SlideShare a Scribd company logo

PST SC015 Chapter 4 Comp. Ethics and Security 2017/2018

Download as PPTX, PDF
Fizaril Amzari Omar, profile picture
Fizaril Amzari Omar

This document discusses computer ethics and security. It covers netiquette, areas of computer ethics including information accuracy, green computing, codes of conduct, information privacy and intellectual property. It also discusses computer security risks such as malicious code, unauthorized access, hardware/software theft, information theft and system failure. Security measures to address these risks include data backup, cryptography, anti-virus software, firewalls and physical/digital access controls.

Education
1 of 66
Downloaded 65 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
1 Chapter Four 4.1 Computer Ethics 4.1.1 Netiquette 4.1.2 Areas of computer ethics 4.2 Computer Security 4.2.1 Computer Security Risks 4.2.2 Security Measures Computer Ethics and Security
2 4.1 Computer Ethics Netiquette Netiquette is code of acceptable behaviors users should follow while on the Internet Area of Computer Ethics Computer ethics are the moral guidelines that govern the use of computers and information system Areas of Computer Ethics 1. Information Accuracy 2. Green Computing 3. Codes of Conduct 4. Information privacy 5. Intellectual Property
3 4.1.2 Computer Security Computer Security Risk / Threat Security Measure / Safeguard A computer security risk is any event or action that could cause a loss of or damage to computer hardware, Types of computer security risk 1. Malicious code 2. Unauthorized access and used 3. Hardware theft 4. Software theft 5. Information theft 6. System failure Ways to overcome security risks Types of security measure 1. data backup 2. cryptography 3. Anti-virus 4. Anti-spyware 5. Firewall 6. Physical access control 7. Human aspects : awareness 8. Related security risks with its measure
1 Chapter Four Computer Ethics and Security 4.1.1 Netiquette At the end of this topic, students should be able to: a) Identify the rules of netiquette
• is code of acceptable behaviors users should follow while on the Internet • is short for net etiquette, refers to etiquette on the internet • is the term for politeness when using the internet • Good netiquette involves respecting other’s privacy • Golden Rule: Treat others as you would like them to treat you. 2 Netiquette
Netiquette includes rules for all areas of the Internet, including: • World Wide Web • E-mail • Instant Messaging • Chat Rooms • File Transfer Protocol • Newsgroups and Message boards. 3 Netiquette Areas
4 1. Keep Messages brief : Use proper grammar, spelling, and punctuation. 2. Be careful when using sarcasm and humor : it might be misinterpreted. 3. Be polite : Avoid offensive language. 4. Read the message before you send it. 5. Be clear : Make sure subject lines (email) or page title (web page) reflects your content 6. Avoid sending or posting flames : which are abusive or insulting messages. 7. Do not participate in flame wars, which are exchanges of flames. 8. Identify yourself 9. Respect other’s privacy Netiquette Rules While Using E-mail, Chat Room and Newsgroup
5 10. Avoid sending spam, which is the Internet’s version of junk mail. Spam is an unsolicited e-mail message or newsgroup posting sent to many recipients or newsgroups at once. 11. Do not use all capital letters, which is the equivalent of SHOUTING! 11. Clearly identify a spoiler , which is a message that reveals a solution to a game or ending to a movie or program 12. Use emoticons to express emotion. Popular emoticons include; :) Smile :| Indifference :o Surprised :( Frown : Undecided 13. Use abbreviations and acronyms for phrases: btw - by the way imho - in my humble opinion fyi - for your information ttfn - ta ta for now fwiw - for what it’s worth tyvm - thank you very much Rules While Using E-mail, Chat Room and Newsgroup Netiquette
6 14. Read the FAQ (Frequently Asked Questions) . 15. Do not assume material is accurate or up-to-date. 16. Never reads others e-mails. Netiquette
1 Chapter Four Computer Ethics and Security 4.1.2 Areas of Computer Ethics At the end of this topic, students should be able to: a) Define computer ethics b) Describe areas of computer ethics
Define Computer Ethics 4 2 Computer ethics are the moral guidelines that govern the use of computers and information system.
Areas of Computer Ethics 4 2 Areas Description Information accuracy is a concern : not all information on the web is correct Green computing involves reducing the electricity and environmental waste while using a computer Codes of conduct is a written guideline that helps determine wether a specific computer action is ethical or unethical Information privacy refers to the right of individuals and companies to deny or restrict the collection and use if information about them Intellectual property Intellectual property - unique and original works Intellectual property rights - are the rights to which creators are entitled for their work
Areas of Computer Ethics 4 3 1.Information Accuracy Information accuracy is a concern ● not all information on the web is correct
Areas of Computer Ethics 4 4 2. Green Computing ● involves reducing the electricity and environmental waste while using a computer
Areas of Computer Ethics 4 5 1 Use computers and devices that comply with *ENERGY STAR program 2 Do not leave the computer running overnight 3 Turn off the monitor, printer, and other devices when not in use 4 Use LCD monitors instead of CRT monitors 5 Use paperless methods to communicate * ENERGY STAR Program was created to help identify the best ways to save energy. The little blue label says this product, this home, this building or factory is doing the right things to save. And energystar.gov offers the most comprehensive resource available for energy efficiency advice and information. 2. Green Computing : Suggestion
Areas of Computer Ethics 4 6 6 Recycle paper 7 Buy recycled paper 8 Recycle toner cartridges 9 Recycle old computers, printers and other devices 10 Telecommute to save gas 11 use video conferencing and VoIP for meetings 2. Green Computing : Suggestion
Areas of Computer Ethics 4 7 3. Code of Conduct ● An IT code of conduct is a written guideline that helps determine whether a specific computer action is ethical or unethical
4 8 1 Computers may not be used to harm other people 2 Employees may not interfere with others’ computer network 3 Employees may not meddle in others’ computer files 4 Computers may not be used to steal 5 Computers may not to bear false witness 6 Employees may not copy or use software illegally 7 Employees may not use others’ computer resources without authorization Areas of Computer Ethics 3. Code of Conduct
4 9 7 Employees may not use others’ computer resources without authorization 8 Employees may not use others’ intellectual property as their own 9 Employees shall consider that social impact of programs and system they design 10 Employees always should be use computers in way that demonstrates consideration and respect for fellow human Areas of Computer Ethics 3. Code of Conduct
Areas of Computer Ethics 4 10 4. Information Privacy ● refers to the right of individuals and companies to deny or restrict the collection and use if information about them ● Huge database store data online ● It is important to safeguard your information
4 11 How to Safeguards Personal Information 1 Fill in only necessary information on rebate, warranty, and registration forms 2 Do not reprint your telephone number or Social Security number on personal checks 3 Have an unlisted or unpublished telephone numbers 4 if caller ID is available in your area, find out how to block your number from displaying on the receiver’s system 5 Do not write your telephone number on charge or credit receipts 6 Ask merchants not to write credit card numbers, telephone numbers, Social Security numbers and driver’s license numbers on the back of your personal checks Areas of Computer Ethics 4. Information Privacy
4 12 How to Safeguards Personal Information 7 Purchase goods with cash, rather than credit or checks 8 Avoid shopping club and buyer cards 9 If merchants ask personal questions, find out why they want to know before releasing the information 10 Inform merchants that you do not want them to distribute your personal information 11 Request in writing to be removed from mailing list 12 Obtain your credit report once a year from each of the three major credit reporting agencies and correct any errors 13 Request a free copy of your medical records once a year from the Medical Information Bureau Areas of Computer Ethics 4. Information Privacy
