Computer Security Part 2 Summary
•Download as PPTX, PDF•
1 like•410 views
This document summarizes key topics related to computer security and privacy from a textbook. It discusses types of malicious programs like viruses, worms, and trojans. It also outlines various threats like software and information theft and system failure. Additionally, it covers safeguards against these threats including hardware theft prevention, encryption, backups, and wireless security. Finally, it examines ethics, laws, and health issues involving information accuracy, intellectual property, green computing, privacy through cookies and spyware, spam, phishing, and social engineering.
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (19)
Similar to Computer Security Part 2 Summary
Similar to Computer Security Part 2 Summary (20)
More from Carolyn Brockman
More from Carolyn Brockman (11)
Recently uploaded
Recently uploaded (20)
Computer Security Part 2 Summary
- 1. Computer Security Part 2 of 2 Small book by Shelly Cashman that came with text.
- 2. Top 10 Hackers Who Got Caught
- 3. Gerald Martin hacked into the system of a company that competed with his. – NY Times
- 4. Anonymous “A Leaderless Hacker Group”
- 6. Figure 10-1, pg. 382
- 7. Internet and Network Attacks Virus Worm Trojan Rootkit Infects, negatively altering the way computer works Copies itself repeatedly, using up resources Needs certain condition to trigger, does not replicate Allows person to take over your computer from remote location.
- 9. Figure 10-2 from pg. 385
- 10. Trojan Programs, 3. 90% Viruses, 7.00 % Network Worms, 89.1 0% Malicious Program Types http://www.securelist.com/en/analysis/151436695/Virus_Review_2002 Portable Media, 1.3 0% Internet, 2. 30% Email, 93.4 0% Main Virus Threat
- 11. Safeguards against computer viruses and other malware
- 13. Figure 10-5 from pg. 388 of your book
- 14. Safeguards
- 15. Hardware Theft and Vandalism
- 16. Software Theft • End-User License Agreement (EULA)
- 18. Information Theft (Digital Signature)
- 19. System Failure Uninterruptible Power Supply (UPS)
- 20. Backing Up – The Ultimate Safeguard
- 21. Wireless Security Wireless Access Point (WAP)
- 23. 802.11i network
- 24. Health Concerns: Repetitive Strain Injury
- 25. Health Concerns: Computer Vision Syndrome
- 28. Ethics and Society: Information Accuracy • National Press Photographers Association
- 29. Ethics and Society: Intellectual Property Rights
- 31. Information Privacy: Electronic Profiles
- 32. Information Privacy: Cookies Look in your book, pg. 404, at figure 10-22 about “How Cookies Work”
- 33. Information Privacy: Spyware and Adware
- 37. Privacy Laws: Employee Monitoring
- 38. Privacy Laws: Content Filtering
- 39. • Complete both worksheets by Monday beginning of class. • Complete take home test by Monday beginning of class. Assignment
Editor's Notes
- “Computer Security Risk” is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability.Cybercrime is one of FBI’s Top 3 priorities.Hacker, originally a complimentary word for a computer enthusiast, now has a derogatory meaning and refers to someone who accesses a computer or network illegally. Some hackers claim the intent of their security breaches is to improve security.Cracker also is someone who accesses a computer or network illegally but has the intent of destroying data, stealing information, or other malicious action. Both hackers and crackers have advanced and network skills.Script kiddie same intent as a cracker but does not have the technical skills and knowledge. Script kiddies use prewritten hacking and cracking programs to break into computers.
- Unethical employees break into their employers’ computers for a variety of reasons. Some simply want to exploits a security weakness. Others seek financial gains from selling confidential information. Disgruntled employees may want revenge.Cyber extortionists is someone who uses e-mail as a vehicle for extortion. These perpetrators send an organization a threatening e-mail message indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization’s network – if they are not paid a sum of money.Cyberterroists-some
- Cyberterroists-someone who uses the Internet or network to destroy or damage computers for political reasons. The cyberterrorist might target the nation’s air traffic control system, electricity-generating companies, or a telecommunications infrastructure. Cyberterrorism usually requires a team of highly skilled individuals, millions of dollars, and several years of planning.Anonymous: Leaderless Hacker Group
- Computer viruses, worms, Trojan Horses and Rootkits virus- potentially damaging computer program that affects, or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission. Once the virus infects the computer, it can spread throughout and may damage files and system software, including the operating system. worm; program that copies itself repeatedly, for example in memory or on a network, using up resources and possibly shutting down the computer or network Trojan horse a program that hides within or looks like a legitimate program. A certain condition or action usually triggers the Trojan horse. Unlike a virus or a worm, A Trojan horse does not replicate itself to other computers. rootkit- a program that hides in a computer an allows someone from a remote location to take full control of the computer. Once the rootkit is installed, the rootkit author can execute programs, change settings, monitor activity, and access files on the remote computerMalwarePayloadoperating system runs much slower than usualAvailable memory is less than expectedFiles become corruptedScreen displays unusual message or imageUnknown programs or files mysteriously appearMusic or unusual sound plays randomlyExisting programs and files disappearPrograms or files do not work properlySystem properties changeOperating system does not start upOperating system shuts down unexpectedly
- More than 300,000 computer Web sites can infect your computer.Open an infected fileRuns an infected programBoots the computer with an infected removable media inserted in a drive or plugged into a portConnects an unprotected computer to a networkWhen a certain condition or event occurs such as computer’s clock changing to a specific date.A common way computer an become infected is through email.
