Your SlideShare is downloading. ×
kevin's powerpoint chapt 6
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

kevin's powerpoint chapt 6

5,968
views

Published on

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
5,968
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
33
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Chapter 6Network and Internet Security and Privacy
  • 2. Learning Objectives• LO6.1: Explain network and Internet security concerns• LO6.2: Identify online threats• LO6.3: Describe cyberstalking and other personal safety concerns• LO6.4: Assess personal computer security• LO6.5: Identify privacy concerns• LO6.6: Discuss current network and Internet security legislationCMPTR Chapter 6: Network and Internet Security and Privacy 2
  • 3. LO6.1: Understanding SecurityConcerns• Computer crime—or cybercrime—includes any illegal act involving a computer.• Cybercrime is a multibillion-dollar business that is often conducted by seasoned criminals.• All computer users should be aware of the security concerns surrounding computer network and Internet use, and they should take appropriate precautions.CMPTR Chapter 6: Network and Internet Security and Privacy 3
  • 4. LO6.1: Understanding SecurityConcerns• Topics Covered: – Unauthorized Access and Unauthorized Use – Hacking – War Driving and Wi-FI Piggybacking – Interception of CommunicationsCMPTR Chapter 6: Network and Internet Security and Privacy 4
  • 5. Unauthorized Access andUnauthorized Use• Unauthorized access occurs whenever an individual gains access to a computer, network, file, or other resource without permission— typically by hacking into the resource.• Unauthorized use involves using a computer resource for unauthorized activities.• To explain acceptable computer use to their employees, students, or other users, many organizations and educational institutions publish guidelines for behavior, often called codes of conduct.CMPTR Chapter 6: Network and Internet Security and Privacy 5
  • 6. Hacking• Hacking refers to the act of breaking into a computer or network.• The increased number of systems controlled by computers and connected to the Internet, along with the continually improving abilities of hackers and the increasing availability of sets of tools that allow hackers to access a system, has led to an increased risk of cyberterrorism—where terrorists launch attacks via the Internet.CMPTR Chapter 6: Network and Internet Security and Privacy 6
  • 7. War Driving and Wi-Fi Piggybacking• War driving typically involves driving in a car with a portable computer looking for unsecured Wi-Fi networks to connect to.• Wi-Fi piggybacking refers to accessing someone else’s unsecured Wi-Fi network from the hacker’s current locationCMPTR Chapter 6: Network and Internet Security and Privacy 7
  • 8. Interception of Communications• Instead of accessing data stored on a computer via hacking, some criminals gain unauthorized access to data, files, email messages, VoIP calls, and other content as it is being sent over the Internet.• A new trend is criminals intercepting credit and debit card information during the card verification process; that is, intercepting the data from a card in real time as a purchase is being authorized.CMPTR Chapter 6: Network and Internet Security and Privacy 8
  • 9. LO6.2: Online Threats• Topics Covered: – Botnets – Computer Viruses and Other Types of Malware – Denial of Service (DoS) Attacks – Data, Program, or Web Site Alteration – Online Theft, Online Fraud, and Other Dot Cons – Theft of Data, Information, and Other Resources – Identity Theft, Phishing, and Pharming – Protecting Against Identity Theft – Online Auction Fraud and Other Internet ScamsCMPTR Chapter 6: Network and Internet Security and Privacy 9
  • 10. Botnets• A computer that is controlled by a hacker or other computer criminal is referred to as a bot or zombie computer.• A group of bots that are controlled by one individual and can work together in a coordinated fashion is called a botnet.• According to the FBI, an estimated one million U.S. computers are currently part of a botnet.CMPTR Chapter 6: Network and Internet Security and Privacy 10
  • 11. Computer Viruses and Other Typesof Malware• Malware is a generic term that refers to any type of malicious software. – Virus: a program installed without the user’s knowledge and designed to alter the way a computer operates or to cause harm to the computer system.CMPTR Chapter 6: Network and Internet Security and Privacy 11
  • 12. Computer Viruses and Other Typesof MalwareCMPTR Chapter 6: Network and Internet Security and Privacy 12
