Chapter 1

INTRODUCTION TO
SECURITY

Prepared by: •Puziahhaiza

PUZIAHHAIZA
PAZUI
BT
Binti
 Chapter1: Intro to Security
1.1 Apply Security
1.2 Demonstrate Security Threats
1.3 Demonstrate Methods of Security Attacks
1.4 Apply Various Tools in Information Security
1.5 Show Access to Data and Equipment
1.1.1 : Understand Security
Information security

vs

cybersecurity
 What is Cyber Security?
• Cyber security is the practice of protecting information and data
from outside sources on the Internet. Cybersecurity professionals
provide protection for networks, servers, intranets and computer
systems. It also ensures that only authorized people have access to
that information. In an office setting, one individual might go to
another’s computer, install a flash drive and copy confidential
information. This falls more under the category of information
security. If someone halfway across world manages to hack into
another company’s network and breach their system, this company
is in need of better cyber security.
 What is Information Security?
• Information security is all about protecting information and
information systems from unauthorized use, assess, modification or
removal. It’s similar to data security, which has to do with protecting
data from being hacked or stolen. Data is classified as information
that means something. All information is data of some kind, but not
all data is information. When certain things are stored in a computer
system, they are considered data. It isn’t until it’s actually
processed that it becomes information. Once it becomes
information is when it needs protection from outside sources. These
outside sources may not necessarily be in cyberspace.
• Cybersecurity is a more general term that
includes InfoSec. ongoing effort to protect these
networked systems and all of the data from
unauthorized use or harm.
• Information security, often referred to as InfoSec, refers to the processes
and tools designed and deployed to protect sensitive business information
from modification, disruption, destruction, and inspection.
Your
mone
y

Why?
Your
identit
y
1.1.2: Goals of Security
 AVAILABILITY - Mantaining equipment, performing hardware repairs, keeping operating
systems and
software up to date, and creating backups ensure the availability of the network and data to
the
authorized users. Plans should be in place to recover quickly from natural or man-made
disasters.
INTEGRITY - is accuracy, consistency, and trustworthiness of the data during its entire life
I

cycle.
Data must be unaltered during transit and not changed by unauthorized entities. File
permissions and
user access control can prevent unauthorized access.
CONFIDENTIALITY - Another term for confidentiality would be privacy. Company policies
should
C
A

restrict access to the information to authorized personnel and ensure that only those
authorized
individuals view this data. Methods to ensure confidentiality include data encryption,
username ID
and password, two factor authentication, and minimizing exposure of sensitive information.
 Lets check your level....

https://www.mentimeter.com/s/cc217516285c6b070df79ad50bcae6fd/3aae6
fb00b6c
 WHO
?