4 13 How to Safeguards Personal Information 14 Limit the amount of information you provide to websites. Fill in only required information. 15 Install a cookie manager to filter cookies. 16 Clear your history file when you are finished browsing. 17 Set up a free email account. Use this e-mail address for merchant forms. 18 Turn off file and printer sharing on your Internet connection. 19 Install a personal firewall. 20 Sign up for email filtering through your Internet access provider or use an anti-spam program such as Brightmall. 21 Do not reply to spam for any reason. Areas of Computer Ethics 4. Information Privacy
4 14 Terms Description Cookie Are used to identify users by webcasting, e- commerce and other web application. Eg : store users’ password Spam Unsolicited email sent to a consumer without the consumer's prior request or consent E-mail filtering Blocks email messages from designated sources Anti-spam programs attempt to remove spam before it reaches your inbox Areas of Computer Ethics 4. Information Privacy : Terms
4 15 Terms Description Phishing An act of sending an email and claiming to be legitimate organization but is not genuine or fake. Pharming Is a cyber attack: redirect users to a fake website Spoofing Technique that make their network or Internet transmission appear legitimate to a victim computer or network. Includes : email spoofing, IP spoofing Areas of Computer Ethics 4. Information Privacy : Terms
Areas of Computer Ethics 4 16 5. Intellectual Property ● Intellectual property (IP) - unique and original works (Eg : ideas, inventions, arts, writings, products, logos) ● Intellectual property rights - are the rights to which creators are entitled for their work
Areas of Computer Ethics 4 17 5. Intellectual Property : Importance The importance Intellectual property ● to protect the original creation from individuals ● to preserve features and process that make thing work (inventor will therefore benefits - get a profit, from their work)
Areas of Computer Ethics 4 18 5. Intellectual Property : Types Types of IP Description Patent A patent is an exclusive right granted for an invention, which is a product or process that provides a new way of doing something, or offers a new technical solution to a problem Trademark A trademark is a word, phrase, symbol, or design that distinguishes the goods or services of one trader from its competitors. It includes words, logos, pictures, names, letters, numbers or a combination of these Copyright A legal term that describe the right given to the creator for their literary and artistic works.Copyrights protect original works of authorship, such as literary works, music, dramatic works, pantomimes and choreographic works, sculptural, pictorial, and graphic works, sound recordings, artistic works, architectural works, and computer software.
1 Chapter Four Computer Ethics and Security 4.2.1 Computer Security Risk At the end of this topic, students should be able to: a) Define computer risks b) Identify types of security risks
●A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data and information. 2 Computer Security Risk
3 Types of Computer Security Risk Types Description Malicious code Program that act without user’s knowledge and deliberately alter the computer’s operation Unauthorized access and used Unauthorized access : the use of a computer or network without permission Unauthorized use : is the use of a computer or its data for unapproved or possibly illegal activities Hardware theft The act of stealing computer equipment Software theft Occurs when someone steal software media / intentionally erase programs / illegally copies a program / illegally registered and/or activates a program Information theft Occurs when someone steals personal or confidential information System failure Is the prolonged malfunction of a computer
4 4 Category Description Hackers illegally accessed computers to learn more about them, or to find security holes in the computer or the network to which it’s attached Crackers refers to a person who intentionally accesses a computer, or network of computers, for evil reasons – typically, with the intent of destroying and/or stealing information Script Kiddies have very limited computer skills and can be quite immature Perpetrator ● a person who carries out a harmful illegal or immoral activity ● a cyber crime is any intentional breach in computer security via the Internet, or some other illegal act facilitated by the Internet
4 5 Terms Description Corporate Spies have excellent network skills and are hired to break into a specific computer and steal property data and information, or to help identify security risks in their own organization Unethical Employees break into their employers’ computers for a variety of reasons, some simply want to exploit a security weakness and others seek financial gains from selling confidential information Cyber Extortionist use e-mails as vehicles for extortion Cyberterrorist uses the internet or network to destroy or damage computers for political reasons Perpetrator
● Classified as malware (short for malicious software) ● Malware : program that act without user’s knowledge and deliberately alter the computer’s operation 6 Computer Security Risk 1. Malicious Code
7 Computer Security Risk 1. Malicious Code : Type Types Description Virus Affects a computer negatively by altering the way computer works Worm Copies itself repeatedly, using up resources and possibly shutting down the computer or network Trojan Horse Programs that hides within or looks like a legitimate program Rootkit Program that hides in a computer and allows someone from a remote location to take full control Spyware Exploits infected computers for commercial gain or information theft without user knowledge Ad-ware Software that display advertisements
8 Computer Security Risk 1. Malicious Code : Type Types Description Botnet is a group of compromised computers (known as zombie) connected to a network Denial of services (DoS attack) Disrupts computer access to Internet services Back Door Is a program or set of instructions in a program that allow users to bypass security control Spoofing Is a technique intruders use to make their network or internet transmission appear legitimate
● OS runs much slower than usual ● Available memory is less than expected ● Files become corrupted ● Screen displays unusual message or image ● Music or unusual sound plays randomly ● Existing programs and files disappear ● Programs or files do not work properly ● Unknown programs or files mysteriously appear ● System properties change ● OS does not start up ● OS shuts down unexpectedly 9 Computer Security Risk 1. Malicious Code : Symptom
10 Computer Security Risk 1. Malicious Code : Effect Type Effect Trojan Horse Virus Worm ● Affects computer negatively by alter the computer’s operation to cause damage to computer Spyware Ad-ware Rootkits Botnet Denial of Services Phishing Spoofing Pharming ● Enable access to a computer or areas of its software without user knowledge ● Purpose information theft ● Attack Network and Internet
● Never start a computer with removable media inserted in the drives or plugged in the ports, unless the media uninfected ● Never open an e-mail attachment unless you are expecting it and it is from a trusted source ● Install an antivirus program on all of your computers. Update the software and the virus signature files regularly ● Scan all downloaded programs / removeable media for viruses or other malware ● Install a personal firewall 11 Computer Security Risk 1. Malicious Code : Tips for Preventing
● Use firewall : Firewall is a hardware / software that protect a network’s resources from intrusion by users on another network (Eg : Internet) ● Install an Intrusion Detection Software (IDS) : IDS is used as an alternative for building a shield around the network ● Set-up honeypots : designed to attract the hackers to attack the system ● Install anti-virus ● Backup regularly (Human aspect awareness) ● Install anti-spyware 12 Computer Security Risk 1. Malicious Code : Security Measure
● Unauthorized access : the use of a computer or network without permission Unauthorized use : is the use of a computer or its data for unapproved or possibly illegal activities 13 Computer Security Risk 2. Unauthorized Access and Use
● Use access control - defines who can access a computer ➔ Identification : process to verifies the validity of a user (Eg : username) ➔ Authentication : process to verifies the individuals is the person he/she claims to be (Eg : password) ● Physical access control : lock the doors, windows, store in locked drawer ● Digital access control : lock screen by using password ● Human aspect awareness : don’t click / open suspicious web, email, spam (to avoid phishing and pharming) 14 Computer Security Risk 2. Unauthorized Access and Use : Security Measure
