SlideShare a Scribd company logo
1 of 47
Download to read offline
Chapter 5
Digital Security,
Ethics, and Privacy
Discovering Computers 2016
Tools, Apps, Devices, and the Impact of Technology
Objectives Overview
Define the term, digital
security risks, and
briefly describe the
types of cybercriminals
Describe various types
of Internet and network
attacks, and explain
ways to safeguard
against these attacks
Discuss techniques to
prevent unauthorized
computer access and
use
Explain the ways that
software manufacturers
protect against
software piracy
Discuss how
encryption, digital
signatures, and digital
certificates work
2
Objectives Overview
Identify safeguards
against hardware theft,
vandalism, and failure
Explain the options
available for backing up
Identify risks and
safeguards associated
with wireless
communications
Recognize issues related
to information accuracy,
intellectual property
rights, codes of conduct,
and green computing
Discuss issues
surrounding information
privacy
3
Digital Security Risks
• A digital security risk is any event or action that could
cause a loss of or damage to a computer or mobile device
hardware, software, data, information, or processing
capability
• Any illegal act involving the use of a computer or related
devices generally is referred to as a computer crime
• A cybercrime is an online or Internet-based illegal act
4
Digital Security Risks
5
Figure 5-1
Digital Security Risks
Hacker Cracker Script kiddie
Corporate spies
Unethical
employees
Cyberextortionist
Cyberterrorist
6
Internet and Network Attacks
• Information transmitted
over networks has a higher
degree of security risk than
information kept on an
organization’s premises
• Malware, short for
malicious software, consists
of programs that act
without a user’s knowledge
and deliberately alter the
operations of computers
and mobile devices
7
Table 5-1
Internet and Network Attacks
8
Figure 5-2
Internet and Network Attacks
• A botnet is a group of compromised computers or mobile devices
connected to a network
– A compromised computer or device is known as a zombie
• A denial of service attack (DoS attack) disrupts computer access to
an Internet service
– Distributed DoS attack (DDoS attack)
• A back door is a program or set of instructions in a program that
allow users to bypass security controls
• Spoofing is a technique intruders use to make their network or
Internet transmission appear legitimate
9
Internet and Network Attacks
• A firewall is hardware and/or software that
protects a network’s resources from intrusion
10
Figure 5-4
Unauthorized Access and Use
Unauthorized access is
the use of a computer or
network without
permission
Unauthorized use is the
use of a computer or its
data for unapproved or
possibly illegal activities
11
Unauthorized Access and Use
• Organizations take
several measures to
help prevent
unauthorized access
and use
– Acceptable use policy
– Disable file and printer
sharing
12
Figure 5-5
Unauthorized Access and Use
• Access controls define who can
access a computer, device, or
network; when they can access it;
and what actions they can take while
accessing it
• The computer, device, or network
should maintain an audit trail that
records in a file both successful and
unsuccessful access attempts
– User name
– Password
13
Figure 5-6
Unauthorized Access and Use
• A passphrase is a private combination of words, often containing
mixed capitalization and punctuation, associated with a user name
that allows access to certain computer resources
• A PIN (personal identification number), sometimes called a
passcode, is a numeric password, either assigned by a company or
selected by a user
• A possessed object is any item that you must possess, or carry with
you, in order to gain access to a computer or computer facility
• A biometric device authenticates a person’s identity by translating
a personal characteristic into a digital code that is compared with a
digital code in a computer or mobile device verifying a physical or
behavioral characteristic
14
Unauthorized Access and Use
Fingerprint
reader
Face
recognition
system
Hand
geometry
system
Voice
verification
system
Signature
verification
system
Iris
recognition
system
15
Figures 5-8 – 5-11
Unauthorized Access and Use
• Two-step verification uses two separate methods,
one after the next, to verify the identity of a user
Figure 5-12 16
Unauthorized Access and Use
• Digital forensics is the discovery, collection, and
analysis of evidence found on computers and
networks
• Many areas use digital forensics
17
Law
enforcement
Criminal
prosecutors
Military
intelligence
Insurance
agencies
Information
security
departments
Software Theft
• Software theft occurs when someone:
18
Steals software
media
Intentionally
erases programs
Illegally registers
and/or activates
a program
Illegally copies a
program
Software Theft
• Many manufacturers incorporate an activation
process into their programs to ensure the
software is not installed on more computers than
legally licensed
• During the product activation, which is conducted
either online or by phone, users provide the
software product’s identification number to
associate the software with the computer or
mobile device on which the software is installed
19
Software Theft
• A license agreement is the right to use software
20
Figure 5-13
Information Theft
• Information theft occurs when someone steals
personal or confidential information
• Encryption is a process of converting data that is
readable by humans into encoded characters to
prevent unauthorized access
21
Information Theft
22
Figure 5-14
Information Theft
• A digital signature is an encrypted code that a
person, website, or organization attaches to an
electronic message to verify the identity of the
message sender
– Often used to ensure that an impostor is not participating
in an Internet transaction
• A digital certificate is a notice that guarantees a user
