SlideShare a Scribd company logo

DC16_Ch05.pptx

Download as PPTX, PDF
Dyrandz Lantita
Dyrandz Lantita

This chapter discusses various digital security risks and cybercrimes. It describes different types of Internet and network attacks and ways to prevent unauthorized access. The chapter also covers techniques for securing information, such as encryption, backups, and wireless security. Additionally, it addresses ethics and privacy issues regarding the use and storage of personal information. Safeguarding digital assets from threats requires understanding risks and implementing appropriate security measures.

Education
1 of 47
Chapter 5 Digital Security, Ethics, and Privacy Discovering Computers 2016 Tools, Apps, Devices, and the Impact of Technology
Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network attacks, and explain ways to safeguard against these attacks Discuss techniques to prevent unauthorized computer access and use Explain the ways that software manufacturers protect against software piracy Discuss how encryption, digital signatures, and digital certificates work 2
Objectives Overview Identify safeguards against hardware theft, vandalism, and failure Explain the options available for backing up Identify risks and safeguards associated with wireless communications Recognize issues related to information accuracy, intellectual property rights, codes of conduct, and green computing Discuss issues surrounding information privacy 3
Digital Security Risks • A digital security risk is any event or action that could cause a loss of or damage to a computer or mobile device hardware, software, data, information, or processing capability • Any illegal act involving the use of a computer or related devices generally is referred to as a computer crime • A cybercrime is an online or Internet-based illegal act 4
Digital Security Risks 5 Figure 5-1
Digital Security Risks Hacker Cracker Script kiddie Corporate spies Unethical employees Cyberextortionist Cyberterrorist 6
Internet and Network Attacks • Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises • Malware, short for malicious software, consists of programs that act without a user’s knowledge and deliberately alter the operations of computers and mobile devices 7 Table 5-1
Internet and Network Attacks 8 Figure 5-2
Internet and Network Attacks • A botnet is a group of compromised computers or mobile devices connected to a network – A compromised computer or device is known as a zombie • A denial of service attack (DoS attack) disrupts computer access to an Internet service – Distributed DoS attack (DDoS attack) • A back door is a program or set of instructions in a program that allow users to bypass security controls • Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate 9
Internet and Network Attacks • A firewall is hardware and/or software that protects a network’s resources from intrusion 10 Figure 5-4
Unauthorized Access and Use Unauthorized access is the use of a computer or network without permission Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities 11
Unauthorized Access and Use • Organizations take several measures to help prevent unauthorized access and use – Acceptable use policy – Disable file and printer sharing 12 Figure 5-5
Unauthorized Access and Use • Access controls define who can access a computer, device, or network; when they can access it; and what actions they can take while accessing it • The computer, device, or network should maintain an audit trail that records in a file both successful and unsuccessful access attempts – User name – Password 13 Figure 5-6
Unauthorized Access and Use • A passphrase is a private combination of words, often containing mixed capitalization and punctuation, associated with a user name that allows access to certain computer resources • A PIN (personal identification number), sometimes called a passcode, is a numeric password, either assigned by a company or selected by a user • A possessed object is any item that you must possess, or carry with you, in order to gain access to a computer or computer facility • A biometric device authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer or mobile device verifying a physical or behavioral characteristic 14
Unauthorized Access and Use Fingerprint reader Face recognition system Hand geometry system Voice verification system Signature verification system Iris recognition system 15 Figures 5-8 – 5-11
Unauthorized Access and Use • Two-step verification uses two separate methods, one after the next, to verify the identity of a user Figure 5-12 16
Unauthorized Access and Use • Digital forensics is the discovery, collection, and analysis of evidence found on computers and networks • Many areas use digital forensics 17 Law enforcement Criminal prosecutors Military intelligence Insurance agencies Information security departments
Software Theft • Software theft occurs when someone: 18 Steals software media Intentionally erases programs Illegally registers and/or activates a program Illegally copies a program
Software Theft • Many manufacturers incorporate an activation process into their programs to ensure the software is not installed on more computers than legally licensed • During the product activation, which is conducted either online or by phone, users provide the software product’s identification number to associate the software with the computer or mobile device on which the software is installed 19
Software Theft • A license agreement is the right to use software 20 Figure 5-13
Information Theft • Information theft occurs when someone steals personal or confidential information • Encryption is a process of converting data that is readable by humans into encoded characters to prevent unauthorized access 21
Information Theft 22 Figure 5-14
