Seguin - Chapter 7

2
Paradigm Publishing, Inc. Computer Concepts Topics

3
7.1 Unauthorized Access and Unauthorized Use of Computer Resources

7.2 Botnets and Denial of Service Attacks
7.3 Malware Infections
7.4 Phishing, Pharming, and Clickjacking Threats
7.5 Information Privacy
7.6 Mobile Device Security
Chapter Summary

4
7.1 Unauthorized Access and Unauthorized

Use of Computer Resources
 Connecting to a network at home,
at work, or at school has many
advantages that include sharing
access to the Internet and its
resources, storage, and software
 These advantages do not come
without risk
 network attacks at business and
government organizations occur often

5

Use of Computer Resources…continued
 Unauthorized access: using a computer, network, or other
resource without permission
 Hacker: an individual who accesses a network without
permission
 hacking: activities involved in gaining unauthorized entry into a
network’s resources
 white hats: hackers with good intentions that attempt to pinpoint
weaknesses in network security
 black hats: hackers who gain unauthorized access with malicious
intent to steal data or for other personal gain

6

 War driving: an individual with a
portable computing device who
drives around trying to connect to
someone else’s unsecured wireless
network
 Piggybacking: connecting to
someone else’s wireless network
without the network owner’s intent
or consent to provide access

7

 Unauthorized use: using a computer, network, or other
resource for purposes other than the intended uses
 Unauthorized use can occur when an employee uses the
employer’s computer for activities such as:
 personal emails
 personal printing
 personal online shopping

8

 Strong password: a password that is difficult to hack by
humans or password detection software programs
 A strong password meets the following criteria:
 is a minimum of eight characters
 uses a combination of uppercase letters, lowercase letters, numbers,
and symbols
 does not contain any dictionary words or words spelled backward
 does not contain consecutive or repeated numbers or letters
 has no personal information such as a birthdate

9

 Biometric devices: authenticate a person’s identity using
physical characteristics such as a fingerprint, iris scan, or voice
recognition

10

 Firewall: hardware,
software, or a
combination of hardware
and software that blocks
unwanted access to your
network

11

 Encryption: scrambles communications between devices so
that the data is not readable
 Wi-Fi Protected Access (WPA) and WPA2: more recent
security standards that authenticate users and employ
sophisticated encryption techniques
 Intrusion detection software: analyzes network traffic for
suspicious data and alerts network administrators to possible
system threats

12

 Acceptable use policy (AUP): a
written policy that describes for
employees, students, or other
network users the permitted uses for
computing equipment and networks

13
7.2 Botnets and Denial of Service Attacks

 Botnet: a collection of zombie computers that work together
to conduct an attack on another network
 zombie computer: a computer that is connected to the Internet and is
controlled by a hacker or other cybercriminal without the owner’s
knowledge

14
7.2 Botnets and Denial of Service

Attacks…continued
 Generally, the infection happens from one of the following
events:
 the individual clicks a link in an email or opens an email attachment
that contains the malicious program code, which is then installed on
the computer
 the individual downloads a video, image, or program from a website
without realizing the file is a cover for the malicious program code
 the individual simply visits a website without realizing that the
malicious code is being downloaded in the background

15

Attacks…continued
 Once the target computer is infected, it joins the botnet

16

Attacks…continued

17

Attacks…continued
 Denial of service attack (DoS):
when a network or web server is
overwhelmed with network traffic
in the form of a constant stream
of bogus emails or other
messages to the point that the
server’s response time becomes
slow or shuts down completely

18
CHECK YOUR UNDERSTANDING 1

1. A type of hacker that breaks into a computer 3. This term refers to a computer that is
network to pinpoint network weaknesses is controlled by a hacker without the owner’s
known as a ___________. knowledge.
a. Piggybacker a. Botnet
b. Black hat b. DoS
c. White hat c. Bot
d. War logger d. Zombie
2. Hardware or software that blocks unwanted 4. This type of attack overwhelms a network
access to a network is a(n) _____________. server with the intent of slowing or shutting
a. War driver down the server.
b. Firewall a. Denial of service
c. Encrypter b. Bot attack
d. White hat c. Piggybacking
d. War driving

19
7.3 Malware Infections

 Malware: any type of malicious software program that is
designed to damage, disable, or steal data
 Malware programs can:
 delete files
 damage files
 steal personal data
 track your activities
 display pop-up windows or messages
 turn your computer into a zombie

20
7.3 Malware Infections…continued

 Virus: a form of malware that
can replicate itself and spread
to other media on the infected
computer and to other
computers on the network
 macro virus: a type of virus that
is embedded in a document and
infects the computer when the
user opens the document and
enables a macro