  • 13. Computer Viruses and Other Typesof Malware – Like a computer virus, a computer worm is a malicious program that is typically designed to cause damage. – A Trojan horse is a type of malware that masquerades as something else—usually an application program.CMPTR Chapter 6: Network and Internet Security and Privacy 13
  • 14. Computer Viruses and Other Typesof MalwareCMPTR Chapter 6: Network and Internet Security and Privacy 14
  • 15. Denial of Service (DoS) Attacks• A denial of service (DoS) attack is an act of sabotage that attempts to flood a network server or Web server with so many requests for action that it shuts down or simply cannot handle legitimate requests any longer, causing legitimate users to be denied service.CMPTR Chapter 6: Network and Internet Security and Privacy 15
  • 16. Denial of Service (DoS) Attacks• DoS attacks today are often directed toward popular sites and typically are carried out via multiple computers. – This is known as a distributed denial of service (DDoS) attack.CMPTR Chapter 6: Network and Internet Security and Privacy 16
  • 17. Data, Program, or Web SiteAlteration• Another type of computer sabotage occurs when a hacker breaches a computer system to delete data, change data, modify programs, or otherwise alter the data and programs located there.• Data on Web sites can also be altered by hackers.CMPTR Chapter 6: Network and Internet Security and Privacy 17
  • 18. Online Theft, Online Fraud, andOther Dot Cons• The best protection against many dot cons is protecting your identity—that is, protecting any identifying information about you that could be used in fraudulent activities.CMPTR Chapter 6: Network and Internet Security and Privacy 18
  • 19. Theft of Data, Information, andOther Resources• Data theft or information theft is the theft of data or information located on or being sent from a computer.• It can be committed by stealing an actual computer, or it can take place over the Internet or a network by an individual gaining unauthorized access to that data by hacking into the computer or by intercepting the data in transit.CMPTR Chapter 6: Network and Internet Security and Privacy 19
  • 20. Identity Theft, Phishing, andPharming• Identity theft occurs when someone obtains enough information about a person to be able to masquerade as that person—usually to buy products or services in that person’s name.CMPTR Chapter 6: Network and Internet Security and Privacy 20
  • 21. Identity Theft, Phishing, andPharming• Phishing is the use of a spoofed email message to trick the recipient into revealing sensitive personal information, such as credit card numbers.• More targeted, personalized phishing schemes are known as spear phishing.• Pharming is another type of scam that uses spoofed domain names to obtain personal information for use in fraudulent activities.CMPTR Chapter 6: Network and Internet Security and Privacy 21
  • 22. Identity Theft, Phishing, andPharmingCMPTR Chapter 6: Network and Internet Security and Privacy 22
  • 23. Protecting Against Identity Theft• In addition to disclosing personal information only when it is necessary and only via secure Web pages, you should use security software and keep it up to date.• To avoid phishing schemes, never click a link in an email message to go to a secure Web site—always type the URL for that site in your browser.• To prevent identity theft, protect your Social Security number and give it out only when necessary.CMPTR Chapter 6: Network and Internet Security and Privacy 23
  • 24. Protecting Against Identity TheftCMPTR Chapter 6: Network and Internet Security and Privacy 24
  • 25. Online Auction Fraud and OtherInternet Scams• Online auction fraud (sometimes called Internet auction fraud) occurs when an online auction buyer pays for merchandise that is never delivered, or that is delivered but it is not as represented.• The best protection against many dot cons is common sense.CMPTR Chapter 6: Network and Internet Security and Privacy 25
  • 26. LO6.3: Cyberstalking and OtherPersonal Safety Concerns• Topics Covered: – Cyberbullying and Cyberstalking – Online Pornography – Protecting Against Personal Safety ConcernsCMPTR Chapter 6: Network and Internet Security and Privacy 26
  • 27. Cyberbullying and Cyberstalking• Two of the most common ways individuals are harassed online are cyberbullying and cyberstalking.• Although there are as yet no specific federal laws against cyberstalking, all states have made it illegal, and some federal laws do apply if the online actions include computer fraud or another type of computer crime, suggest a threat of personal injury, or involve sending obscene email messages.CMPTR Chapter 6: Network and Internet Security and Privacy 27
