You are on page 1of 55

Computer Security

,
Ethics and Privacy

Objectives

Describe the types of computer security risks Discuss the types of devices available that
protect computers from system failure

Identify ways to safeguard against computer Explain the options available for backing up
viruses, worms, Trojan horses, denial of computer resources
service attacks, back doors, and spoofing

Identify risks and safeguards associated with
Discuss techniques to prevent unauthorized wireless communications
computer access and use

Recognize issues related to information
Identify safeguards against hardware theft accuracy, rights, and conduct
and vandalism

Discuss issues surrounding information
Explain the ways software manufacturers privacy
protect against software piracy

Discuss ways to prevent health-related
Define encryption and explain why it is disorders and injuries due to computer use
necessary

Next

Computer Security Risks
What is a computer security risk?
 Action that causes loss of or damage to computer
system

Click to view Web
Link, click Chapter 11, Click
Web Link from left
navigation, then click
Computer Emergency
Response Team Coordination
Center below Chapter 11
p. 556 - 558 Fig. 11-1 Next

Computer Viruses, Worms, and Trojan Horses

What are viruses, worms, and Trojan horses?

Virus is a Worm copies Trojan horse hides Payload
potentially itself repeatedly, within (destructive
damaging using up or looks like event) that is
computer resources legitimate delivered when
and possibly
program shutting down program until you open file, run
computer or triggered infected program,
network or boot computer
Does not with infected disk
Can spread in disk drive
replicate
and
itself on
damage
other
files
computers

p. 558 Next

Computer Viruses, Worms, and Trojan Horses

How can a virus spread through an e-mail message?
Step 1. Unscrupulous Step 2. They use
programmers create a virus the Internet to send
program. They hide the the e-mail message
virus in a Word document to thousands of
and attach the Word users around the
document to an e-mail world.
message.

Step 3b. Other users do not
recognize the name of the
Step 3a. Some sender of the e-mail message.
users open the These users do not open the
attachment and e-mail message. Instead they
their computers delete the e-mail message.
become infected These users’ computers are not
with the virus. infected with the virus.

p. 559 Fig. 11-2 Next

warning displays that document contains macro  Macros are instructions saved in an application. and Trojan Horses How can you protect your system from a macro virus?  Set macro security level in applications that allow you to write macros  At medium security level. 11-3 Next . 560 Fig. such as word processing or spreadsheet program p. Worms. Computer Viruses.

11-4 Next . 560 . and Trojan Horses What is an antivirus program?  Identifies and removes computer viruses  Most also protect against worms and Trojan horses p. Worms.561 Fig. Computer Viruses.

561 Fig. 11-5 Next . Worms. Computer Viruses. and Trojan Horses What is a virus signature?  Specific pattern of virus code  Also called virus definition  Antivirus programs look for virus signatures p.

Worms. and Trojan Horses How does an antivirus program inoculate a program file? Records information about program such as file size and Uses creation information date Attempts to detect if to remove virus tampers any detected with file virus Quarantines infected files that it Keeps file cannot in separate remove area of hard disk p. 561 Next . Computer Viruses.

worms. worm. delete firewall program viruses. and Trojan horse infections? Never open an Set the macro security e-mail attachment Install an antivirus in programs so you unless you are program on all of can enable or disable expecting it and your computers macros it is from a trusted source If the antivirus Check all program flags an downloaded e-mail attachment Install a personal programs for as infected. then click Virus Hoaxes below Chapter 11 p. Worms. the attachment or Trojan horses immediately Click to view Web Link. 562 Next . Click Web Link from left navigation. Computer Viruses. and Trojan Horses What are some tips for preventing virus. click Chapter 11.

and Trojan Horses What is a denial of service attack and back door? A denial of service attack is an assault which disrupts computer access to an Internet service such as the Web or e-mail A back door is a program or set of instructions in a program that allow users to bypass security controls when accessing a computer resource p. 562 Next . Worms. Computer Viruses.

and Trojan Horses What is spoofing? Makes a network or Internet Transmission appear legitimate IP spoofing occurs when an intruder computer fools a network into believing its IP address is from a trusted source Perpetrators of IP spoofing trick their victims into interacting with a phony Web site p. Worms. 563 Next . Computer Viruses.

Computer Viruses. 11-7 Next . Worms. 563 Fig. and Trojan Horses What is a firewall?  Security system consisting of hardware and/or software that prevents unauthorized intrusion p.

564 Fig. Worms. Computer Viruses. Click Web Link from left navigation. and Trojan Horses What is a personal firewall utility?  Program that protects personal computer and its data from unauthorized intrusions  Monitors transmissions to and from computer  Informs you of attempted intrusion Click to view Web Link. 11-8 Next . then click Personal Firewall Software below Chapter 11 p. click Chapter 11.

565 Next . 564 . and identifies can access computer and intrusions and suspicious behavior what actions they can take Audit trail records access attempts p. Unauthorized Access and Use How can companies protect against hackers? Intrusion detection software analyzes network traffic. assesses Access control defines who system vulnerabilities.