Information Theft • A digital signature is an encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the message sender – Often used to ensure that an impostor is not participating in an Internet transaction • A digital certificate is a notice that guarantees a user or a website is legitimate • A website that uses encryption techniques to secure its data is known as a secure site 23
Information Theft 24 Figure 5-15
Hardware Theft, Vandalism, and Failure Hardware theft is the act of stealing digital equipment Hardware vandalism is the act of defacing or destroying digital equipment 25
Hardware Theft, Vandalism, and Failure 26 Figure 5-16
Backing Up – The Ultimate Safeguard • A backup is a duplicate of a file, program, or media that can be used if the original is lost, damaged, or destroyed – To back up a file means to make a copy of it • Off-site backups are stored in a location separate from the computer or mobile device site 27 Cloud Storage
Backing Up – The Ultimate Safeguard • Categories of backups: – Full – Differential – Incremental – Selective – Continuous data protection – Cloud • Three-generation backup policy 28 Grandparent Parent Child
Backing Up – The Ultimate Safeguard 29 Table 5-2
Wireless Security • Wireless access poses additional security risks • Some perpetrators connect to other’s wireless networks to gain free Internet access or confidential data • Others connect to a network through an unsecured wireless access point (WAP) or combination router/WAP 30 Figure 5-18
Ethics and Society • Technology ethics are the moral guidelines that govern the use of computers, mobile devices, information systems, and related technologies • Information accuracy is a concern – Not all information on the Internet is correct 31 Figure 5-20
Ethics and Society 32 • Intellectual property refers to unique and original works such as ideas, inventions, art, writings, processes, company and product names, and logos • Intellectual property rights are the rights to which creators are entitled to their work • A copyright protects any tangible form of expression • Digital rights management (DRM) is a strategy designed to prevent illegal distribution of movies, music, and other digital content
Ethics and Society 33 Figure 5-21 • A code of conduct is a written guideline that helps determine whether a specification is ethical/unethical or allowed/not allowed
Ethics and Society • Green computing involves reducing the electricity and environmental waste while using computers, mobile devices, and related technologies 34 Figure 5-22
Information Privacy • Information privacy refers to the right of individuals and companies to deny or restrict the collection, use, and dissemination of information about them • Huge databases store data online • Websites often collect data about you, so that they can customize advertisements and send you personalized email messages • Some employers monitor your computer usage and email messages 35
Information Privacy 36 Figure 5-23
Information Privacy • Information about you can be stored in a database when you: – Fill out a printed or online form – Create a profile on an online social network – Register a product warranty 37 Figure 5-24
Information Privacy • A cookie is a small text file that a web server stores on your computer • Websites use cookies for a variety of reasons: 38 Allow for personalization Store user names and/or passwords Assist with online shopping Track how often users visit a site Target advertisements
Information Privacy 39 Figure 5-25
Information Privacy • Phishing is a scam in which a perpetrator sends an official looking email message that attempts to obtain your personal and/or financial information • With clickjacking, an object that can be tapped or clicked on a website contains a malicious program 40
Information Privacy • Spyware is a program placed on a computer or mobile device without the user’s knowledge that secretly collects information about the user and then communicates the information it collects to some outside source while the user is online • Adware is a program that displays an online advertisement in a banner or pop-up window on webpages, email messages, or other Internet services 41
Information Privacy • Social engineering is defined as gaining unauthorized access to or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others 42
Information Privacy • The concern about privacy has led to the enactment of laws regarding the storage and disclosure of personal data 43 REPUBLIC ACT NO. 10173 AN ACT PROTECTING INDIVIDUAL PERSONAL INFORMATION IN INFORMATION AND COMMUNICATIONS SYSTEMS IN THE GOVERNMENT AND THE PRIVATE SECTOR, CREATING FOR THIS PURPOSE A NATIONAL PRIVACY COMMISSION, AND FOR OTHER PURPOSES Be it enacted, by the Senate and House of Representatives of the Philippines in Congress assembled: GENERAL PROVISIONS Section 1. Short Title. – This Act shall be known as the "Data Privacy Act of 2012″.
Information Privacy Employee monitoring involves the use of computers, mobile devices, or cameras to observe, record, and review an employee’s use of a technology, including communications such as email messages, keyboard activity (used to measure productivity), and websites visited Many programs exist that easily allow employers to monitor employees. Further, it is legal for employers to use these programs 44
Information Privacy • Content filtering is the process of restricting access to certain material – Many businesses use content filtering • Web filtering software restricts access to specified websites 45 Figure 5-26
Summary Variety of digital security risks Cybercrime and cybercriminals Risks and safeguards associated with Internet and network attacks, unauthorized access and use, software theft, information theft, and hardware theft, vandalism, and failure Various backup strategies and methods of securing wireless communications Ethical issues in society and various ways to protect the privacy of personal information 46
Chapter 5 Digital Security, Ethics, and Privacy Discovering Computers 2016 Tools, Apps, Devices, and the Impact of Technology Chapter 5 Complete

