Abstract image of a woman sitting on books and studying on a laptop

Computer security and privacy

E
eiramespi07

The document outlines various aspects of computer security, including definitions of cybercrime perpetrators, types of internet and network attacks, and measures for safeguarding against these threats. It discusses the importance of encryption, options for backing up computer resources, risks associated with wireless communications, and ways to prevent health-related disorders from computer use. Additionally, it covers issues related to information accuracy and privacy, as well as the ethical implications of software piracy.

Internet
Related topics:
Information Security Computer Security
1 of 10
1
2
Most read
3
Most read
4
5
6
7
8
9
10
Most read
C.G.E. ICT – SIR JD March2, 2016 COMPUTER SECURITY AND PRIVACY PART 1 I. Define the term,computer securityrisks,and brieflydescribe the types of cybercrime perpetrators A computer securityriskis any event or action that could cause a loss or damage to computer hardware, software, data, or information. TYPES OF CYBERCRIME PERPETRATORS Corporatespy– a person hired by an organization to break into another organization’s specific computer and steal its proprietary data and information, or to help identify security risks within their own organization. The hiring of a corporate spy is called corporate espionage. Cracker – someone who accessesa computer or network illegally, with the intent of destroying data, stealing information, or any other malicious action. A cracker usually has advanced network skills. Cyberextortionist– aperson who uses e-mails as their drive force for extortion. A cyberextortionist usually performs actions, such as threatening to expose confidential information about a company, unless they are paid a certain sum of money. Cyberterrorist– someone who uses the internet or a network to destroy or damage computers for political reasons.Cyberterrorists are also associated with cyberwarfare,which is describedas an attack whose goal ranges from disabling a government’scomputer network to crippling a country. Hacker – a person who accessesa computer or network illegally. Some hackers make a claim or justify their intent for hacking, are to improve security. Scriptkiddie– someone who has the same intent as a cracker but does not have the technical expertise,so in turn use pre-writtenhacking andcracking programs to breach computers or networks. Unethicalemployee– employeesmay break into their employer’s computer or network maybe either to simply exploit a security weakness or to seek financial gains from selling confidential information. Some employees may just want revenge (GrayShelter).
C.G.E. ICT – SIR JD March2, 2016 II. Describe varioustypes of Internet and network attacks, and identify ways to safeguard against these attacks An internetor network attack is when someone accessesanother person’s computer via the internet or their network to gain information for their own personal agenda or just to destroy their data. TYPES OF INTERNET or NETWORK ATTACK 1) Malware(Malicioussoftware)– aprogram that act without a user’s knowledge and deliberately alter the computer operation. Types: a) computervirus–a program that are designedto affect, or infect a computer negatively by altering how the computer works without the user’sknowledge or permission b) worm–aprogram that copies itself repeatedly c) Trojan Horse–aprogram that hides within or looks like a legitimate program, but executeswhena certain condition or action is triggered. d) Rootkit– program that hides in a computer and allows someone from a remote location to take full control of the computer. e) Spyware– a program placed on a computer without the user’s knowledge that secretly collects information about the user f) Adware – a program that displays an online advertisement in a banner or a pop-up window on web pages,e-mail messagesor other internet services 2) Botnets - a group of compromised computers connectedto a network such as the Internet that are used as part of a network that attacks other networks, usually for nefarious purposes. 3) BackDoor - A program or set of instructions in a program that allow users to bypass security controls when accessinga program, computer, or network 4) Denialof ServiceAttacks or DoS attack - is an assault whose purpose is to disrupt computer accessto an Internet service such as the Web or e-mail. 5) Spoofing- A technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network.
C.G.E. ICT – SIR JD March2, 2016 These are precautions and measures that canbe taken to prevent an attack: 1). Not starting a computer with removablemedia insertedin the drives or plugged in the ports. 2). Neveropeningane-mailattachment unless the attachment is expectedandis from a trusted source. 3). Setting a computer’s macrosecuritylevel to high, in software and programs, and that macros are only enabled from programs of a trusted source. 4). Installing and frequently updating of anti-virusprogramsandsoftware. 5). Enabling of a computer’sfirewall as this prevents a computer from having hackers or malicious software from gain accessthrough the internet or network. 6).Installing intrusiondetectionsoftware;which analyzes all network traffic, assesses system vulnerabilities, identifies any unauthorized intrusions, and notifies network administrators of suspicious behavior patterns or system breaches. 7). Using a honeypot; a purposely vulnerable computer that is set up to entice an intruder to break into it. III. Discusstechniquesto prevent unauthorizedcomputer accessand use Identify your weaknesses. Make sure every entry point is securedwith passwords and encryption. Install anti-virussoftware on your computers. Invest in an anti-virus program to prevent malware attacks on your system. Install perimetersecuritysolutions. There are three types of network perimeter security: 1) Firewall – Prevents unauthorized Internetusers from accessing your private network via the Internet 2) Intrusion DetectionSystem – Monitors and reports on threats to your network 3) Intrusion Prevention Program – Stops threats as well as reports on them Use a spam filter. You can either install spam filtering software on your computer or network server or buy a dedicated appliance or outsource spam filtering to an online service provider. Backupyour important data. Identify the vital data you need to protect. Then choose from offline and online data backup solutions to ensure the security and availability of your critical business information. Seta backup schedule and test your solutions regularly. Encrypt your files,hard drives and backup disks. Byencrypting your hardware and data, only people with a valid password will have access.