21

 Worm: a self-replicating program that requires no action on
the part of the user to copy itself to another computer on a
network

22

 Trojan horse: a program that disguises
itself as a useful program but then
infects your computer with malware
when you run the application

23

 Rootkit: a program hides on the
infected computer and provides a back
door for a hacker or other cybercriminal
to remotely monitor or take over
control of the PC
 back door: way to bypass computer
security
 Using the remote access, the hacker or
cybercriminal can run damaging
programs or steal personal information

24

 Antivirus program: programs
that allow you to schedule
automatic scans to run on a
regular basis
 most programs are also set to scan
all incoming emails automatically

25

26
7.4 Phishing, Pharming, and Clickjacking

Threats
 Identity theft: occurs when an individual’s personal
information is obtained by a criminal who then uses the
information to buy products or services under the victim’s
name or otherwise pose as the victim for financial gain
 a growing area of cybercrime

27

Threats…continued
 Phishing: activities that appear
to be initiated by a legitimate
organization (such as one’s bank)
in an attempt to obtain personal
information that can be used in
fraud, theft, or identity theft

28

Threats…continued
 Pharming: the individual is tricked into
entering personal information at a phony
website that appears to be the real
website
 spoofing: a sender’s email address is altered
to a phony address that appears legitimate to
the email recipient, or an IP address is altered
to appear to be a trusted source

29

Threats…continued
 Clickjacking: a button, graphic, or
link on a web page appears to be real
but, when clicked, causes malicious
software to run
 some clickjacks are used to download a
virus onto a computer

30

1. This type of virus is often embedded in a 3. This term describes activities that appear to
Microsoft Office document. be from legitimate organizations but that
a. Rootkit virus have malicious intent.
b. Worm virus a. Rootkit virus
c. Trojan horse virus b. Logic bomb virus
d. Macro virus c. Phishing
d. War driving
2. This type of virus is hidden from the owner 4. A phony button, graphic, or link on a website
and allows the computer to be controlled is used for ______________.
remotely. a. Phishing
a. Rootkit virus b. Pharming
b. Worm virus c. Spoofing
c. Macro virus d. Clickjacking
d. Logic bomb virus

31
7.5 Information Privacy

 Information privacy: the right of individuals or
organizations to control the information that is collected about
them
 consider all of the websites at which you have set up accounts and the
personal information you provided at each site
 consider that some websites track the pages you visit and store
information about you
 software may be installed on your computer that is tracking everything
you do

32
7.5 Information Privacy…continued

 Cookie: a small text file sent
by a web server to be stored
on your computer’s hard disk
that contains data about you
such as your user name and
the pages you visited

33

 Spyware: software programs that exist
on your computer without your
knowledge and track your activities
 keystroke logger (or keylogger): may be
activated as part of a rootkit or Trojan horse
that records every keystroke you type and
sends it back to a cybercriminal
 Adware: software programs responsible
for pop-up ads that appear on your
desktop or while viewing web pages

34

 Spam: electronic junk mail—
unsolicited emails sent to a large
group of people at the same time
 Twitter bots: software
programmed to follow people
based on popular keywords

35

 To be safe, never post files at a cloud
provider that contains sensitive
information, such as your birthdate
and social security number
 At social networks such as Facebook
and Twitter, make sure you review
and change privacy settings so that
only the information you want public
is viewable by anyone

36

 When shopping online or conducting other business that
requires a financial transaction, make sure the URL at the
website begins with https and that you see a small closed
padlock next to the address bar or in the Status bar of the
browser window
 Transport Layer Security (TLS): encrypts transmitted data
so that the data is unreadable if intercepted

37

38
7.6 Mobile Device Security

 Mobile malware: viruses designed for
mobile devices
 Make sure all mobile devices, including
tablets and smartphones, have mobile
security software to prevent malware
infections

39
7.6 Mobile Device Security…continued

 The following tools assist with securing mobile devices and data:
 physical locks with cables that attach a notebook to a table or desk in a public
place are a deterrent to thieves looking for an easy target
 many devices now come equipped with fingerprint readers that restrict access to
the authenticated user only
 technology for remote wiping, locking, and tracking of a lost or stolen mobile
device allows the owner to wipe the device clean of data and track the device’s
location
 a strong password or passcode for access to the data should be enabled on all
devices; should the device be stolen or lost, the password/passcode may provide
enough time to employ remote wiping utilities
 regular backups of data stored on mobile devices should be mandatory
40
7.6 Mobile Device Security…continued

