This document provides an overview of a security and privacy project that explores various topics related to computer security. It includes 6 objectives that discuss cybercrime, malware, computer security practices, safe computing practices, computer security and privacy laws, and related careers. For each objective, there are instructions to complete articles that define key terms and threats. Questions are provided to research for each article. The overall project aims to help students learn about security and privacy issues and how to protect themselves.

1. Security and Privacy

2. 1. Discuss various types of cybercrime.
2. Differentiate between different types of
malware.
3. Explain how to secure a computer.
4. Discuss safe computing practices.
5. Discuss laws related to computer security
and privacy.
6. Identify the certifications and careers
related to computer security and privacy.

3. RUNNING PROJECT
•In this project, you’ll explore security and
privacy.
•Look for instructions as you complete each
article.
•For most, there a series of questions for you
to research.
•At the conclusion of the chapter, you’re
asked to submit your
responses to the questions raised.

4. Article 1 – Cybercrime: They Are Out
To Get You
Objective 1 –Discuss various types of cybercrime.
The term cybercrime means criminal
activity on the internet. Most of these
crimes existed in some form long before
computers came along, but technology has
made them easier to commit and more
widespread.
In this article, we discuss some of the most
common forms of cybercrime that you
should be on the lookout for.

5. Personal Cybercrime
•Against individuals, not companies
•Harassment – cyberbullying and cyberstalking
•Phishing and Pharming – e-mail and IM
•Fraud – voluntarily giving money (example below)

6. Clickjacking
Clickjacking is one of the newest threats social networking
users face. Users are tricked into “liking” a page and
suggesting that page to friends. The “liked” page may
contain links to malicious externals sites. Go to
facebook.com/security.
Click the Threats tab. What are some of the current threats,
and how can you protect yourself from them?

7. Identity Theft
•White-hat (sneakers) – prevent future hacking
•Gray-hat – non-malicious, breaks into systems
•Black-hat (crackers) – hacking for malicious purposes

8. Cybercrime Against Organizations
•Cyberterrorism
•2008 report by the Center for Strategic and International
Studies – unknown attackers the previous year against
NASA and Homeland Security
•Unsuccessful and unreported
•Pentagon attacks
•Simulated cyber
attack in 2010 by CNN

9. Key Terms
•computer fraud
•cyberbullying
•cybercrime
•cyberstalking
•cyberterrorism
•hacking
•identify theft
•pharming
•phishing
4 Things You Need to Know
•Cybercrime
•Harassment, phishing,
pharming, fraud, and identity
theft
•Hackers
•Cyberterrorism
Running Project
•What steps should you take to prevent identity
theft? How have you implemented these in your
activities? Are there other things you should be
doing?

10. Article 2 – Malware: Pick Your Poison
Objective 2 – Differentiate between different types of malware.
The term malware includes many
different programs that are designed to
be harmful or malicious. Protecting
your computer can be a difficult task.
This article will discuss various types of
malware you should be on the look
out for.

11. Spam
•Mass unsolicited e-mails
•Easy and inexpensive
•Other forms – IM, fax, and texts
•Costs businesses
Spam in gmail account
(right)

12. Adware
Malware – adware
•Banner ads
•Reduce computer’s performance
•AIM (left)
Spyware
•Malware that gathers personal
information
•Sent to third party
•Installed inadvertently
•Cool Web Search

13. Viruses, Worms,
Trojans, and Rootkits
•Virus
•Host file
•Payload
•Hoaxes
•Hoax-slayer (left) –
check to see if an e-
mail message is a
hoax

14. Logic Bomb and Worms
•Virus
•Doesn’t spread to other
machines
•Attacks when certain
conditions are met
•Aka time bomb
•Dormant
•Worm – self replicating, no
host needed
•Scans a network
•Conflicker

15. •Botnet (left) – network of
computer zombies
•Trojan horse – malicious
program that looks
legitimate
•Keylogger – captures
information from a keyboard
•Rootkit – programs that
allow someone to gain
control

16. Key Terms
•adware
•botnet
•cookie
•denial-of-service
•keylogger
•logic bomb
•malware
•payload
5 Things You Need to Know
•Malware
•Spam
•Spyware
•Viruses, worms, Trojans and
rootkit
•Botnet
Running Project
•Visit the U.S. Computer Emergency Readiness Team website.
•Click Alerts and Tips.
•Then Cyber Security Alerts.
•What are the current security issues that users should be
aware of?
•Have you taken the steps to protect yourself?
•rootkit
•spam
•spyware
•time bomb
•trojan horse
•virus
•worm

17. Article 3 – Shields Up!
Objective 3 – Explain how to secure a computer.
Protecting your computer from intrusion or infection can be
a daunting task.
In this article, we discuss important steps to keep your
system secure.