Recommended

Input output
Input outputInput output
Input output
ssusere50573
 
DC16_Ch01.pptx
DC16_Ch01.pptxDC16_Ch01.pptx
DC16_Ch01.pptx
MegatRidwanbinMegatA
 
Chapter 09 Operating Systems
Chapter 09 Operating SystemsChapter 09 Operating Systems
Chapter 09 Operating Systemsxtin101
 
Chapter 4 Programs and Apps
Chapter 4 Programs and AppsChapter 4 Programs and Apps
Chapter 4 Programs and Apps
xtin101
 
Chapter 06 Inside Computers and Mobile Devices
Chapter 06 Inside Computers and Mobile DevicesChapter 06 Inside Computers and Mobile Devices
Chapter 06 Inside Computers and Mobile Devicesxtin101
 
Chapter 10 Communications and Networks
Chapter 10 Communications and NetworksChapter 10 Communications and Networks
Chapter 10 Communications and Networksxtin101
 
Chapter 05 Digital Safety and Security
Chapter 05 Digital Safety and SecurityChapter 05 Digital Safety and Security
Chapter 05 Digital Safety and Securityxtin101
 
4.2.1 computer security risks
4.2.1 computer security risks4.2.1 computer security risks
4.2.1 computer security riskshazirma
 

Recommended

Input output
Input outputInput output
Input output
ssusere50573
 
DC16_Ch01.pptx
DC16_Ch01.pptxDC16_Ch01.pptx
DC16_Ch01.pptx
MegatRidwanbinMegatA
 
Chapter 09 Operating Systems
Chapter 09 Operating SystemsChapter 09 Operating Systems
Chapter 09 Operating Systemsxtin101
 
Chapter 4 Programs and Apps
Chapter 4 Programs and AppsChapter 4 Programs and Apps
Chapter 4 Programs and Apps
xtin101
 
Chapter 06 Inside Computers and Mobile Devices
Chapter 06 Inside Computers and Mobile DevicesChapter 06 Inside Computers and Mobile Devices
Chapter 06 Inside Computers and Mobile Devicesxtin101
 
Chapter 10 Communications and Networks
Chapter 10 Communications and NetworksChapter 10 Communications and Networks
Chapter 10 Communications and Networksxtin101
 
Chapter 05 Digital Safety and Security
Chapter 05 Digital Safety and SecurityChapter 05 Digital Safety and Security
Chapter 05 Digital Safety and Securityxtin101
 
4.2.1 computer security risks
4.2.1 computer security risks4.2.1 computer security risks
4.2.1 computer security riskshazirma
 
IT ACT 2008 ALA GTU
IT ACT 2008 ALA GTUIT ACT 2008 ALA GTU
IT ACT 2008 ALA GTU
Shrey Patel
 
15 digital security issues
15 digital security issues 15 digital security issues
15 digital security issues
ssusere50573
 
Dc16 ch02
Dc16 ch02Dc16 ch02
Dc16 ch02
Maria_Khanzada
 
Networking
NetworkingNetworking
NetworkingAkash Varaiya
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Sonu Mishra
 
Chapter 4 Computer Science :: Computer Ethics and Security
Chapter 4 Computer Science :: Computer Ethics and SecurityChapter 4 Computer Science :: Computer Ethics and Security
Chapter 4 Computer Science :: Computer Ethics and Security
Fizaril Amzari Omar
 
Lecture 3.pptx
Lecture 3.pptxLecture 3.pptx
Lecture 3.pptx
DuncanWachira3
 
NETWORK COMPONENTS AND CABLES.pdf
NETWORK COMPONENTS AND CABLES.pdfNETWORK COMPONENTS AND CABLES.pdf
NETWORK COMPONENTS AND CABLES.pdf
SanjanaSingh158
 
Introduction to Networks & Networking Concepts
Introduction to Networks & Networking ConceptsIntroduction to Networks & Networking Concepts
Introduction to Networks & Networking Concepts
zaisahil
 
Virtual private networks (vpn)
Virtual private networks (vpn)Virtual private networks (vpn)
Virtual private networks (vpn)
Avinash Nath
 
