Your SlideShare is downloading. ×
CSC1100 - Chapter09 - Computer Security, Ethics and Privacy
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

CSC1100 - Chapter09 - Computer Security, Ethics and Privacy

473

Published on

ကွန်ပျုတာလံုခြံရေး၊ကျင့်ဝတ်နှင့်ကိုယ်ရေးကိုယ်တာ

ကွန်ပျုတာလံုခြံရေး၊ကျင့်ဝတ်နှင့်ကိုယ်ရေးကိုယ်တာ

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
473
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
38
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Discovering Computers 20081Chapter 9Chapter 9Chapter 9Chapter 9Computer Security,Computer Security,Computer Security,Computer Security,Ethics and PrivacyEthics and PrivacyEthics and PrivacyEthics and Privacy
  • 2. 2Chapter 10 ObjectivesChapter 10 ObjectivesChapter 10 ObjectivesChapter 10 ObjectivesDescribe the types of computer security risksDescribe the types of computer security risksIdentify ways to safeguard againstcomputer viruses, worms, Trojan horses,botnets, denial of service attacks, backdoors, and spoofingIdentify ways to safeguard againstcomputer viruses, worms, Trojan horses,botnets, denial of service attacks, backdoors, and spoofingDiscuss techniques to prevent unauthorizedDiscuss techniques to prevent unauthorizedDiscuss the types of devices available thatprotect computers from system failureDiscuss the types of devices available thatprotect computers from system failureExplain the options available for backing upcomputer resourcesExplain the options available for backing upcomputer resourcesIdentify risks and safeguards associated withwireless communicationsIdentify risks and safeguards associated withwireless communicationsDiscuss techniques to prevent unauthorizedcomputer access and useDiscuss techniques to prevent unauthorizedcomputer access and useIdentify safeguards against hardware theftand vandalismIdentify safeguards against hardware theftand vandalismExplain the ways software manufacturersprotect against software piracyExplain the ways software manufacturersprotect against software piracyDefine encryption and explain why it isnecessaryDefine encryption and explain why it isnecessaryRecognize issues related to informationaccuracy, rights, and conductRecognize issues related to informationaccuracy, rights, and conductDiscuss issues surrounding informationprivacyDiscuss issues surrounding informationprivacyDiscuss ways to prevent health-relateddisorders and injuries due to computer useDiscuss ways to prevent health-relateddisorders and injuries due to computer use
  • 3. 3Computer Security RisksComputer Security RisksComputer Security RisksComputer Security RisksWhat is a computer security risk?Event or action that causes loss of or damage tocomputer system
  • 4. 4Internet and Network AttacksInternet and Network AttacksInternet and Network AttacksInternet and Network AttacksWhat are viruses, worms, and Trojan horses?VirusVirus is apotentiallydamagingcomputerprogramWormWorm copiesitself repeatedly,using upresourcesand possiblyTrojan horseTrojan horsehides withinor looks likelegitimateprogram untilPayloadPayload(destructiveevent) that isdelivered whenyou open file, runprogramand possiblyshutting downcomputer ornetworkprogram untiltriggeredyou open file, runinfected program,or boot computerwith infected diskin disk driveCanspreadanddamagefilesDoes notreplicateitself onothercomputers
  • 5. 5Internet and Network AttacksInternet and Network AttacksInternet and Network AttacksInternet and Network AttacksHow can a virus spread through an e-mail message?Step 1. Unscrupulousprogrammers create a virusprogram. They hide thevirus in a Word documentand attach the Worddocument to an e-mailmessage.Step 2. They usethe Internet to sendthe e-mail messageto thousands ofusers around theworld.Step 3b. Other users do notrecognize the name of thesender of the e-mail message.These users do not open thee-mail message. Instead theydelete the e-mail message.These users’ computers are notinfected with the virus.Step 3a. Someusers open theattachment andtheir computersbecome infectedwith the virus.