C.G.E. ICT – SIR JD March2, 2016 Set up a virtual private network (VPN). Bycreating a VPN, team members working from home or on the road using Wi-Fi in public won’t be exposingyour business to security threats. Automate securityupdates. Byenabling auto updates, your computer will always have the most recentform of software and anti-virus programs installed. Restricttotal access.Don’t give all team members universal access to everypart of your network. Protect sensitive files and databases with passwords that only your key people know. Monitor network traffic. Install software or hardware that keeps an eye on who’s visiting which sites and which of your computers they’re using. Reviewyoursecurity periodically.Stayaware of new security threats and improved solutions by visiting your security software/service vendor websites. Don’t host your business website.Consider using a website hosting service that will take care of your website’s security needs and provide redundancy,which will allow your website to be properly restored if attacked. IV. Identify safeguards against hardware theft and vandalism 1) Real time location systems (RTLS) for high-risk or high-value items allow the user to always know the whereabouts of their hardware. 2) Physical accesscontrols, such as locked doors and windows, are a good way to protect a mass amount of hardware equipment. 3) Installation and use of alarm systems that go off when someone enters a room. 4) Physical security devices,suchas cables, that allow a user to lock their equipment to a desk, drawer or eventhe floor. This does not prevent vandalism though unfortunately. 5) Mini-securitysystems for mobile devices, such as a shutting down of the device or sounding an alarm if the device moves outside a certain distance. 6) Locking of hard disks, with a cable,requiry of a card to slide in a card reader or finger print scans and encryption of data. 7) Implementing the requiry of a password or biometrics, to unlock mobile devices.
C.G.E. ICT – SIR JD March2, 2016 V. Explainthe ways software manufacturers protect against software piracy 1) Issue a license agreement A license agreementis the right to use the software. A license agreementis a legal agreementthat grants someone permission to use something trademarked, copyrighted or otherwise protected in specificcircumstances. Usually this right is givenwhen the person has bought the software therefore licensing agreementsare essentially permission slips that describe authorized use of the subject of the license.When people install software on their computers, they must review a legal document describing how the software can be used. 2) Require a product activation Product activation is the procedure by which a piece of software or operating system is proven to be legitimately installed. VI. Discusshow encryption works,and explainwhy it is necessary Encryption works by scrambling the original message with a verylarge digital number (key). This is done using advanced mathematics. Commercial-level encryption uses 128 bit key that is very,very hard to crack. The computer receivingthe message knows the digital key and so is able to work out the original message. Encryption is extremelyimportant for e-commerce asit allows confidential information such as your credit card details to be sent safely to the online shop you are visiting.
C.G.E. ICT – SIR JD March2, 2016 COMPUTER SECURITY AND PRIVACY PART 2 I. Discussthe types of devicesavailable that protect computers from system failure 1) A surge protector Also called a surge suppressor, this device is able to protect against system failure because it uses special electrical components to smooth out minor noises, provide a stable current flow and keep an under voltage from reaching the computer and other electronic components. 2) An uninterruptible power supply (UPS) A UPS connects between your computer and a power source. It is a device that contains surge protection circuits and one or more batteries that can provide power during a temporary or permanent loss of power. There are two types of UPS: standby (also called offline), which switches to battery power when a problem occurs in the power line. The second type is online, which always runs off the battery in order to provide continuous protection. II. Explainthe options available for backingup computer resources BACKUP DISCS – Back up your files using CDs and DVDs CONVENTIONALEXTERNALDRIVE– Backup your files using USBand externalhard disk drives which canstore a huge amount of data NETWORK-ATTACHED STORAGE/WINDOWSHOMESERVER -usinga drive that's attached through your network can make the data accessible across all of your computers and also allow all of your computers to back up data onto a single unit ONLINE SERVICES(i.e.DROPBOX)- Online data backup is generally pretty reliable, and by virtue of being online, the data is accessible to you from just about anywhere RAID or Redundant Array of IndependentDisks - It involves using multiple hard drives in a single computer and having thempresented to the operating system as a single drive, and can be good for keeping data safe from drive failure or evenimproving overall system performance.
C.G.E. ICT – SIR JD March2, 2016 III. Identify risks and safeguards associated with wirelesscommunications Signal strength.In general,the closer the user is to the access point, the stronger the signal and the faster the transfer rate. Rogue (unauthorized) accesspoints may or may not be in the same facility as authorized devices. Users should know that signal strength alone, is not sufficient to determine authorized networks. Manual connection. Portable devices such as laptops and handhelds should be configured so that they do not automatically connectto wireless networks. A manual process helps ensure that the device connectsto the appropriate wireless network. Legitimate network. Since Wi-Fi signals can travel a long distance, users should check with the management of the facility that provides the connectivity to ensure they are connectingto the appropriate network. Unauthorized "evil twin" networks can capture logon credentials and other sensitive information. Encryption. There are many different types of encryption methods usedto secure wireless networks. Wired Equivalent