● Authentication : process where users verify their identity ➔ Biometric device : device that translates personal characteristics into a digital code ➔ Callback system : the checking system that authenticates the user ● Verification : the act of proving or disproving the correctness of a system with respect to a certain formal specification ➔ User identification : something you know (have to remember) such as PIN number or password ➔ Possessed object : something you have (an object) such as ATM card, credit card, smart card 15 Computer Security Risk 2. Unauthorized Access and Use : Authentication and Verification Technologies
● Hardware theft : is the act of stealing computer equipment ● Hardware vandalism : is the act of defacing or destroying computer equipment 16 Computer Security Risk 3. Hardware Theft
● Physical access awareness ➔lock room / cabinet / drawer ➔Install alarm system ● Digital access control ➔use password, possessed object, biometric device 17 Computer Security Risk 3. Hardware Theft : Security Measure
● Software theft occurs when someone ➔Steal software media ➔Intentionally erases programs ➔Illegally copies a program ➔Illegally registers and/or activates a program 18 Computer Security Risk 4. Software Theft
● Human aspect awareness : use license agreement, lock software media in drawer ● Physical access control : lock room 19 Computer Security Risk 4. Software Theft : Security Measure
● Information theft occurs when someone steals personal or confidential information 20 Computer Security Risk 5. Information Theft
● Cryptography : to avoid spoofing ● Physical access control : to avoid stealing hardware ● Scan by using anti-virus regularly : to avoid malware, spyware, adware, rootkits ● Install anti-spyware : to avoid malware, spyware, adware, rootkits ● Use access control : such as identification and authentication ● Human aspect awareness : don’t click / open suspicious web, email, spam (to avoid phishing and pharming) 21 Computer Security Risk 5. Information Theft : Security Measure
● System failure is the prolonged malfunction of a computer ● Factors that can lead to system failure : ➔Aging hardware ➔Natural disaster : such flood, earthquake, fire ➔Electrical power problems : noise, undervoltages and overvoltages ➔Errors in computer program 22 Computer Security Risk 6. System Failure
● Data backup ● Human aspect awareness : ➔ Use AVR (Automatic Voltage Regulator) : to maintain constant voltage and power line ➔ Use UPS (Uninterruptable Power Supply) : provides emergency power to a load when the input power source or mains power fails ➔ Surge protector : shields computer and other electronic devices from sudden power in electrical power, or transient voltage, that flow from the power supply ➔ Put your computer in safe/lock place, schedule maintenance 23 Computer Security Risk 6. System Failure : Security Measure
1 Chapter Four Computer Ethics and Security 4.2.2 Security Measure At the end of this topic, students should be able to: a) Identify different ways to overcome security risks
2 Types of Security Measure Types Description Data Backup is a duplicate a file, program or disk (in another storage) that can be used if the original is lost, damaged or destroyed Cryptography the technology study of encryption and decryption process (for secure communication) Antivirus program that protects computer against viruses. Anti spyware Program a software to detect and remove unwanted spyware programs. Firewall is hardware / software that protects a network’s resources from intrusion. Physical Access Control refers to the ability of people to physically gain access to a computer system
● Internet and Network attack ● Unauthorized access and used ● Theft : Hardware / software / Information ● System failure 3 Security Measure Common Security Risk
● A backup is a duplicate a file, program or disk that can be used if the original is lost, damaged or destroyed ● To backup file means to make a copy of it ● Offsite backups are stored in a location separate from the computer site ● Common security risk : ➔ Hardware theft ➔ Software theft ➔ Information theft ➔ System failure 4 Security Measure 1.Data Backup
● to protect information on the internet and networks, organizations and individuals use a variety of encryption techniques (written or generated codes that allows information to be kept secret) ● Cryptography is the study of encryption and decryption process (for secure communication) ➔ Encryption : converting readable data (plaintext) into unreadable characters (ciphertext) ➔ Decryption - converting unreadable data (plaintext) to its original data (plain text) ● Common security risk : ➔ Unauthorized access and used ➔ Information theft 6 Security Measure 2. Cryptography
7 Security Measure 2. Cryptography : Diagram
● Use to safeguard computer system from viruses and other malware ● Antivirus program - program that protects computer against viruses by identifying and removing any computer viruses found in memory, on storage media or incoming files ● Popular antivirus program - Kaspersky antivirus, Avast antivirus, CA antivirus, McAfee antivirus, AVG antivirus ● Common security risk : ➔ Malicious code ➔ Information theft ➔ Internet and network attack 9 Security Measure 3. Antivirus
● Is a type of software that is designed to detect and remove unwanted spyware programs. ● Spyware is a type of malware that is installed on a computer without the user's knowledge in order to collect information about them. ● Eg : Bitdefender, Norton Security, Spy Sweeper ● Common security risk : ➔ Internet and network attack 11 Security Measure 4. Anti Spyware
● Firewall is hardware / software that protects a network’s resources from intrusion. Eg : Windows firewall, Norton Personal Firewall ● Ensure all the network device and system protect by the firewall system that already installed by network administrator ● Common security risk : ➔ Unauthorized access and used ➔ Internet and network attack 13 Security Measure 5. Firewall
14 Security Measure 4. Comparison Firewall, IDS and Honeypot Firewall Intrusion Detection Software (IDS) Honeypot ● Analyzes all network traffic ● assesses system vulnerabilities ● Identifies any unauthorized intrusion ● Notifies network administrators of suspicious behaviour pattern or system breaches ● Vulnerable computer that is set up to entice the hackers to attack the system
● cabinets with lock, locked doors and windows - to protect software media from being stolen ● installing alarm system for additional security ● attach physical security devices such as cables that lock equipment to desk ● issue users license agreement to protect software from piracy 16 Security Measure 6. Physical Access Control
● Hardware theft ● Software theft ● Information theft ● Unauthorized access and used ● System failure 17 Security Measure 6. Physical Access Control : Common Security Risk
● cabinets with lock, locked doors and windows - to protect software media from being stolen ● installing alarm system for additional security ● attach physical security devices such as cables that lock equipment to desk ● issue users license agreement to protect software from piracy ● Expose employees or staff to computer security through continuously security training and courses ● Make a systematic routine check to update (security patches, virus definition) a computer system ● proper handling of computer and information 18 Security Measure 7. Human Aspect Awareness
● Internet and network attack ● Malicious code ● Unauthorized access and used ● Hardware theft ● Software theft ● Information theft ● System failure 19 Security Measure 7. Human Aspect Awareness : Common Security Risk
20 Security Measure 8. Relate Security Risks With Its Measure Security Risk / Threat Recommended Security Measure/ Safeguard Malicious code (Virus, Worm, Trojan) Install and scan by using Anti-virus regularly, install and scan by using Anti-spyware, install and turn on Firewall, Human aspect awareness Unauthorized access and use Physical access control, Use access control Human aspect awareness Hardware theft Physical access control, Human aspect awareness Software theft Physical access control, Human aspect awareness Information theft Cryptography, Physical access control Install and scan by using Anti-virus regularly, install and scan by using Anti-spyware, Human aspect awareness System failure Data backup regularly, Human aspect awareness