or a website is legitimate
• A website that uses encryption techniques to secure
its data is known as a secure site
23
Information Theft
24
Figure 5-15
Hardware Theft, Vandalism, and Failure
Hardware theft is
the act of stealing
digital equipment
Hardware vandalism
is the act of defacing
or destroying digital
equipment
25
Hardware Theft, Vandalism, and Failure
26
Figure 5-16
Backing Up – The Ultimate Safeguard
• A backup is a duplicate of a file, program, or
media that can be used if the original is lost,
damaged, or destroyed
– To back up a file means to make a copy of it
• Off-site backups are stored in a location separate
from the computer or mobile device site
27
Cloud
Storage
Backing Up – The Ultimate Safeguard
• Categories of backups:
– Full
– Differential
– Incremental
– Selective
– Continuous data
protection
– Cloud
• Three-generation
backup policy
28
Grandparent
Parent
Child
Backing Up – The Ultimate Safeguard
29
Table 5-2
Wireless Security
• Wireless access poses
additional security risks
• Some perpetrators
connect to other’s
wireless networks to gain
free Internet access or
confidential data
• Others connect to a
network through an
unsecured wireless access
point (WAP) or
combination router/WAP
30
Figure 5-18
Ethics and Society
• Technology ethics are
the moral guidelines
that govern the use of
computers, mobile
devices, information
systems, and related
technologies
• Information accuracy is
a concern
– Not all information on
the Internet is correct
31
Figure 5-20
Ethics and Society
32
• Intellectual property refers to unique and original
works such as ideas, inventions, art, writings,
processes, company and product names, and logos
• Intellectual property rights are the rights to which
creators are entitled to their work
• A copyright protects any tangible form of expression
• Digital rights management (DRM) is a strategy
designed to prevent illegal distribution of movies,
music, and other digital content
Ethics and Society
33
Figure 5-21
• A code of conduct is a written guideline that helps
determine whether a specification is
ethical/unethical or allowed/not allowed
Ethics and Society
• Green computing involves reducing the electricity
and environmental waste while using computers,
mobile devices, and related technologies
34
Figure 5-22
Information Privacy
• Information privacy refers to the right of individuals
and companies to deny or restrict the collection, use,
and dissemination of information about them
• Huge databases store data online
• Websites often collect data about you, so that they
can customize advertisements and send you
personalized email messages
• Some employers monitor your computer usage and
email messages
35
Information Privacy
36
Figure 5-23
Information Privacy
• Information about you
can be stored in a
database when you:
– Fill out a printed or
online form
– Create a profile on an
online social network
– Register a product
warranty
37
Figure 5-24
Information Privacy
• A cookie is a small text file that a web server stores on
your computer
• Websites use cookies for a variety of reasons:
38
Allow for
personalization
Store user
names and/or
passwords
Assist with
online
shopping
Track how
often users
visit a site
Target
advertisements
Information Privacy
39
Figure 5-25
Information Privacy
• Phishing is a scam in which a perpetrator sends an
official looking email message that attempts to
obtain your personal and/or financial information
• With clickjacking, an object that can be tapped or
clicked on a website contains a malicious program
40
Information Privacy
• Spyware is a program placed on a computer or
mobile device without the user’s knowledge that
secretly collects information about the user and
then communicates the information it collects to
some outside source while the user is online
• Adware is a program that displays an online
advertisement in a banner or pop-up window on
webpages, email messages, or other Internet
services
41
Information Privacy
• Social engineering is defined as gaining
unauthorized access to or obtaining confidential
information by taking advantage of the trusting
human nature of some victims and the naivety of
others
42
Information Privacy
• The concern about privacy has led to the
enactment of laws regarding the storage and
disclosure of personal data
43
REPUBLIC ACT NO. 10173
AN ACT PROTECTING INDIVIDUAL PERSONAL INFORMATION IN INFORMATION AND
COMMUNICATIONS SYSTEMS IN THE GOVERNMENT AND THE PRIVATE SECTOR, CREATING
FOR THIS PURPOSE A NATIONAL PRIVACY COMMISSION, AND FOR OTHER PURPOSES
Be it enacted, by the Senate and House of Representatives of the Philippines in Congress
assembled:
GENERAL PROVISIONS
Section 1. Short Title. – This Act shall be known as the "Data Privacy Act of 2012″.
Information Privacy
Employee monitoring involves the use of computers, mobile
devices, or cameras to observe, record, and review an
employee’s use of a technology, including communications such
as email messages, keyboard activity (used to measure
productivity), and websites visited
Many programs exist that easily allow employers to monitor
employees. Further, it is legal for employers to use these
programs
44
Information Privacy
• Content filtering is the
process of restricting
access to certain
material
– Many businesses use
content filtering
• Web filtering software
restricts access to
specified websites
45
Figure 5-26
Summary
Variety of digital security risks Cybercrime and cybercriminals
Risks and safeguards associated
with Internet and network
attacks, unauthorized access and
use, software theft, information
theft, and hardware theft,
vandalism, and failure
Various backup strategies and
methods of securing wireless
communications
Ethical issues in society and
various ways to protect the
privacy of personal information
46
Chapter 5
Digital Security,
Ethics, and Privacy
Discovering Computers 2016
Tools, Apps, Devices, and the Impact of Technology
Chapter 5 Complete

