Unethical employees – break into their employers ‘ computers for a variety of reasons
1) To exploit a security weakness; 2) seek financial gains from selling confidential information; 3) disgruntled employees seek revenge
Cyberextortionist – someone who uses e-mail as a vehicle for extortion.
Send a company a threatening e-mail message indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the company’s network—if they are not paid a sum of money
Automatically analyzes all network traffic, assesses system vulnerabilities
Identifies any unauthorized access (intrusions)
Notifies network administrators of suspicious behavior patterns or system breaches
Safeguards against DoS Attacks, Back Doors, and IP Spoofing
Safeguards Against Unauthorized Access And Use
A security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer.
Records in a file both successful and unsuccessful access attempts.
User Name and passwords
Longer passwords provide better security
Password Protections Average Time to Discover Number of Characters Possible Combinations Human Computer 1 36 3 minutes .0000018 seconds 2 1,300 2 hours .00065 seconds 3 47,000 3 days .02 seconds 4 1,700,000 3 months 1 second 5 60,000,000 10 years 30 seconds 10 3,700,000,000,000,000 580 million years 59 years
Any item that you must carry to gain access to a computer or computer facility. (Examples: badges, cards, smart cards & key)
Often are used in combination with personal identification numbers.
Authenticates a person’s identify by translating a personal characteristics, such as a fingerprint, into a digital code that is then compared with a digital code stored in the computer to verify a physical or behavioral characteristic