More Related Content

PPTX
Etika penggunaan internet
chokelatbella
 
PPTX
BAB 1 Pengenalan teknologi maklumat
Nur Salsabila Edu
 
DOC
Topik 4 pembiakan
smktsj2
 
DOC
Topik 1 fungsi (2)
ctsafinah
 
PPTX
Penyalahgunaan internet dan multimedia
Sherly Jewinly
 
PPTX
Sains komputer f4
ZahirahNatasya
 
PDF
Nota Subjek Sains Komputer Tingkatan 4 lengkap - SUBJEK MPEI
Madrasah Idrisiah
 
PPTX
Nota sejarah tingkatan 5 bab 8
عطيف مصطفى
 
Etika penggunaan internet
chokelatbella
 
BAB 1 Pengenalan teknologi maklumat
Nur Salsabila Edu
 
Topik 4 pembiakan
smktsj2
 
Topik 1 fungsi (2)
ctsafinah
 
Penyalahgunaan internet dan multimedia
Sherly Jewinly
 
Sains komputer f4
ZahirahNatasya
 
Nota Subjek Sains Komputer Tingkatan 4 lengkap - SUBJEK MPEI
Madrasah Idrisiah
 
Nota sejarah tingkatan 5 bab 8
عطيف مصطفى
 

What's hot (20)

PPT
cyber ethics
Alomgir Hossain
 
DOCX
Skema kertas model 9
Asmawi Abdullah
 
PDF
Etika penggunaan teknologi maklumat dan komunikasi secara beretika
MISS ESTHER
 
PDF
Contoh Penggunaan Teknologi Maklumat dan Komunikasi Secara Beretika
MISS ESTHER
 
DOC
Kekunci dikotomi (kumpulan kiew and ong)
Rosdi Ramli
 
PPT
Security Measure
syafiqa
 
PPTX
Geografi
Nurul Ain Kassim
 
PPTX
Sains dan teknologi dalam sistem biometrik
qashah09
 
DOCX
Borang soal selidik
Rosnani Ghazali
 
PPT
Merempit
Yfook Ng
 
PPTX
PERBEZAAN TABLET,LAPTOP DAN MOBILE
Shahril Majid
 
PPTX
Bab 7 bahan sintetik dalam industri
nevile86
 
PPTX
Sains tingkatan 3 sains bab 1 pengangkutan oksigen dalam badan manusia
zealot90
 
PPTX
3 komponen unit sistem
wazi musa
 
PPTX
Keperluan perisian
MUHAMMAD ISMAIL
 
DOCX
Kepentingan plbgaan..
education university sultan idris
 
PDF
Bab 1 Sosiologi Sukan
Sports Science at SMK Elopura
 
PPT
Keselamatan Komputer
amaniasraf
 
PPTX
Cabang-cabang falsafah menurut pandangan ahli falsafah barat
Fatin Ain Nabila
 
PPTX
Slot 1: Definisi & Sejarah Komputer
Ministry of Education Malaysia
 
cyber ethics
Alomgir Hossain
 
Skema kertas model 9
Asmawi Abdullah
 
Etika penggunaan teknologi maklumat dan komunikasi secara beretika
MISS ESTHER
 
Contoh Penggunaan Teknologi Maklumat dan Komunikasi Secara Beretika
MISS ESTHER
 
Kekunci dikotomi (kumpulan kiew and ong)
Rosdi Ramli
 
Security Measure
syafiqa
 
Geografi
Nurul Ain Kassim
 
Sains dan teknologi dalam sistem biometrik
qashah09
 
Borang soal selidik
Rosnani Ghazali
 
Merempit
Yfook Ng
 
PERBEZAAN TABLET,LAPTOP DAN MOBILE
Shahril Majid
 
Bab 7 bahan sintetik dalam industri
nevile86
 
Sains tingkatan 3 sains bab 1 pengangkutan oksigen dalam badan manusia
zealot90
 
3 komponen unit sistem
wazi musa
 
Keperluan perisian
MUHAMMAD ISMAIL
 
Kepentingan plbgaan..
education university sultan idris
 
Bab 1 Sosiologi Sukan
Sports Science at SMK Elopura
 
Keselamatan Komputer
amaniasraf
 
Cabang-cabang falsafah menurut pandangan ahli falsafah barat
Fatin Ain Nabila
 
Slot 1: Definisi & Sejarah Komputer
Ministry of Education Malaysia
 
Ad

Similar to PST SC015 Chapter 4 Comp. Ethics and Security 2017/2018 (20)

PPSX
Cyber Laws
Mukesh Tekwani
 
PPSX
Cyber laws
Mukesh Tekwani
 
PPTX
Computer ethics cyber security and technology of it
sr24production
 
PPT
Ethics in using computer
nurulafifa_matsaleh
 
PPTX
why ethics computer ethics 10 commandments.pptx
jennyJey2
 
PPTX
Introduction to Engineering and Profession Ethics Lecture9-Computer Ethics, P...
Dr. Khaled Bakro
 
PPTX
COMPUTER ETHICS.pptx
santosh26kumar2003
 
PPTX
Chapter 4 2016
Fizaril Amzari Omar
 
PPTX
Chapter 4 Computer Ethics and Security
Fizaril Amzari Omar
 
PPTX
INFORMATION AND COMMUNICATION TECHNOLOGY.pptx
michaelcalub3
 
PPT
4.1.1 areas of computer ethics
badak sumbu
 
PDF
Nfwordle
Nadine Fray
 
PPTX
ICT online tools & Internet Safety
Charina Mostierra
 
PPTX
Digital Safety, Data Privacy, and Online Netiquette
Gab Billones
 
PPTX
chapter 6 Ethics and Professionalism of ET.pptx
AmanuelZewdie4
 
PDF
8._safety_and_security.pdf
sula rekah govindan
 
PPTX
Digital_Cyber-Literacy-Group-2 Reporting.pptx
RoryMercury10
 
PPTX
chapter 5.pptxggggggggggggggggggggggggggg
adabotor7
 
PPTX
ComputingEthics.pptx
MuruganS82
 
PPTX
ICT 2.pptx
ChristineJoyMaranan2
 
Cyber Laws
Mukesh Tekwani
 
Cyber laws
Mukesh Tekwani
 
Computer ethics cyber security and technology of it
sr24production
 
Ethics in using computer
nurulafifa_matsaleh
 
why ethics computer ethics 10 commandments.pptx
jennyJey2
 
Introduction to Engineering and Profession Ethics Lecture9-Computer Ethics, P...
Dr. Khaled Bakro
 