More Related Content

What's hot

Data Security
Data SecurityData Security
Data SecurityAkNirojan
 
Introduction of storage devices(Brief Knowledge)
Introduction of storage devices(Brief Knowledge)Introduction of storage devices(Brief Knowledge)
Introduction of storage devices(Brief Knowledge)Afaq Siddiqui
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Database Security, Threats & Countermeasures.pptx
Database Security, Threats & Countermeasures.pptxDatabase Security, Threats & Countermeasures.pptx
Database Security, Threats & Countermeasures.pptxSaqibAhmedKhan4
 
Data backup and disaster recovery
Data backup and disaster recoveryData backup and disaster recovery
Data backup and disaster recoverycatacutanjcsantos
 
Information risk management
Information risk managementInformation risk management
Information risk managementAkash Saraswat
 
Network Security
Network SecurityNetwork Security
Network Securityforpalmigho
 
Chapter 9: Access Control Management
Chapter 9: Access Control ManagementChapter 9: Access Control Management
Chapter 9: Access Control ManagementNada G.Youssef
 
Presentation on computer data storage
Presentation on computer data storage Presentation on computer data storage
Presentation on computer data storage GLG
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet SecurityGerard Lamusse
 
Chapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxChapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxFannyKwok1
 
Nat'l Cyber Security Awareness Month (NCSAM) Posters
Nat'l Cyber Security Awareness Month (NCSAM) PostersNat'l Cyber Security Awareness Month (NCSAM) Posters
Nat'l Cyber Security Awareness Month (NCSAM) PostersNetLockSmith
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Securitychauhankapil
 
Cyber Hygiene in Dailylife
Cyber Hygiene in DailylifeCyber Hygiene in Dailylife
Cyber Hygiene in Dailylifessuser98b1f71
 

What's hot (20)

Data Security
Data SecurityData Security
Data Security
 
Information Security
Information SecurityInformation Security
Information Security
 
Introduction of storage devices(Brief Knowledge)
Introduction of storage devices(Brief Knowledge)Introduction of storage devices(Brief Knowledge)
Introduction of storage devices(Brief Knowledge)
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
Database Security, Threats & Countermeasures.pptx
Database Security, Threats & Countermeasures.pptxDatabase Security, Threats & Countermeasures.pptx
Database Security, Threats & Countermeasures.pptx
 
Lecture 3.pptx
Lecture 3.pptxLecture 3.pptx
Lecture 3.pptx
 
Data backup and disaster recovery
Data backup and disaster recoveryData backup and disaster recovery
Data backup and disaster recovery
 
Information risk management
Information risk managementInformation risk management
Information risk management
 
Network Security
Network SecurityNetwork Security
Network Security
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Whitman_Ch06.pptx
Whitman_Ch06.pptxWhitman_Ch06.pptx
Whitman_Ch06.pptx
 
Chapter 9: Access Control Management
Chapter 9: Access Control ManagementChapter 9: Access Control Management
Chapter 9: Access Control Management
 
Presentation on computer data storage
Presentation on computer data storage Presentation on computer data storage
Presentation on computer data storage
 
Network security
Network securityNetwork security
Network security
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet Security
 
Chapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxChapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptx
 