Discovering computers- Chapter 1 (1).pptx
Discovering computers- Chapter 1 (1).pptxDiscovering computers- Chapter 1 (1).pptx
Discovering computers- Chapter 1 (1).pptx
GIFTCHIMWENDO
 
Chapter09
Chapter09Chapter09
Chapter09Awais Idrees
 
Unauthorized access and use
Unauthorized access and useUnauthorized access and use
Unauthorized access and usechrispaul8676
 
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptxNETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
SibenConor
 
Cyber security
Cyber securityCyber security
Cyber security
Dr. Kishor Nikam
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
DuncanWachira3
 
Parameter tampering
Parameter tamperingParameter tampering
Parameter tampering
Dilan Warnakulasooriya
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
vivek sharma
 
Cyber Security of Nepal - Press Release
Cyber Security of Nepal - Press ReleaseCyber Security of Nepal - Press Release
Cyber Security of Nepal - Press ReleaseDr. Ramhari Subedi
 
Chapter 4 Computer Ethics and Security
Chapter 4 Computer Ethics and Security Chapter 4 Computer Ethics and Security
Chapter 4 Computer Ethics and Security
Fizaril Amzari Omar
 
Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.
rizwanshafique4321
 
DATA SECURITY AND CONTROL.ppt
DATA SECURITY AND CONTROL.pptDATA SECURITY AND CONTROL.ppt
DATA SECURITY AND CONTROL.ppt
WilsonWanjohi5
 

More Related Content

What's hot

IT ACT 2008 ALA GTU
IT ACT 2008 ALA GTUIT ACT 2008 ALA GTU
IT ACT 2008 ALA GTU
Shrey Patel
 
15 digital security issues
15 digital security issues 15 digital security issues
15 digital security issues
ssusere50573
 
Dc16 ch02
Dc16 ch02Dc16 ch02
Dc16 ch02
Maria_Khanzada
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Sonu Mishra
 
Chapter 4 Computer Science :: Computer Ethics and Security
Chapter 4 Computer Science :: Computer Ethics and SecurityChapter 4 Computer Science :: Computer Ethics and Security
Chapter 4 Computer Science :: Computer Ethics and Security
Fizaril Amzari Omar
 
Lecture 3.pptx
Lecture 3.pptxLecture 3.pptx
Lecture 3.pptx
DuncanWachira3
 
NETWORK COMPONENTS AND CABLES.pdf
NETWORK COMPONENTS AND CABLES.pdfNETWORK COMPONENTS AND CABLES.pdf
NETWORK COMPONENTS AND CABLES.pdf
SanjanaSingh158
 
Introduction to Networks & Networking Concepts
Introduction to Networks & Networking ConceptsIntroduction to Networks & Networking Concepts
Introduction to Networks & Networking Concepts
zaisahil
 
Virtual private networks (vpn)
Virtual private networks (vpn)Virtual private networks (vpn)
Virtual private networks (vpn)
Avinash Nath
 
Discovering computers- Chapter 1 (1).pptx
Discovering computers- Chapter 1 (1).pptxDiscovering computers- Chapter 1 (1).pptx
Discovering computers- Chapter 1 (1).pptx
GIFTCHIMWENDO
 
Unauthorized access and use
Unauthorized access and useUnauthorized access and use
Unauthorized access and usechrispaul8676
 
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptxNETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
SibenConor
 
Cyber security
Cyber securityCyber security
Cyber security
Dr. Kishor Nikam
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
DuncanWachira3
 
Parameter tampering
Parameter tamperingParameter tampering
Parameter tampering
Dilan Warnakulasooriya
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
vivek sharma
 
Cyber Security of Nepal - Press Release
Cyber Security of Nepal - Press ReleaseCyber Security of Nepal - Press Release
Cyber Security of Nepal - Press ReleaseDr. Ramhari Subedi
 
Chapter 4 Computer Ethics and Security
Chapter 4 Computer Ethics and Security Chapter 4 Computer Ethics and Security
Chapter 4 Computer Ethics and Security
Fizaril Amzari Omar
 

What's hot (20)

IT ACT 2008 ALA GTU
IT ACT 2008 ALA GTUIT ACT 2008 ALA GTU
IT ACT 2008 ALA GTU
 
15 digital security issues
15 digital security issues 15 digital security issues
15 digital security issues
 
Dc16 ch02
Dc16 ch02Dc16 ch02
Dc16 ch02
 
Networking
NetworkingNetworking
Networking
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
 