Privacy (WEP) is the oldest and least preferred. Wi- Fi Protected Access(WPA) is newer and offers better protection. WPA2 is the newest and should be used if possible. Users should use Virtual Private Network (VPN) when connectingto corporate systems. Shouldersurfing. Ensure that others cannot obtain the user's ID and password as it is typed. In addition, sensitive information should not be able to be read on the screen by unauthorized personnel. Screenaware.Usersshould look at the address bar URL. This will help protect against phishing attacks. Secure pagestypically have a URL starting with https and include a secure page notification such as a lock. Firewalls. Firewalls help restrict traffic to and from the device. Users should ensure the firewall is turned on so it can actively protect the device. Patch management. Users should ensure that operating system and security protection software is patched and up-to-date. Ensure browsers and updates to third party software packages are applied in a timely manner. Critical updates should be tested and applied as soon as possible. Battery saver. Portable devicesconstantly search for available networks. Users can increase battery life by turning off Wi-Fi when it isn't needed. This also helps ensure that an intruder can't connectto the device. Incident management. Users should inform the appropriate personnel if theybelieve they logged into the wrong network, sensitive information such as their ID/password was compromised, their device was lost or stolen, etc.
C.G.E. ICT – SIR JD March2, 2016 IV. Discussways to prevent health-relateddisordersand injuriesdue to computer use • Whenyou are typing, your keyboard should be at elbow level and your mouse should be close to your body. • Your computer screen or monitor has to be at, or slightly below, your eye level with the screenabout an arm's length away from your eyes. • Frequently used items should not be more than 45cms away from you. • Whensitting at a computer desk,you should place your feetflat on the floor with thighs parallel to the floor. • Sit up straight and try to maintain the sitting posture of an S-shaped spine, not a C-shaped one. Adjust the backrest if necessary,to support your lower back. • Many with RSI symptoms report theyfeel less pain when typing, compared to when using a mouse. Use keyboard shortcuts as often as possible. • Whenusing a laptop it can help to plug in an attachable keyboard so that the screencan be positioned at an appropriate height. • Keepyour hands warm. Working in a cold environment increases chancesof hand pain and stiffness. If you can’t control the temperature, rub your palms against eachother vigorously when you feel them growing cold. • Take frequent breaks to stretch and relax—momentary breaks everynow and then to relax and longer breaks once everyhour or so, for stretching. • Whenyou are not typing, your wrists should not rest on the keyboard, should not be bent up or down or to the side. • Increase your font sizesso you don’t have to read things pressurizing the nervesand blood vessels in the neck and shoulders. • Try to reduce computer usage. Replace some emailmessages with phone calls or personal interactionwherever possible. Cut down on computer games or pause the game every3-4 minutes.
C.G.E. ICT – SIR JD March2, 2016 V. Recognize issuesrelatedto information accuracy,intellectualproperty rights,codes of conduct, and greencomputing Information Accuracy The issues: 1. The accuracyof computer input, do not assume that info is correct because it’s on the web. Users should evaluate this information before relying on its content. 2. Some individuals and organization ask questions about the ethics of using computers to alter output, primarily graphical output such as retouched photo. IntellectualProperty Rights Intellectual property rights are the rights to which a creator is entitled to his or her work. The issue: People illegaly acquire software, movies and music. The issues with copyright led to developing DRM(Digital rights management) to prevent illegal distribution of movies, music, etc. Codes of Conduct It is a written guideline that helps determine whether a specific computer action is ethical or unethical. GreenComputing It involves reducing electricityand environmental waste while using computer. The ENERGY STARprogram was developed to help reduce the amount of elecritcity used by computers & other related devices.This program encouragesmanufacturers to create energyefficient devicesthat require little power when they’re not used. VI. Discussissues surrounding information privacy Information Privacy is the right of individuals and companies to deny or restrict collection and use of information about them.  Electronic Profile – It is the data collected when you fill out form on web. Merchantssell your electronic profile.  Cookies – It is a small text file on your computer that contains data about you:user preferences,interests,browsing habits and how you regularly visit web sites  Spam – unsolicited e-mail message sent to many recipients
C.G.E. ICT – SIR JD March2, 2016  Scam – perpetrator sends an official looking e-mail that attempts to obtain your personal and financial information. SOURCES http://www.wong-sir.com/cit/social_impacts/computer_security_risks.htm https://grayshelter.wordpress.com/2014/09/30/computer-security-risks-types-of-cybercrime- perpetrator/ https://grayshelter.wordpress.com/2014/09/30/various-internet-network-attacks-along-with-their- safeguards/ https://grayshelter.wordpress.com/2014/09/18/safeguards-against-hardware-theft-and-vandalism/ http://www.slideshare.net/hazirma/421-computer-security-risks-15398144 http://www.slideshare.net/PriSim/computer-security-threats-prevention https://cybersafety2014.wordpress.com/2014/09/25/how-do-software-manufacturers-protect-against- software-piracy/ http://www.teach-ict.com/technology_explained/encryption/encryption.html https://cybersafety2014.wordpress.com/2014/09/25/what-types-of-devices-are-available-to-protect- computers-from-system-failure/ http://www.storagereview.com/how_to_options_for_backing_up_your_computer http://www.altiusit.com/files/blog/Top10UserWiFiSafeguards.htm http://www.medindia.net/patients/lifestyleandwellness/computer-related-injuries-prevention.htm http://www.slideshare.net/samudin/computer-security-and-safety-ethics-privacy https://prezi.com/aladbfr3eqrb/recognize-issues-related-to-information-accuracy-intellectual- property-rights-codes-of-conduct-and-green-computing/