Attackers Hackers
 1.1.3: Attackers vs Hackers
• Attackers - are individuals or groups who attempt to exploit
vulnerability for personal or financial gain. Attackers are interested
in everything, from credit cards to product designs and anything
with value.
• Hackers - This group of attackers break into computers or networks
to gain access. Depending on the intent of the break-in, these
attackers are classified as White, Grey, or Black hats.
How do you define a Hacker? Black,
White or Grey?
• The white hat attackers break into networks or computer systems to
discover weaknesses so that the security of these systems can be
improved. These break-ins are done with prior permission and any results
are reported back to the owner.
• Black hat attackers take advantage of any vulnerability for illegal personal,
financial or political gain.
• Grey hat attackers are somewhere between white and black hat attackers.
The grey hat attackers may find a vulnerability in a system. Grey hat
hackers may report the vulnerability to the owners of the system if that
action coincides with their agenda. Some grey hat hackers publish the
facts about the vulnerability on the Internet so that other attackers can
exploit it.
• Meet the right guys on the dark web. White hat hackers,
also known as ethical hackers are the cybersecurity
experts who help the Govt and organizations by
performing penetration testing and identifying loopholes in
their cybersecurity. They even do other methodologies
and ensure protection from black hat hackers and other
malicious cyber crimes.
• Simply stated, these are the right people who are on your
side. They will hack into your system with the good
intention of finding vulnerabilities and help you
remove virus and malware from your system.
• Taking credit for the negative persona around “hacking,” these guys
are your culprits. A black hat hacker is the type of hacker you
should be worried. Heard a news about a new cybercrime today?
One of the black hat hackers may be behind it.
• While their agenda may be monetary most of the time, it’s not
always just that. These hackers look for vulnerabilities in individual
PCs, organizations and bank systems. Using any loopholes they
may find, they can hack into your network and get access to your
personal, business and financial information.
• Grey hat hackers fall somewhere in between white hat and black
hat hackers. While they may not use their skills for personal gain,
they can, however, have both good and bad intentions. For
instance, a hacker who hacks into an organization and finds some
vulnerability may leak it over the Internet or inform the organization
about it.
• It all depends upon the hacker. Nevertheless, as soon as hackers
use their hacking skills for personal gain they become black hat
hackers. There is a fine line between these two. So, let me make it
simple for you.
• Because a grey hat hacker doesn’t use his skills for personal
gain, he is not a black hat hacker. Also, because he is
not legally authorized to hack the organization’s cybersecurity,
he can’t be considered a white hat either.
1.2:
Security
Threats
 1.2.1: Security Threats
a. Malicious code
b. Hacking
c. Natural disaster
d. Theft
 a. Malicious Code
• Malicious code/malware refers to a broad category of programs that can
cause damage or undesirable effects to computers or networks.
• Potential damage can include modifying, destroying or stealing data,
gaining or allowing unauthorised access to a system, bringing up
unwanted screens, and executing functions that a user never intended.
• Examples of malicious code include computer viruses, worms, Trojan
horses, logic bombs, spyware, adware and backdoor programs. Because
they pose a serious threat to software and information processing
facilities, users and administrators must take precautions to detect and
prevent malicious code outbreaks.
• Computer viruses are still the most common form of malicious code.
• Spyware – This malware is design to track and spy on the user. Spyware often
includes activity trackers, keystroke collection, and data capture. In an attempt to
overcome security measures, spyware often modifies security settings. Spyware
often bundles itself with legitimate software or with Trojan horses.
• Adware – Advertising supported software is designed to automatically deliver
advertisements. Adware is often installed with some versions of software. Some
adware is designed to only deliver advertisements but it is also common for
adware to come with spyware.
• Bot – From the word robot, a bot is malware designed to automatically perform
action, usually online. While most bots are harmless, one increasing use of
malicious bots are botnets. Several computers are infected with bots which are
programmed to quietly wait for commands provided by the attacker.
• Ransomware – This malware is designed to hold a computer system or the data it contains captive
until a payment is made. Ransomware usually works by encrypting data in the computer with a key
unknown to the user. Some other versions of ransomware can take advantage of specific system
vulnerabilities to lock down the system. Ransomware is spread by a downloaded file or some
software vulnerability.
• Scareware – This is a type of malware designed to persuade the user to take a specific action based
on fear. Scareware forges pop-up windows that resemble operating system dialogue windows. These
windows convey forged messages stating the system is at risk or needs the execution of a specific
program to return to normal operation. In reality, no problems were assessed or detected and if the
user agrees and clears the mentioned program to execute, his or her system will be infected with
malware.
• Rootkit – This malware is designed to modify the operating system to create a backdoor. Attackers
then use the backdoor to access the computer remotely. Most rootkits take advantage of software
vulnerabilities to perform privilege escalation and modify system files. It is also common for rootkits to
modify system forensics and monitoring tools, making them very hard to detect. Often, a computer
infected by a rootkit must be wiped and reinstalled.
• Virus - A virus is malicious executable code that is attached to other executable files,
often legitimate programs. Most viruses require end-user activation and can activate at a
specific time or date. Viruses can be harmless and simply display a picture or they can be
destructive, such as those that modify or delete data. Viruses can also be programmed to
mutate to avoid detection. Most viruses are now spread by USB drives, optical disks,
network shares, or email.
• Trojan horse - A Trojan horse is malware that carries out malicious operations under the
guise of a desired operation. This malicious code exploits the privileges of the user that
runs it. Often, Trojans are found in image files, audio files or games. A Trojan horse differs
from a virus because it binds itself to non-executable files.
• Worms – Worms are malicious code that replicate themselves by independently exploiting
vulnerabilities in networks. Worms usually slow down networks. Whereas a virus requires
a host program to run, worms can run by themselves. Other than the initial infection, they
no longer require user participation. After a host is infected, the worm is able to spread
very quickly over the network. Worms share similar patterns. They all have an enabling
vulnerability, a way to propagate themselves, and they all contain a payload.
How to Defend?
 A few simple steps can help defend
against all forms of malware:
• Antivirus Program
• Up-to-Date Software
 b. Hacking
• Typically, hackers are people who believe that working inside a
computer network is a lot more powerful than working outside of it.
They often have a rebellious streak, and they hack based on their
own ideas of how the world should work.
• Hackers/predators are programmers who victimize others for their
own gain by breaking into computer systems to steal, change, or
destroy information as a form of cyber-terrorism. These online
predators can compromise credit card information, lock you out of
your data, and steal your identity.
 b. hacking
• Hacking started in the ‘60s with phone freaking (or phreaking)
which refers to using various audio frequencies to manipulate
phone systems.
• In the mid-‘80s, criminals used computer dial-up modems to
connect computers to networks and used password-cracking
programs to gain access to data.
• Nowadays, criminals are going beyond just stealing information.
Criminals can now use malware and viruses as high tech weapons.
Modern Hacking
Term
 c. Natural Disaster
• Keeping data secure begins with knowing the natural risks to your
business facility and if your company uses Internet-based storage,
any threats to your data centre.
• Hurricanes, tornados, floods, fires and earthquakes regularly
feature in our news reports.
• Your company’s emergency plans should be conscious of these
data center preparations so that you can stay operational,
well-stocked and ready for prolonged disruption.
• The right disaster planning will include secure data copies,
evacuation plans, trained staff, power redundancy and the
necessary stores of supplies for extended emergency conditions.
Here are a couple of key areas to be aware of after a natural disaster.
And some about your physical data protection as well.