Chapter 4 Computer Science :: Computer Ethics and Security
Chapter 4 Computer Science :: Computer Ethics and SecurityChapter 4 Computer Science :: Computer Ethics and Security
Chapter 4 Computer Science :: Computer Ethics and Security
 
Lecture 3.pptx
Lecture 3.pptxLecture 3.pptx
Lecture 3.pptx
 
NETWORK COMPONENTS AND CABLES.pdf
NETWORK COMPONENTS AND CABLES.pdfNETWORK COMPONENTS AND CABLES.pdf
NETWORK COMPONENTS AND CABLES.pdf
 
Introduction to Networks & Networking Concepts
Introduction to Networks & Networking ConceptsIntroduction to Networks & Networking Concepts
Introduction to Networks & Networking Concepts
 
Virtual private networks (vpn)
Virtual private networks (vpn)Virtual private networks (vpn)
Virtual private networks (vpn)
 
Discovering computers- Chapter 1 (1).pptx
Discovering computers- Chapter 1 (1).pptxDiscovering computers- Chapter 1 (1).pptx
Discovering computers- Chapter 1 (1).pptx
 
Chapter09
Chapter09Chapter09
Chapter09
 
Unauthorized access and use
Unauthorized access and useUnauthorized access and use
Unauthorized access and use
 
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptxNETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
 
Cyber security
Cyber securityCyber security
Cyber security
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 
Parameter tampering
Parameter tamperingParameter tampering
Parameter tampering
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber Security of Nepal - Press Release
Cyber Security of Nepal - Press ReleaseCyber Security of Nepal - Press Release
Cyber Security of Nepal - Press Release
 
Chapter 4 Computer Ethics and Security
Chapter 4 Computer Ethics and Security Chapter 4 Computer Ethics and Security
Chapter 4 Computer Ethics and Security
 

Similar to DC16_Ch05.pptx

Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.
rizwanshafique4321
 
DATA SECURITY AND CONTROL.ppt
DATA SECURITY AND CONTROL.pptDATA SECURITY AND CONTROL.ppt
DATA SECURITY AND CONTROL.ppt
WilsonWanjohi5
 
Chapter 9 security privacy csc
Chapter 9 security privacy cscChapter 9 security privacy csc
Chapter 9 security privacy cscHisyam Rosly
 
Chapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxChapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptx
FannyKwok1
 
chapter11-120214225647-phpapp01.pptx
chapter11-120214225647-phpapp01.pptxchapter11-120214225647-phpapp01.pptx
chapter11-120214225647-phpapp01.pptx
ssuser666f98
 
Lecture 01 Information Security BS computer Science
Lecture 01 Information Security BS computer ScienceLecture 01 Information Security BS computer Science
Lecture 01 Information Security BS computer Science
maqib8373
 
IT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIT-Security-20210426203847.ppt
IT-Security-20210426203847.ppt
RamaNingaiah
 
IT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIT-Security-20210426203847.ppt
IT-Security-20210426203847.ppt
Ian Dave Balatbat
 
IT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIT-Security-20210426203847.ppt
IT-Security-20210426203847.ppt
ssuser6c59cb
 
Security information for internet and security
Security information for internet and securitySecurity information for internet and security
Security information for internet and security
Somesh Kumar
 
chapter11-120214225647-phpapp01.pdf
chapter11-120214225647-phpapp01.pdfchapter11-120214225647-phpapp01.pdf
chapter11-120214225647-phpapp01.pdf
ShahidMehmood285010
 
Chapter 11 computer security and safety, ethics, and privacy
Chapter 11 computer security and safety, ethics, and privacyChapter 11 computer security and safety, ethics, and privacy
Chapter 11 computer security and safety, ethics, and privacy
haider ali
 
Chapter 2 - Lesson 2.pptx
Chapter 2 - Lesson 2.pptxChapter 2 - Lesson 2.pptx
Chapter 2 - Lesson 2.pptx
JhaiJhai6
 
MIS part 4_CH 11.ppt
MIS part 4_CH 11.pptMIS part 4_CH 11.ppt
MIS part 4_CH 11.ppt
EndAlk15
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe Guards
Sitamarhi Institute of Technology
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2
MLG College of Learning, Inc
 
Psi 10 security and ethical challenges
Psi 10 security and ethical challengesPsi 10 security and ethical challenges
Psi 10 security and ethical challenges
Silvia Afrima Chandra
 

Similar to DC16_Ch05.pptx (20)

Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.
 