  • 28. Online Pornography• A variety of controversial and potentially objectionable material is available on the Internet. Although there have been attempts to ban this type of material from the Internet, they have not been successful.• Because of the strong link experts believe exists between child pornography and child molestation, many experts are very concerned about the amount of child pornography that can be found and distributed via the Internet.CMPTR Chapter 6: Network and Internet Security and Privacy 28
  • 29. Protecting Against Personal SafetyConcerns• To protect yourself against cyberstalking and other types of online harassment: – Use gender-neutral, nonprovocative identifying names. – Be careful about the types of photos you post of yourself online and do not reveal personal information to people you meet online. – Do not respond to any insults or other harassing comments you may receive online. – Consider requesting that your personal information be removed from online directories, especially those associated with your email address or other online identifiers.CMPTR Chapter 6: Network and Internet Security and Privacy 29
  • 30. LO6.4: Personal Computer Security• Topics Covered: – Hardware Loss and Damage – System Failure and Other Disasters – Protecting Against Hardware Loss, Hardware Damage, and System Failure – Firewalls, Encryption, and Virtual Private Networks (VPNs)CMPTR Chapter 6: Network and Internet Security and Privacy 30
  • 31. Hardware Loss and Damage• Hardware loss can occur when a personal computer, USB flash drive, mobile device, or other piece of hard- ware is stolen or is lost by the owner.• One of the most obvious types of hardware loss is hardware theft, which occurs when hardware is stolen from an individual or from a business, school, or other organization.CMPTR Chapter 6: Network and Internet Security and Privacy 31
  • 32. System Failure and Other Disasters• System failure is the complete malfunction of a computer system.• System failure can occur because of a hardware problem, software problem, or computer virus. It can also occur because of a natural disaster, sabotage, or a terrorist attack.CMPTR Chapter 6: Network and Internet Security and Privacy 32
  • 33. Protecting Against Hardware Loss,Hardware Damage, and System FailureCMPTR Chapter 6: Network and Internet Security and Privacy 33
  • 34. Protecting Against Hardware Loss,Hardware Damage, and System Failure• Full disk encryption (FDE) provides an easy way to protect the data on an entire computer in case it is lost or stolen.• A hard drive that uses FDE, which is often referred to as a self- encrypting hard drive, typically needs a username and password or biometric characteristic before the computer containing the drive will boot.CMPTR Chapter 6: Network and Internet Security and Privacy 34
  • 35. Protecting Against Hardware Loss,Hardware Damage, and System Failure• Passwords are secret words or character combinations associated with an individual.• Create strong passwords: – At least 8 characters long – Combination of upper and lowercase letters, numbers, and symbols – Do not form words found in the dictionary or that match the username that the password is associated withCMPTR Chapter 6: Network and Internet Security and Privacy 35
  • 36. Protecting Against Hardware Loss,Hardware Damage, and System Failure• Proper care of hardware can help prevent serious damage to a computer system: – Protective cases – Ruggedized devicesCMPTR Chapter 6: Network and Internet Security and Privacy 36
  • 37. Protecting Against Hardware Loss,Hardware Damage, and System Failure• To protect hardware from damage due to power fluctuations, everyone should use a surge suppressor with a computer whenever it is plugged into a power outlet.• Users who want their desktop computers to remain powered up when the electricity goes off should use an uninterruptible power supply (UPS).CMPTR Chapter 6: Network and Internet Security and Privacy 37
  • 38. Protecting Against Hardware Loss,Hardware Damage, and System FailureCMPTR Chapter 6: Network and Internet Security and Privacy 38
  • 39. Firewalls, Encryption, and VirtualPrivate Networks (VPNs)• A firewall is a security system that essentially creates a barrier between a computer or network and the Internet in order to protect against unauthorized access.• Encryption is a method of scrambling the contents of an email message or a file to make it unreadable if an unauthorized user intercepts it. – Secure Web pages use encryption to protect information transmitted via that Web page.CMPTR Chapter 6: Network and Internet Security and Privacy 39