COMPUTER ETHICS.pptx
santosh26kumar2003
 
Chapter 4 2016
Fizaril Amzari Omar
 
Chapter 4 Computer Ethics and Security
Fizaril Amzari Omar
 
INFORMATION AND COMMUNICATION TECHNOLOGY.pptx
michaelcalub3
 
4.1.1 areas of computer ethics
badak sumbu
 
Nfwordle
Nadine Fray
 
ICT online tools & Internet Safety
Charina Mostierra
 
Digital Safety, Data Privacy, and Online Netiquette
Gab Billones
 
chapter 6 Ethics and Professionalism of ET.pptx
AmanuelZewdie4
 
8._safety_and_security.pdf
sula rekah govindan
 
Digital_Cyber-Literacy-Group-2 Reporting.pptx
RoryMercury10
 
chapter 5.pptxggggggggggggggggggggggggggg
adabotor7
 
ComputingEthics.pptx
MuruganS82
 
ICT 2.pptx
ChristineJoyMaranan2
 
Ad

More from Fizaril Amzari Omar (20)

PDF
Chapter 7 Information System
Fizaril Amzari Omar
 
PDF
Chapter 6 Database SC025 2017/2018
Fizaril Amzari Omar
 
PDF
Chapter 5 Multimedia SC025 2017/2018
Fizaril Amzari Omar
 
PPTX
PST SC015 Chapter 2 Computer System 2017/2018
Fizaril Amzari Omar
 
PPTX
PDT DC015 Chapter 2 Computer System 2017/2018 (m)
Fizaril Amzari Omar
 
PPTX
PDT DC015 Chapter 2 Computer System 2017/2018 (k)
Fizaril Amzari Omar
 
PPTX
PDT DC015 Chapter 2 Computer System 2017/2018 (j)
Fizaril Amzari Omar
 
PPTX
PDT DC015 Chapter 2 Computer System 2017/2018 (i)
Fizaril Amzari Omar
 
PPTX
PDT DC015 Chapter 2 Computer System 2017/2018 (g)
Fizaril Amzari Omar
 
PPTX
PDT DC015 Chapter 2 Computer System 2017/2018 (f)
Fizaril Amzari Omar
 
PPTX
PDT DC015 Chapter 2 Computer System 2017/2018 (e)
Fizaril Amzari Omar
 
PPTX
PDT DC015 Chapter 2 Computer System 2017/2018 (d)
Fizaril Amzari Omar
 
PPTX
PDT DC015 Chapter 2 System Concept 2017/2018 (a)
Fizaril Amzari Omar
 
PPTX
PST SC015 Chapter 3 Internet Technology (V) 2017/2018
Fizaril Amzari Omar
 
PPTX
PST SC015 Chapter 3 Internet Technology (IV) 2017/2018
Fizaril Amzari Omar
 
PPTX
PST SC015 Chapter 3 Internet Technology (II) 2017/2018
Fizaril Amzari Omar
 
PPTX
PST SC015 Chapter 3 Internet Technology (II) 2017/2018
Fizaril Amzari Omar
 
PPTX
PST SC015 Chapter 3 Internet Technology (I) 2017/2018
Fizaril Amzari Omar
 
PPTX
PST SC015 Chapter 2 Computer System (IV) 2017/2018
Fizaril Amzari Omar
 
PPTX
PST SC015 Chapter 2 Computer System (III) 2017/2018
Fizaril Amzari Omar
 
Chapter 7 Information System
Fizaril Amzari Omar
 
Chapter 6 Database SC025 2017/2018
Fizaril Amzari Omar
 
Chapter 5 Multimedia SC025 2017/2018
Fizaril Amzari Omar
 
PST SC015 Chapter 2 Computer System 2017/2018
Fizaril Amzari Omar
 
PDT DC015 Chapter 2 Computer System 2017/2018 (m)
Fizaril Amzari Omar
 
PDT DC015 Chapter 2 Computer System 2017/2018 (k)
Fizaril Amzari Omar
 
PDT DC015 Chapter 2 Computer System 2017/2018 (j)
Fizaril Amzari Omar
 
PDT DC015 Chapter 2 Computer System 2017/2018 (i)
Fizaril Amzari Omar
 
PDT DC015 Chapter 2 Computer System 2017/2018 (g)
Fizaril Amzari Omar
 
PDT DC015 Chapter 2 Computer System 2017/2018 (f)
Fizaril Amzari Omar
 
PDT DC015 Chapter 2 Computer System 2017/2018 (e)
Fizaril Amzari Omar
 
PDT DC015 Chapter 2 Computer System 2017/2018 (d)
Fizaril Amzari Omar
 
PDT DC015 Chapter 2 System Concept 2017/2018 (a)
Fizaril Amzari Omar
 
PST SC015 Chapter 3 Internet Technology (V) 2017/2018
Fizaril Amzari Omar
 
PST SC015 Chapter 3 Internet Technology (IV) 2017/2018
Fizaril Amzari Omar
 
PST SC015 Chapter 3 Internet Technology (II) 2017/2018
Fizaril Amzari Omar
 
PST SC015 Chapter 3 Internet Technology (II) 2017/2018
Fizaril Amzari Omar
 
PST SC015 Chapter 3 Internet Technology (I) 2017/2018
Fizaril Amzari Omar
 
PST SC015 Chapter 2 Computer System (IV) 2017/2018
Fizaril Amzari Omar
 
PST SC015 Chapter 2 Computer System (III) 2017/2018
Fizaril Amzari Omar
 

Recently uploaded (20)

PDF
2.FourierTransform-ShortQuestionswithAnswers.pdf
Raji Murugan
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PPTX
Introduction to Child Health Nursing – Unit I | Child Health Nursing I | B.Sc...
RAKESH SAJJAN
 
PDF
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
PPTX
Institutional Correction lecture only . . .
limvtheghins
 
PDF
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
PPTX
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
PDF
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PPTX
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
PDF
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
PDF
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
PDF
Basic Mud Logging Guide for educational purpose
wdandworks
 
PPTX
The Healthy Child – Unit II | Child Health Nursing I | B.Sc Nursing 5th Semester
RAKESH SAJJAN
 
PDF
Pre independence Education in Inndia.pdf
goofy5603
 
PPTX
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
PPTX
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 
PDF
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
PDF
Business Ethics Teaching Materials for college
CynthiaCastillo40
 
PPTX
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
2.FourierTransform-ShortQuestionswithAnswers.pdf
Raji Murugan
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
Introduction to Child Health Nursing – Unit I | Child Health Nursing I | B.Sc...
RAKESH SAJJAN
 
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
Institutional Correction lecture only . . .
limvtheghins
 
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
Basic Mud Logging Guide for educational purpose
wdandworks
 
The Healthy Child – Unit II | Child Health Nursing I | B.Sc Nursing 5th Semester
RAKESH SAJJAN
 
Pre independence Education in Inndia.pdf
goofy5603
 
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
Business Ethics Teaching Materials for college
CynthiaCastillo40
 