DATA SECURITY AND CONTROL.ppt
DATA SECURITY AND CONTROL.pptDATA SECURITY AND CONTROL.ppt
DATA SECURITY AND CONTROL.ppt
 
Chapter 9 security privacy csc
Chapter 9 security privacy cscChapter 9 security privacy csc
Chapter 9 security privacy csc
 
Chapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxChapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptx
 
Week 12
Week 12Week 12
Week 12
 
chapter11-120214225647-phpapp01.pptx
chapter11-120214225647-phpapp01.pptxchapter11-120214225647-phpapp01.pptx
chapter11-120214225647-phpapp01.pptx
 
Lecture 01 Information Security BS computer Science
Lecture 01 Information Security BS computer ScienceLecture 01 Information Security BS computer Science
Lecture 01 Information Security BS computer Science
 
IT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIT-Security-20210426203847.ppt
IT-Security-20210426203847.ppt
 
IT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIT-Security-20210426203847.ppt
IT-Security-20210426203847.ppt
 
IT-Security-20210426203847.ppt
IT-Security-20210426203847.pptIT-Security-20210426203847.ppt
IT-Security-20210426203847.ppt
 
Security information for internet and security
Security information for internet and securitySecurity information for internet and security
Security information for internet and security
 
chapter11-120214225647-phpapp01.pdf
chapter11-120214225647-phpapp01.pdfchapter11-120214225647-phpapp01.pdf
chapter11-120214225647-phpapp01.pdf
 
Chapter 11 computer security and safety, ethics, and privacy
Chapter 11 computer security and safety, ethics, and privacyChapter 11 computer security and safety, ethics, and privacy
Chapter 11 computer security and safety, ethics, and privacy
 
Chapter 2 - Lesson 2.pptx
Chapter 2 - Lesson 2.pptxChapter 2 - Lesson 2.pptx
Chapter 2 - Lesson 2.pptx
 
MIS part 4_CH 11.ppt
MIS part 4_CH 11.pptMIS part 4_CH 11.ppt
MIS part 4_CH 11.ppt
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe Guards
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdf
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
 
Psi 10 security and ethical challenges
Psi 10 security and ethical challengesPsi 10 security and ethical challenges
Psi 10 security and ethical challenges
 

Recently uploaded

Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
Jean Carlos Nunes Paixão
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
EverAndrsGuerraGuerr
 
The Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptxThe Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptx
DhatriParmar
 
Best Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDABest Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDA
deeptiverma2406
 
Chapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdfChapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdf
Kartik Tiwari
 
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdfMASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
goswamiyash170123
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
Celine George
 
Marketing internship report file for MBA
Marketing internship report file for MBAMarketing internship report file for MBA
Marketing internship report file for MBA
gb193092
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
EugeneSaldivar
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Atul Kumar Singh
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
heathfieldcps1
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Thiyagu K
 
Normal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of LabourNormal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of Labour
Wasim Ak
 

Recently uploaded (20)

Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
 
The Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptxThe Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptx
 
Best Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDABest Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDA
 
Chapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdfChapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdf
 
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdfMASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
 
Marketing internship report file for MBA
Marketing internship report file for MBAMarketing internship report file for MBA
Marketing internship report file for MBA
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
 
Normal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of LabourNormal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of Labour
 