 Bluetooth technology, which
wirelessly connects and exchanges
data between two devices in close
proximity, is subject to risk from
intrusion from others within range
 Bluetooth range is approximately 30 feet
 a risk exists that someone else can
connect to your device and send you a
virus or access personal data

41

1. This is a small text file placed on your hard 3. Bluetooth range is approximately _____ feet.
drive after visiting a website. a. 10
a. Spyware b. 20
b. Cookie c. 30
c. Adware d. 40
d. Spam
2. This type of spyware records everything you 4. Viruses designed for a notebook, tablet, or
type. smartphone are referred to by this term.
a. Adware a. Mobile malware
b. Spam b. Mobile mania
c. Cookie c. Mobile risk
d. Keylogger d. Mobile software

42
Chapter Summary
 After successfully completing this chapter, you are now able to:
 Explain various types of network risks that occur when computers are
connected to a network or the Internet
 Describe techniques used to protect against network and Internet intrusions
 Distinguish various types of malware and methods to prevent malware
 Recognize privacy concerns when using the Internet and strategies for
safeguarding personal information
 Identify mobile device security risks and techniques for minimizing risk

Seguin - Chapter 7

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Seguin - Chapter 7

Uploaded by

Copyright:

Available Formats

2

Paradigm Publishing, Inc. Computer Concepts Topics

7.1 Unauthorized Access and Unauthorized Use of Computer Resources

Paradigm Publishing, Inc. Computer Concepts Topics

7.1 Unauthorized Access and Unauthorized

Paradigm Publishing, Inc. Computer Concepts Topics

7.1 Unauthorized Access and Unauthorized

Paradigm Publishing, Inc. Computer Concepts Topics

7.1 Unauthorized Access and Unauthorized

Paradigm Publishing, Inc. Computer Concepts Topics

7.1 Unauthorized Access and Unauthorized

Paradigm Publishing, Inc. Computer Concepts Topics

7.1 Unauthorized Access and Unauthorized

Paradigm Publishing, Inc. Computer Concepts Topics

7.1 Unauthorized Access and Unauthorized

Paradigm Publishing, Inc. Computer Concepts Topics

7.1 Unauthorized Access and Unauthorized

Paradigm Publishing, Inc. Computer Concepts Topics

7.1 Unauthorized Access and Unauthorized

Paradigm Publishing, Inc. Computer Concepts Topics

7.1 Unauthorized Access and Unauthorized

Paradigm Publishing, Inc. Computer Concepts Topics

7.2 Botnets and Denial of Service Attacks

Paradigm Publishing, Inc. Computer Concepts Topics

7.2 Botnets and Denial of Service

Paradigm Publishing, Inc. Computer Concepts Topics

7.2 Botnets and Denial of Service

Paradigm Publishing, Inc. Computer Concepts Topics

7.2 Botnets and Denial of Service

Paradigm Publishing, Inc. Computer Concepts Topics

7.2 Botnets and Denial of Service

Paradigm Publishing, Inc. Computer Concepts Topics

CHECK YOUR UNDERSTANDING 1

Paradigm Publishing, Inc. Computer Concepts Topics

7.3 Malware Infections

Paradigm Publishing, Inc. Computer Concepts Topics

7.3 Malware Infections…continued

Paradigm Publishing, Inc. Computer Concepts Topics

7.3 Malware Infections…continued

Paradigm Publishing, Inc. Computer Concepts Topics

7.3 Malware Infections…continued

Paradigm Publishing, Inc. Computer Concepts Topics

7.3 Malware Infections…continued

Paradigm Publishing, Inc. Computer Concepts Topics

7.3 Malware Infections…continued

Paradigm Publishing, Inc. Computer Concepts Topics

7.3 Malware Infections…continued

Paradigm Publishing, Inc. Computer Concepts Topics

7.4 Phishing, Pharming, and Clickjacking

Paradigm Publishing, Inc. Computer Concepts Topics

7.4 Phishing, Pharming, and Clickjacking

Paradigm Publishing, Inc. Computer Concepts Topics

7.4 Phishing, Pharming, and Clickjacking

Paradigm Publishing, Inc. Computer Concepts Topics

7.4 Phishing, Pharming, and Clickjacking

Paradigm Publishing, Inc. Computer Concepts Topics

CHECK YOUR UNDERSTANDING 2

Paradigm Publishing, Inc. Computer Concepts Topics

7.5 Information Privacy

Paradigm Publishing, Inc. Computer Concepts Topics

7.5 Information Privacy…continued

Paradigm Publishing, Inc. Computer Concepts Topics

7.5 Information Privacy…continued