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 

PST SC015 Chapter 4 Comp. Ethics and Security 2017/2018

  • 1. 1 Chapter Four 4.1 Computer Ethics 4.1.1 Netiquette 4.1.2 Areas of computer ethics 4.2 Computer Security 4.2.1 Computer Security Risks 4.2.2 Security Measures Computer Ethics and Security
  • 2. 2 4.1 Computer Ethics Netiquette Netiquette is code of acceptable behaviors users should follow while on the Internet Area of Computer Ethics Computer ethics are the moral guidelines that govern the use of computers and information system Areas of Computer Ethics 1. Information Accuracy 2. Green Computing 3. Codes of Conduct 4. Information privacy 5. Intellectual Property
  • 3. 3 4.1.2 Computer Security Computer Security Risk / Threat Security Measure / Safeguard A computer security risk is any event or action that could cause a loss of or damage to computer hardware, Types of computer security risk 1. Malicious code 2. Unauthorized access and used 3. Hardware theft 4. Software theft 5. Information theft 6. System failure Ways to overcome security risks Types of security measure 1. data backup 2. cryptography 3. Anti-virus 4. Anti-spyware 5. Firewall 6. Physical access control 7. Human aspects : awareness 8. Related security risks with its measure
  • 4. 1 Chapter Four Computer Ethics and Security 4.1.1 Netiquette At the end of this topic, students should be able to: a) Identify the rules of netiquette
  • 5. • is code of acceptable behaviors users should follow while on the Internet • is short for net etiquette, refers to etiquette on the internet • is the term for politeness when using the internet • Good netiquette involves respecting other’s privacy • Golden Rule: Treat others as you would like them to treat you. 2 Netiquette
  • 6. Netiquette includes rules for all areas of the Internet, including: • World Wide Web • E-mail • Instant Messaging • Chat Rooms • File Transfer Protocol • Newsgroups and Message boards. 3 Netiquette Areas
  • 7. 4 1. Keep Messages brief : Use proper grammar, spelling, and punctuation. 2. Be careful when using sarcasm and humor : it might be misinterpreted. 3. Be polite : Avoid offensive language. 4. Read the message before you send it. 5. Be clear : Make sure subject lines (email) or page title (web page) reflects your content 6. Avoid sending or posting flames : which are abusive or insulting messages. 7. Do not participate in flame wars, which are exchanges of flames. 8. Identify yourself 9. Respect other’s privacy Netiquette Rules While Using E-mail, Chat Room and Newsgroup
  • 8. 5 10. Avoid sending spam, which is the Internet’s version of junk mail. Spam is an unsolicited e-mail message or newsgroup posting sent to many recipients or newsgroups at once. 11. Do not use all capital letters, which is the equivalent of SHOUTING! 11. Clearly identify a spoiler , which is a message that reveals a solution to a game or ending to a movie or program 12. Use emoticons to express emotion. Popular emoticons include; :) Smile :| Indifference :o Surprised :( Frown : Undecided 13. Use abbreviations and acronyms for phrases: btw - by the way imho - in my humble opinion fyi - for your information ttfn - ta ta for now fwiw - for what it’s worth tyvm - thank you very much Rules While Using E-mail, Chat Room and Newsgroup Netiquette
  • 9. 6 14. Read the FAQ (Frequently Asked Questions) . 15. Do not assume material is accurate or up-to-date. 16. Never reads others e-mails. Netiquette
  • 10. 1 Chapter Four Computer Ethics and Security 4.1.2 Areas of Computer Ethics At the end of this topic, students should be able to: a) Define computer ethics b) Describe areas of computer ethics
  • 11. Define Computer Ethics 4 2 Computer ethics are the moral guidelines that govern the use of computers and information system.
  • 12. Areas of Computer Ethics 4 2 Areas Description Information accuracy is a concern : not all information on the web is correct Green computing involves reducing the electricity and environmental waste while using a computer Codes of conduct is a written guideline that helps determine wether a specific computer action is ethical or unethical Information privacy refers to the right of individuals and companies to deny or restrict the collection and use if information about them Intellectual property Intellectual property - unique and original works Intellectual property rights - are the rights to which creators are entitled for their work
  • 13. Areas of Computer Ethics 4 3 1.Information Accuracy Information accuracy is a concern ● not all information on the web is correct
  • 14. Areas of Computer Ethics 4 4 2. Green Computing ● involves reducing the electricity and environmental waste while using a computer
  • 15. Areas of Computer Ethics 4 5 1 Use computers and devices that comply with *ENERGY STAR program 2 Do not leave the computer running overnight 3 Turn off the monitor, printer, and other devices when not in use 4 Use LCD monitors instead of CRT monitors 5 Use paperless methods to communicate * ENERGY STAR Program was created to help identify the best ways to save energy. The little blue label says this product, this home, this building or factory is doing the right things to save. And energystar.gov offers the most comprehensive resource available for energy efficiency advice and information. 2. Green Computing : Suggestion
  • 16. Areas of Computer Ethics 4 6 6 Recycle paper 7 Buy recycled paper 8 Recycle toner cartridges 9 Recycle old computers, printers and other devices 10 Telecommute to save gas 11 use video conferencing and VoIP for meetings 2. Green Computing : Suggestion
  • 17. Areas of Computer Ethics 4 7 3. Code of Conduct ● An IT code of conduct is a written guideline that helps determine whether a specific computer action is ethical or unethical
  • 18. 4 8 1 Computers may not be used to harm other people 2 Employees may not interfere with others’ computer network 3 Employees may not meddle in others’ computer files 4 Computers may not be used to steal 5 Computers may not to bear false witness 6 Employees may not copy or use software illegally 7 Employees may not use others’ computer resources without authorization Areas of Computer Ethics 3. Code of Conduct
  • 19. 4 9 7 Employees may not use others’ computer resources without authorization 8 Employees may not use others’ intellectual property as their own 9 Employees shall consider that social impact of programs and system they design 10 Employees always should be use computers in way that demonstrates consideration and respect for fellow human Areas of Computer Ethics 3. Code of Conduct
  • 20. Areas of Computer Ethics 4 10 4. Information Privacy ● refers to the right of individuals and companies to deny or restrict the collection and use if information about them ● Huge database store data online ● It is important to safeguard your information
  • 21. 4 11 How to Safeguards Personal Information 1 Fill in only necessary information on rebate, warranty, and registration forms 2 Do not reprint your telephone number or Social Security number on personal checks 3 Have an unlisted or unpublished telephone numbers 4 if caller ID is available in your area, find out how to block your number from displaying on the receiver’s system 5 Do not write your telephone number on charge or credit receipts 6 Ask merchants not to write credit card numbers, telephone numbers, Social Security numbers and driver’s license numbers on the back of your personal checks Areas of Computer Ethics 4. Information Privacy
  • 22. 4 12 How to Safeguards Personal Information 7 Purchase goods with cash, rather than credit or checks 8 Avoid shopping club and buyer cards 9 If merchants ask personal questions, find out why they want to know before releasing the information 10 Inform merchants that you do not want them to distribute your personal information 11 Request in writing to be removed from mailing list 12 Obtain your credit report once a year from each of the three major credit reporting agencies and correct any errors 13 Request a free copy of your medical records once a year from the Medical Information Bureau Areas of Computer Ethics 4. Information Privacy
  • 23. 4 13 How to Safeguards Personal Information 14 Limit the amount of information you provide to websites. Fill in only required information. 15 Install a cookie manager to filter cookies. 16 Clear your history file when you are finished browsing. 17 Set up a free email account. Use this e-mail address for merchant forms. 18 Turn off file and printer sharing on your Internet connection. 19 Install a personal firewall. 20 Sign up for email filtering through your Internet access provider or use an anti-spam program such as Brightmall. 21 Do not reply to spam for any reason. Areas of Computer Ethics 4. Information Privacy
