorized access, use, disclosure, disruption, modification, or destruction. Passive security threats aim to gather information without directly affecting the system, while active security threats actively disrupt or modify a system.
Step-by-step explanation:
Computer Security
Computer security refers to the protection of computer systems and data from unauthorized access, use, disclosure, disruption, modification, or destruction. It involves implementing measures and safeguards to prevent and detect security breaches, as well as respond and recover from them.
Passive Security Threat
A passive security threat refers to an attack or risk that is focused on gathering information without directly affecting or altering the system. It involves attempts to gain unauthorized access or eavesdrop on data without being detected. An example of a passive security threat is a hacker attempting to intercept network traffic to capture sensitive information, such as passwords or credit card details.
Active Security Threat
An active security threat, on the other hand, involves an attack or risk that actively disrupts or modifies a system. It aims to directly impact the availability, integrity, or confidentiality of data or system operations. An example of an active security threat is a malware infection that encrypts files on a computer and demands a ransom for their release.
Computer security refers to protecting computer systems from various threats. Passive security threats involve unauthorized data access without system impact, like packet-sniffing, while active security threats involve direct harm to the system, such as DoS attacks.
Computer security can be defined as the protection of computer systems and networks from information disclosure, theft of, or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide. A security breach, as per the Personal Data Notification & Protection Act of 2017, is a situation where there is unauthorized access to sensitive personally identifiable information, which compromises the security, confidentiality, or integrity of the data.
There are two main types of security threats: passive and active. Passive security threats are those where the threat actor seeks to gain unauthorized access to data without affecting system resources, often for the purpose of data analysis and collection without the user's consent. An example of a real-life scenario would be a hacker using packet-sniffing software to intercept and collect data on a network without being detected or interrupting the network's normal functions. On the other hand, active security threats involve the threat actor actively altering system operations, destroying data, or otherwise affecting the system's performance in a negative way. For instance, a denial-of-service (DoS) attack where the attacker floods a server with traffic to make it unavailable to users, would be an example of an active threat.