Nat'l Cyber Security Awareness Month (NCSAM) Posters
Nat'l Cyber Security Awareness Month (NCSAM) PostersNat'l Cyber Security Awareness Month (NCSAM) Posters
Nat'l Cyber Security Awareness Month (NCSAM) Posters
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Security
 
Backup data
Backup data Backup data
Backup data
 
Cyber Hygiene in Dailylife
Cyber Hygiene in DailylifeCyber Hygiene in Dailylife
Cyber Hygiene in Dailylife
 

Similar to DC16_Ch05.pptx

Chapter 05 Digital Safety and Security
Chapter 05 Digital Safety and SecurityChapter 05 Digital Safety and Security
Chapter 05 Digital Safety and Securityxtin101
 
DATA SECURITY AND CONTROL.ppt
DATA SECURITY AND CONTROL.pptDATA SECURITY AND CONTROL.ppt
DATA SECURITY AND CONTROL.pptWilsonWanjohi5
 
Chapter 9 security privacy csc
Chapter 9 security privacy cscChapter 9 security privacy csc
Chapter 9 security privacy cscHisyam Rosly
 
chapter11-120214225647-phpapp01.pptx
chapter11-120214225647-phpapp01.pptxchapter11-120214225647-phpapp01.pptx
chapter11-120214225647-phpapp01.pptxssuser666f98
 
IT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIT-Security-20210426203847.ppt
IT-Security-20210426203847.pptRamaNingaiah
 
IT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIan Dave Balatbat
 
IT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIT-Security-20210426203847.ppt
IT-Security-20210426203847.pptssuser6c59cb
 
Security information for internet and security
Security information  for  internet and securitySecurity information  for  internet and security
Security information for internet and securitySomesh Kumar
 
chapter11-120214225647-phpapp01.pdf
chapter11-120214225647-phpapp01.pdfchapter11-120214225647-phpapp01.pdf
chapter11-120214225647-phpapp01.pdfShahidMehmood285010
 
Chapter 11 computer security and safety, ethics, and privacy
Chapter 11   computer security and safety, ethics, and privacyChapter 11   computer security and safety, ethics, and privacy
Chapter 11 computer security and safety, ethics, and privacyhaider ali
 
Chapter 2 - Lesson 2.pptx
Chapter 2 - Lesson 2.pptxChapter 2 - Lesson 2.pptx
Chapter 2 - Lesson 2.pptxJhaiJhai6
 
MIS part 4_CH 11.ppt
MIS part 4_CH 11.pptMIS part 4_CH 11.ppt
MIS part 4_CH 11.pptEndAlk15
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2MLG College of Learning, Inc
 
Psi 10 security and ethical challenges
Psi 10 security and ethical challengesPsi 10 security and ethical challenges
Psi 10 security and ethical challengesSilvia Afrima Chandra
 

Similar to DC16_Ch05.pptx (20)

Chapter 05 Digital Safety and Security
Chapter 05 Digital Safety and SecurityChapter 05 Digital Safety and Security
Chapter 05 Digital Safety and Security
 
DATA SECURITY AND CONTROL.ppt
DATA SECURITY AND CONTROL.pptDATA SECURITY AND CONTROL.ppt
DATA SECURITY AND CONTROL.ppt
 
Chapter 9 security privacy csc
Chapter 9 security privacy cscChapter 9 security privacy csc
Chapter 9 security privacy csc
 
Week 12
Week 12Week 12
Week 12
 
chapter11-120214225647-phpapp01.pptx
chapter11-120214225647-phpapp01.pptxchapter11-120214225647-phpapp01.pptx
chapter11-120214225647-phpapp01.pptx
 
IT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIT-Security-20210426203847.ppt
IT-Security-20210426203847.ppt
 
IT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIT-Security-20210426203847.ppt
IT-Security-20210426203847.ppt
 
IT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIT-Security-20210426203847.ppt
IT-Security-20210426203847.ppt
 
Security information for internet and security
Security information  for  internet and securitySecurity information  for  internet and security
Security information for internet and security
 
chapter11-120214225647-phpapp01.pdf
chapter11-120214225647-phpapp01.pdfchapter11-120214225647-phpapp01.pdf
chapter11-120214225647-phpapp01.pdf
 
Chapter 11 computer security and safety, ethics, and privacy
Chapter 11   computer security and safety, ethics, and privacyChapter 11   computer security and safety, ethics, and privacy
Chapter 11 computer security and safety, ethics, and privacy
 
Chapter 2 - Lesson 2.pptx
Chapter 2 - Lesson 2.pptxChapter 2 - Lesson 2.pptx
Chapter 2 - Lesson 2.pptx
 