  • 24. 4 14 Terms Description Cookie Are used to identify users by webcasting, e- commerce and other web application. Eg : store users’ password Spam Unsolicited email sent to a consumer without the consumer's prior request or consent E-mail filtering Blocks email messages from designated sources Anti-spam programs attempt to remove spam before it reaches your inbox Areas of Computer Ethics 4. Information Privacy : Terms
  • 25. 4 15 Terms Description Phishing An act of sending an email and claiming to be legitimate organization but is not genuine or fake. Pharming Is a cyber attack: redirect users to a fake website Spoofing Technique that make their network or Internet transmission appear legitimate to a victim computer or network. Includes : email spoofing, IP spoofing Areas of Computer Ethics 4. Information Privacy : Terms
  • 26. Areas of Computer Ethics 4 16 5. Intellectual Property ● Intellectual property (IP) - unique and original works (Eg : ideas, inventions, arts, writings, products, logos) ● Intellectual property rights - are the rights to which creators are entitled for their work
  • 27. Areas of Computer Ethics 4 17 5. Intellectual Property : Importance The importance Intellectual property ● to protect the original creation from individuals ● to preserve features and process that make thing work (inventor will therefore benefits - get a profit, from their work)
  • 28. Areas of Computer Ethics 4 18 5. Intellectual Property : Types Types of IP Description Patent A patent is an exclusive right granted for an invention, which is a product or process that provides a new way of doing something, or offers a new technical solution to a problem Trademark A trademark is a word, phrase, symbol, or design that distinguishes the goods or services of one trader from its competitors. It includes words, logos, pictures, names, letters, numbers or a combination of these Copyright A legal term that describe the right given to the creator for their literary and artistic works.Copyrights protect original works of authorship, such as literary works, music, dramatic works, pantomimes and choreographic works, sculptural, pictorial, and graphic works, sound recordings, artistic works, architectural works, and computer software.
  • 29. 1 Chapter Four Computer Ethics and Security 4.2.1 Computer Security Risk At the end of this topic, students should be able to: a) Define computer risks b) Identify types of security risks
  • 30. ●A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data and information. 2 Computer Security Risk
  • 31. 3 Types of Computer Security Risk Types Description Malicious code Program that act without user’s knowledge and deliberately alter the computer’s operation Unauthorized access and used Unauthorized access : the use of a computer or network without permission Unauthorized use : is the use of a computer or its data for unapproved or possibly illegal activities Hardware theft The act of stealing computer equipment Software theft Occurs when someone steal software media / intentionally erase programs / illegally copies a program / illegally registered and/or activates a program Information theft Occurs when someone steals personal or confidential information System failure Is the prolonged malfunction of a computer
  • 32. 4 4 Category Description Hackers illegally accessed computers to learn more about them, or to find security holes in the computer or the network to which it’s attached Crackers refers to a person who intentionally accesses a computer, or network of computers, for evil reasons – typically, with the intent of destroying and/or stealing information Script Kiddies have very limited computer skills and can be quite immature Perpetrator ● a person who carries out a harmful illegal or immoral activity ● a cyber crime is any intentional breach in computer security via the Internet, or some other illegal act facilitated by the Internet
  • 33. 4 5 Terms Description Corporate Spies have excellent network skills and are hired to break into a specific computer and steal property data and information, or to help identify security risks in their own organization Unethical Employees break into their employers’ computers for a variety of reasons, some simply want to exploit a security weakness and others seek financial gains from selling confidential information Cyber Extortionist use e-mails as vehicles for extortion Cyberterrorist uses the internet or network to destroy or damage computers for political reasons Perpetrator
  • 34. ● Classified as malware (short for malicious software) ● Malware : program that act without user’s knowledge and deliberately alter the computer’s operation 6 Computer Security Risk 1. Malicious Code
  • 35. 7 Computer Security Risk 1. Malicious Code : Type Types Description Virus Affects a computer negatively by altering the way computer works Worm Copies itself repeatedly, using up resources and possibly shutting down the computer or network Trojan Horse Programs that hides within or looks like a legitimate program Rootkit Program that hides in a computer and allows someone from a remote location to take full control Spyware Exploits infected computers for commercial gain or information theft without user knowledge Ad-ware Software that display advertisements
  • 36. 8 Computer Security Risk 1. Malicious Code : Type Types Description Botnet is a group of compromised computers (known as zombie) connected to a network Denial of services (DoS attack) Disrupts computer access to Internet services Back Door Is a program or set of instructions in a program that allow users to bypass security control Spoofing Is a technique intruders use to make their network or internet transmission appear legitimate
  • 37. ● OS runs much slower than usual ● Available memory is less than expected ● Files become corrupted ● Screen displays unusual message or image ● Music or unusual sound plays randomly ● Existing programs and files disappear ● Programs or files do not work properly ● Unknown programs or files mysteriously appear ● System properties change ● OS does not start up ● OS shuts down unexpectedly 9 Computer Security Risk 1. Malicious Code : Symptom
  • 38. 10 Computer Security Risk 1. Malicious Code : Effect Type Effect Trojan Horse Virus Worm ● Affects computer negatively by alter the computer’s operation to cause damage to computer Spyware Ad-ware Rootkits Botnet Denial of Services Phishing Spoofing Pharming ● Enable access to a computer or areas of its software without user knowledge ● Purpose information theft ● Attack Network and Internet
  • 39. ● Never start a computer with removable media inserted in the drives or plugged in the ports, unless the media uninfected ● Never open an e-mail attachment unless you are expecting it and it is from a trusted source ● Install an antivirus program on all of your computers. Update the software and the virus signature files regularly ● Scan all downloaded programs / removeable media for viruses or other malware ● Install a personal firewall 11 Computer Security Risk 1. Malicious Code : Tips for Preventing
  • 40. ● Use firewall : Firewall is a hardware / software that protect a network’s resources from intrusion by users on another network (Eg : Internet) ● Install an Intrusion Detection Software (IDS) : IDS is used as an alternative for building a shield around the network ● Set-up honeypots : designed to attract the hackers to attack the system ● Install anti-virus ● Backup regularly (Human aspect awareness) ● Install anti-spyware 12 Computer Security Risk 1. Malicious Code : Security Measure
  • 41. ● Unauthorized access : the use of a computer or network without permission Unauthorized use : is the use of a computer or its data for unapproved or possibly illegal activities 13 Computer Security Risk 2. Unauthorized Access and Use
  • 42. ● Use access control - defines who can access a computer ➔ Identification : process to verifies the validity of a user (Eg : username) ➔ Authentication : process to verifies the individuals is the person he/she claims to be (Eg : password) ● Physical access control : lock the doors, windows, store in locked drawer ● Digital access control : lock screen by using password ● Human aspect awareness : don’t click / open suspicious web, email, spam (to avoid phishing and pharming) 14 Computer Security Risk 2. Unauthorized Access and Use : Security Measure