  • 6. 6Internet and Network AttacksInternet and Network AttacksInternet and Network AttacksInternet and Network AttacksHow can you protect your system from a macro virus?Set macro security level in applications that allow youto write macrosSet security level so thatwarning displays thatdocument containsdocument containsmacroMacros are instructionssaved in an application,such as word processingor spreadsheet program
  • 7. 7Internet and Network AttacksInternet and Network AttacksInternet and Network AttacksInternet and Network AttacksWhat is an antivirus program?Identifies and removescomputer virusesMost also protect againstworms and Trojanhorseshorses
  • 8. 8Internet and Network AttacksInternet and Network AttacksInternet and Network AttacksInternet and Network AttacksWhat is a virus signature?Specific pattern of virus codeAlso called virus definitionAntivirus programslook for virussignaturessignatures
  • 9. 9Internet and Network AttacksInternet and Network AttacksInternet and Network AttacksInternet and Network AttacksHow does an antivirusprogram inoculate aprogram file?RecordsRecordsinformationinformationabout program suchabout program suchas file size andas file size andcreationcreationdatedateUsesUsesinformationinformationKeeps filein separatearea of hard diskdatedateAttemptsAttemptsto removeto removeany detectedany detectedvirusvirusinformationinformationto detect ifto detect ifvirus tampersvirus tamperswith filewith fileQuarantinesQuarantinesinfectedinfectedfiles that itfiles that itcannotcannotremoveremove
  • 10. 10Internet and Network AttacksInternet and Network AttacksInternet and Network AttacksInternet and Network AttacksWhat are some tips for preventing virus, worm, and Trojanhorse infections?Never start acomputer withremovable mediaNever open ane-mail attachmentunless you areexpecting it andInstall an antivirusprogram on all ofyour computersCheck alldownloadedprograms forviruses, worms,or Trojan horsesInstall a personalfirewall programIf the antivirusprogram flags an e-mail attachment asinfected, delete theattachmentimmediatelyremovable mediainsertedexpecting it andit is from a trustedsourceyour computers
  • 11. 11Internet and Network AttacksInternet and Network AttacksInternet and Network AttacksInternet and Network AttacksWhat are a denial of service attack, back door andspoofing?A denial of service (DOS) attack is anassault which disrupts computer accessto an Internet service such as the Web or e-mailA back door is a program or set of instructionsin a program that allow users to bypasssecurity controls when accessing a computerresourceSpoofing is a technique intruders use to maketheir network or Internet transmissionappear legitimate to a victim computer ornetwork (email spoofing)
  • 12. 12Internet and Network AttacksInternet and Network AttacksInternet and Network AttacksInternet and Network AttacksWhat is a firewall?Security system consisting of hardware and/orsoftware that prevents unauthorized intrusion
  • 13. 13Internet and Network AttacksInternet and Network AttacksInternet and Network AttacksInternet and Network AttacksWhat is a personal firewall?Program that protects personal computer and its datafrom unauthorized intrusionsMonitors transmissions to and from computerInforms you of attempted intrusion
  • 14. 14Unauthorized Access and UseUnauthorized Access and UseUnauthorized Access and UseUnauthorized Access and UseHow can companies protect against hackers?Intrusion detection softwareIntrusion detection softwareanalyzes network traffic, assessesanalyzes network traffic, assessessystem vulnerabilities, and identifiessystem vulnerabilities, and identifiesintrusions and suspicious behaviorintrusions and suspicious behaviorAccess controlAccess control defines whodefines whocan access computer andcan access computer andwhat actions they can takewhat actions they can takeAudit trailAudit trail records accessrecords accessattemptsattempts –– successful &successful &unsuccessful attemptsunsuccessful attempts
  • 15. 15Unauthorized Access and UseUnauthorized Access and UseUnauthorized Access and UseUnauthorized Access and UseWhat are other ways to protect your personal computer?Disable file andprinter sharing onInternet connection
  • 16. 16Unauthorized Access and UseUnauthorized Access and UseUnauthorized Access and UseUnauthorized Access and UseWhat is a user name?Unique combination of characters that identifies userPassword is privatecombination ofcharacters associatedwith the user namewith the user namethat allows accessto computerresources
  • 17. 17Unauthorized Access and UseUnauthorized Access and UseUnauthorized Access and UseUnauthorized Access and UseHow can you make your password more secure?Longer passwords provide greater security
  • 18. 18Unauthorized Access and UseUnauthorized Access and UseUnauthorized Access and UseUnauthorized Access and UseWhat is a possessed object?Item that you must carry to gain access tocomputer or facilityOften used withnumeric passwordcalled personalcalled personalidentificationnumber (PIN)
