Wednesday, 28 September 2016

Chapter 11 Manage Computing Securely, Safely and Ethically

  • Define the term, computer security risks, and briefly describe the types of cybercrime perpetrators
  • Describe various types of Internet and network attacks, and identify ways to safeguard against these attacks
  • Discuss techniques to prevent unauthorized computer access and use
  • Identify safeguards against hardware theft and vandalism
  • Explain the ways software manufacturers protect against software piracy
  • Discuss how encryption works, and explain why it is necessary
  • Discuss the types of devices available that protect computers from system failure
  • Explain the options available for backing up computer resources
  • Identify risks and safeguards associated with wireless communications
  • Recognize issues related to information accuracy, intellectual property rights, codes of conduct, and green computing
  • Discuss issues surrounding information privacy
Computer Security Risks
  • A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability
  • A cybercrime is an online or Internet-based illegal act
  1. Hackers 
  2. Crackers
  3. Script Kiddies
  4. Corporate Spies
  5. nethical Employees
  6. Cyberextortionists
  7. Cyberterrorists
Internet and Network Attacks
  • Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises
  • An online security service is a Web site that evaluates your computer to check for Internet and e-mail vulnerabilities
  • Computer Virus-Affects a computer negatively by altering the way the computer works
  • Worm-Copies itself repeatedly, using up resources and possibly shutting down the computer or network
  • Trojan Horse-A malicious program that hides within or looks like a legitimate program
  • Rootkit-Program that hides in a computer and allows someone from a remote location to take full control
  • Users can take several precautions to protect their home and work computers and mobile devices from these malicious infections
  • A botnet is a group of compromised computers connected to a network
  • A denial of service attack (DoS attack) disrupts computer access to Internet services
  • A back door is a program or set of instructions in a program that allow users to bypass security controls
  • Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate
  • A firewall is hardware and/or software that protects a network’s resources from intrusion
  • Intrusion detection software-Analyzes all network traffic, Assesses system vulnerabilities, Identifies any unauthorized intrusions, Notifies network administrators of suspicious behavior patterns or system breaches
  • Honeypot-Vulnerable computer that is set up to entice an intruder to break into it
Unauthorized Access and Use
  • Organizations take several measures to help prevent unauthorized access and use-Acceptable use policy, Disable file and printer sharing, Firewalls, Intrusion detection software
  • Access controls define who can access a computer, when they can access it, and what actions they can take-Two-phase processes called identification and authentication, User name, Password, Passphrase, CAPTCHA
  • A possessed object is any item that you must carry to gain access to a computer or computer facility-Often are used in combination with a personal identification number (PIN)
  • A biometric device authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer
  • Digital forensics is the discovery, collection, and analysis of evidence found on computers and networks
  • Many areas use digital forensics-Law enforcement, Criminal prosecutors, Military intelligence, Insurance agencies, Information security departments
Hardware Theft and Vandalism
  • Hardware theft is the act of stealing computer equipment
  • Hardware vandalism is the act of defacing or destroying computer equipment
  • To help reduce the of chances of theft, companies and schools use a variety of security measures-Physical access controls, Alarm systems, Cables to lock equipment, Real time location system, Passwords, possessed objects, and biometrics
Software Theft
  • Software theft occurs when someone:-Steals software media, Intentionally erases programs, Illegally copies a program, Illegally registers and/or activates a program
  • Permitted to Install the software on one computer, Make one copy of the software or Remove the software from your computer before giving it away or selling it
  • Not permitted to Install the software on a network, Give copies to friends or colleagues while continuing to use the software, Export the software, Rent or lease the software
  • Copying, loaning, borrowing, renting, or distributing software can be a violation of copyright law
  • Some software requires product activation to function fully
Information Theft
  • Information theft occurs when someone steals personal or confidential information
  • Encryption is a process of converting readable data into unreadable characters to prevent unauthorized access
  • A digital signature is an encrypted code that a person, Web site, or organization attaches to an electronic message to verify the identity of the sender Often used to ensure that an impostor is not participating in an Internet transaction
  • Web browsers and Web sites use encryption techniques
  • Popular security techniques include Digital Certificates, Transport Layer Security (TLS), Secure HTTP, VPN
System Failure
  • A system failure is the prolonged malfunction of a computer
  • A variety of factors can lead to system failure, including Aging hardware, Natural disasters, Electrical power problems, Errors in computer programs
  • Two ways to protect from system failures caused by electrical power variations include surge protectors and uninterruptable power supplies (UPS)
  • A backup is a duplicate of a file, program, or disk that can be used if the original is lost, damaged, or destroyed To back up a file means to make a copy of it
  • Offsite backups are stored in a location separate from the computer site
  • Two categories of backups: Full backup, Selective backup

No comments:

Post a Comment