Video: Honeynet Project Founder Lance Spitzer The Honeynet tracks hackers and exposes their techniques low quality (click to start) high quality (click to start) Next .

11-9 Next . 565 Fig. Unauthorized Access and Use What are other ways to protect your personal computer?  Disable file and printer sharing on Internet connection File and printer sharing turned off p.

Unauthorized Access and Use What is a user name?  Unique combination of characters that identifies user  Password is private combination of characters associated with the user name that allows access to computer resources p. 566 Fig. 11-10 Next .

567 Fig. Unauthorized Access and Use How can you make your password more secure?  Longer passwords provide greater security p. 11-11 Next .

Unauthorized Access and Use What is a possessed object?  Item that you must carry to gain access to computer or facility  Often used with numeric password called personal identification number (PIN) p. 567 Fig. 11-12 Next .

hand geometry. Unauthorized Access and Use What is a biometric device?  Authenticates person’s identity using personal characteristic  Fingerprint. 11-13 Next . and iris p. voice. 567 . signature.568 Fig.

Big Brother wants your iris scan low quality (click to start) high quality (click to start) Next .Video: ID Security Smile.

Hardware Theft and Vandalism What are hardware theft and hardware vandalism?  Hardware theft is act of stealing computer equipment  Cables sometimes used to lock equipment  Some notebook computers use passwords. possessed objects.570 Fig. and biometrics as security methods  For PDAs. you can password- protect the device  Hardware vandalism is act of defacing or destroying computer equipment p. 11-14 Next . 569 .

click Chapter 11. then click Software Piracy below Chapter 11 p. 570 Next . Click Web Link from left navigation. Software Theft What is software theft? Act of stealing or Software piracy illegally copying is illegal software or duplication intentionally of copyrighted erasing software programs Click to view Web Link.

make backup copy. and sell software after removing from computer p. Software Theft What is a license agreement?  Right to use software  Single-user license agreement allows user to install software on one computer. 11-15 Next . 570 Fig.

Click Web Link from left navigation. click Chapter 11. 571 Next . Software Theft What are some other safeguards against software theft? Product activation allows user to input product identification number online or by phone and receive unique installation identification number Business Software Alliance (BSA) promotes better understanding of software piracy problems Click to view Web Link. then click Business Software Alliance below Chapter 11 p.

click Chapter 11. the recipient must decrypt. 571 . then click Encryption below Chapter 11 p. the data Click to view Web Link. or decipher. Information Theft What is encryption?  Safeguards against information theft  Process of converting plaintext (readable data) into ciphertext (unreadable characters)  Encryption key (formula) often uses more than one method  To read the data. Click Web Link from left navigation.572 Fig. 11-16 Next .

11-17 Next . 573 Fig. Information Theft How can I encrypt the contents of files and folders in WindowsXP? p.

573 Next . Internet Security Risks How do Web browsers provide secure data transmission? Secure site Many Web browsers is Web site that uses use encryption encryption to secure data Digital certificate is notice that guarantees Web site is legitimate p.

11-18 Next . 573 Fig. Internet Security Risks What is a certificate authority (CA)?  Authorized person or company that issues and verifies digital certificates  Users apply for digital certificate from CA p.

574 Fig. Internet Security Risks What is Secure Sockets Layer (SSL)?  Provides encryption of all data that passes between client and Internet server  Web addresses beginning with “https” indicate secure connections p. 11-19 Next .

System Failure What is a system failure? Prolonged malfunction Can cause loss of hardware. of computer software. or electrical power disturbances Overvoltage or Noise—unwanted power surge— electrical signal significant increase in electrical power Undervoltage—drop in electrical supply p. 574 Next . natural disasters. or data Caused by aging hardware.

Click Web Link from left navigation. then click Uninterruptible Power Supply below Chapter 11 p. 11-20–11-21 Next .575 Figs. System Failure What is a surge protector?  Protects computer and equipment from electrical power disturbances  Uninterruptible power supply (UPS) is surge protector that provides power during power loss Click to view Web Link. click Chapter 11. 574 .

or disk Three-generation Full backup Selective backup backup all files in select which files preserves computer to back up three copies of important files In case of system failure or corrupted files. Backing Up — The Ultimate Safeguard What is a backup? Duplicate of file. program. restore files by copying to original location p. 576 Next .

577 Fig. 11-22 Next . 576 . Wireless Security How can I ensure my wireless communication is secure?  Secure your wireless access point (WAP)  WAP should not broadcast your network name  Enable Wired Equivalent Privacy or Wi-Fi Protected Access (WPA) p.

Ethics and Society What are computer ethics? Moral guidelines that govern use of computers and information systems Unauthorized use of computers and Software theft Information accuracy networks Intellectual property rights—rights to which Codes of conduct creators are entitled for their work Click to view Web Link. 578 .579 Next . click Chapter 11. then click Digital Rights Management below Chapter 11 p. Click Information privacy Web Link from left navigation.

