SlideShare a Scribd company logo

Lecture 5.1.pptx

Download as PPTX, PDF
D
Dibyesh1

Computer Security

Technology
1 of 69
KU Aspire College ITEX 100 – Information Technology Computer Security and Information Privacy Chapter 5.1 • Computer Security and Safety • Computer Ethics • Computer Privacy
KU Aspire College Agenda – Computer Security and Safety. – Computer Ethics. – Computer Privacy.
KU Aspire College Objectives Overview 1. Define the term, computer security risks, and briefly describe the types of cybercrime perpetrators 2. Describe various types of Internet and network attacks and identify ways to safeguard against these attacks, 3. Discuss techniques to prevent unauthorized computer access and use 4. Identify safeguards against hardware theft and vandalism
KU Aspire College Objectives Overview 5. Explain the ways software manufacturers protect against software piracy 6. Discuss how encryption works, and explain why it is necessary 7. Discuss the types of devices available that protect computers from system failure 8. Explain the options available for backing up computer resources 9. Identify risks and safeguards associated with wireless communications
KU Aspire College Objectives Overview 10.Recognize issues related to information accuracy, intellectual property rights, codes of conduct, and green computing 11.Discuss issues surrounding information privacy, including electronic profiles, cookies, spyware and adware, spam, phishing, privacy laws, social engineering, employee monitoring, and content filtering
KU Aspire College Computer Security Risks • Today, people rely on computers to create, store, and manage critical information. • Thus, it is important that computers and the data they store are accessible and available when needed. • It also is crucial that users take measures to protect their computers and data from loss, damage, and misuse.
KU Aspire College Computer Security Risks • A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability • While some breaches to computer security are accidental, many are intentional. • Some intruders do no damage; they merely access data, information, or programs on the computer before logging off. • Other intruders indicate some evidence of their presence either by leaving a message or by deliberately altering or damaging data
KU Aspire College Computer Security Risks • An intentional breach of computer security often involves a deliberate act that is against the law. • Any illegal act involving a computer generally is referred to as a computer crime. • A cybercrime is an online or Internet-based illegal act Hackers Crackers Script Kiddies Corporate Spies Unethical Employees Cyberextortionists Cyberterrorists
KU Aspire College Computer Security Risks • The term hacker, although originally a complimentary word for a computer enthusiast, now has a derogatory meaning and refers to someone who accesses a computer or network illegally. – Some hackers claim the intent of their security breaches is to improve security. • A cracker also is someone who accesses a computer or network illegally but has the intent of destroying data, stealing information, or other malicious action. • Both hackers and crackers have advanced computer and network skills.
KU Aspire College Computer Security Risks • A script kiddie has the same intent as a cracker but does not have the technical skills and knowledge. – Script kiddies often use prewritten hacking and cracking programs to break into computers. • Some corporate spies have excellent computer and networking skills and are hired to break into a specific computer and steal its proprietary data and information, or to help identify security risks in their own organization. – Unscrupulous companies hire corporate spies, a practice known as corporate espionage, to gain a competitive advantage.
KU Aspire College Computer Security Risks • Unethical employees may break into their employers’ computers for a variety of reasons. – Some simply want to exploit a security weakness. – Others seek financial gains from selling confidential information. – Disgruntled employees may want revenge. • A cyberextortionistis someone who uses e-mail as a vehicle for extortion. – These perpetrators send an organization a threatening e-mail message indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization’s network — if they are not paid a sum of money.
KU Aspire College Computer Security Risks • A cyberterroristis someone who uses the Internet or network to destroy or damage computers for political reasons. • The cyberterrorist might target the nation’s air traffic control system, electricity-generating companies, or a telecommunications infra-structure. • The term, cyberwarfare, describes an attack whose goal ranges from disabling a government’s computer network to crippling a country. • Cyberterrorism and cyberwarfare usually require a team of highly skilled individuals, millions of dollars, and several years of planning.
KU Aspire College Internet and Network Attacks • Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises • An online security service is a Web site that evaluates your computer to check for Internet and e-mail vulnerabilities
KU Aspire College Internet and Network Attacks
KU Aspire College Internet and Network Attacks Computer Virus • Affects a computer negatively by altering the way the computer works Worm • Copies itself repeatedly, using up resources and possibly shutting down the computer or network Trojan Horse • A malicious program that hides within or looks like a legitimate program Rootkit • Program that hides in a computer and allows someone from a remote location to take full control
KU Aspire College Internet and Network Attacks • An infected computer has one or more of the following symptoms: Operating system runs much slower than usual Available memory is less than expected Files become corrupted Screen displays unusual message or image Music or unusual sound plays randomly Existing programs and files disappear Programs or files do not work properly Unknown programs or files mysteriously appear System properties change Operating system does not start up Operating system shuts down unexpectedly
KU Aspire College Internet and Network Attacks • Users can take several precautions to protect their home and work computers and mobile devices from these malicious infections
KU Aspire College Internet and Network Attacks
KU Aspire College Internet and Network Attacks • A botnet is a group of compromised computers connected to a network – A compromised computer is known as a zombie • A denial of service attack (DoS attack) disrupts computer access to Internet services – Distributed DoS (DDoS) • A back door is a program or set of instructions in a program that allow users to bypass security controls • Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate
KU Aspire College Internet and Network Attacks • A firewall is hardware and/or software that protects a network’s resources from intrusion
KU Aspire College Internet and Network Attacks Intrusion detection software • Analyzes all network traffic • Assesses system vulnerabilities • Identifies any unauthorized intrusions • Notifies network administrators of suspicious behavior patterns or security breaches Honeypot • Vulnerable computer that is set up to entice an intruder to break into it
KU Aspire College Unauthorized Access and Use Unauthorized access is the use of a computer or network without permission Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities
KU Aspire College Unauthorized Access and Use • Organizations take several measures to help prevent unauthorized access and use – Acceptable use policy – Disable file and printer sharing – Firewalls – Intrusion detection software
KU Aspire College Unauthorized Access and Use • Access controls define who can access a computer, when they can access it, and what actions they can take – Two-phase processes called identification and authentication – User name – Password – CAPTCHA
KU Aspire College Unauthorized Access and Use
KU Aspire College Unauthorized Access and Use • A possessed object is any item that you must carry to gain access to a computer or computer facility – Often are used in combination with a personal identification number (PIN) • A biometric device authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer
KU Aspire College Unauthorized Access and Use • Digital forensics is the discovery, collection, and analysis of evidence found on computers and networks • Many areas use digital forensics Law enforcement Criminal prosecutors Military intelligence Insurance agencies Information security departments
KU Aspire College Hardware Theft and Vandalism Hardware theft is the act of stealing computer equipment Hardware vandalism is the act of defacing or destroying computer equipment
KU Aspire College Hardware Theft and Vandalism • To help reduce the of chances of theft, companies and schools use a variety of security measures Physical access controls Alarm systems Cables to lock equipment Real time location system Passwords, possessed objects, and biometrics
KU Aspire College Software Theft • Software theft occurs when someone: Steals software media Intentionally erases programs Illegally copies a program Illegally registers and/or activates a program
KU Aspire College Software Theft • The first type of software theft involves a perpetrator physically stealing the media that contain the software or the hardware that contains the media, as described in the previous section. For example, an unscrupulous library patron might steal the Encyclopedia Britannica optical disc.
KU Aspire College Software Theft • The second type of software theft can occur when a programmer is terminated from, or stops working for, a company. Although the pro grams are company property, some dishonest programmers intentionally remove or disable the programs they have written from company computers.
KU Aspire College Software Theft • The third type of software theft occurs when software is stolen from software manufacturers. This type of theft, called piracy, is by far the most common form of software theft. Software piracy is the unauthorized and illegal duplication of copyrighted software.
KU Aspire College Software Theft • The fourth type of software theft involves users illegally obtaining registration numbers and/or activation codes. A program called a keygen , short for key generator, creates software registration numbers and sometimes activation codes. Some unscrupulous individuals create and post keygens so that users can install software without legally purchasing it.
KU Aspire College Software Theft • A single-user license agreement typically contains the following conditions: Permitted to • Install the software on one computer • Make one copy of the software • Remove the software from your computer before giving it away or selling it Not permitted to • Install the software on a network • Give copies to friends or colleagues while continuing to use the software • Export the software • Rent or lease the software
KU Aspire College Software Theft • Copying, loaning, borrowing, renting, or distributing software can be a violation of copyright law • Some software requires product activation to function fully
KU Aspire College Information Theft • Information theft occurs when someone steals personal or confidential information • Encryption is a process of converting readable data into unreadable characters to prevent unauthorized access
KU Aspire College Information Theft
KU Aspire College An Example of Public Key Encryption • Step 1: The sender creates a document to be e- mailed to the receiver.
KU Aspire College An Example of Public Key Encryption • Step 2: The sender uses the receiver’s public key to encrypt a message. • Step 3: The receiver uses his or her private key to decrypt the message.
KU Aspire College An Example of Public Key Encryption • Step 4: The receiver can read or print the decrypted message.
KU Aspire College Information Theft • A digital signature is an encrypted code that a person, Web site, or organization attaches to an electronic message to verify the identity of the sender – Often used to ensure that an impostor is not participating in an Internet transaction • Web browsers and Web sites use encryption techniques
KU Aspire College System Failure • A system failure is the prolonged malfunction of a computer • A variety of factors can lead to system failure, including: – Aging hardware – Natural disasters – Electrical power problems • Noise, undervoltages, and overvoltages – Errors in computer programs
KU Aspire College System Failure • Two ways to protect from system failures caused by electrical power variations include surge protectors and uninterruptable power supplies (UPS)
KU Aspire College Backing Up – The Ultimate Safeguard • A backup is a duplicate of a file, program, or disk that can be used if the original is lost, damaged, or destroyed – To back up a file means to make a copy of it • Offsite backups are stored in a location separate from the computer site Cloud Storage
KU Aspire College Backing Up – The Ultimate Safeguard • Two categories of backups: – Full backup copies all of the files in the computer – Selective backup chooses which folders and files to include in a backup. • Three-generation backup policy – The grandparent is the oldest copy of the file. – The parentis the second oldest copy of the file. – The child is the most recent copy of the file.
