FACULTY OF INTEGRATED LIFE SCIENCES

Foundation In Science

2021/07
FSC 1123
INTRODUCTION TO INFORMATION SYSTEM &
TECHNOLOGY
 Lecture Units
2 hours lecture class + 1 tutorial lesson
UNIT 1: Introduction to Information System
UNIT 2: Computer Hardware
UNIT 3: Computer Software
UNIT 4: Telecommunications and Network
UNIT 5: Computer Security, Safety and Ethical
UNIT 6: Information Systems Strategy
UNIT 7: Information System Development
UNIT 8: Electronic and Mobile Commerce
UNIT 9: Enterprise System: Transaction Processing System
UNIT 10: Enterprise System: Decision Support Systems (DSS)
UNIT 11: Knowledge Management Systems (KMS)
 Unit 5 : Computer Security, Safety and Ethical
5.1 Digital Security Risk
 Event or action that could cause loss of or damage to computer or
mobile device hardware, software, data, information or processing
capability.
 Common digital security risk;
 Internet and network attacks – virus attack
 System failure – lightning strike
 Information theft – stolen identity
 Software theft – illegal copy
 Hardware theft – stolen computer
 Unauthorized access and use – intercepting wireless communication
 Unit 5 : Computer Security, Safety and Ethical
5.1 Digital Security Risk

 An intentional breach to digital security often involves a deliberated act

that is against the law. Any illegal act involving the use of computer or

related devices generally is referred to a COMPUTER CRIME.

 Cybercrime – refers to online or Internet based illegal acts

such as distributing malicious software or committing identity
theft.
 Unit 5 : Computer Security, Safety and Ethical
5.1 Digital Security Risk
 Perpetrators of cybercrime;
• Someone who accesses a
HACKER
computer or network illegally.
• (good & bad )
• Someone who accesses a
computer or network illegally
but has the intent of destroying
CRACKER
the data, stealing information.
• HACKER & CRACKER has
advance computer skills
• Has same intent as a cracker but
does not have the technical
SCRIPT
skills and knowledge.
KIDDIE
• Often use prewritten hacking
and cracking programs to break
into computers.
 Unit 5 : Computer Security, Safety and Ethical
5.1 Digital Security Risk

 Perpetrators of cybercrime;

Excellent in computer and

networking skills.
CORPORATE Hired to break into a UNETHICAL
PIESspecific computer and steal EMPLOYEES
its proprietary data,
information.
 Unit 5 : Computer Security, Safety and Ethical
5.1 Digital Security Risk

 Perpetrators of cybercrime;

• Uses Internet or network to

Demands payment to stop the destroy or damage computers
CYBEREXTORTIONIST
attack. for political reasons.
Cyberterrorist
• High skill individual, millions
of dollars, several years of
planning
 Unit 5 : Computer Security, Safety and Ethical
5.2 Internet and Network Attacks

 Internet and network attacks that jeopardize security ;

o Malware
恶意软件
o Botnets 僵尸网络
拒绝服务攻击
o Denial of service attacks 后门
欺骗

o Back doors
o Spoofing
 Unit 5 : Computer Security, Safety and Ethical
5.2 Internet and Network Attacks
o Malware (malicious software)
Consists of programs that act without a user’s knowledge and alter the
operation of computers and mobile devices.
Deliver its destructive event or prank on a computer in variety ways.
(Users open an infected file, runs an infected program, connects an
unprotected computer to a network, or when a certain condition or event
occurs, such as the computer clock changing to a specific date)
(Common way – infected by virus is through users opening infected email
attachments)
 Unit 5 : Computer Security, Safety and Ethical
5.2 Internet and Network Attacks
o Malware (malicious software)
Common types ;
 Virus - Affects a computer negatively by altering the way the computer works
 Worm - Program that copies itself repeatedly, for example in memory or on a network, using
up resource and possibly shutting down the computer device or network
 Trojan horse - Program that hides within or looks like a legitimate program.Does not replica
itself to other computer or devices

 Rootkit
 Spyware
 Adware
 Unit 5 : Computer Security, Safety and Ethical
5.2 Internet and Network Attacks
o Malware (malicious software)
Common types ;
 Rootkit - Program that hides in a computer and allows someone from a remote
location to take full control
 Spyware - Program placed on a computer or mobile device without the user’s
knowledge that secretly collects information about the user and then
communicates the information it collects to some outside source while the user
is online
 Adware - Program that display an online advertisement in a banner, pop-up
window, or pop-under window on webpages, email messages, or other Internet
services.
 Unit 5 : Computer Security, Safety and Ethical
5.2 Internet and Network Attacks

o Botnets – Group of compromised computer or

mobiles devices connected to a network, such as the
Internet, that are used to attack other networks.
Compromised computer(zombie) – one whose owner
is unaware the computer or device is being
controlled remotely by an outsider.
 Unit 5 : Computer Security, Safety and Ethical
5.2 Internet and Network Attacks

o Denial of service attacks - Purpose is to disrupt

computer access to an Internet service, such as the
web or e-mail. (https://youtu.be/YcH7qx6HTII)
o BACK DOORS – Program or set of instructions in a
program that allows users to bypass security controls
when accessing a program, computer or network.
 Unit 5 : Computer Security, Safety and Ethical
5.2 Internet and Network Attacks

o SPOOFING – Intruders use to make their network or

Internet transmission appear legitimate to a victim
computer or network. IP spoofing & email spoofing.-
Seems to be original but not. For an example
Maybank website seems to be original but not.
o https
 Unit 5 : Computer Security, Safety and Ethical
5.3 Safeguard against Internet and Network Attacks