18. Software
•Firewall – block access to
network and individual
machines
•Windows 7 – protects from
local and internet attacks
•Windows Firewall Control
Panel (right)
•Settings to block connections
to programs no on the list
•Learns what to allow and not
allow

19. Antivirus Programs
•New computers with trial version
•Scans computer files – signature checking
•Virus definition files track new threats
•Outdated definition files leave machine vulnerable to
attack
•Heuristic methods
•Very important

20. Antispyware
•Prevents adware and spyware from installing
•Not always caught by antivirus programs
•Windows Defender
•Real-time protection
•Ad-Aware
•Spybot Search & Destroy
•Malwarebytes
•Anti-Malware
The CNET download.com
website (right) features
categories of security software
you can download

21. Security Suites
•Packages of security software
•Offers complete protection
•Expensive
•Decrease system resources

22. Hardware – Router
•Connects two or more networks together
•Use between your personal computer and the internet
•Acts like a firewall
•Customize using the router
utility (right)
•Set restrictions
•Network Address Transition

23. Wireless Router
•Same features but also provides wireless access point to
your network
•Potential security risk if not properly secured
•Router setup utility to
change:
•SSID
•Wireless network name
•Wireless encryption
(right)

24. Operating System
•Critical to keep patched and up-to-date
•Automatic updates
•Can change settings (right)
•In most instances, don’t
change
•W7 Action Center to check
protection
•Access through white flag in
taskbar
•Check when see red X on
on white flag

25. Key Terms
•antispyware software
•antivirus program
•firewall
•NAT
•router
•security suite
•wireless encryption
4 Things You Need to Know
•Software firewall
•Antivirus programs
•Antispyware software
•Network address shields
Running Project
•Visit the U.S. Computer Emergency Readiness Team website.
•Click Alerts and Tips.
•Then Cyber Security Alerts.
•What are the current security issues that users should be
aware of?
•Have you taken the steps to protect yourself?

26. How To – Configure Secure Internet
Explorer Browser Settings
1. Open Internet Explorer.
2. Open the Tools menu, and click
Internet Options.
3. On the General tab, verify that the
correct page is set.
4. Some browser hijackers may change
this.
5. Click the Delete button.
6. What are the options available?
7. Which options are checked by default?
8. Click About deleting browsing history,
and read the Help page.
9. Close the Help screen and the delete
Browsing History dialog box.

27. 10. In the Internet Options dialog box, click
the Security tab.
11. In the Select a zone to view or change
security settings box, click Internet, and
read the description below it.
12. Click Local Intranet, and read the
description.
13. How is the security level for this zone
different from the Internet zone?
14. Click the Sites button and then click the
Advanced button.
15. Are there any websites in this zone?
16. If not, are there any that you believe
should be there?
17. Click Close and then Cancel.

28. 18. Click Trusted sites.
19. In the Add this website to
the zone box,
http://pearsoned.com.
20. Uncheck Require server
verification, click Add.
21. Click Close.

29. 22. Click Privacy tab.
23. Click Sites.
24. Click OK.
25. Click Settings.
26. Click Learn more about Pop-up Blocker.
27. Close the Help window and the Pop-up
Blocker Settings dialog box.
28. Click Advanced tab.
29. Check:
Do not save encrypted pages to disk
Empty Temporary Internet Files
30. Both of these will increase your
security.
31. Save file as
Lastname_Firstname_ch10_HowTo

30. Article 4 – An Ounce of Prevention Is
Worth a Pound of Cure
Objective 4 – Discuss safe computing practices.
The list of threats grows daily in size
and danger. The only way to be truly
safe is to unplug your computer and
never connect it to a network, but
because this isn’t practical for most
computer users, practicing safe
computing is critical to protecting your
system and your personal information.