MIS part 4_CH 11.ppt
MIS part 4_CH 11.pptMIS part 4_CH 11.ppt
MIS part 4_CH 11.ppt
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdf
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe Guards
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
 
Psi 10 security and ethical challenges
Psi 10 security and ethical challengesPsi 10 security and ethical challenges
Psi 10 security and ethical challenges
 
Lecture 5.pptx
Lecture 5.pptxLecture 5.pptx
Lecture 5.pptx
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
 

Recently uploaded

CLASSIFICATION OF ANTI - CANCER DRUGS.pptx
CLASSIFICATION OF ANTI - CANCER DRUGS.pptxCLASSIFICATION OF ANTI - CANCER DRUGS.pptx
CLASSIFICATION OF ANTI - CANCER DRUGS.pptxAnupam32727
 
Objectives n learning outcoms - MD 20240404.pptx
Objectives n learning outcoms - MD 20240404.pptxObjectives n learning outcoms - MD 20240404.pptx
Objectives n learning outcoms - MD 20240404.pptxMadhavi Dharankar
 
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing  Postmodern Elements in  Literature.pptxUnraveling Hypertext_ Analyzing  Postmodern Elements in  Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptxDhatriParmar
 
ICS 2208 Lecture Slide Notes for Topic 6
ICS 2208 Lecture Slide Notes for Topic 6ICS 2208 Lecture Slide Notes for Topic 6
ICS 2208 Lecture Slide Notes for Topic 6Vanessa Camilleri
 
6 ways Samsung’s Interactive Display powered by Android changes the classroom
6 ways Samsung’s Interactive Display powered by Android changes the classroom6 ways Samsung’s Interactive Display powered by Android changes the classroom
6 ways Samsung’s Interactive Display powered by Android changes the classroomSamsung Business USA
 
Q-Factor General Quiz-7th April 2024, Quiz Club NITW
Q-Factor General Quiz-7th April 2024, Quiz Club NITWQ-Factor General Quiz-7th April 2024, Quiz Club NITW
Q-Factor General Quiz-7th April 2024, Quiz Club NITWQuiz Club NITW
 
Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...
Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...
Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...DrVipulVKapoor
 
Sulphonamides, mechanisms and their uses
Sulphonamides, mechanisms and their usesSulphonamides, mechanisms and their uses
Sulphonamides, mechanisms and their usesVijayaLaxmi84
 
4.9.24 Social Capital and Social Exclusion.pptx
4.9.24 Social Capital and Social Exclusion.pptx4.9.24 Social Capital and Social Exclusion.pptx
4.9.24 Social Capital and Social Exclusion.pptxmary850239
 
How to Manage Buy 3 Get 1 Free in Odoo 17
How to Manage Buy 3 Get 1 Free in Odoo 17How to Manage Buy 3 Get 1 Free in Odoo 17
How to Manage Buy 3 Get 1 Free in Odoo 17Celine George
 
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...Nguyen Thanh Tu Collection
 
How to Uninstall a Module in Odoo 17 Using Command Line
How to Uninstall a Module in Odoo 17 Using Command LineHow to Uninstall a Module in Odoo 17 Using Command Line
How to Uninstall a Module in Odoo 17 Using Command LineCeline George
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxkarenfajardo43
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...
BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...
BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...Nguyen Thanh Tu Collection
 
Mythology Quiz-4th April 2024, Quiz Club NITW
Mythology Quiz-4th April 2024, Quiz Club NITWMythology Quiz-4th April 2024, Quiz Club NITW
Mythology Quiz-4th April 2024, Quiz Club NITWQuiz Club NITW
 

Recently uploaded (20)

CLASSIFICATION OF ANTI - CANCER DRUGS.pptx
CLASSIFICATION OF ANTI - CANCER DRUGS.pptxCLASSIFICATION OF ANTI - CANCER DRUGS.pptx
CLASSIFICATION OF ANTI - CANCER DRUGS.pptx
 
Objectives n learning outcoms - MD 20240404.pptx
Objectives n learning outcoms - MD 20240404.pptxObjectives n learning outcoms - MD 20240404.pptx
Objectives n learning outcoms - MD 20240404.pptx
 
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
Unraveling Hypertext_ Analyzing  Postmodern Elements in  Literature.pptxUnraveling Hypertext_ Analyzing  Postmodern Elements in  Literature.pptx
Unraveling Hypertext_ Analyzing Postmodern Elements in Literature.pptx
 
ICS 2208 Lecture Slide Notes for Topic 6
ICS 2208 Lecture Slide Notes for Topic 6ICS 2208 Lecture Slide Notes for Topic 6
ICS 2208 Lecture Slide Notes for Topic 6
 