KU Aspire College Wireless Security • Wireless access poses additional security risks – About 80 percent of wireless networks have no security protection • In additional to using firewalls, some safeguards improve security of wireless networks: A wireless access point should not broadcast an SSID Change the default SSID Configure a WAP so that only certain devices can access it Use WPA or WPA2 security standards
KU Aspire College Health Concerns of Computer Use • The widespread use of computers has led to health concerns – Repetitive strain injury (RSI) – Carpal tunnel syndrome (CTS) – Computer vision syndrome (CVS)
KU Aspire College Health Concerns of Computer Use • Hand Exercises – Spread fingers apart for several seconds while keeping wrists straight. – Gently push back fingers and then thumb. – Dangle arms loosely at sides and then shake arms and hands.
KU Aspire College Health Concerns of Computer Use • Techniques to Ease Eyestrain – Every 10 to 15 minutes, take an eye break. • Look into the distance and focus on an object for 20 to 30 seconds. • Roll your eyes in a complete circle. • Close your eyes and rest them for at least one minute. – Blink your eyes every five seconds. – Place your display device about an arm’s length away from your eyes with the top of the screen at eye level or below. – Use large fonts. – If you wear glasses, ask your doctor about computer glasses. – Adjust the lighting.
KU Aspire College Health Concerns of Computer Use • Ergonomics is an applied science devoted to incorporating comfort, efficiency, and safety into the design of items in the workplace • Ergonomic studies have shown that using the correct type and configuration of chair, keyboard, display device, and work surface helps users work comfortably and efficiently and helps protect their health. • For the computer work space, experts recommend an area of at least two feet by four feet.
KU Aspire College Health Concerns of Computer Use • Computer addiction occurs when the computer consumes someone’s entire social life • Symptoms of users include: Craves computer time Overjoy when at the computer Unable to stop computer activity Irritable when not at the computer Neglects family and friends Problems at work or school
KU Aspire College Ethics and Society • Computer ethics are the moral guidelines that govern the use of computers and information systems • Information accuracy is a concern – Not all information on the Web is correct
KU Aspire College Ethics and Society Intellectual property rights are the rights to which creators are entitled for their work • A copyright protects any tangible form of expression An IT code of conduct is a written guideline that helps determine whether a specific computer action is ethical or unethical
KU Aspire College IT Code of Conduct 1. Computers may not be used to harm other people. 2. Employees may not interfere with others’ computer work. 3. Employees may not meddle in others’ computer files. 4. Computers may not be used to steal. 5. Computers may not be used to bear false witness.
KU Aspire College IT Code of Conduct 6. Employees may not copy or use software illegally. 7. Employees may not use others’ computer resources without authorization. 8. Employees may not use others’ intellectual property as their own. 9. Employees shall consider the social impact of programs and systems they design. 10.Employees always should use computers in a way that demonstrates consideration and respect for fellow humans.
KU Aspire College Ethics and Society • Green computing involves reducing the electricity and environmental waste while using a computer • People use, and often waste, resources such as electricity and paper while using a computer. • Society has become aware of this waste and is taking measures to combat it.
KU Aspire College Ethics and Society
KU Aspire College Ethics and Society • Information privacy refers to the right of individuals and companies to deny or restrict the collection and use of information about them • Huge databases store data online • It is important to safeguard your information
KU Aspire College Ethics and Society • When you fill out a form, the merchant that receives the form usually enters it into a database • Many companies today allow people to specify whether they want their personal information distributed
KU Aspire College Ethics and Society • A cookie is a small text file that a Web server stores on your computer • Web sites use cookies for a variety of reasons: Allow for personalization Store users’ passwords Assist with online shopping Track how often users visit a site Target advertisements
KU Aspire College Ethics and Society • Spam is an unsolicited e-mail message or newsgroup posting • E-mail filtering blocks e-mail messages from designated sources • Anti-spam programs attempt to remove spam before it reaches your inbox
KU Aspire College Ethics and Society • Phishing is a scam in which a perpetrator sends an official looking e-mail message that attempts to obtain your personal and financial information • Pharming is a scam where a perpetrator attempts to obtain your personal and financial information via spoofing
KU Aspire College Ethics and Society • The concern about privacy has led to the enactment of federal and state laws regarding the storage and disclosure of personal data – See Figure 11-36 on page 589 for a listing of major U.S. government laws concerning privacy • The 1970 Fair Credit Reporting Act limits the rights of others viewing a credit report to only those with a legitimate business need
KU Aspire College Ethics and Society Social engineering is defined as gaining unauthorized access or obtaining confidential information by taking advantage of trust and naivety Employee monitoring involves the use of computers to observe, record, and review an employee’s use of a computer
KU Aspire College Ethics and Society • Content filtering is the process of restricting access to certain material on the Web • Many businesses use content filtering • Internet Content Rating Association (ICRA) • Web filtering software restricts access to specified Web sites
KU Aspire College Summary Potential computer risks and the safeguards Wireless security risks and safeguards Computer-related health issues and preventions Ethical issues surrounding information accuracy, intellectual property rights, codes of conduct, green computing, and information privacy
KU Aspire College Any Questions?
KU Aspire College