• Be aware of the risks of using open Wi-Fi connections and ways to lessen the risk
• Hackers love to exploit disasters. Be aware and train your employees in safe practices during disasters.
• Let’s not forget your physical data. The Federal Trade Commission gives this advice for taking care of physical
sensitive information:
• Take stock. Create an inventory of the personal information you have. That way, if your files are destroyed or lost in a natural
disaster, you’ll know what information is involved.

• Scale down. Collect only what you need. For example, if there’s no business reason why you have to have someone’s Social
Security number, don’t ask for it in the first place. Keep records only as long as you have a reason to maintain them. Don’t hold
onto customer credit card information unless you have a business need for it.

• Lock it. Store personal information in the safest part of your building. If information is missing after a natural disaster, contact
law enforcement. If possible – this is where your inventory helps – contact affected individuals so they can place a fraud alert on
their credit reports.

• Pitch it. Properly dispose of what you no longer need. Shred, burn or pulverize paper records before discarding. If you use
consumer credit reports for a business purpose, you may also be subject to the FTC’s Disposal Rule.
 d. Theft
• Data theft is the act of stealing information stored on computers,
servers, or other devices from an unknowing victim with the intent
to compromise privacy or obtain confidential information.
• Data theft is a growing problem for individual computer users as
well as large corporations and organizations.
• Data theft occurs both outside and inside companies, and reducing
the risk of insider data theft at the corporate level is anything but
easy.
 Example theft activities:-
i. Credit Card Number Theft
ii. ATM Spoofing
iii. PIN Capturing
iv. Database Theft
v. Electronic Cash
ATM Spoofing
PIN Capturing
Database
Theft
Electronic Cash
 TIPS FOR PREVENTING DATA THEFT:

i. Encrypt sensitive data and use encryption on all laptops, devices,

and emails that contain sensitive data.
ii. Secure access to your network with firewalls, remote access
through properly configured Virtual Private Networks, and Wi-Fi
networks that are secure and encrypted.
iii. Use password protection for all business computers and devices
and require employees to have unique user names and strong
passwords that they change regularly.
 TIPS FOR PREVENTING DATA THEFT:

• Secure sensitive customer, employee, and patient data by keeping

storage devices containing sensitive information in a locked, secure
area and restricting access to sensitive data.
• Properly dispose of sensitive data and remove all data from
computers and devices before disposing of them.
• Train your employees to ensure they understand your data
protection practices and their importance.
https://quizlet.com/_7qa1uk?x=1jqt&i=mk518
 1.2.2: Sources of Security Threats
The word 'threat' in information security means anyone or anything
that poses danger to the information, the computing resources, users
or data.
a) External
b) Internal
c) Unstructured
d) Structured
 a. External Threats
• External threats come from amateurs or skilled attackers(outside)
can exploit vulnerabilities in network or computing devices, or use
social engineering to gain access.
• These threats may be primarily physical threats, socio-economic
threats specific to the country like a country's current social and
economic situation, network security threats, communication
threats, human threats like threats from hackers, software threats,
and legal threats.
• They do not have authorized access to the computer systems or
network.
 b. Internal Threats
• Internal threats occur when someone has authorized access to the
network with either an account on a server or physical access to
the network.
• This could be a disgruntled employee, an opportunistic employee,
or an unhappy past employee whose access is still active.
• In the case of a past network employee, even if their account is
gone, they could be using a compromised account or one they set
up before leaving for just this purpose.
• Studies show that 80% of security incidents are coming from
insiders.
 Many internal threats primarily originate
for the following reasons:
i. Weak Security Policies
ii. Weak Security Administration
iii. Lack of user security awareness
 c. Unstructured Threats
• Unstructured threats consist of mostly inexperienced individuals
using easily available hacking tools such as shell scripts and
password crackers.
• Even unstructured threats that are only executed with the intent of
testing and challenging a hacker’s skills can still do serious damage
to a company.
• For example, if an external company Web site is hacked, the
integrity of the company is damaged.
 d. Structured Threats
• Structured threats come from hackers that are more highly
motivated and technically competent .
• These people know system vulnerabilities, and can understand and
develop exploit-code and scripts.
• They understand, develop, and use sophisticated hacking
techniques to penetrate unsuspecting businesses.
• These groups are often involved with the major fraud and theft
cases reported to law enforcement agencies.
1.
3
Methods of Security Attacks
 Security Attacks
• The three goals of security—confidentiality, integrity and
availability—can be threatened by security attacks.
• There are two attackers: passive attack and active attack.
• A passive attack attempts to learn or make use of information from
the system but does not affect system resources.
• active attack attempts to alter system resources or affect their
operation.
 1.3.1: Types of Security Attacks
a. Reconnaissance attack (e.g – sniffing, spoofing)
b. Access attack (e.g – hacking, brute force)
c. Denial of Service attack
d. Distributed Denial of Service attack
e. Malicious code attack (e.g – worms, viruses,
trojan horses)
 a. Reconnaissance attack (e.g – sniffing,
spoofing)
• In a reconnaissance attack, a hacker tries to gain information about
your network, including its topology, the devices that reside inside
it, the software running on them, and the configuration that has
been applied to these devices.
• The hacker then uses this information to execute further attacks,
such as DoS or access attacks.
• Reconnaissance attacks come in different types: Scanning/spoofing
& Eavesdropping/sniffing.
Scanning/Spoofing Attacks
• The most common type of reconnaissance attack is a
scanning/spoofing attack.
• Its an impersonation attack, and it takes advantage of a trusted
relationship between two systems.
• If two systems accept the authentication accomplished by each
other, an individual logged onto one system might not go through
an authentication process again to access the other system.
• An attacker can take advantage of this arrangement by sending a
packet to one system that appears to have come from a trusted
system.
• Since the trusted relationship is in place, the targeted system may
perform the requested task without authentication.
• There are multiple types of spoofing attacks.
 Types of spoofing attacks:-
• MAC address spoofing occurs when one computer accepts data packets
based on the MAC address of another computer.
• IP spoofing sends IP packets from a spoofed source address to disguise
itself.
• The Domain Name System (DNS) associates domain names with IP
addresses. DNS server spoofing modifies the DNS server to reroute a
specific domain name to a different IP address controlled by the criminal.
• Address Resolution Protocol (ARP) is a protocol that resolves IP
addresses to MAC addresses for transmitting data. ARP spoofing sends
spoofed ARP messages across a LAN to link the criminal’s MAC address
with the IP address of an authorized member of the network.
 Eavesdropping/sniffing Attacks
• Sniffing is similar to eavesdropping on someone.
• It occurs when attackers examine all network traffic as it passes
through their NIC, independent of whether or not the traffic is
addressed to them or not.
• Criminals accomplish network sniffing with a software application,
hardware device, or a combination of the two.