6 ways Samsung’s Interactive Display powered by Android changes the classroom
6 ways Samsung’s Interactive Display powered by Android changes the classroom6 ways Samsung’s Interactive Display powered by Android changes the classroom
6 ways Samsung’s Interactive Display powered by Android changes the classroom
 
Q-Factor General Quiz-7th April 2024, Quiz Club NITW
Q-Factor General Quiz-7th April 2024, Quiz Club NITWQ-Factor General Quiz-7th April 2024, Quiz Club NITW
Q-Factor General Quiz-7th April 2024, Quiz Club NITW
 
Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...
Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...
Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...
 
Introduction to Research ,Need for research, Need for design of Experiments, ...
Introduction to Research ,Need for research, Need for design of Experiments, ...Introduction to Research ,Need for research, Need for design of Experiments, ...
Introduction to Research ,Need for research, Need for design of Experiments, ...
 
Sulphonamides, mechanisms and their uses
Sulphonamides, mechanisms and their usesSulphonamides, mechanisms and their uses
Sulphonamides, mechanisms and their uses
 
Mattingly "AI & Prompt Design" - Introduction to Machine Learning"
Mattingly "AI & Prompt Design" - Introduction to Machine Learning"Mattingly "AI & Prompt Design" - Introduction to Machine Learning"
Mattingly "AI & Prompt Design" - Introduction to Machine Learning"
 
4.9.24 Social Capital and Social Exclusion.pptx
4.9.24 Social Capital and Social Exclusion.pptx4.9.24 Social Capital and Social Exclusion.pptx
4.9.24 Social Capital and Social Exclusion.pptx
 
Plagiarism,forms,understand about plagiarism,avoid plagiarism,key significanc...
Plagiarism,forms,understand about plagiarism,avoid plagiarism,key significanc...Plagiarism,forms,understand about plagiarism,avoid plagiarism,key significanc...
Plagiarism,forms,understand about plagiarism,avoid plagiarism,key significanc...
 
How to Manage Buy 3 Get 1 Free in Odoo 17
How to Manage Buy 3 Get 1 Free in Odoo 17How to Manage Buy 3 Get 1 Free in Odoo 17
How to Manage Buy 3 Get 1 Free in Odoo 17
 
prashanth updated resume 2024 for Teaching Profession
prashanth updated resume 2024 for Teaching Professionprashanth updated resume 2024 for Teaching Profession
prashanth updated resume 2024 for Teaching Profession
 
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...
 
How to Uninstall a Module in Odoo 17 Using Command Line
How to Uninstall a Module in Odoo 17 Using Command LineHow to Uninstall a Module in Odoo 17 Using Command Line
How to Uninstall a Module in Odoo 17 Using Command Line
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...
BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...
BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...
 
Mythology Quiz-4th April 2024, Quiz Club NITW
Mythology Quiz-4th April 2024, Quiz Club NITWMythology Quiz-4th April 2024, Quiz Club NITW
Mythology Quiz-4th April 2024, Quiz Club NITW
 
Spearman's correlation,Formula,Advantages,
Spearman's correlation,Formula,Advantages,Spearman's correlation,Formula,Advantages,
Spearman's correlation,Formula,Advantages,
 