31. User Accounts
•W7 has several layers of
security
•First – type of accounts
(right)
•Standard
•Administrator
•Guest
•UAC notifies before
changes are made

32. Passwords Boxes
•Safe
•Different systems have different rules
•More places = more complicated
•Sarah Palin example
•Facebook profile
•Password-cracking software

33. Rules for good passwords
•8 characters
•Upper and lowercase letters
•One number
•One special character
•No words found in a dictionary
•Nothing personally identifiable
•Don’t write it down
•Security questions with unexpected answers
•Different passwords for different accounts
•More difficult passwords for bank accounts and credit cards
•Change default passwords
•Change passwords regularly

34. Encryption
•Converts plain text into cipertext
•Key needed
•Secure connection
•https means encrypted
(right)
• http – plain text

35. Acceptable Use Policies
•AUP
•Force user to practice safe computing
•Restrictions variable
•Highly secure AUP = prohibits personal use
•Personal AUP
•Be smart when reading e-mail
•Be wary of phishing and fraud scams
•Use administrator accounts only when necessary
•Use good, strong passwords
•Be cautious of information you enter on websites
•Look for https

36. Key Terms
•acceptable use policy
(AUP)
•ciphertet
•encryption
•user account control
(UAC)
4 Things You Need to Know
•Standard account
•UAC
•Strong passwords
•Encryption
Running Project
•Do you have multiple user accounts set up on your
computer?
•Is your everyday account a standard user account or an
administrator account?
•Is it password protected?
•What steps do you take to protect your information when
you surf the Web?

37. Article 5 – The Law Is On Your Side
Objective 5 – Discuss laws related to computer security and privacy.
Because computer crimes are so
closely related to ordinary crime,
many laws that already exist also
apply to computer crimes. For
example, theft and fraud are illegal
whether a computer is used or not.
However, cybercrime has also created
new crimes that aren’t covered by
existing laws, and over the past two
decades, the U.S. has enacted several
important laws.

38. The Enforcers
•FBI
•Secret Service
•U.S. Immigration and Customs
Enforcement
•U.S. Postal Inspection Service
•Bureau of Alcohol, Tobacco, Firearms
and Explosives (ATF)
•Report cybercrimes – crime complaint
center – ic3.gov (right)

39. Current Laws
•1986 – Computer Fraud and Abuse Act
•1988 – 2002 – added additional crimes
•2001 – USA Patriot antiterrorism
legislation
•2002 – Cyber Security Enhancement
Act
•Difficult to catch because attack from
outside U.S.
•Convention of Cybercrime – 40
countries including U.S., Canada, and
Japan

40. Take our Test
•Visit lookstoogoodtobetrue.com, and click Take our Test.
•Take several of the tests to see your risks
•How well did you do?
•Are there steps that you should be taking to better protect
yourself?

41. Key Terms
•internet crime
•complaint center
(IC3)
Running Project
•Cybersecurity Enhancement Act of 2010 was still
being debated.
•What’s the status of this act?
•Have there been any other cybercrime laws
passed since then?
3 Things You Need to Know
•Existing laws
•IC3
•International cooperation

42. Article 6 – What Can I Do With
Knowledge About Security
and Privacy?
Objective 6 – Identify the certifications and careers related to security
and privacy..
The world of information security can
be exciting, and the job pays well, but
it requires many long hours and a lot
of education and experience to be
successful.
The first step is to get some training
and certification.

43. Certifications
•CompTia
•Cisco – CCNA, CCIE
•Certified Ethical Hacker (CEH)
•Computer Hacking Forensics Investigator(CHFI)
•CISSP
•GIAC
•Computer Network Security Consultant

44. Botnets
•Sleep mode or part of Botnet
•Energy used my compromised systems
•Keep machine clean and secure
•Assure that it’s not part of a botnet
•Turn it off

46. Objectives Recap
1. Discuss various types of cybercrime.
2. Differentiate between different types of malware.
3. Explain how to secure a computer.
4. Discuss safe computing practices.
5. Discuss laws related to computer security and privacy.
6. Identify the certifications and careers related to
computer security and privacy.