More Related Content

PPTX
CYBER SECURITY
Vaishak Chandran
 
PPTX
Malware ppt
Faiz Khan
 
PPTX
Types of Cyber Attacks
Rubal Sagwal
 
PPTX
Cyber security
Harsh verma
 
PPTX
Computer security threats & prevention
PriSim
 
PPTX
Cyber Crime and Security
Chitra Mudunuru
 
PPTX
Cyber Security A Challenges For Mankind
Saurabh Kheni
 
PPTX
Cyber Security
Vivek Agarwal
 
CYBER SECURITY
Vaishak Chandran
 
Malware ppt
Faiz Khan
 
Types of Cyber Attacks
Rubal Sagwal
 
Cyber security
Harsh verma
 
Computer security threats & prevention
PriSim
 
Cyber Crime and Security
Chitra Mudunuru
 
Cyber Security A Challenges For Mankind
Saurabh Kheni
 
Cyber Security
Vivek Agarwal
 

What's hot (20)

PPTX
Computer security risks
Aasim Mushtaq
 
PPTX
Cyber security
Samsil Arefin
 
PPTX
Cybercrime and Security
Noushad Hasan
 
PPTX
Cyber Security Presentation
HaniyaMaha
 
PPTX
Antivirus software
Shreya Singireddy
 
PPTX
Cyber security
Manjushree Mashal
 
PPTX
Computer virus
Kawsar Ahmed
 
PPTX
Cyber security
Sapna Patil
 
PPTX
Cyber security
Rishav Sadhu
 
PPTX
Cyber security presentation
sweetpeace1
 
PPTX
Hacking
Asma Khan
 
PPTX
MALWARE
Anupam Das
 
PDF
Cyber Security
Ramiro Cid
 
PPTX
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
Shivam Sahu
 
PPTX
Cyber security
Sajid Hasan
 
PPTX
Presentation on Ethical Hacking ppt
Shravan Sanidhya
 
PPTX
Internet security
Mohamed El-malki
 
PPTX
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
PPTX
Trojan virus & backdoors
Shrey Vyas
 
PPTX
Cyber security
ChethanMp7
 
Computer security risks
Aasim Mushtaq
 
Cyber security
Samsil Arefin
 
Cybercrime and Security
Noushad Hasan
 
Cyber Security Presentation
HaniyaMaha
 
Antivirus software
Shreya Singireddy
 
Cyber security
Manjushree Mashal
 
Computer virus
Kawsar Ahmed
 
Cyber security
Sapna Patil
 
Cyber security
Rishav Sadhu
 
Cyber security presentation
sweetpeace1
 
Hacking
Asma Khan
 
MALWARE
Anupam Das
 
Cyber Security
Ramiro Cid
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
Shivam Sahu
 
Cyber security
Sajid Hasan
 
Presentation on Ethical Hacking ppt
Shravan Sanidhya
 
Internet security
Mohamed El-malki
 
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Trojan virus & backdoors
Shrey Vyas
 
Cyber security
ChethanMp7
 
Ad

Similar to Computer security and privacy (20)

PPTX
Computer-Security.pptx
JoselitoJMebolos
 
PPTX
Network Security of Data Protection
UthsoNandy
 
DOCX
Chapter 10.0
Adebisi Tolulope
 
PPTX
Cyber security
Nimesh Gajjar
 
DOCX
Security and Ethical Challenges Contributors Kim Wanders.docx
fathwaitewalter
 
DOCX
Security and Ethical Challenges Contributors Kim Wanders.docx
edgar6wallace88877
 
PPT
Computer security and_privacy_2010-2011
lbcollins18
 
PPTX
Computer security and
Rana Usman Sattar
 
PDF
network_security.docx_2.pdf
ahmed53254
 
DOCX
Cat21:Development Mangement Information Systems
Simeon Ogao
 
PDF
Free Guide-to-cybersecurity-fundamentals.pdf
Varinder K
 
PPTX
Computer Security risks Shelly
Adeel Khurram
 
PDF
Type of Security Threats and its Prevention
ijsrd.com
 
PPTX
Computer Safety and Ethics.pptx
Khristine Botin
 
PPTX
CYBER SECURITY PPT.pptx CYBER SECURITY APPLICATION AND USAGE
badalkumarmuduli2023
 
PPTX
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
kris harden
 
PPTX
Ransomeware and malware power point presentation
Parrie Vittiadarane
 
DOC
Network Security Essentials for IT Professionals.doc
TCCI Computer Coaching
 
DOCX
Information security questions
gamemaker762
 
PPTX
3 Tips to Stay Safe Online in 2017
Bret Piatt
 
Computer-Security.pptx
JoselitoJMebolos
 
Network Security of Data Protection
UthsoNandy
 
Chapter 10.0
Adebisi Tolulope
 
Cyber security
Nimesh Gajjar
 
Security and Ethical Challenges Contributors Kim Wanders.docx
fathwaitewalter
 
Security and Ethical Challenges Contributors Kim Wanders.docx
edgar6wallace88877
 
Computer security and_privacy_2010-2011
lbcollins18
 
Computer security and
Rana Usman Sattar
 
network_security.docx_2.pdf
ahmed53254
 
Cat21:Development Mangement Information Systems
Simeon Ogao
 
Free Guide-to-cybersecurity-fundamentals.pdf
Varinder K
 
Computer Security risks Shelly
Adeel Khurram
 
Type of Security Threats and its Prevention
ijsrd.com
 
Computer Safety and Ethics.pptx
Khristine Botin
 
CYBER SECURITY PPT.pptx CYBER SECURITY APPLICATION AND USAGE
badalkumarmuduli2023
 
Check-Computer-Networks-to-Ensure-Safe-Operation-Johua-2nd.pptx
kris harden
 
Ransomeware and malware power point presentation
Parrie Vittiadarane
 
Network Security Essentials for IT Professionals.doc
TCCI Computer Coaching
 
Information security questions
gamemaker762
 
3 Tips to Stay Safe Online in 2017
Bret Piatt
 
Ad

More from eiramespi07 (20)