  • 19. 19Unauthorized Access and UseUnauthorized Access and UseUnauthorized Access and UseUnauthorized Access and UseWhat is a biometric device?Authenticates person’sidentity using personalcharacteristicFingerprint, hand geometry,voice, signature, and irisvoice, signature, and iris
  • 20. 20Hardware Theft and VandalismHardware Theft and VandalismHardware Theft and VandalismHardware Theft and VandalismWhat are hardware theft and hardware vandalism?Hardware theft is act of stealingcomputer equipmentCables sometimes used to lockequipmentSome notebook computers usepasswords, possessed objects, andpasswords, possessed objects, andbiometrics as security methodsFor PDAs and smart phones, youcan password-protect the deviceHardware vandalism is act ofdefacing or destroying computerequipment
  • 21. 21Software TheftSoftware TheftSoftware TheftSoftware TheftWhat is software theft?Act of stealing orAct of stealing orillegally stealingillegally stealingsoftware, copyingsoftware, copyingsoftware orsoftware orSoftwareSoftware piracypiracyis illegalis illegalduplicationduplicationof copyrightedof copyrightedintentionallyintentionallyerasingerasingprogramsprogramssoftwaresoftware
  • 22. 22Software TheftSoftware TheftSoftware TheftSoftware TheftWhat is a license agreement?Right to use softwareSingle-user license agreement allows user to install softwareon one computer, make backup copy, and sell software afterremoving from computer
  • 23. 23Software TheftSoftware TheftSoftware TheftSoftware TheftWhat are some other safeguards against software theft?Product activationProduct activation allows user to inputallows user to inputproduct identification number online or byproduct identification number online or byphone and receive unique installationphone and receive unique installationidentification numberidentification numberBusiness Software Alliance (BSA)Business Software Alliance (BSA) promotespromotesbetter understanding of software piracybetter understanding of software piracyproblemsproblems
  • 24. 24Information TheftInformation TheftInformation TheftInformation TheftWhat is encryption?Safeguards against information theftProcess of converting plaintext (readable data) into ciphertext(unreadable characters)Encryption key (formula) often uses more than one methodTo read the data, the recipient must decrypt, or decipher, the data
  • 25. 25Secure siteSecure siteis Web site that uses encryptionInformation TheftInformation TheftInformation TheftInformation TheftHow do Web browsers provide secure data transmission?Many Web browsers is Web site that uses encryptionto secure dataMany Web browsersuse encryption
  • 26. 26Information TheftInformation TheftInformation TheftInformation TheftWhat is a certificate authority (CA)?Authorized personor company thatissues and verifiesdigital certificatesUsers apply forUsers apply fordigital certificatefrom CA
  • 27. 27Information TheftInformation TheftInformation TheftInformation TheftWhat is Secure Sockets Layer (SSL)?Provides encryption of all data that passes betweenclient and Internet serverWeb addresses beginningwith “https” indicatesecure connectionssecure connectionsBoth client & server musthave digital certificateAvailable in both 40-bitand 128-bit encryption
  • 28. 28Information TheftInformation TheftInformation TheftInformation TheftWhat is Secure HTTP (S-HTTP)?Allows users to choose an encryption scheme for datathat passes between a client & a serverMore difficult than SSL but more secureUsed by applications that need authenticity verificationof client – e.g. online bankingof client – e.g. online banking
  • 29. 29Information TheftInformation TheftInformation TheftInformation TheftWhat is Virtual Private Network (VPN)?Mobile users today often access their companynetwork through VPNFor mobile users to connect to a main office using astandard Internet connectionProvides a secure connection to company networkProvides a secure connection to company networkserver, as if the user has a private line
  • 30. 30System FailureSystem FailureSystem FailureSystem FailureWhat is a system failure?Can cause loss of hardware,Can cause loss of hardware,software, or datasoftware, or dataProlonged malfunctionProlonged malfunctionof computerof computerUndervoltage—dropin electrical supplyOvervoltage orpower surge—significant increasein electrical powerNoise—unwantedelectrical signalCaused by aging hardware,Caused by aging hardware,natural disasters, or electricalnatural disasters, or electricalpower disturbancespower disturbances
  • 31. 31System FailureSystem FailureSystem FailureSystem FailureWhat is a surge protector?Protects computer andequipment from electrical powerdisturbancesUninterruptible power supply(UPS) is surge protector that(UPS) is surge protector thatprovides power during power loss