Recommended

Chapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxChapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxFannyKwok1
 
Unit 1.pptx
Unit 1.pptxUnit 1.pptx
Unit 1.pptxMsVaishaliKumar
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsBilalMehmood44
 
BAIT1003 Chapter 11
BAIT1003 Chapter 11BAIT1003 Chapter 11
BAIT1003 Chapter 11limsh
 
Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.rizwanshafique4321
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks ShellyAdeel Khurram
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in misGurjit
 
MIS part 4_CH 11.ppt
MIS part 4_CH 11.pptMIS part 4_CH 11.ppt
MIS part 4_CH 11.pptEndAlk15
 

Recommended

Chapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxChapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxFannyKwok1
 
Unit 1.pptx
Unit 1.pptxUnit 1.pptx
Unit 1.pptxMsVaishaliKumar
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsBilalMehmood44
 
BAIT1003 Chapter 11
BAIT1003 Chapter 11BAIT1003 Chapter 11
BAIT1003 Chapter 11limsh
 
Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.Computer Security and their social effect and their usage.
Computer Security and their social effect and their usage.rizwanshafique4321
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks ShellyAdeel Khurram
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in misGurjit
 
MIS part 4_CH 11.ppt
MIS part 4_CH 11.pptMIS part 4_CH 11.ppt
MIS part 4_CH 11.pptEndAlk15
 
Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdfLecture 7---Security (1).pdf
Lecture 7---Security (1).pdfZeeshanMajeed15
 
Chapter 9 security privacy csc
Chapter 9 security privacy cscChapter 9 security privacy csc
Chapter 9 security privacy cscHisyam Rosly
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxJenetSilence
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAkshayKhade21
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
Week 12
Week 12Week 12
Week 12Joey Pierce
 
Computer crime
Computer crimeComputer crime
Computer crimeSurya Prasad
 
Unit v
Unit vUnit v
Unit vbharatnaruka90
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power pointbodo-con
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxGovandJamalSaeed
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxANIKETKUMARSHARMA3
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx56ushodayareddy
 
Security issues ethics in education chapter 8
Security issues ethics in education chapter 8Security issues ethics in education chapter 8
Security issues ethics in education chapter 8Theresa Ann Rollins-Fanning
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxMBRoman1
 
Cyber security
Cyber securityCyber security
Cyber securitySabir Raja
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amosAmos Oyoo
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxKirti Verma
 
Cysecc.pptx
Cysecc.pptxCysecc.pptx
Cysecc.pptxjondon17
 
Lecture 10 - Export Risk Management (Lecturer) 140908.pptx
Lecture 10 - Export Risk Management (Lecturer) 140908.pptxLecture 10 - Export Risk Management (Lecturer) 140908.pptx
Lecture 10 - Export Risk Management (Lecturer) 140908.pptxDibyesh1
 
Lecture 7 - International Recruitment Selection and Repatriation (Lecturer) 1...
Lecture 7 - International Recruitment Selection and Repatriation (Lecturer) 1...Lecture 7 - International Recruitment Selection and Repatriation (Lecturer) 1...
Lecture 7 - International Recruitment Selection and Repatriation (Lecturer) 1...Dibyesh1
 

More Related Content

Similar to Lecture 5.1.pptx

Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdfLecture 7---Security (1).pdf
Lecture 7---Security (1).pdfZeeshanMajeed15
 
Chapter 9 security privacy csc
Chapter 9 security privacy cscChapter 9 security privacy csc
Chapter 9 security privacy cscHisyam Rosly
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxJenetSilence
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAkshayKhade21
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power pointbodo-con
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxGovandJamalSaeed
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxMBRoman1
 
Cyber security
Cyber securityCyber security
Cyber securitySabir Raja
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amosAmos Oyoo
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxKirti Verma
 
Cysecc.pptx
Cysecc.pptxCysecc.pptx
Cysecc.pptxjondon17
 

Similar to Lecture 5.1.pptx (20)

Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdfLecture 7---Security (1).pdf
Lecture 7---Security (1).pdf
 
Chapter 9 security privacy csc
Chapter 9 security privacy cscChapter 9 security privacy csc
Chapter 9 security privacy csc
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information system
 
Week 12
Week 12Week 12
Week 12
 
Computer crime
Computer crimeComputer crime
Computer crime
 
Unit v
Unit vUnit v
Unit v
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power point
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Security issues ethics in education chapter 8
Security issues ethics in education chapter 8Security issues ethics in education chapter 8
Security issues ethics in education chapter 8
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cyber security
Cyber securityCyber security
Cyber security
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptx
 
Cysecc.pptx
Cysecc.pptxCysecc.pptx
Cysecc.pptx
 

More from Dibyesh1

Lecture 10 - Export Risk Management (Lecturer) 140908.pptx
Lecture 10 - Export Risk Management (Lecturer) 140908.pptxLecture 10 - Export Risk Management (Lecturer) 140908.pptx
Lecture 10 - Export Risk Management (Lecturer) 140908.pptxDibyesh1
 
Lecture 7 - International Recruitment Selection and Repatriation (Lecturer) 1...
Lecture 7 - International Recruitment Selection and Repatriation (Lecturer) 1...Lecture 7 - International Recruitment Selection and Repatriation (Lecturer) 1...
Lecture 7 - International Recruitment Selection and Repatriation (Lecturer) 1...Dibyesh1
 
SE Chapter 4 - Software Requirements.pptx
SE Chapter 4 - Software Requirements.pptxSE Chapter 4 - Software Requirements.pptx
SE Chapter 4 - Software Requirements.pptxDibyesh1
 
SE Chapter 6 - Software Reliability.pptx
SE Chapter 6 - Software Reliability.pptxSE Chapter 6 - Software Reliability.pptx
SE Chapter 6 - Software Reliability.pptxDibyesh1
 
Organisational Structures.ppt
Organisational Structures.pptOrganisational Structures.ppt
Organisational Structures.pptDibyesh1
 
chapter17.pptx
chapter17.pptxchapter17.pptx
chapter17.pptxDibyesh1
 
Chapter 3-Time Scheduling a Project.pptx
Chapter 3-Time Scheduling a Project.pptxChapter 3-Time Scheduling a Project.pptx
Chapter 3-Time Scheduling a Project.pptxDibyesh1
 