DC16_Ch05.pptx

  • 1. Chapter 5 Digital Security, Ethics, and Privacy Discovering Computers 2016 Tools, Apps, Devices, and the Impact of Technology
  • 2. Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network attacks, and explain ways to safeguard against these attacks Discuss techniques to prevent unauthorized computer access and use Explain the ways that software manufacturers protect against software piracy Discuss how encryption, digital signatures, and digital certificates work 2
  • 3. Objectives Overview Identify safeguards against hardware theft, vandalism, and failure Explain the options available for backing up Identify risks and safeguards associated with wireless communications Recognize issues related to information accuracy, intellectual property rights, codes of conduct, and green computing Discuss issues surrounding information privacy 3
  • 4. Digital Security Risks • A digital security risk is any event or action that could cause a loss of or damage to a computer or mobile device hardware, software, data, information, or processing capability • Any illegal act involving the use of a computer or related devices generally is referred to as a computer crime • A cybercrime is an online or Internet-based illegal act 4
  • 6. Digital Security Risks Hacker Cracker Script kiddie Corporate spies Unethical employees Cyberextortionist Cyberterrorist 6
  • 7. Internet and Network Attacks • Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises • Malware, short for malicious software, consists of programs that act without a user’s knowledge and deliberately alter the operations of computers and mobile devices 7 Table 5-1
  • 8. Internet and Network Attacks 8 Figure 5-2
  • 9. Internet and Network Attacks • A botnet is a group of compromised computers or mobile devices connected to a network – A compromised computer or device is known as a zombie • A denial of service attack (DoS attack) disrupts computer access to an Internet service – Distributed DoS attack (DDoS attack) • A back door is a program or set of instructions in a program that allow users to bypass security controls • Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate 9
  • 10. Internet and Network Attacks • A firewall is hardware and/or software that protects a network’s resources from intrusion 10 Figure 5-4
  • 11. Unauthorized Access and Use Unauthorized access is the use of a computer or network without permission Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities 11
  • 12. Unauthorized Access and Use • Organizations take several measures to help prevent unauthorized access and use – Acceptable use policy – Disable file and printer sharing 12 Figure 5-5
  • 13. Unauthorized Access and Use • Access controls define who can access a computer, device, or network; when they can access it; and what actions they can take while accessing it • The computer, device, or network should maintain an audit trail that records in a file both successful and unsuccessful access attempts – User name – Password 13 Figure 5-6
  • 14. Unauthorized Access and Use • A passphrase is a private combination of words, often containing mixed capitalization and punctuation, associated with a user name that allows access to certain computer resources • A PIN (personal identification number), sometimes called a passcode, is a numeric password, either assigned by a company or selected by a user • A possessed object is any item that you must possess, or carry with you, in order to gain access to a computer or computer facility • A biometric device authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer or mobile device verifying a physical or behavioral characteristic 14
  • 15. Unauthorized Access and Use Fingerprint reader Face recognition system Hand geometry system Voice verification system Signature verification system Iris recognition system 15 Figures 5-8 – 5-11
  • 16. Unauthorized Access and Use • Two-step verification uses two separate methods, one after the next, to verify the identity of a user Figure 5-12 16
  • 17. Unauthorized Access and Use • Digital forensics is the discovery, collection, and analysis of evidence found on computers and networks • Many areas use digital forensics 17 Law enforcement Criminal prosecutors Military intelligence Insurance agencies Information security departments
  • 18. Software Theft • Software theft occurs when someone: 18 Steals software media Intentionally erases programs Illegally registers and/or activates a program Illegally copies a program
  • 19. Software Theft • Many manufacturers incorporate an activation process into their programs to ensure the software is not installed on more computers than legally licensed • During the product activation, which is conducted either online or by phone, users provide the software product’s identification number to associate the software with the computer or mobile device on which the software is installed 19
  • 20. Software Theft • A license agreement is the right to use software 20 Figure 5-13
  • 21. Information Theft • Information theft occurs when someone steals personal or confidential information • Encryption is a process of converting data that is readable by humans into encoded characters to prevent unauthorized access 21
  • 23. Information Theft • A digital signature is an encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the message sender – Often used to ensure that an impostor is not participating in an Internet transaction • A digital certificate is a notice that guarantees a user or a website is legitimate • A website that uses encryption techniques to secure its data is known as a secure site 23
  • 25. Hardware Theft, Vandalism, and Failure Hardware theft is the act of stealing digital equipment Hardware vandalism is the act of defacing or destroying digital equipment 25
  • 26. Hardware Theft, Vandalism, and Failure 26 Figure 5-16
  • 27. Backing Up – The Ultimate Safeguard • A backup is a duplicate of a file, program, or media that can be used if the original is lost, damaged, or destroyed – To back up a file means to make a copy of it • Off-site backups are stored in a location separate from the computer or mobile device site 27 Cloud Storage
  • 28. Backing Up – The Ultimate Safeguard • Categories of backups: – Full – Differential – Incremental – Selective – Continuous data protection – Cloud • Three-generation backup policy 28 Grandparent Parent Child
  • 29. Backing Up – The Ultimate Safeguard 29 Table 5-2