DC16_Ch05.pptx

  • 1. Chapter 5 Digital Security, Ethics, and Privacy Discovering Computers 2016 Tools, Apps, Devices, and the Impact of Technology
  • 2. Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network attacks, and explain ways to safeguard against these attacks Discuss techniques to prevent unauthorized computer access and use Explain the ways that software manufacturers protect against software piracy Discuss how encryption, digital signatures, and digital certificates work 2
  • 3. Objectives Overview Identify safeguards against hardware theft, vandalism, and failure Explain the options available for backing up Identify risks and safeguards associated with wireless communications Recognize issues related to information accuracy, intellectual property rights, codes of conduct, and green computing Discuss issues surrounding information privacy 3
  • 4. Digital Security Risks • A digital security risk is any event or action that could cause a loss of or damage to a computer or mobile device hardware, software, data, information, or processing capability • Any illegal act involving the use of a computer or related devices generally is referred to as a computer crime • A cybercrime is an online or Internet-based illegal act 4
  • 6. Digital Security Risks Hacker Cracker Script kiddie Corporate spies Unethical employees Cyberextortionist Cyberterrorist 6
  • 7. Internet and Network Attacks • Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises • Malware, short for malicious software, consists of programs that act without a user’s knowledge and deliberately alter the operations of computers and mobile devices 7 Table 5-1
  • 8. Internet and Network Attacks 8 Figure 5-2
  • 9. Internet and Network Attacks • A botnet is a group of compromised computers or mobile devices connected to a network – A compromised computer or device is known as a zombie • A denial of service attack (DoS attack) disrupts computer access to an Internet service – Distributed DoS attack (DDoS attack) • A back door is a program or set of instructions in a program that allow users to bypass security controls • Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate 9
  • 10. Internet and Network Attacks • A firewall is hardware and/or software that protects a network’s resources from intrusion 10 Figure 5-4
  • 11. Unauthorized Access and Use Unauthorized access is the use of a computer or network without permission Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities 11
  • 12. Unauthorized Access and Use • Organizations take several measures to help prevent unauthorized access and use – Acceptable use policy – Disable file and printer sharing 12 Figure 5-5
  • 13. Unauthorized Access and Use • Access controls define who can access a computer, device, or network; when they can access it; and what actions they can take while accessing it • The computer, device, or network should maintain an audit trail that records in a file both successful and unsuccessful access attempts – User name – Password 13 Figure 5-6
  • 14. Unauthorized Access and Use • A passphrase is a private combination of words, often containing mixed capitalization and punctuation, associated with a user name that allows access to certain computer resources • A PIN (personal identification number), sometimes called a passcode, is a numeric password, either assigned by a company or selected by a user • A possessed object is any item that you must possess, or carry with you, in order to gain access to a computer or computer facility • A biometric device authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer or mobile device verifying a physical or behavioral characteristic 14
  • 15. Unauthorized Access and Use Fingerprint reader Face recognition system Hand geometry system Voice verification system Signature verification system Iris recognition system 15 Figures 5-8 – 5-11
  • 16. Unauthorized Access and Use • Two-step verification uses two separate methods, one after the next, to verify the identity of a user Figure 5-12 16
  • 17. Unauthorized Access and Use • Digital forensics is the discovery, collection, and analysis of evidence found on computers and networks • Many areas use digital forensics 17 Law enforcement Criminal prosecutors Military intelligence Insurance agencies Information security departments
  • 18. Software Theft • Software theft occurs when someone: 18 Steals software media Intentionally erases programs Illegally registers and/or activates a program Illegally copies a program
  • 19. Software Theft • Many manufacturers incorporate an activation process into their programs to ensure the software is not installed on more computers than legally licensed • During the product activation, which is conducted either online or by phone, users provide the software product’s identification number to associate the software with the computer or mobile device on which the software is installed 19
  • 20. Software Theft • A license agreement is the right to use software 20 Figure 5-13
  • 21. Information Theft • Information theft occurs when someone steals personal or confidential information • Encryption is a process of converting data that is readable by humans into encoded characters to prevent unauthorized access 21
  • 23. Information Theft • A digital signature is an encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the message sender – Often used to ensure that an impostor is not participating in an Internet transaction • A digital certificate is a notice that guarantees a user or a website is legitimate • A website that uses encryption techniques to secure its data is known as a secure site 23
  • 25. Hardware Theft, Vandalism, and Failure Hardware theft is the act of stealing digital equipment Hardware vandalism is the act of defacing or destroying digital equipment 25
  • 26. Hardware Theft, Vandalism, and Failure 26 Figure 5-16
  • 27. Backing Up – The Ultimate Safeguard • A backup is a duplicate of a file, program, or media that can be used if the original is lost, damaged, or destroyed – To back up a file means to make a copy of it • Off-site backups are stored in a location separate from the computer or mobile device site 27 Cloud Storage
  • 28. Backing Up – The Ultimate Safeguard • Categories of backups: – Full – Differential – Incremental – Selective – Continuous data protection – Cloud • Three-generation backup policy 28 Grandparent Parent Child
  • 29. Backing Up – The Ultimate Safeguard 29 Table 5-2