Lecture 12 - Project Management (Lecturer).pptx
Lecture 12 - Project Management (Lecturer).pptxLecture 12 - Project Management (Lecturer).pptx
Lecture 12 - Project Management (Lecturer).pptxDibyesh1
 
Week 5 Building Digital Capabilites in Workforce and Organization.pptx
Week 5 Building Digital Capabilites in Workforce and Organization.pptxWeek 5 Building Digital Capabilites in Workforce and Organization.pptx
Week 5 Building Digital Capabilites in Workforce and Organization.pptxDibyesh1
 
Week 2 Tutorial - Examining Digital Business Environment.pptx
Week 2 Tutorial - Examining Digital Business Environment.pptxWeek 2 Tutorial - Examining Digital Business Environment.pptx
Week 2 Tutorial - Examining Digital Business Environment.pptxDibyesh1
 
4BU017 Lecture Slides - Definition and Scope of Digital Business - 2021-22-1....
4BU017 Lecture Slides - Definition and Scope of Digital Business - 2021-22-1....4BU017 Lecture Slides - Definition and Scope of Digital Business - 2021-22-1....
4BU017 Lecture Slides - Definition and Scope of Digital Business - 2021-22-1....Dibyesh1
 
Lecture 2 - Balance Sheet (Lecturer).pptx
Lecture 2 - Balance Sheet (Lecturer).pptxLecture 2 - Balance Sheet (Lecturer).pptx
Lecture 2 - Balance Sheet (Lecturer).pptxDibyesh1
 
Lecture 4.2- Internet and WWW.pptx
Lecture 4.2- Internet and WWW.pptxLecture 4.2- Internet and WWW.pptx
Lecture 4.2- Internet and WWW.pptxDibyesh1
 
Chapter 3 - Software.pptx
Chapter 3 - Software.pptxChapter 3 - Software.pptx
Chapter 3 - Software.pptxDibyesh1
 
I Academy Topics of Introduction to business.pptx
I Academy Topics of Introduction to business.pptxI Academy Topics of Introduction to business.pptx
I Academy Topics of Introduction to business.pptxDibyesh1
 

More from Dibyesh1 (15)

Lecture 10 - Export Risk Management (Lecturer) 140908.pptx
Lecture 10 - Export Risk Management (Lecturer) 140908.pptxLecture 10 - Export Risk Management (Lecturer) 140908.pptx
Lecture 10 - Export Risk Management (Lecturer) 140908.pptx
 
Lecture 7 - International Recruitment Selection and Repatriation (Lecturer) 1...
Lecture 7 - International Recruitment Selection and Repatriation (Lecturer) 1...Lecture 7 - International Recruitment Selection and Repatriation (Lecturer) 1...
Lecture 7 - International Recruitment Selection and Repatriation (Lecturer) 1...
 
SE Chapter 4 - Software Requirements.pptx
SE Chapter 4 - Software Requirements.pptxSE Chapter 4 - Software Requirements.pptx
SE Chapter 4 - Software Requirements.pptx
 
SE Chapter 6 - Software Reliability.pptx
SE Chapter 6 - Software Reliability.pptxSE Chapter 6 - Software Reliability.pptx
SE Chapter 6 - Software Reliability.pptx
 
Organisational Structures.ppt
Organisational Structures.pptOrganisational Structures.ppt
Organisational Structures.ppt
 
chapter17.pptx
chapter17.pptxchapter17.pptx
chapter17.pptx
 
Chapter 3-Time Scheduling a Project.pptx
Chapter 3-Time Scheduling a Project.pptxChapter 3-Time Scheduling a Project.pptx
Chapter 3-Time Scheduling a Project.pptx
 
Lecture 12 - Project Management (Lecturer).pptx
Lecture 12 - Project Management (Lecturer).pptxLecture 12 - Project Management (Lecturer).pptx
Lecture 12 - Project Management (Lecturer).pptx
 
Week 5 Building Digital Capabilites in Workforce and Organization.pptx
Week 5 Building Digital Capabilites in Workforce and Organization.pptxWeek 5 Building Digital Capabilites in Workforce and Organization.pptx
Week 5 Building Digital Capabilites in Workforce and Organization.pptx
 
Week 2 Tutorial - Examining Digital Business Environment.pptx
Week 2 Tutorial - Examining Digital Business Environment.pptxWeek 2 Tutorial - Examining Digital Business Environment.pptx
Week 2 Tutorial - Examining Digital Business Environment.pptx
 
4BU017 Lecture Slides - Definition and Scope of Digital Business - 2021-22-1....
4BU017 Lecture Slides - Definition and Scope of Digital Business - 2021-22-1....4BU017 Lecture Slides - Definition and Scope of Digital Business - 2021-22-1....
4BU017 Lecture Slides - Definition and Scope of Digital Business - 2021-22-1....
 