DOCX
Sample Learning Plan
eiramespi07
 
PDF
Calendar worksheets
eiramespi07
 
DOCX
Individualized Educational Plan (IEP)
eiramespi07
 
DOCX
Lesson plan about Shapes
eiramespi07
 
DOCX
PDSP sample
eiramespi07
 
DOCX
PROGRAMMING OF DEVELOPMENTALLY SEQUENTIAL PRIORITIES (PDSP)
eiramespi07
 
PPTX
The twelfth angel - Book Talk
eiramespi07
 
PPTX
Physical and Neurological Impairment
eiramespi07
 
DOCX
Botong Francisco Art Appreciation
eiramespi07
 
PPTX
Grit and growth mindset
eiramespi07
 
DOCX
Thank you mom
eiramespi07
 
DOCX
Developmental Comparison
eiramespi07
 
DOCX
Sample Letter Request for Additional Units for Working Scholars
eiramespi07
 
DOCX
Outstanding Metrobank Teachers
eiramespi07
 
DOCX
I have a Dream Analysis by Martin Luther King
eiramespi07
 
DOCX
50 educational quotes
eiramespi07
 
DOCX
10 Blind/Deaf People Who Changed the World
eiramespi07
 
PPT
Pakikipagpanayam
eiramespi07
 
PPTX
Pakikipagpanayam
eiramespi07
 
PPTX
Theories of play
eiramespi07
 
Sample Learning Plan
eiramespi07
 
Calendar worksheets
eiramespi07
 
Individualized Educational Plan (IEP)
eiramespi07
 
Lesson plan about Shapes
eiramespi07
 
PDSP sample
eiramespi07
 
PROGRAMMING OF DEVELOPMENTALLY SEQUENTIAL PRIORITIES (PDSP)
eiramespi07
 
The twelfth angel - Book Talk
eiramespi07
 
Physical and Neurological Impairment
eiramespi07
 
Botong Francisco Art Appreciation
eiramespi07
 
Grit and growth mindset
eiramespi07
 
Thank you mom
eiramespi07
 
Developmental Comparison
eiramespi07
 
Sample Letter Request for Additional Units for Working Scholars
eiramespi07
 
Outstanding Metrobank Teachers
eiramespi07
 
I have a Dream Analysis by Martin Luther King
eiramespi07
 
50 educational quotes
eiramespi07
 
10 Blind/Deaf People Who Changed the World
eiramespi07
 
Pakikipagpanayam
eiramespi07
 
Pakikipagpanayam
eiramespi07
 
Theories of play
eiramespi07
 

Recently uploaded (20)

PDF
📍 LABUAN4D EXCLUSIVE SERVER STAR GAMING ASIA NO.1 TERPOPULER DI INDONESIA ! 🌟
alexiskandar061
 
PPTX
IPCNA VIRTUAL CLASSES INTERMEDIATE 6 PROJECT.pptx
AldoCharaRojas
 
PDF
Understand the Gitlab_presentation_task.pdf
ruhinisiyara
 
PDF
Uptota Investor Deck - Where Africa Meets Blockchain
jjc123linkedin
 
PPT
12 Things That Make People Trust a Website Instantly
Shethil Ahammed
 
PPTX
Layers_of_the_Earth_Grade7.pptx class by
varadhanvara05
 
PPTX
Introduction to cybersecurity and digital nettiquette
shanefrancisjavier21
 
PDF
Top 8 Trusted Sources to Buy Verified Cash App Accounts.pdf
How To Buy Verified Cash App Accounts
 
PDF
Containerization lab dddddddddddddddmanual.pdf
muler161921
 
PPTX
curriculumandpedagogyinearlychildhoodcurriculum-171021103104 - Copy.pptx
HeneszaAvenido1
 
PDF
BIOCHEM CH2 OVERVIEW OF MICROBIOLOGY.pdf
tbasharababneh
 
PDF
Session 1 (Week 1)fghjmgfdsfgthyjkhfdsadfghjkhgfdsa
ssuser25df8b
 
PDF
Exploring VPS Hosting Trends for SMBs in 2025
Liquid Web
 
PPTX
Internet Safety for Seniors presentation
mwnorman1
 
PDF
Buy Cash App Verified Accounts Instantly – Secure Crypto Deal.pdf
pvaonit
 
PDF
Exploring The Internet Of Things(IOT).ppt
rakeshk19831911
 
PPTX
newyork.pptxirantrafgshenepalchinachinane
PrashantKoirala12
 
PDF
Lean-Manufacturing-Tools-Techniques-and-How-To-Use-Them.pdf
Turreteng
 
PPTX
Database Information System - Management Information System
faizhossain3
 
PDF
Alethe Consulting Corporate Profile and Solution Aproach
debashisrakshit2025
 
📍 LABUAN4D EXCLUSIVE SERVER STAR GAMING ASIA NO.1 TERPOPULER DI INDONESIA ! 🌟
alexiskandar061
 
IPCNA VIRTUAL CLASSES INTERMEDIATE 6 PROJECT.pptx
AldoCharaRojas
 
Understand the Gitlab_presentation_task.pdf
ruhinisiyara
 
Uptota Investor Deck - Where Africa Meets Blockchain
jjc123linkedin
 
12 Things That Make People Trust a Website Instantly
Shethil Ahammed
 
Layers_of_the_Earth_Grade7.pptx class by
varadhanvara05
 
Introduction to cybersecurity and digital nettiquette
shanefrancisjavier21
 
Top 8 Trusted Sources to Buy Verified Cash App Accounts.pdf
How To Buy Verified Cash App Accounts
 