  • 43. ● Authentication : process where users verify their identity ➔ Biometric device : device that translates personal characteristics into a digital code ➔ Callback system : the checking system that authenticates the user ● Verification : the act of proving or disproving the correctness of a system with respect to a certain formal specification ➔ User identification : something you know (have to remember) such as PIN number or password ➔ Possessed object : something you have (an object) such as ATM card, credit card, smart card 15 Computer Security Risk 2. Unauthorized Access and Use : Authentication and Verification Technologies
  • 44. ● Hardware theft : is the act of stealing computer equipment ● Hardware vandalism : is the act of defacing or destroying computer equipment 16 Computer Security Risk 3. Hardware Theft
  • 45. ● Physical access awareness ➔lock room / cabinet / drawer ➔Install alarm system ● Digital access control ➔use password, possessed object, biometric device 17 Computer Security Risk 3. Hardware Theft : Security Measure
  • 46. ● Software theft occurs when someone ➔Steal software media ➔Intentionally erases programs ➔Illegally copies a program ➔Illegally registers and/or activates a program 18 Computer Security Risk 4. Software Theft
  • 47. ● Human aspect awareness : use license agreement, lock software media in drawer ● Physical access control : lock room 19 Computer Security Risk 4. Software Theft : Security Measure
  • 48. ● Information theft occurs when someone steals personal or confidential information 20 Computer Security Risk 5. Information Theft
  • 49. ● Cryptography : to avoid spoofing ● Physical access control : to avoid stealing hardware ● Scan by using anti-virus regularly : to avoid malware, spyware, adware, rootkits ● Install anti-spyware : to avoid malware, spyware, adware, rootkits ● Use access control : such as identification and authentication ● Human aspect awareness : don’t click / open suspicious web, email, spam (to avoid phishing and pharming) 21 Computer Security Risk 5. Information Theft : Security Measure
  • 50. ● System failure is the prolonged malfunction of a computer ● Factors that can lead to system failure : ➔Aging hardware ➔Natural disaster : such flood, earthquake, fire ➔Electrical power problems : noise, undervoltages and overvoltages ➔Errors in computer program 22 Computer Security Risk 6. System Failure
  • 51. ● Data backup ● Human aspect awareness : ➔ Use AVR (Automatic Voltage Regulator) : to maintain constant voltage and power line ➔ Use UPS (Uninterruptable Power Supply) : provides emergency power to a load when the input power source or mains power fails ➔ Surge protector : shields computer and other electronic devices from sudden power in electrical power, or transient voltage, that flow from the power supply ➔ Put your computer in safe/lock place, schedule maintenance 23 Computer Security Risk 6. System Failure : Security Measure
  • 52. 1 Chapter Four Computer Ethics and Security 4.2.2 Security Measure At the end of this topic, students should be able to: a) Identify different ways to overcome security risks
  • 53. 2 Types of Security Measure Types Description Data Backup is a duplicate a file, program or disk (in another storage) that can be used if the original is lost, damaged or destroyed Cryptography the technology study of encryption and decryption process (for secure communication) Antivirus program that protects computer against viruses. Anti spyware Program a software to detect and remove unwanted spyware programs. Firewall is hardware / software that protects a network’s resources from intrusion. Physical Access Control refers to the ability of people to physically gain access to a computer system
  • 54. ● Internet and Network attack ● Unauthorized access and used ● Theft : Hardware / software / Information ● System failure 3 Security Measure Common Security Risk
  • 55. ● A backup is a duplicate a file, program or disk that can be used if the original is lost, damaged or destroyed ● To backup file means to make a copy of it ● Offsite backups are stored in a location separate from the computer site ● Common security risk : ➔ Hardware theft ➔ Software theft ➔ Information theft ➔ System failure 4 Security Measure 1.Data Backup
  • 56. ● to protect information on the internet and networks, organizations and individuals use a variety of encryption techniques (written or generated codes that allows information to be kept secret) ● Cryptography is the study of encryption and decryption process (for secure communication) ➔ Encryption : converting readable data (plaintext) into unreadable characters (ciphertext) ➔ Decryption - converting unreadable data (plaintext) to its original data (plain text) ● Common security risk : ➔ Unauthorized access and used ➔ Information theft 6 Security Measure 2. Cryptography
  • 58. ● Use to safeguard computer system from viruses and other malware ● Antivirus program - program that protects computer against viruses by identifying and removing any computer viruses found in memory, on storage media or incoming files ● Popular antivirus program - Kaspersky antivirus, Avast antivirus, CA antivirus, McAfee antivirus, AVG antivirus ● Common security risk : ➔ Malicious code ➔ Information theft ➔ Internet and network attack 9 Security Measure 3. Antivirus
  • 59. ● Is a type of software that is designed to detect and remove unwanted spyware programs. ● Spyware is a type of malware that is installed on a computer without the user's knowledge in order to collect information about them. ● Eg : Bitdefender, Norton Security, Spy Sweeper ● Common security risk : ➔ Internet and network attack 11 Security Measure 4. Anti Spyware
  • 60. ● Firewall is hardware / software that protects a network’s resources from intrusion. Eg : Windows firewall, Norton Personal Firewall ● Ensure all the network device and system protect by the firewall system that already installed by network administrator ● Common security risk : ➔ Unauthorized access and used ➔ Internet and network attack 13 Security Measure 5. Firewall
  • 61. 14 Security Measure 4. Comparison Firewall, IDS and Honeypot Firewall Intrusion Detection Software (IDS) Honeypot ● Analyzes all network traffic ● assesses system vulnerabilities ● Identifies any unauthorized intrusion ● Notifies network administrators of suspicious behaviour pattern or system breaches ● Vulnerable computer that is set up to entice the hackers to attack the system
  • 62. ● cabinets with lock, locked doors and windows - to protect software media from being stolen ● installing alarm system for additional security ● attach physical security devices such as cables that lock equipment to desk ● issue users license agreement to protect software from piracy 16 Security Measure 6. Physical Access Control
  • 63. ● Hardware theft ● Software theft ● Information theft ● Unauthorized access and used ● System failure 17 Security Measure 6. Physical Access Control : Common Security Risk
  • 64. ● cabinets with lock, locked doors and windows - to protect software media from being stolen ● installing alarm system for additional security ● attach physical security devices such as cables that lock equipment to desk ● issue users license agreement to protect software from piracy ● Expose employees or staff to computer security through continuously security training and courses ● Make a systematic routine check to update (security patches, virus definition) a computer system ● proper handling of computer and information 18 Security Measure 7. Human Aspect Awareness
  • 65. ● Internet and network attack ● Malicious code ● Unauthorized access and used ● Hardware theft ● Software theft ● Information theft ● System failure 19 Security Measure 7. Human Aspect Awareness : Common Security Risk
  • 66. 20 Security Measure 8. Relate Security Risks With Its Measure Security Risk / Threat Recommended Security Measure/ Safeguard Malicious code (Virus, Worm, Trojan) Install and scan by using Anti-virus regularly, install and scan by using Anti-spyware, install and turn on Firewall, Human aspect awareness Unauthorized access and use Physical access control, Use access control Human aspect awareness Hardware theft Physical access control, Human aspect awareness Software theft Physical access control, Human aspect awareness Information theft Cryptography, Physical access control Install and scan by using Anti-virus regularly, install and scan by using Anti-spyware, Human aspect awareness System failure Data backup regularly, Human aspect awareness