• As shown in the figure, sniffing
views all network traffic or it can
target a specific protocol, service,
or even string of characters such
as a login or password.
• Some network sniffers observe all
traffic and modify some or all of the
traffic as well.
• Sniffing also has its benefits. Network administrators may also use
sniffers to analyse network traffic, identify bandwidth issues, and
troubleshoot other network issues.
• Physical security is important in preventing the introduction of
sniffers on the internal network.
b. Access attack (e.g – hacking, brute
force)
• In an access attack, a hacker attempts to gain unauthorized or illegal
access to your network and its resources, particularly resources such as
file, e-mail, and web servers.
• He/she typically does this by trying to access password files, using
password-cracking programs, or examining traffic on your network for
packets that contain clear-text passwords (eavesdropping attack).
• Other types of attacks include exploiting weaknesses in operating
systems and applications, such as buffer overflows, that can allow a
hacker access without first authenticating.
• After a hacker has broken into one of your networking devices,
he/she usually tries to raise his privilege level to the highest
possible degree and then uses this account to break into other
networking devices.
• He also might modify files on your resources or, in the worst
possible scenario, erase everything on the disk drive and laugh as
he tells his story to his friends.
 Denial of Service attack (DoS)
• Besides reconnaissance attacks, the second most common form of
security threat and attack is the DoS attack.
• Denial-of-Service (DoS) attacks are a type of network attack.
• With a DoS attack, a hacker attempts to deny legitimate traffic and
user access to a particular resource, or, at the very least, reduce
the quality of service for a resource.
• There are two major types of DoS attacks:
• Overwhelming Quantity of Traffic - The attacker sends an enormous
quantity of data at a rate that the network, host, or application cannot handle.
This causes a slowdown in transmission or response, or a crash of a device
or service.
• Maliciously Formatted Packets - The attacker sends a maliciously
formatted packet to a host or application and the receiver is unable to handle
it. For example, an application cannot identify packets containing errors or
improperly formatted packets forwarded by the attacker. This causes the
receiving device to run very slowly or crash.
• DoS attacks are a major risk because they can easily interrupt
communication and cause significant loss of time and money.
• These attacks are relatively simple to conduct, even by an unskilled
attacker.
• The goal of a denial-of-service attack is to deny access to
authorized users making the network unavailable (remember the
three underlying security principles: confidentiality, integrity, and
availability).
Some Types of DoS Attacks
An application
A ping of attack
death att
ack An e-mail
Types bomb
of DoS
Attack
A packet s
fragment
ation and CPU
reassem hogging
Chargen
bly attack
 DoS Attack-Prevention Methods
• The following are common solutions used to detect and prevent
DoS attacks:
• Performing packet filtering
• Using an intrusion-detection system (IDS)
• Using routing protocols with authentication
• Running detailed audits and logs
 Distributed Denial of Service attack
(DDoS)
• An enhanced form of DoS attacks are Distributed DoS (DDoS)
attacks.
• A Distributed DoS Attack (DDoS) is similar to a DoS attack, but it
originates from multiple, coordinated sources.
• With a DDoS attack, a hacker subverts or controls multiple sources
and uses these sources to attack one or more destinations.
• Tracing the culprit in these kinds of attacks can be difficult,
especially if the hacker is using many different ISPs as the source
of the attack.
• DDoS attacks are often targeted at web servers of high-profile
organizations such as trade organizations and government, media
companies, commerce, and banking.
• As an example, a DDoS attack could proceed as follows:
• An attacker builds a network of infected hosts, called a botnet, comprised of
zombies. Zombies are the infected hosts. The attacker uses handler systems
to control the zombies. The zombie computers constantly scan and infect
more hosts, creating more zombies. When ready, the hacker instructs the
handler systems to make the botnet of zombies carry out a DDoS attack.
 Malicious code attack (e.g – worms,
viruses,
trojan horses)
• Malware is a term used to describe malicious software, including
spyware, ransomware, viruses, and worms.
• Malware breaches a network through a vulnerability, typically when a
user clicks a dangerous link or email attachment that then installs risky
software.
• Once inside the system, malware can do the following: Blocks access to
key components of the network (ransomware), Installs malware or
additional harmful software, Covertly obtains information by transmitting
data from the hard drive (spyware), Disrupts certain components and
renders the system inoperable.
 1.3.2: Social Engineering: Pretexting,
Phising and Vishing
• Social engineering, in the context of information security, is
the psychological manipulation of people into performing actions or
divulging confidential information.
• Example of social engineering would be that the hacker contacts
the target on a social networking site and starts a conversation with
the target.
• Social engineering relies heavily on the 6 principles of influence
established: reciprocity, commitment and consistency, social proof,
authority, liking, scarcity.
 Four Social Engineering Vectors:-