Containerization lab dddddddddddddddmanual.pdf
muler161921
 
curriculumandpedagogyinearlychildhoodcurriculum-171021103104 - Copy.pptx
HeneszaAvenido1
 
BIOCHEM CH2 OVERVIEW OF MICROBIOLOGY.pdf
tbasharababneh
 
Session 1 (Week 1)fghjmgfdsfgthyjkhfdsadfghjkhgfdsa
ssuser25df8b
 
Exploring VPS Hosting Trends for SMBs in 2025
Liquid Web
 
Internet Safety for Seniors presentation
mwnorman1
 
Buy Cash App Verified Accounts Instantly – Secure Crypto Deal.pdf
pvaonit
 
Exploring The Internet Of Things(IOT).ppt
rakeshk19831911
 
newyork.pptxirantrafgshenepalchinachinane
PrashantKoirala12
 
Lean-Manufacturing-Tools-Techniques-and-How-To-Use-Them.pdf
Turreteng
 
Database Information System - Management Information System
faizhossain3
 
Alethe Consulting Corporate Profile and Solution Aproach
debashisrakshit2025
 

Computer security and privacy

  • 1. C.G.E. ICT – SIR JD March2, 2016 COMPUTER SECURITY AND PRIVACY PART 1 I. Define the term,computer securityrisks,and brieflydescribe the types of cybercrime perpetrators A computer securityriskis any event or action that could cause a loss or damage to computer hardware, software, data, or information. TYPES OF CYBERCRIME PERPETRATORS Corporatespy– a person hired by an organization to break into another organization’s specific computer and steal its proprietary data and information, or to help identify security risks within their own organization. The hiring of a corporate spy is called corporate espionage. Cracker – someone who accessesa computer or network illegally, with the intent of destroying data, stealing information, or any other malicious action. A cracker usually has advanced network skills. Cyberextortionist– aperson who uses e-mails as their drive force for extortion. A cyberextortionist usually performs actions, such as threatening to expose confidential information about a company, unless they are paid a certain sum of money. Cyberterrorist– someone who uses the internet or a network to destroy or damage computers for political reasons.Cyberterrorists are also associated with cyberwarfare,which is describedas an attack whose goal ranges from disabling a government’scomputer network to crippling a country. Hacker – a person who accessesa computer or network illegally. Some hackers make a claim or justify their intent for hacking, are to improve security. Scriptkiddie– someone who has the same intent as a cracker but does not have the technical expertise,so in turn use pre-writtenhacking andcracking programs to breach computers or networks. Unethicalemployee– employeesmay break into their employer’s computer or network maybe either to simply exploit a security weakness or to seek financial gains from selling confidential information. Some employees may just want revenge (GrayShelter).
  • 2. C.G.E. ICT – SIR JD March2, 2016 II. Describe varioustypes of Internet and network attacks, and identify ways to safeguard against these attacks An internetor network attack is when someone accessesanother person’s computer via the internet or their network to gain information for their own personal agenda or just to destroy their data. TYPES OF INTERNET or NETWORK ATTACK 1) Malware(Malicioussoftware)– aprogram that act without a user’s knowledge and deliberately alter the computer operation. Types: a) computervirus–a program that are designedto affect, or infect a computer negatively by altering how the computer works without the user’sknowledge or permission b) worm–aprogram that copies itself repeatedly c) Trojan Horse–aprogram that hides within or looks like a legitimate program, but executeswhena certain condition or action is triggered. d) Rootkit– program that hides in a computer and allows someone from a remote location to take full control of the computer. e) Spyware– a program placed on a computer without the user’s knowledge that secretly collects information about the user f) Adware – a program that displays an online advertisement in a banner or a pop-up window on web pages,e-mail messagesor other internet services 2) Botnets - a group of compromised computers connectedto a network such as the Internet that are used as part of a network that attacks other networks, usually for nefarious purposes. 3) BackDoor - A program or set of instructions in a program that allow users to bypass security controls when accessinga program, computer, or network 4) Denialof ServiceAttacks or DoS attack - is an assault whose purpose is to disrupt computer accessto an Internet service such as the Web or e-mail. 5) Spoofing- A technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network.
  • 3. C.G.E. ICT – SIR JD March2, 2016 These are precautions and measures that canbe taken to prevent an attack: 1). Not starting a computer with removablemedia insertedin the drives or plugged in the ports. 2). Neveropeningane-mailattachment unless the attachment is expectedandis from a trusted source. 3). Setting a computer’s macrosecuritylevel to high, in software and programs, and that macros are only enabled from programs of a trusted source. 4). Installing and frequently updating of anti-virusprogramsandsoftware. 5). Enabling of a computer’sfirewall as this prevents a computer from having hackers or malicious software from gain accessthrough the internet or network. 6).Installing intrusiondetectionsoftware;which analyzes all network traffic, assesses system vulnerabilities, identifies any unauthorized intrusions, and notifies network administrators of suspicious behavior patterns or system breaches. 7). Using a honeypot; a purposely vulnerable computer that is set up to entice an intruder to break into it. III. Discusstechniquesto prevent unauthorizedcomputer accessand use Identify your weaknesses. Make sure every entry point is securedwith passwords and encryption. Install anti-virussoftware on your computers. Invest in an anti-virus program to prevent malware attacks on your system. Install perimetersecuritysolutions. There are three types of network perimeter security: 1) Firewall – Prevents unauthorized Internetusers from accessing your private network via the Internet 2) Intrusion DetectionSystem – Monitors and reports on threats to your network 3) Intrusion Prevention Program – Stops threats as well as reports on them Use a spam filter. You can either install spam filtering software on your computer or network server or buy a dedicated appliance or outsource spam filtering to an online service provider. Backupyour important data. Identify the vital data you need to protect. Then choose from offline and online data backup solutions to ensure the security and availability of your critical business information. Seta backup schedule and test your solutions regularly. Encrypt your files,hard drives and backup disks. Byencrypting your hardware and data, only people with a valid password will have access.