  • 40. Firewalls, Encryption, and VirtualPrivate Networks (VPNs)• Private key encryption uses a single secret private key to both encrypt and decrypt a file or message being sent over the Internet.• Public key encryption, also called asymmetric key encryption, utilizes two encryption keys to encrypt and decrypt documents.• While email and file encryption can be used to transfer individual messages and files securely over the Internet, a virtual private network (VPN) is designed to be used when a continuous secure channel over the Internet is needed.CMPTR Chapter 6: Network and Internet Security and Privacy 40
  • 41. Firewalls, Encryption, and VirtualPrivate Networks (VPNs)CMPTR Chapter 6: Network and Internet Security and Privacy 41
  • 42. LO6.5: Understanding PrivacyConcerns• Privacy is usually defined as the state of being concealed or free from unauthorized intrusion.• The term information privacy refers to the rights of individuals and companies to control how information about them is collected and used.• Topics Covered: – Databases, Electronic Profiling, Spam, and Other Marketing Activities – Protecting the Privacy of Personal Information – Electronic Surveillance and Monitoring – Protecting Personal and Workplace PrivacyCMPTR Chapter 6: Network and Internet Security and Privacy 42
  • 43. Databases, Electronic Profiling,Spam, and Other Marketing Activities• Marketing databases contain marketing and demographic data about people, such as where they live and what products they buy.• Information about individuals is also available in government databases.• Collecting in-depth information about an individual is known as electronic profiling.CMPTR Chapter 6: Network and Internet Security and Privacy 43
  • 44. Databases, Electronic Profiling,Spam, and Other Marketing ActivitiesCMPTR Chapter 6: Network and Internet Security and Privacy 44
  • 45. Databases, Electronic Profiling,Spam, and Other Marketing Activities• Most businesses and Web sites that collect personal information have a privacy policy that discloses how the personal information you provide will be used.CMPTR Chapter 6: Network and Internet Security and Privacy 45
  • 46. Databases, Electronic Profiling,Spam, and Other Marketing Activities• Spam refers to unsolicited email sent to a large group of individuals at one time.CMPTR Chapter 6: Network and Internet Security and Privacy 46
  • 47. Protecting the Privacy of PersonalInformation• For online shopping, signing up for free offers, message boards, product registration, and other activities that typically lead to junk email, use a disposable or throw-away email address (a second address obtained from your ISP or a free email address from Windows Live Hotmail or Google’s Gmail).CMPTR Chapter 6: Network and Internet Security and Privacy 47
  • 48. Protecting the Privacy of PersonalInformationCMPTR Chapter 6: Network and Internet Security and Privacy 48
  • 49. Electronic Surveillance andMonitoring • Computer monitoring software: records keystrokes, log the programs or Web sites accessed, or otherwise monitors someone’s computer activity.• Video surveillance: the use of video cameras to monitor activities of individuals for work-related or crime-preventions purposes.• Employee monitoring: recording or observing the actions of employees while on the job.• Presence technology: enables one computing device to locate and identify the current status of another device on the same network.CMPTR Chapter 6: Network and Internet Security and Privacy 49
  • 50. Protecting Personal and WorkplacePrivacy• There are not many options for protecting yourself against computer monitoring by your employer or the government, or against video surveillance systems.• Businesses should take the necessary security measures to ensure that employee activities are not being monitored by a hacker or other unauthorized individual.CMPTR Chapter 6: Network and Internet Security and Privacy 50
  • 51. LO6.6: Network and InternetSecurity Legislation• It’s difficult for the legal system to keep pace with the rate at which technology changes.• The high level of concern regarding computer security and personal privacy has led state and federal legislators to pass a variety of laws since the 1970s.CMPTR Chapter 6: Network and Internet Security and Privacy 51
  • 52. LO6.6: Network and InternetSecurity LegislationCMPTR Chapter 6: Network and Internet Security and Privacy 52