i. Vishing
ii. Phishing
iii. Impersonation (Pretexting/Pretending)
iv. Smishing
 Pretexting
• Pretexting is another form of social engineering where
attackers focus on creating a good pretext, or a
fabricated scenario, that they can use to try stealing their
victims’ personal information.
• These attacks commonly take the form of a scammer
pretending to need certain information from their target in
order to confirm their identity.
 Phishing
• Phishing attacks use email or malicious web sites to
solicit personal, often financial, information.
• Attackers may send email seemingly from a reputable
credit card company or financial institution that requests
account information, often suggesting that there is a
problem.
• When users respond with the requested information,
attackers can use it to gain access to the accounts
 Vishing

• Vishing, also commonly known as voice phishing or

phone elicitation, is a rapidly growing social
engineering attack vector.
• Vishing attempts are difficult to monitor and trace, and
attackers are increasingly leveraging this mechanism to
extract information and compromise organizations.
1.4 DISCUSS VARIOUS TOOLS IN
INFORMATION SECURITY
 a. Network Mapper (Nmap)
• Nmap is a free and open-source network scanner
created by Gordon Lyon.
• Nmap is used to discover hosts and services on a
computer network by sending packets and analyzing the
responses.
• Nmap provides a number of features for probing
computer networks, including host discovery and service
and operating system detection
 b. Netstat
• Netstat — derived from the words network and statistics
• a command-line network utility that displays network connections for
Transmission Control Protocol, routing tables, and a number of network
interface and network protocol statistics
• a program that's controlled via commands issued in the command line.
It delivers basic statistics on all network activities and informs users on
which ports and addresses the corresponding connections (TCP, UDP)
are running and which ports are open for tasks.
 c. NetScan
• NetScans are processes to look for and automatically discover devices
in your network.
• NetScans streamline the process of adding devices which helps
ensure your entire environment is properly monitored.
• When a device is discovered, you can specify criteria that determines
whether it will be added to monitoring.
• Reverse DNS
• System name
• IP address
• NetScan can use three methods for discovering devices:
• ICMP (ping)
• Script
• AWS scan
1.5 DESCRIBE ACCESS TO DATA AND
EQUIPMENT
 1.5.1 Data Wiping
• Deleting files from a hard drive does not remove them
completely from the computer.
• This data is not completely removed until the hard drive
stores other data in the same location, overwriting the
previous data.
• Hard drives should be fully erased (data wiped) to prevent
the possibility of recovery using specialized software.
• Data wiping, also known as secure erase is a
software-based method of overwriting the data that
aims to completely destroy all electronic data
residing on a hard disk drive or other digital media.
• Data wiping is often performed on hard drives
containing sensitive data that are considered
confidential such as financial information.
 How to wipe a drive in Windows:-
• Step 1: Download Eraser
• Step 2: Create task
Open the Eraser application and right-click (or tap and hold) in the
main Erase Schedule window and select New Task. In the window
that appears, make sure Run Manually is selected and then select
the Add Data button at the bottom of the window. Change the Target
Type to your drive of choice.
• Step 3: Select
an erasure
method
• Step 4:
Run the
task
 1.5.2 Hard Drive Destruction
• Companies with sensitive data should always
establish clear policies for hard drive disposal.
• It is important to be aware that formatting and
reinstalling an operating system on a computer
does not ensure that information cannot be
recovered.
• Destroying the hard drive is the best option for
companies with sensitive data.
• Drilling holes through a
drive’s platters is not the most
effective method of hard drive
destruction.
• Data can still be recovered
using advanced data forensic
software.
• To fully ensure that data
cannot be recovered from a
hard drive, carefully shatter
the platters with a hammer
and safely dispose of the
pieces.
• The only way to fully ensure that
data cannot be recovered from a
hard drive is to carefully shatter
the platters with a hammer and
safely dispose of the pieces.
• To destroy software media (floppy
disks and CDs), use a shredding
machine designed for shredding
these materials.
• Hard Drive Recycling - Hard drives
that do not contain sensitive data
can be reformatted and used in
other computers.
1.5.3 Hard Drive Recycling
• The drive can be reformatted, and a new operating system can
be installed.
• Two types of formatting can be performed:
• Standard format - Also called high-level formatting, a boot sector is
created and a file system is set up on the disk. A standard format can
only be performed after a low-level format has been completed.
• Low-level format - The surface of the disk is marked with sector
markers to indicate where data will be stored physically on the disk, and
tracks are created. Low-level formatting is most often performed at the
factory after the hard drive is built.
The End