Lecture 2 - Balance Sheet (Lecturer).pptx
Lecture 2 - Balance Sheet (Lecturer).pptxLecture 2 - Balance Sheet (Lecturer).pptx
Lecture 2 - Balance Sheet (Lecturer).pptx
 
Lecture 4.2- Internet and WWW.pptx
Lecture 4.2- Internet and WWW.pptxLecture 4.2- Internet and WWW.pptx
Lecture 4.2- Internet and WWW.pptx
 
Chapter 3 - Software.pptx
Chapter 3 - Software.pptxChapter 3 - Software.pptx
Chapter 3 - Software.pptx
 
I Academy Topics of Introduction to business.pptx
I Academy Topics of Introduction to business.pptxI Academy Topics of Introduction to business.pptx
I Academy Topics of Introduction to business.pptx
 

Recently uploaded

#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 

Recently uploaded (20)

E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 

Lecture 5.1.pptx

  • 1. KU Aspire College ITEX 100 – Information Technology Computer Security and Information Privacy Chapter 5.1 • Computer Security and Safety • Computer Ethics • Computer Privacy
  • 2. KU Aspire College Agenda – Computer Security and Safety. – Computer Ethics. – Computer Privacy.
  • 3. KU Aspire College Objectives Overview 1. Define the term, computer security risks, and briefly describe the types of cybercrime perpetrators 2. Describe various types of Internet and network attacks and identify ways to safeguard against these attacks, 3. Discuss techniques to prevent unauthorized computer access and use 4. Identify safeguards against hardware theft and vandalism
  • 4. KU Aspire College Objectives Overview 5. Explain the ways software manufacturers protect against software piracy 6. Discuss how encryption works, and explain why it is necessary 7. Discuss the types of devices available that protect computers from system failure 8. Explain the options available for backing up computer resources 9. Identify risks and safeguards associated with wireless communications
  • 5. KU Aspire College Objectives Overview 10.Recognize issues related to information accuracy, intellectual property rights, codes of conduct, and green computing 11.Discuss issues surrounding information privacy, including electronic profiles, cookies, spyware and adware, spam, phishing, privacy laws, social engineering, employee monitoring, and content filtering
  • 6. KU Aspire College Computer Security Risks • Today, people rely on computers to create, store, and manage critical information. • Thus, it is important that computers and the data they store are accessible and available when needed. • It also is crucial that users take measures to protect their computers and data from loss, damage, and misuse.
  • 7. KU Aspire College Computer Security Risks • A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability • While some breaches to computer security are accidental, many are intentional. • Some intruders do no damage; they merely access data, information, or programs on the computer before logging off. • Other intruders indicate some evidence of their presence either by leaving a message or by deliberately altering or damaging data
  • 8. KU Aspire College Computer Security Risks • An intentional breach of computer security often involves a deliberate act that is against the law. • Any illegal act involving a computer generally is referred to as a computer crime. • A cybercrime is an online or Internet-based illegal act Hackers Crackers Script Kiddies Corporate Spies Unethical Employees Cyberextortionists Cyberterrorists
  • 9. KU Aspire College Computer Security Risks • The term hacker, although originally a complimentary word for a computer enthusiast, now has a derogatory meaning and refers to someone who accesses a computer or network illegally. – Some hackers claim the intent of their security breaches is to improve security. • A cracker also is someone who accesses a computer or network illegally but has the intent of destroying data, stealing information, or other malicious action. • Both hackers and crackers have advanced computer and network skills.
  • 10. KU Aspire College Computer Security Risks • A script kiddie has the same intent as a cracker but does not have the technical skills and knowledge. – Script kiddies often use prewritten hacking and cracking programs to break into computers. • Some corporate spies have excellent computer and networking skills and are hired to break into a specific computer and steal its proprietary data and information, or to help identify security risks in their own organization. – Unscrupulous companies hire corporate spies, a practice known as corporate espionage, to gain a competitive advantage.
  • 11. KU Aspire College Computer Security Risks • Unethical employees may break into their employers’ computers for a variety of reasons. – Some simply want to exploit a security weakness. – Others seek financial gains from selling confidential information. – Disgruntled employees may want revenge. • A cyberextortionistis someone who uses e-mail as a vehicle for extortion. – These perpetrators send an organization a threatening e-mail message indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization’s network — if they are not paid a sum of money.
  • 12. KU Aspire College Computer Security Risks • A cyberterroristis someone who uses the Internet or network to destroy or damage computers for political reasons. • The cyberterrorist might target the nation’s air traffic control system, electricity-generating companies, or a telecommunications infra-structure. • The term, cyberwarfare, describes an attack whose goal ranges from disabling a government’s computer network to crippling a country. • Cyberterrorism and cyberwarfare usually require a team of highly skilled individuals, millions of dollars, and several years of planning.
  • 13. KU Aspire College Internet and Network Attacks • Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises • An online security service is a Web site that evaluates your computer to check for Internet and e-mail vulnerabilities
  • 15. KU Aspire College Internet and Network Attacks Computer Virus • Affects a computer negatively by altering the way the computer works Worm • Copies itself repeatedly, using up resources and possibly shutting down the computer or network Trojan Horse • A malicious program that hides within or looks like a legitimate program Rootkit • Program that hides in a computer and allows someone from a remote location to take full control
  • 16. KU Aspire College Internet and Network Attacks • An infected computer has one or more of the following symptoms: Operating system runs much slower than usual Available memory is less than expected Files become corrupted Screen displays unusual message or image Music or unusual sound plays randomly Existing programs and files disappear Programs or files do not work properly Unknown programs or files mysteriously appear System properties change Operating system does not start up Operating system shuts down unexpectedly