  • 4. C.G.E. ICT – SIR JD March2, 2016 Set up a virtual private network (VPN). Bycreating a VPN, team members working from home or on the road using Wi-Fi in public won’t be exposingyour business to security threats. Automate securityupdates. Byenabling auto updates, your computer will always have the most recentform of software and anti-virus programs installed. Restricttotal access.Don’t give all team members universal access to everypart of your network. Protect sensitive files and databases with passwords that only your key people know. Monitor network traffic. Install software or hardware that keeps an eye on who’s visiting which sites and which of your computers they’re using. Reviewyoursecurity periodically.Stayaware of new security threats and improved solutions by visiting your security software/service vendor websites. Don’t host your business website.Consider using a website hosting service that will take care of your website’s security needs and provide redundancy,which will allow your website to be properly restored if attacked. IV. Identify safeguards against hardware theft and vandalism 1) Real time location systems (RTLS) for high-risk or high-value items allow the user to always know the whereabouts of their hardware. 2) Physical accesscontrols, such as locked doors and windows, are a good way to protect a mass amount of hardware equipment. 3) Installation and use of alarm systems that go off when someone enters a room. 4) Physical security devices,suchas cables, that allow a user to lock their equipment to a desk, drawer or eventhe floor. This does not prevent vandalism though unfortunately. 5) Mini-securitysystems for mobile devices, such as a shutting down of the device or sounding an alarm if the device moves outside a certain distance. 6) Locking of hard disks, with a cable,requiry of a card to slide in a card reader or finger print scans and encryption of data. 7) Implementing the requiry of a password or biometrics, to unlock mobile devices.
  • 5. C.G.E. ICT – SIR JD March2, 2016 V. Explainthe ways software manufacturers protect against software piracy 1) Issue a license agreement A license agreementis the right to use the software. A license agreementis a legal agreementthat grants someone permission to use something trademarked, copyrighted or otherwise protected in specificcircumstances. Usually this right is givenwhen the person has bought the software therefore licensing agreementsare essentially permission slips that describe authorized use of the subject of the license.When people install software on their computers, they must review a legal document describing how the software can be used. 2) Require a product activation Product activation is the procedure by which a piece of software or operating system is proven to be legitimately installed. VI. Discusshow encryption works,and explainwhy it is necessary Encryption works by scrambling the original message with a verylarge digital number (key). This is done using advanced mathematics. Commercial-level encryption uses 128 bit key that is very,very hard to crack. The computer receivingthe message knows the digital key and so is able to work out the original message. Encryption is extremelyimportant for e-commerce asit allows confidential information such as your credit card details to be sent safely to the online shop you are visiting.
  • 6. C.G.E. ICT – SIR JD March2, 2016 COMPUTER SECURITY AND PRIVACY PART 2 I. Discussthe types of devicesavailable that protect computers from system failure 1) A surge protector Also called a surge suppressor, this device is able to protect against system failure because it uses special electrical components to smooth out minor noises, provide a stable current flow and keep an under voltage from reaching the computer and other electronic components. 2) An uninterruptible power supply (UPS) A UPS connects between your computer and a power source. It is a device that contains surge protection circuits and one or more batteries that can provide power during a temporary or permanent loss of power. There are two types of UPS: standby (also called offline), which switches to battery power when a problem occurs in the power line. The second type is online, which always runs off the battery in order to provide continuous protection. II. Explainthe options available for backingup computer resources BACKUP DISCS – Back up your files using CDs and DVDs CONVENTIONALEXTERNALDRIVE– Backup your files using USBand externalhard disk drives which canstore a huge amount of data NETWORK-ATTACHED STORAGE/WINDOWSHOMESERVER -usinga drive that's attached through your network can make the data accessible across all of your computers and also allow all of your computers to back up data onto a single unit ONLINE SERVICES(i.e.DROPBOX)- Online data backup is generally pretty reliable, and by virtue of being online, the data is accessible to you from just about anywhere RAID or Redundant Array of IndependentDisks - It involves using multiple hard drives in a single computer and having thempresented to the operating system as a single drive, and can be good for keeping data safe from drive failure or evenimproving overall system performance.
  • 7. C.G.E. ICT – SIR JD March2, 2016 III. Identify risks and safeguards associated with wirelesscommunications Signal strength.In general,the closer the user is to the access point, the stronger the signal and the faster the transfer rate. Rogue (unauthorized) accesspoints may or may not be in the same facility as authorized devices. Users should know that signal strength alone, is not sufficient to determine authorized networks. Manual connection. Portable devices such as laptops and handhelds should be configured so that they do not automatically connectto wireless networks. A manual process helps ensure that the device connectsto the appropriate wireless network. Legitimate network. Since Wi-Fi signals can travel a long distance, users should check with the management of the facility that provides the connectivity to ensure they are connectingto the appropriate network. Unauthorized "evil twin" networks can capture logon credentials and other sensitive information. Encryption. There are many different types of encryption methods usedto secure