  • 32. 32Backing UpBacking UpBacking UpBacking Up ———— The Ultimate SafeguardThe Ultimate SafeguardThe Ultimate SafeguardThe Ultimate SafeguardWhat is a backup?Duplicate of file, program, or diskFull backupFull backupall files inFull backupFull backupall files inSelective backupSelective backupselect which filesSelective backupSelective backupselect which filesThreeThree--generationgenerationbackupbackuppreservesThreeThree--generationgenerationbackupbackuppreservesall files incomputerall files incomputerselect which filesto back upselect which filesto back uppreservesthree copies ofimportant filespreservesthree copies ofimportant filesIn case of system failure or corrupted files,restorerestore files by copying to original location
  • 33. 33Wireless SecurityWireless SecurityWireless SecurityWireless SecurityHow can I ensure my wireless communication issecure?Secure your wireless access point (WAP)WAP should not broadcast your network nameWireless security standards:Enable Wired Equivalent PrivacyEnable Wired Equivalent PrivacyWi-Fi Protected Access (WPA)802.11i
  • 34. 34Ethics and SocietyEthics and SocietyEthics and SocietyEthics and SocietyWhat are computer ethics?Software theftSoftware theft Information accuracyInformation accuracyUnauthorized use ofcomputers andnetworksUnauthorized use ofcomputers andnetworksMoral guidelines that govern use of computers and information systemsMoral guidelines that govern use of computers and information systemsInformation privacyInformation privacyIntellectual propertyrights—rights to whichcreators are entitled fortheir workIntellectual propertyrights—rights to whichcreators are entitled fortheir workCodes of conductCodes of conductnetworksnetworks
  • 35. 35Ethics and SocietyEthics and SocietyEthics and SocietyEthics and SocietyWhat is an IT code of conduct?Written guidelinethat helpsdetermine whethercomputer action isethicalethicalEmployers candistribute toemployees
  • 36. 36Information PrivacyInformation PrivacyInformation PrivacyInformation PrivacyWhat is information privacy?Difficult to maintain todayRight of individuals andcompanies to deny or restrictcollection and use of informationabout themLegal for employers to usemonitoring software programsDifficult to maintain todaybecause data is stored onlineEmployee monitoring is usingcomputers to observe employeecomputer use
  • 37. 37Information PrivacyInformation PrivacyInformation PrivacyInformation PrivacyWhat are some ways to safeguard personal information?Fill in only necessary informationon rebate, warranty, andregistration formsAvoid shopping cluband buyers cardsInstall a cookie managerto filter cookiesClear your history file whenyou are finished browsingSet up a free e-mail account;Sign up for e-mailfiltering through yourInternet service provider oruse an antispam program,such as BrightmailInform merchants that youdo not want them to distributeyour personal informationLimit the amount of informationyou provide to Web sites; fillin only required informationSet up a free e-mail account;use this e-mail address formerchant formsTurn off file and print sharingon your Internet connectionInstall a personal firewallDo not reply to spamfor any reasonSurf the Web anonymouslywith a program such asFreedom Web Secure orthrough an anonymousWeb site such asAnonymizer.com
  • 38. 38Information PrivacyInformation PrivacyInformation PrivacyInformation PrivacyWhat is an electronic profile?Data collected when you fill out form on WebMerchants sellyour electronicprofileOften you canOften you canspecify whetheryou wantpersonalinformationdistributed
  • 39. 39Information PrivacyInformation PrivacyInformation PrivacyInformation PrivacyWhat is a cookie?Set browser toaccept cookies,prompt you toaccept cookies,or disableSome Web sitessell or tradeinformationstored in yourSmall file onyour computerthat containsdata about youUserpreferencesor disablecookiesstored in yourcookiesdata about youInterestsandbrowsinghabitsHowregularlyyou visitWeb sites
  • 40. 40Information PrivacyInformation PrivacyInformation PrivacyInformation PrivacyHow do cookies work?
  • 41. 41Information PrivacyInformation PrivacyInformation PrivacyInformation PrivacyWhat are spyware, adware, and spam?Spyware is programplaced on computerwithout user’sknowledgeAdware is a programAdware is a programthat displays onlineadvertisementsSpam is unsolicitede-mail message sentto many recipients
  • 42. 42Information PrivacyInformation PrivacyInformation PrivacyInformation PrivacyHow can you control spam?Collects spam incentral locationthat you canview any timeService thatblocks e-mailmessages fromdesignatedEE--mail filteringmail filteringview any timedesignatedsourcesSometimesremoves valide-mail messagesAttempts toremove spamAntiAnti--spam programspam program
  • 43. 43Information PrivacyInformation PrivacyInformation PrivacyInformation PrivacyWhat is phishing?Scam in which a perpetratorsends an official lookingsends an official lookinge-mail that attemptsto obtain your personal andfinancial information
  • 44. 44Information PrivacyInformation PrivacyInformation PrivacyInformation PrivacyWhat privacy laws have been enacted?