  • 30. Wireless Security • Wireless access poses additional security risks • Some perpetrators connect to other’s wireless networks to gain free Internet access or confidential data • Others connect to a network through an unsecured wireless access point (WAP) or combination router/WAP 30 Figure 5-18
  • 31. Ethics and Society • Technology ethics are the moral guidelines that govern the use of computers, mobile devices, information systems, and related technologies • Information accuracy is a concern – Not all information on the Internet is correct 31 Figure 5-20
  • 32. Ethics and Society 32 • Intellectual property refers to unique and original works such as ideas, inventions, art, writings, processes, company and product names, and logos • Intellectual property rights are the rights to which creators are entitled to their work • A copyright protects any tangible form of expression • Digital rights management (DRM) is a strategy designed to prevent illegal distribution of movies, music, and other digital content
  • 33. Ethics and Society 33 Figure 5-21 • A code of conduct is a written guideline that helps determine whether a specification is ethical/unethical or allowed/not allowed
  • 34. Ethics and Society • Green computing involves reducing the electricity and environmental waste while using computers, mobile devices, and related technologies 34 Figure 5-22
  • 35. Information Privacy • Information privacy refers to the right of individuals and companies to deny or restrict the collection, use, and dissemination of information about them • Huge databases store data online • Websites often collect data about you, so that they can customize advertisements and send you personalized email messages • Some employers monitor your computer usage and email messages 35
  • 37. Information Privacy • Information about you can be stored in a database when you: – Fill out a printed or online form – Create a profile on an online social network – Register a product warranty 37 Figure 5-24
  • 38. Information Privacy • A cookie is a small text file that a web server stores on your computer • Websites use cookies for a variety of reasons: 38 Allow for personalization Store user names and/or passwords Assist with online shopping Track how often users visit a site Target advertisements
  • 40. Information Privacy • Phishing is a scam in which a perpetrator sends an official looking email message that attempts to obtain your personal and/or financial information • With clickjacking, an object that can be tapped or clicked on a website contains a malicious program 40
  • 41. Information Privacy • Spyware is a program placed on a computer or mobile device without the user’s knowledge that secretly collects information about the user and then communicates the information it collects to some outside source while the user is online • Adware is a program that displays an online advertisement in a banner or pop-up window on webpages, email messages, or other Internet services 41
  • 42. Information Privacy • Social engineering is defined as gaining unauthorized access to or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others 42
  • 43. Information Privacy • The concern about privacy has led to the enactment of laws regarding the storage and disclosure of personal data 43 REPUBLIC ACT NO. 10173 AN ACT PROTECTING INDIVIDUAL PERSONAL INFORMATION IN INFORMATION AND COMMUNICATIONS SYSTEMS IN THE GOVERNMENT AND THE PRIVATE SECTOR, CREATING FOR THIS PURPOSE A NATIONAL PRIVACY COMMISSION, AND FOR OTHER PURPOSES Be it enacted, by the Senate and House of Representatives of the Philippines in Congress assembled: GENERAL PROVISIONS Section 1. Short Title. – This Act shall be known as the "Data Privacy Act of 2012″.
  • 44. Information Privacy Employee monitoring involves the use of computers, mobile devices, or cameras to observe, record, and review an employee’s use of a technology, including communications such as email messages, keyboard activity (used to measure productivity), and websites visited Many programs exist that easily allow employers to monitor employees. Further, it is legal for employers to use these programs 44
  • 45. Information Privacy • Content filtering is the process of restricting access to certain material – Many businesses use content filtering • Web filtering software restricts access to specified websites 45 Figure 5-26
  • 46. Summary Variety of digital security risks Cybercrime and cybercriminals Risks and safeguards associated with Internet and network attacks, unauthorized access and use, software theft, information theft, and hardware theft, vandalism, and failure Various backup strategies and methods of securing wireless communications Ethical issues in society and various ways to protect the privacy of personal information 46
  • 47. Chapter 5 Digital Security, Ethics, and Privacy Discovering Computers 2016 Tools, Apps, Devices, and the Impact of Technology Chapter 5 Complete

Editor's Notes

  1. What is a hacker? A hacker is an individual who uses computer, networking or other skills to overcome a technical problem. The term also may refer to anyone who uses their abilities to gain unauthorized access to systems or networks in order to commit crimes. A hacker may, for example, steal information to hurt people via identity theft or bring down a system and, often, hold it hostage in order to collect a ransom.  A computer cracker is an outdated term used to describe someone who broke into computer... Script kiddies rely on software or scripts written by others and dont possess the knowledge or know-how to modify or produce their own software they uses existing software to launch an attack. corporate spying — is the practice of using espionage techniques for commercial or financial purposes Some corporate spies have excellent computer and networking skills and are hired to break into a specific computer and steal its brand-named data and information, or to help identify security risks in their own organization. Unethical employees may break into their employers’ computers for a variety of reasons. They may want to exploit a security weakness, receive financial gains from selling confidential information, or even to seek revenge A cyberextortionist is a person or group of people that participate in cyberextortion. Cyberextortion is a computer crime where the extortionist demands payment, goods, or a service to stop an attack or recover deleted or encrypted data Cyberterrorism is any premeditated, politically motivated attack against information...