wireless networks. Wired Equivalent Privacy (WEP) is the oldest and least preferred. Wi- Fi Protected Access(WPA) is newer and offers better protection. WPA2 is the newest and should be used if possible. Users should use Virtual Private Network (VPN) when connectingto corporate systems. Shouldersurfing. Ensure that others cannot obtain the user's ID and password as it is typed. In addition, sensitive information should not be able to be read on the screen by unauthorized personnel. Screenaware.Usersshould look at the address bar URL. This will help protect against phishing attacks. Secure pagestypically have a URL starting with https and include a secure page notification such as a lock. Firewalls. Firewalls help restrict traffic to and from the device. Users should ensure the firewall is turned on so it can actively protect the device. Patch management. Users should ensure that operating system and security protection software is patched and up-to-date. Ensure browsers and updates to third party software packages are applied in a timely manner. Critical updates should be tested and applied as soon as possible. Battery saver. Portable devicesconstantly search for available networks. Users can increase battery life by turning off Wi-Fi when it isn't needed. This also helps ensure that an intruder can't connectto the device. Incident management. Users should inform the appropriate personnel if theybelieve they logged into the wrong network, sensitive information such as their ID/password was compromised, their device was lost or stolen, etc.
  • 8. C.G.E. ICT – SIR JD March2, 2016 IV. Discussways to prevent health-relateddisordersand injuriesdue to computer use • Whenyou are typing, your keyboard should be at elbow level and your mouse should be close to your body. • Your computer screen or monitor has to be at, or slightly below, your eye level with the screenabout an arm's length away from your eyes. • Frequently used items should not be more than 45cms away from you. • Whensitting at a computer desk,you should place your feetflat on the floor with thighs parallel to the floor. • Sit up straight and try to maintain the sitting posture of an S-shaped spine, not a C-shaped one. Adjust the backrest if necessary,to support your lower back. • Many with RSI symptoms report theyfeel less pain when typing, compared to when using a mouse. Use keyboard shortcuts as often as possible. • Whenusing a laptop it can help to plug in an attachable keyboard so that the screencan be positioned at an appropriate height. • Keepyour hands warm. Working in a cold environment increases chancesof hand pain and stiffness. If you can’t control the temperature, rub your palms against eachother vigorously when you feel them growing cold. • Take frequent breaks to stretch and relax—momentary breaks everynow and then to relax and longer breaks once everyhour or so, for stretching. • Whenyou are not typing, your wrists should not rest on the keyboard, should not be bent up or down or to the side. • Increase your font sizesso you don’t have to read things pressurizing the nervesand blood vessels in the neck and shoulders. • Try to reduce computer usage. Replace some emailmessages with phone calls or personal interactionwherever possible. Cut down on computer games or pause the game every3-4 minutes.
  • 9. C.G.E. ICT – SIR JD March2, 2016 V. Recognize issuesrelatedto information accuracy,intellectualproperty rights,codes of conduct, and greencomputing Information Accuracy The issues: 1. The accuracyof computer input, do not assume that info is correct because it’s on the web. Users should evaluate this information before relying on its content. 2. Some individuals and organization ask questions about the ethics of using computers to alter output, primarily graphical output such as retouched photo. IntellectualProperty Rights Intellectual property rights are the rights to which a creator is entitled to his or her work. The issue: People illegaly acquire software, movies and music. The issues with copyright led to developing DRM(Digital rights management) to prevent illegal distribution of movies, music, etc. Codes of Conduct It is a written guideline that helps determine whether a specific computer action is ethical or unethical. GreenComputing It involves reducing electricityand environmental waste while using computer. The ENERGY STARprogram was developed to help reduce the amount of elecritcity used by computers & other related devices.This program encouragesmanufacturers to create energyefficient devicesthat require little power when they’re not used. VI. Discussissues surrounding information privacy Information Privacy is the right of individuals and companies to deny or restrict collection and use of information about them.  Electronic Profile – It is the data collected when you fill out form on web. Merchantssell your electronic profile.  Cookies – It is a small text file on your computer that contains data about you:user preferences,interests,browsing habits and how you regularly visit web sites  Spam – unsolicited e-mail message sent to many recipients
  • 10. C.G.E. ICT – SIR JD March2, 2016  Scam – perpetrator sends an official looking e-mail that attempts to obtain your personal and financial information. SOURCES http://www.wong-sir.com/cit/social_impacts/computer_security_risks.htm https://grayshelter.wordpress.com/2014/09/30/computer-security-risks-types-of-cybercrime- perpetrator/ https://grayshelter.wordpress.com/2014/09/30/various-internet-network-attacks-along-with-their- safeguards/ https://grayshelter.wordpress.com/2014/09/18/safeguards-against-hardware-theft-and-vandalism/ http://www.slideshare.net/hazirma/421-computer-security-risks-15398144 http://www.slideshare.net/PriSim/computer-security-threats-prevention https://cybersafety2014.wordpress.com/2014/09/25/how-do-software-manufacturers-protect-against- software-piracy/ http://www.teach-ict.com/technology_explained/encryption/encryption.html https://cybersafety2014.wordpress.com/2014/09/25/what-types-of-devices-are-available-to-protect- computers-from-system-failure/ http://www.storagereview.com/how_to_options_for_backing_up_your_computer http://www.altiusit.com/files/blog/Top10UserWiFiSafeguards.htm http://www.medindia.net/patients/lifestyleandwellness/computer-related-injuries-prevention.htm http://www.slideshare.net/samudin/computer-security-and-safety-ethics-privacy https://prezi.com/aladbfr3eqrb/recognize-issues-related-to-information-accuracy-intellectual- property-rights-codes-of-conduct-and-green-computing/