  • 30. Wireless Security • Wireless access poses additional security risks • Some perpetrators connect to other’s wireless networks to gain free Internet access or confidential data • Others connect to a network through an unsecured wireless access point (WAP) or combination router/WAP 30 Figure 5-18
  • 31. Ethics and Society • Technology ethics are the moral guidelines that govern the use of computers, mobile devices, information systems, and related technologies • Information accuracy is a concern – Not all information on the Internet is correct 31 Figure 5-20
  • 32. Ethics and Society 32 • Intellectual property refers to unique and original works such as ideas, inventions, art, writings, processes, company and product names, and logos • Intellectual property rights are the rights to which creators are entitled to their work • A copyright protects any tangible form of expression • Digital rights management (DRM) is a strategy designed to prevent illegal distribution of movies, music, and other digital content
  • 33. Ethics and Society 33 Figure 5-21 • A code of conduct is a written guideline that helps determine whether a specification is ethical/unethical or allowed/not allowed
  • 34. Ethics and Society • Green computing involves reducing the electricity and environmental waste while using computers, mobile devices, and related technologies 34 Figure 5-22
  • 35. Information Privacy • Information privacy refers to the right of individuals and companies to deny or restrict the collection, use, and dissemination of information about them • Huge databases store data online • Websites often collect data about you, so that they can customize advertisements and send you personalized email messages • Some employers monitor your computer usage and email messages 35
  • 37. Information Privacy • Information about you can be stored in a database when you: – Fill out a printed or online form – Create a profile on an online social network – Register a product warranty 37 Figure 5-24
  • 38. Information Privacy • A cookie is a small text file that a web server stores on your computer • Websites use cookies for a variety of reasons: 38 Allow for personalization Store user names and/or passwords Assist with online shopping Track how often users visit a site Target advertisements
  • 40. Information Privacy • Phishing is a scam in which a perpetrator sends an official looking email message that attempts to obtain your personal and/or financial information • With clickjacking, an object that can be tapped or clicked on a website contains a malicious program 40
  • 41. Information Privacy • Spyware is a program placed on a computer or mobile device without the user’s knowledge that secretly collects information about the user and then communicates the information it collects to some outside source while the user is online • Adware is a program that displays an online advertisement in a banner or pop-up window on webpages, email messages, or other Internet services 41
  • 42. Information Privacy • Social engineering is defined as gaining unauthorized access to or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others 42
  • 43. Information Privacy • The concern about privacy has led to the enactment of laws regarding the storage and disclosure of personal data 43 REPUBLIC ACT NO. 10173 AN ACT PROTECTING INDIVIDUAL PERSONAL INFORMATION IN INFORMATION AND COMMUNICATIONS SYSTEMS IN THE GOVERNMENT AND THE PRIVATE SECTOR, CREATING FOR THIS PURPOSE A NATIONAL PRIVACY COMMISSION, AND FOR OTHER PURPOSES Be it enacted, by the Senate and House of Representatives of the Philippines in Congress assembled: GENERAL PROVISIONS Section 1. Short Title. – This Act shall be known as the "Data Privacy Act of 2012″.
  • 44. Information Privacy Employee monitoring involves the use of computers, mobile devices, or cameras to observe, record, and review an employee’s use of a technology, including communications such as email messages, keyboard activity (used to measure productivity), and websites visited Many programs exist that easily allow employers to monitor employees. Further, it is legal for employers to use these programs 44
  • 45. Information Privacy • Content filtering is the process of restricting access to certain material – Many businesses use content filtering • Web filtering software restricts access to specified websites 45 Figure 5-26
  • 46. Summary Variety of digital security risks Cybercrime and cybercriminals Risks and safeguards associated with Internet and network attacks, unauthorized access and use, software theft, information theft, and hardware theft, vandalism, and failure Various backup strategies and methods of securing wireless communications Ethical issues in society and various ways to protect the privacy of personal information 46
  • 47. Chapter 5 Digital Security, Ethics, and Privacy Discovering Computers 2016 Tools, Apps, Devices, and the Impact of Technology Chapter 5 Complete

Editor's Notes

  1. What is a hacker? A hacker is an individual who uses computer, networking or other skills to overcome a technical problem. The term also may refer to anyone who uses their abilities to gain unauthorized access to systems or networks in order to commit crimes. A hacker may, for example, steal information to hurt people via identity theft or bring down a system and, often, hold it hostage in order to collect a ransom.  A computer cracker is an outdated term used to describe someone who broke into computer... Script kiddies rely on software or scripts written by others and dont possess the knowledge or know-how to modify or produce their own software they uses existing software to launch an attack. corporate spying — is the practice of using espionage techniques for commercial or financial purposes Some corporate spies have excellent computer and networking skills and are hired to break into a specific computer and steal its brand-named data and information, or to help identify security risks in their own organization. Unethical employees may break into their employers’ computers for a variety of reasons. They may want to exploit a security weakness, receive financial gains from selling confidential information, or even to seek revenge A cyberextortionist is a person or group of people that participate in cyberextortion. Cyberextortion is a computer crime where the extortionist demands payment, goods, or a service to stop an attack or recover deleted or encrypted data Cyberterrorism is any premeditated, politically motivated attack against information...