  • 17. KU Aspire College Internet and Network Attacks • Users can take several precautions to protect their home and work computers and mobile devices from these malicious infections
  • 19. KU Aspire College Internet and Network Attacks • A botnet is a group of compromised computers connected to a network – A compromised computer is known as a zombie • A denial of service attack (DoS attack) disrupts computer access to Internet services – Distributed DoS (DDoS) • A back door is a program or set of instructions in a program that allow users to bypass security controls • Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate
  • 20. KU Aspire College Internet and Network Attacks • A firewall is hardware and/or software that protects a network’s resources from intrusion
  • 21. KU Aspire College Internet and Network Attacks Intrusion detection software • Analyzes all network traffic • Assesses system vulnerabilities • Identifies any unauthorized intrusions • Notifies network administrators of suspicious behavior patterns or security breaches Honeypot • Vulnerable computer that is set up to entice an intruder to break into it
  • 22. KU Aspire College Unauthorized Access and Use Unauthorized access is the use of a computer or network without permission Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities
  • 23. KU Aspire College Unauthorized Access and Use • Organizations take several measures to help prevent unauthorized access and use – Acceptable use policy – Disable file and printer sharing – Firewalls – Intrusion detection software
  • 24. KU Aspire College Unauthorized Access and Use • Access controls define who can access a computer, when they can access it, and what actions they can take – Two-phase processes called identification and authentication – User name – Password – CAPTCHA
  • 26. KU Aspire College Unauthorized Access and Use • A possessed object is any item that you must carry to gain access to a computer or computer facility – Often are used in combination with a personal identification number (PIN) • A biometric device authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer
  • 27. KU Aspire College Unauthorized Access and Use • Digital forensics is the discovery, collection, and analysis of evidence found on computers and networks • Many areas use digital forensics Law enforcement Criminal prosecutors Military intelligence Insurance agencies Information security departments
  • 28. KU Aspire College Hardware Theft and Vandalism Hardware theft is the act of stealing computer equipment Hardware vandalism is the act of defacing or destroying computer equipment
  • 29. KU Aspire College Hardware Theft and Vandalism • To help reduce the of chances of theft, companies and schools use a variety of security measures Physical access controls Alarm systems Cables to lock equipment Real time location system Passwords, possessed objects, and biometrics
  • 30. KU Aspire College Software Theft • Software theft occurs when someone: Steals software media Intentionally erases programs Illegally copies a program Illegally registers and/or activates a program
  • 31. KU Aspire College Software Theft • The first type of software theft involves a perpetrator physically stealing the media that contain the software or the hardware that contains the media, as described in the previous section. For example, an unscrupulous library patron might steal the Encyclopedia Britannica optical disc.
  • 32. KU Aspire College Software Theft • The second type of software theft can occur when a programmer is terminated from, or stops working for, a company. Although the pro grams are company property, some dishonest programmers intentionally remove or disable the programs they have written from company computers.
  • 33. KU Aspire College Software Theft • The third type of software theft occurs when software is stolen from software manufacturers. This type of theft, called piracy, is by far the most common form of software theft. Software piracy is the unauthorized and illegal duplication of copyrighted software.
  • 34. KU Aspire College Software Theft • The fourth type of software theft involves users illegally obtaining registration numbers and/or activation codes. A program called a keygen , short for key generator, creates software registration numbers and sometimes activation codes. Some unscrupulous individuals create and post keygens so that users can install software without legally purchasing it.
  • 35. KU Aspire College Software Theft • A single-user license agreement typically contains the following conditions: Permitted to • Install the software on one computer • Make one copy of the software • Remove the software from your computer before giving it away or selling it Not permitted to • Install the software on a network • Give copies to friends or colleagues while continuing to use the software • Export the software • Rent or lease the software
  • 36. KU Aspire College Software Theft • Copying, loaning, borrowing, renting, or distributing software can be a violation of copyright law • Some software requires product activation to function fully
  • 37. KU Aspire College Information Theft • Information theft occurs when someone steals personal or confidential information • Encryption is a process of converting readable data into unreadable characters to prevent unauthorized access
  • 39. KU Aspire College An Example of Public Key Encryption • Step 1: The sender creates a document to be e- mailed to the receiver.
  • 40. KU Aspire College An Example of Public Key Encryption • Step 2: The sender uses the receiver’s public key to encrypt a message. • Step 3: The receiver uses his or her private key to decrypt the message.
  • 41. KU Aspire College An Example of Public Key Encryption • Step 4: The receiver can read or print the decrypted message.
  • 42. KU Aspire College Information Theft • A digital signature is an encrypted code that a person, Web site, or organization attaches to an electronic message to verify the identity of the sender – Often used to ensure that an impostor is not participating in an Internet transaction • Web browsers and Web sites use encryption techniques
  • 43. KU Aspire College System Failure • A system failure is the prolonged malfunction of a computer • A variety of factors can lead to system failure, including: – Aging hardware – Natural disasters – Electrical power problems • Noise, undervoltages, and overvoltages – Errors in computer programs
  • 44. KU Aspire College System Failure • Two ways to protect from system failures caused by electrical power variations include surge protectors and uninterruptable power supplies (UPS)
  • 45. KU Aspire College Backing Up – The Ultimate Safeguard • A backup is a duplicate of a file, program, or disk that can be used if the original is lost, damaged, or destroyed – To back up a file means to make a copy of it • Offsite backups are stored in a location separate from the computer site Cloud Storage