Ethics and Society What is an IT code of conduct?  Written guideline that helps determine whether computer action is ethical  Employers can distribute to employees p. 11-25 Next . 580 Fig.

580 and 586 Next . Information Privacy What is information privacy? Right of individuals and companies to deny or restrict collection and use of information about them Difficult to maintain today because data is stored online Employee monitoring is using computers to observe employee computer use Legal for employers to use monitoring software programs p.

581 Next . fill Web site such as in only required information Install a personal firewall Anonymizer. Do not reply to spam use this e-mail address for for any reason Inform merchants that you merchant forms do not want them to distribute your personal information Turn off file and print sharing Surf the Web anonymously on your Internet connection with a program such as Freedom Web Secure or Limit the amount of information through an anonymous you provide to Web sites. you are finished browsing such as Brightmail Avoid shopping club and buyers cards Set up a free e-mail account. warranty. Information Privacy What are some ways to safeguard personal information? Fill in only necessary information Install a cookie manager Sign up for e-mail on rebate. and to filter cookies filtering through your registration forms Internet service provider or Clear your history file when use an antispam program.com p.

581 . Information Privacy What is an electronic profile?  Data collected when you fill out form on Web  Merchants sell your electronic profile  Often you can specify whether you want personal information distributed p.582 Fig. 11-27 Next .

Information Privacy What is a cookie? Set browser to Some Web sites User Small file on accept cookies. sell or trade preferences your computer prompt you to information that contains accept cookies. 582 Next . Click Web Link from left navigation. stored in your data about you or disable cookies cookies How regularly you visit Interests Web sites and browsing habits Click to view Web Link. then click Cookies below Chapter 11 p. click Chapter 11.

11-28 Next . Information Privacy How do cookies work? p. 583 Fig.

584 Fig. 583 . and spam?  Spyware is program placed on computer without user’s knowledge  Adware is a program that displays online advertisements  Spam is unsolicited e-mail message sent to many recipients p. 11-29 Next . Information Privacy What are spyware. adware.

Information Privacy How can you control spam? Service that E-mail filtering Collects spam in blocks e-mail central location messages from that you can designated view any time sources Anti-spam program Sometimes Attempts to removes valid remove spam e-mail messages p. 584 Next .

584 Next . Information Privacy What is phishing? Scam in which a perpetrator sends an official looking e-mail that attempts to obtain your personal and financial information p.

11-30 Next . 585 Fig. Information Privacy What privacy laws have been enacted? p.

585 Fig. 11-30 Next . Information Privacy What privacy laws have been enacted? (cont’d) p.

586 .587 Fig. Information Privacy What is content filtering?  Process of restricting access to certain material  Internet Content Rating Association (ICRA) provides rating system of Web content  Web filtering software restricts access to specified sites p. 11-31 Next .

communication skills. then click Computer Forensics below Chapter 11 p. network forensics. and willingness to learn Click to view Web Link. 587 Next . or cyberforensics  Discovery. click Chapter 11. and analysis of evidence found on computers and networks  Computer forensic analysts must have knowledge of the law. technical experience. collection. Click Web Link from left navigation. Information Privacy What is computer forensics?  Also called digital forensics.

588 Next . 587 . Health Concerns of Computer Use What are some health concerns of computer use? Computer vision syndrome (CVS)—eye and vision problems Carpal tunnel syndrome (CTS)—inflammation of nerve that connects forearm to palm Repetitive strain injury (RSI) Tendonitis—inflammation of tendon due to repeated motion Computer addiction—when computer consumes entire social life p.

11-32 Next . 588 Fig. Health Concerns of Computer Use What precautions can prevent tendonitis or carpal tunnel syndrome?  Spread fingers apart for several seconds while keeping wrists straight  Gently push back fingers and then thumb  Dangle arms loosely at sides and then shake arms and hands p.

588 Fig. Health Concerns of Computer Use How can you ease eyestrain when working at the computer? p. 11-33 Next .

and safety in workplace elbows at 90° keyboard and arms and height: 23” hands parallel to 28” to floor adjustable backrest adjustable seat adjustable height chair with 5 legs for stability p. Health Concerns of Computer Use What is ergonomics?  Applied science devoted to comfort. efficiency. 589 Fig. 11-34 feet flat on floor Next .

590 Fig. click Chapter 11. 11-35 Next . Click Web Link from left navigation. Health Concerns of Computer Use What is green computing?  Reducing electricity and environmental waste while using computer Click to view Web Link. then click Green Computing below Chapter 11 p.

their preventions. and ways to keep the environment healthy Wireless security risks and safeguards . codes of conduct. Ethics and Privacy Potential computer risks Ethical issues surrounding information accuracy. intellectual property rights. and individuals can implement to minimize these risks Computer-related health issues.Summary of Computer Security. business. and information privacy Safeguards that schools.