o Use virus protection software

o Use firewall
o Be suspicious of all unsolicited email and text messages
o Disconnect your computer from the Internet
o Download software with caution
o Before using any removable media, scan it for malware
o Back up regularly
 Unit 5 : Computer Security, Safety and Ethical
5.3 Safeguard against Internet and Network Attacks
o Firewall - hardware or software that protects a network’s resource from
intrusion by users on another network such as Internet.
o Organizations use firewall to protect network resource from outsider and
to restrict employees access to sensitive data, such as payroll and
personnel records.
o https://youtu.be/kDEX1HXybrU
 Unit 5 : Computer Security, Safety and Ethical
5.4 Unauthorized Access and Use
o Unauthorized access – use of a computer or network without permission. –
Using someone else account.
o Unauthorized use – use of a computer or its data for unapproved or possibly
illegal activities. – Use of someone else crdt card to buy something …..

Safeguard Against Unauthorized Access And Use

o Access controls – security measures that defines who can access a
computer, or network when they can access it, and what actions
they can take while accessing it.
o User Names and Passwords
 Unit 5 : Computer Security, Safety and Ethical
5.4 Unauthorized Access and Use

Safeguard Against Unauthorized Access And Use

o Passphrase - My name is Jenifer ( MniJ)
o PIN Number
o Biometric devices
o Fingerprint reader
o Face recognition system
 Unit 5 : Computer Security, Safety and Ethical
5.5 Software Theft
o Someone steals software media, intentionally erases programs,
illegally registers and/or activates a program or illegally copies a
program.
Types of software theft ;
o PHYSICALLY STEALING SOFTWARE – a librarian might steal a
game CD/DVD
 Unit 5 : Computer Security, Safety and Ethical
5.5 Software Theft
Types of software theft ;
o INTENTIONALLY ERASING SOFTWARE – a software developer
terminated from a company. So he/she remove or disable the
program she has written.
o ILLEGAL REGISTRATION – Install through the keygen
o ILLEGAL COPYING – Copies software from the manufacture.
 Unit 5 : Computer Security, Safety and Ethical
5.6 Information Theft
Someone steals personal or confidential information.
Example; individual first might gain unauthorized access to a
computer and then steals credit card number stored in a firm’s
accounting department.
o ENCRYPTION – process of converting data that is readable by
humans into encoded characters to prevent authorized access.
 Unit 5 : Computer Security, Safety and Ethical
5.6 Information Theft

Digital Signatures : Encrypted code that a person, website or

organizations attached to an electronic message to verify the
identity of the message sender.
o Digital signature are often used to ensure that an impostor in
not participating in an Internet transaction.
o Can help to prevent email forgery.
o https://youtu.be/cew5k5y50SM
 Unit 5 : Computer Security, Safety and Ethical
5.6 Information Theft

Digital Cert. : Guarantees a user or a website is legitimate.

E-commerce uses the most.
Browsers often display a warning message if a website does not have a
valid digital certificates.
 Unit 5 : Computer Security, Safety and Ethical
5.7 Hardware Theft, Vandalism And Failure

• Hardware theft is the act of stealing digital equipment.

• Hardware vandalism involves defacing or destroying digital
equipment.
• Hardware failure can be vary in reasons; aging hardware, natural,
man made disasters, electrical power supply.
• BACKING UP-ULTIMATE SAFEGUARD
 Unit 5 : Computer Security, Safety and Ethical
5.7 Hardware Theft, Vandalism And Failure
• Full Backup - Copies all of the files on media in a computer.
• Advantage: Fastest recovery method. All files are saved
• Disadvantage: Longest backup time
• Differential backup - Copies only the files that have changed since the last full
backup
• Advantage : Fast backup method. Requires minimal storage space to back up
• Disadvantage: Recovery is time-consuming because the last backup plus the
differential backup are needed.
 Unit 5 : Computer Security, Safety and Ethical
5.7 Hardware Theft, Vandalism And Failure
• Incremental backup - Copies only the files that have been changed since the last
full or incremental backup
• Advantage: Fastest backup method. Requires minimal storage space to back
up. Only most recent changes saved.
• Disadvantage: Recovery is most time-consuming because the last full backup
and all incremental backups since the last full backup are needed.
 Unit 5 : Computer Security, Safety and Ethical
5.7 Hardware Theft, Vandalism And Failure
• Selective backup - Users choose which folders and files to include in a backup.
• Advantage: Fast backup method. Provides great flexibility.
• Disadvantage: Difficult to manage individual file backups. Least
manageable of all the backup method.
• Cloud backup - Files are backed up to the cloud as they change
• Advantage: Cloud backup provider maintains backup hardware. Files may
be retrieved from anywhere with an internet connection on any device.
• Disadvantage: Requires an internet connection, otherwise files are marked
for backup when the computer goes back online.
 Unit 5 : Computer Security, Safety and Ethical
5.8 Ethics & Society
• TECHNOLOGY ETHICS : Moral guidelines that governs the use of computers,
mobile devices, information systems, and related technologies.

Intellectual
Information Codes of
property
accuracy conducts
rights

Green Information
computing privacy
 Unit 5 : Computer Security, Safety and Ethical
5.9 Cookies
• A cookie is a small text file that a Web server stores on your computer.

Assist with
Allow for Store users’
online
personalization passwords
shopping

Track how
Target
often users
advertisements
visit a site
End of Unit 5 : Computer Security, Safety and Ethical