  • 45. 45Information PrivacyInformation PrivacyInformation PrivacyInformation PrivacyWhat privacy laws have been enacted? (cont’d)
  • 46. 46Information PrivacyInformation PrivacyInformation PrivacyInformation PrivacyWhat is content filtering?Process of restricting access to certain materialInternet Content RatingAssociation (ICRA)provides rating systemof Web contentof Web contentWeb filtering softwarerestricts access tospecified sites
  • 47. 47Information PrivacyInformation PrivacyInformation PrivacyInformation PrivacyWhat is computer forensics?Also called digital forensics, network forensics, orcyberforensicsDiscovery, collection, and analysis of evidencefound on computers and networksComputer forensic analysts must have knowledgeComputer forensic analysts must have knowledgeof the law, technical experience, communicationskills, and willingness to learn
  • 48. 48Computer vision syndromeComputer vision syndrome(CVS)(CVS) ——eye and visioneye and visionproblemsproblemsComputer vision syndromeComputer vision syndrome(CVS)(CVS) ——eye and visioneye and visionproblemsproblemsHealth Concerns of Computer UseHealth Concerns of Computer UseHealth Concerns of Computer UseHealth Concerns of Computer UseWhat are some health concerns of computer use?Carpal tunnel syndrome (CTS)Carpal tunnel syndrome (CTS)——inflammation of nerve thatinflammation of nerve thatconnects forearm to palmconnects forearm to palmCarpal tunnel syndrome (CTS)Carpal tunnel syndrome (CTS)——inflammation of nerve thatinflammation of nerve thatconnects forearm to palmconnects forearm to palmRepetitive strain injury (RSI)Repetitive strain injury (RSI)Repetitive strain injury (RSI)Repetitive strain injury (RSI)Computer addictionComputer addiction —— whenwhencomputer consumes entirecomputer consumes entiresocial lifesocial lifeComputer addictionComputer addiction —— whenwhencomputer consumes entirecomputer consumes entiresocial lifesocial lifeTendonitisTendonitis —— inflammation ofinflammation oftendon due to repeated motiontendon due to repeated motionTendonitisTendonitis —— inflammation ofinflammation oftendon due to repeated motiontendon due to repeated motionconnects forearm to palmconnects forearm to palmconnects forearm to palmconnects forearm to palm
  • 49. 49Health Concerns of Computer UseHealth Concerns of Computer UseHealth Concerns of Computer UseHealth Concerns of Computer UseWhat precautions can prevent tendonitis or carpaltunnel syndrome?Spread fingers apart for several seconds while keepingwrists straightGently push back fingers andthen thumbthen thumbDangle armsloosely at sides andthen shake armsand hands
  • 50. 50Health Concerns of Computer UseHealth Concerns of Computer UseHealth Concerns of Computer UseHealth Concerns of Computer UseHow can you ease eyestrainwhen working at the computer?
  • 51. 51Health Concerns of Computer UseHealth Concerns of Computer UseHealth Concerns of Computer UseHealth Concerns of Computer UseWhat is ergonomics?Applied science devoted to comfort, efficiency, andsafety in workplacekeyboardheight: 23”to 28”elbows at 90°and arms andhands parallelto floorfeet flat on flooradjustableheight chairwith 4 or 5legs forstabilityadjustableseat
  • 52. 52Health Concerns of Computer UseHealth Concerns of Computer UseHealth Concerns of Computer UseHealth Concerns of Computer UseWhat is green computing?Reducing electricity and environmental waste whileusing computer
  • 53. 53Summary of Computer Security, Ethics and PrivacySummary of Computer Security, Ethics and PrivacySummary of Computer Security, Ethics and PrivacySummary of Computer Security, Ethics and PrivacyPotential computer risksPotential computer risksSafeguards that schools,business, and individuals canimplement to minimize these risksSafeguards that schools,business, and individuals canimplement to minimize these risksEthical issues surrounding informationaccuracy, intellectual property rights, codesof conduct, and information privacyEthical issues surrounding informationaccuracy, intellectual property rights, codesof conduct, and information privacyimplement to minimize these risksimplement to minimize these risksWireless security risks and safeguardsWireless security risks and safeguardsComputer-related health issues,their preventions, and ways tokeep the environment healthyComputer-related health issues,their preventions, and ways tokeep the environment healthyChapter 8 Complete

×