- Interesting Information, according to Securelist.com, a virus review for 2002, http://www.securelist.com/en/analysis/151436695/Virus_Review_2002 Two graphs stood out.Malicious Program Types Trojan Programs 3.9%, Viruses 7.0%, and Network Worms 89.1%AndMain Virus Threat Sources Portable Media 1.30%, Internet 2.30%, Email 96.40%
- Anti virus programVirus signatureVirus definitionTips for preventing viruses and other malware. trusted sourceantivirus programsVirus signatureVirus definition- known specific code of virus codeQuarantine- a separate area of a hard disk that holds the infected file until the infection can be removed.Refer to TIPS for PREVENTING VIRUSES AND OTHER MALWARE
- Botnets- a group of compromised computers connected to a network such as the Internet that are used as part of a network that attacks other networks, usually for nefarious purposes. A compromised computers, known as a zombie, is one whose owner is unaware the computer is being controlled remotely by an outsider. Cybercriminals use botnets to send spam via e-mail, spread viruses and other malware, or commit a denial of service attack.Denial of Service Attacks- disrupt computer access to an internet services such as the Web or emailBack Doors bypass security controlsSpoofing appear legitimate to a victim or a network
- Safeguards against Botnets, DoS Attacks, Back Doors and SpoofingFirewallsIntrusion Detection software
- Safeguards against unauthorized access and useIdentifying and authenticating usersUser names and passwordsPossessed objects- any object you must carry to gain access to a computer or computer facility, badges, cards, smart cards, and keysBiometric devicesDigital Forensics
- Safeguards Against Hardware Theft and Vandalism
- Safeguards Against Software TheftLockup copies of your CDs
- Safeguards against Information TheftEncryptionDigital signature
- Safeguards against system failureAmount of protection to power strip is “proportional to cost” the more expensive the more protection.Be sure to have protection for your modem, telephone lines, DSL lines, Internet cable lines and network lines.
- Backing upBack upRestore
- Wireless Access Point (WAP) should be configured so that tit does not broadcast a network name. configured so that certain devices can access it.
- Wi-Fi Protected Access (WPA)- security standard that improves on older security standards by authenticating network users and providing more advanced encryptions techniques.
- 802.11i network, sometimes called WPA2, the most recent network security standard, conforms to the governments security standards and uses more sophisticated encryption techniques than WPA.Way beyond me!
- Computers and Health RisksRSI is an injury or disorder of the muscles, nerves, tendons, ligaments, and joints. Tendonitis (long term) and carpal tunnel syndrome (short term). Largest job related injury and illness problem in the US today
- www.tehvisiontherapycenter.com/computereyestrainPoint out that even though the idea of computer vision is being stressed, the person’s monitor is too low, need to have monitor set higher.
- Cybersex Addiction – compulsive use of Internet pornography, adult chat rooms, or adult fantasy role-play sites impacting negatively on real-life intimate relationships. Cyber-Relationship Addiction – addiction to social networking, chat rooms, and messaging to the point where virtual, online friends become more important than real-life relationships with family and friends. Net Compulsions – such as compulsive online gaming, gambling, stock trading, or compulsive use of online auction sites such as eBay, often resulting in financial and job-related problems. Information Overload – compulsive web surfing or database searching, leading to lower work productivity and less social interaction with family and friends. Computer Addiction – obsessive playing of off-line computer games, such as Solitaire or Minesweeper, or obsessive computer programming.
- Computer Ethics are the moral guidelines that govern the use of computers and information systems.Information accuracyNational press photographers association- group that completely opposes any manipulation of an image, ‘legal precedence so far have not been established”
- Intellectual property rights http://content.gcflearnfree.org/topics/204/infographic_copyright.png
- Green computingReducing the electricity and paper waste while using a computerhttp://www.solidworks.com/sustainability/docs/LCA_graphic_for_web.jpg
- Information piracy refers to the right of individuals and companies to deny or restrict the collection and use of information about them. When you fill out a form and that company sells the information to another company.
- Cookies, Websites store information about youMainly the sites store your interests and what you like to search about, then send you coupons, emails, etc. of related items
- Spyware secretly collects information about user.Adware displays ads in banner on webpages, email, Internet services
- Phishing is the same as the prank caller or
- Will manipulate person somehow to get what they need
- Using computer to monitor employee workHot topic over workplace email policy, OTC’s email policy is that OTC owns ALL OTC email.Controversial topic is whether videos are ok to take all the time??? Webcams??? They are everywhere? Checkout Earthcam.com just for fun