  • 46. KU Aspire College Backing Up – The Ultimate Safeguard • Two categories of backups: – Full backup copies all of the files in the computer – Selective backup chooses which folders and files to include in a backup. • Three-generation backup policy – The grandparent is the oldest copy of the file. – The parentis the second oldest copy of the file. – The child is the most recent copy of the file.
  • 47. KU Aspire College Wireless Security • Wireless access poses additional security risks – About 80 percent of wireless networks have no security protection • In additional to using firewalls, some safeguards improve security of wireless networks: A wireless access point should not broadcast an SSID Change the default SSID Configure a WAP so that only certain devices can access it Use WPA or WPA2 security standards
  • 48. KU Aspire College Health Concerns of Computer Use • The widespread use of computers has led to health concerns – Repetitive strain injury (RSI) – Carpal tunnel syndrome (CTS) – Computer vision syndrome (CVS)
  • 49. KU Aspire College Health Concerns of Computer Use • Hand Exercises – Spread fingers apart for several seconds while keeping wrists straight. – Gently push back fingers and then thumb. – Dangle arms loosely at sides and then shake arms and hands.
  • 50. KU Aspire College Health Concerns of Computer Use • Techniques to Ease Eyestrain – Every 10 to 15 minutes, take an eye break. • Look into the distance and focus on an object for 20 to 30 seconds. • Roll your eyes in a complete circle. • Close your eyes and rest them for at least one minute. – Blink your eyes every five seconds. – Place your display device about an arm’s length away from your eyes with the top of the screen at eye level or below. – Use large fonts. – If you wear glasses, ask your doctor about computer glasses. – Adjust the lighting.
  • 51. KU Aspire College Health Concerns of Computer Use • Ergonomics is an applied science devoted to incorporating comfort, efficiency, and safety into the design of items in the workplace • Ergonomic studies have shown that using the correct type and configuration of chair, keyboard, display device, and work surface helps users work comfortably and efficiently and helps protect their health. • For the computer work space, experts recommend an area of at least two feet by four feet.
  • 52. KU Aspire College Health Concerns of Computer Use • Computer addiction occurs when the computer consumes someone’s entire social life • Symptoms of users include: Craves computer time Overjoy when at the computer Unable to stop computer activity Irritable when not at the computer Neglects family and friends Problems at work or school
  • 53. KU Aspire College Ethics and Society • Computer ethics are the moral guidelines that govern the use of computers and information systems • Information accuracy is a concern – Not all information on the Web is correct
  • 54. KU Aspire College Ethics and Society Intellectual property rights are the rights to which creators are entitled for their work • A copyright protects any tangible form of expression An IT code of conduct is a written guideline that helps determine whether a specific computer action is ethical or unethical
  • 55. KU Aspire College IT Code of Conduct 1. Computers may not be used to harm other people. 2. Employees may not interfere with others’ computer work. 3. Employees may not meddle in others’ computer files. 4. Computers may not be used to steal. 5. Computers may not be used to bear false witness.
  • 56. KU Aspire College IT Code of Conduct 6. Employees may not copy or use software illegally. 7. Employees may not use others’ computer resources without authorization. 8. Employees may not use others’ intellectual property as their own. 9. Employees shall consider the social impact of programs and systems they design. 10.Employees always should use computers in a way that demonstrates consideration and respect for fellow humans.
  • 57. KU Aspire College Ethics and Society • Green computing involves reducing the electricity and environmental waste while using a computer • People use, and often waste, resources such as electricity and paper while using a computer. • Society has become aware of this waste and is taking measures to combat it.
  • 59. KU Aspire College Ethics and Society • Information privacy refers to the right of individuals and companies to deny or restrict the collection and use of information about them • Huge databases store data online • It is important to safeguard your information
  • 60. KU Aspire College Ethics and Society • When you fill out a form, the merchant that receives the form usually enters it into a database • Many companies today allow people to specify whether they want their personal information distributed
  • 61. KU Aspire College Ethics and Society • A cookie is a small text file that a Web server stores on your computer • Web sites use cookies for a variety of reasons: Allow for personalization Store users’ passwords Assist with online shopping Track how often users visit a site Target advertisements
  • 62. KU Aspire College Ethics and Society • Spam is an unsolicited e-mail message or newsgroup posting • E-mail filtering blocks e-mail messages from designated sources • Anti-spam programs attempt to remove spam before it reaches your inbox
  • 63. KU Aspire College Ethics and Society • Phishing is a scam in which a perpetrator sends an official looking e-mail message that attempts to obtain your personal and financial information • Pharming is a scam where a perpetrator attempts to obtain your personal and financial information via spoofing
  • 64. KU Aspire College Ethics and Society • The concern about privacy has led to the enactment of federal and state laws regarding the storage and disclosure of personal data – See Figure 11-36 on page 589 for a listing of major U.S. government laws concerning privacy • The 1970 Fair Credit Reporting Act limits the rights of others viewing a credit report to only those with a legitimate business need
  • 65. KU Aspire College Ethics and Society Social engineering is defined as gaining unauthorized access or obtaining confidential information by taking advantage of trust and naivety Employee monitoring involves the use of computers to observe, record, and review an employee’s use of a computer
  • 66. KU Aspire College Ethics and Society • Content filtering is the process of restricting access to certain material on the Web • Many businesses use content filtering • Internet Content Rating Association (ICRA) • Web filtering software restricts access to specified Web sites
  • 67. KU Aspire College Summary Potential computer risks and the safeguards Wireless security risks and safeguards Computer-related health issues and preventions Ethical issues surrounding information accuracy, intellectual property rights, codes of conduct, green computing, and information privacy