Computer Concepts – Illustrated 8 th edition Unit F: Data Security.

Computer Concepts – Illustrated 8th edition

Unit F: Data SecurityUnit F: Data Security

Computer Concepts – Illustrated 8th Edition 2

Objectives

Know what can go wrong

Protect computer systems

Understand authentication

Explore security threats and malware

Avoid security threats and malware



Objectives (continued)

Examine network and Internet access security

Explore Web and email security

Understand backups



Knowing What Can Go Wrong

Risk management in computer systems Identify potential threats to equipment and

data Implement plans to avoid threats Develop steps to recover from unavoidable

disasters

Possible problems with electricity Power failure Power spikes (or voltage spikes) Power surges


Knowing What Can Go Wrong (continued)

Hardware failures

Software failures

Human error

Computer viruses

Safe Mode: a limited version of Windows that is used to troubleshoot some problems

Cyberterrorism: terrorist acts committed via the Internet


Figure F-3: Troubleshooting guidelines


Protecting Computer Systems

To reduce likelihood of computer theft: Use common sense Use locking devices Use security plates

Tracking and recovery software Used to track a computer if stolen

Ways to protect data if computer is stolen Software that deletes data if computer is

stolen Use of a password to access computer


Figure F-4: A locking device Figure F-5: A security plate


Protecting Computer Systems (continued)

Protection from power problems UPS (uninterruptible power supply)

• Offers the best protection against power problems

• Provides a continuous supply of power Surge strip

• Protects against power surges and voltage spikes

Most computers have a fan Allow for ventilation around the computer


Understanding Authentication

Authentication protocols Used to confirm a person’s identity when he

or she tries to use a computer system

Three common ways to authenticate a user: Using something a person carries Using something a person knows Using a unique physical characteristic

Biometrics: identification on some physical trait, such as a fingerprint, handprint, etc.


Figure F-9: Retinal scans are a form of biometric authentication


Understanding Authentication (continued)

Two-factor authentication: verifies identity using two independent elements of confirmation

User ID: a user’s unique identifier on a computer or Web page; typically public

Password: verifies a user ID and guarantees that the user is the person he or she claims to be

User rights: rules that limit the directories and files that each user can access


Exploring Security Threats and Malware

Malicious code or malware Created by hackers, crackers, black hats,

or cybercriminals

Computer virus (or virus) Set of program instructions that attaches

itself to a file, reproduces itself, and spreads to other files on the same computer

Computer worm (or worm) Self-copying program that carries out some

unauthorized activity on a victim’s computer


Figure F-13: A simulated worm attack


Exploring Security Threats and Malware (continued)

Trojan horse (or Trojan) A program that seems to perform one function

while actually doing something else

Intelligent agent (or bot) Software that can automate a task or

autonomously execute a task Bad bots are used by hackers for

unauthorized or destructive tasks

Spyware A program that secretly gathers personal

information, usually for commercial purposes


Exploring Security Threats and Malware (continued)

Malware can: Create network traffic jam Initiate a denial-of-Service (DoS) attack Reconfigure a browser Delete and modify files Access confidential information Disable antivirus and firewall software Control your computer Degrade performance


Avoiding Security Threats and Malware

Some guidelines to avoid threats: Install and activate security software Keep software and operating system updated Do not open suspicious email attachments Obtain software only from reliable sources Use security software to scan for malware Do not click pop-up ads Avoid unsavory Web sites Disable the option Hide extensions for known

file types in Windows


Avoiding Security Threats and Malware (continued)

Security suite Typically includes antivirus, firewall, and

anti-spyware modules

Antivirus software Utility software that looks for and removes

viruses, Trojan horses, worms, and bots Virus signature

• A section of code that can be used to identify a known malicious program


Avoiding Security Threats and Malware (continued)

Virus definitions Contains information that antivirus software

uses to identify and remove malware Needs to be updated regularly

Make regular backups of your data


Examining Network and Internet Access Security

Wireless networks Susceptible to unauthorized access and

use, especially if unsecured

LANjacking or war driving Hackers can intercept signals with a Wi-Fi

enabled notebook computer

Wireless encryption WEP (Wired Equivalent Privacy) WPA (Wi-Fi Protected Access) WPA2


Examining Network and Internet Access Security (continued)

Wireless network key The basis for scrambling and unscrambling

data transmitted between wireless devices

Encryption Transforms a message so that its contents

are hidden from unauthorized readers

Firewall Software or hardware that filters out

suspicious packets attempting to enter or leave a computer


Figure F-20: Windows Firewall settings


Exploring Web and Email Security

Cookie Contains information about the user Stored on the user’s hard drive Ad-serving cookie

InPrivate feature of Internet Explorer No user data is stored after a browsing

session

Antispyware Security software designed to identify and

neutralize spyware


Figure F-23: Anti-Spyware software


Exploring Web and Email Security (continued)

Phishing Email-based or IM scam that persuades users

to reveal confidential information

Pharming Redirects users to fake sites by poisoning a

domain name server with a false IP address

Spam Unwanted electronic junk mail Techniques to combat spam:

• Email authentication techniques

• Spam filter


Understanding Backups

Backup: a copy made in case the original files become damaged Full backup (or full-system backup) Differential backup Incremental backup

Backup storage media include: Writable CDs, DVDs, BDs, solid-state

storage cards, tapes, and USB flash drives

Can back up data to a network server

Some Web sites offer Web-based storage


Understanding Backups (continued)

Backup software is designed to back up and restore files

Boot disk A removable storage medium containing the

operating system files needed to boot a computer

Recovery CD (or recovery disk) A bootable CD, DVD, or other media that

contains a complete copy of a computer’s hard drive, as it existed when shipped from the manufacturer


Talking Points: Prosecuting Computer Crime

Traditional laws do not cover the range of possibilities for computer crimes

Computer crime laws Many countries have laws that specifically

define computer data and software as personal property


Talking Points: Prosecuting Computer Crime (continued)

Computer crimes include: Data diddling Identity theft Salami shaving Denial of service Information theft Virus distribution Vandalism

Are hackers dangerous cyberterrorists or harmless pranksters?


Summary

This chapter introduced: Potential threats to computer equipment and

data Ways to protect computer system hardware Authentication How to use software to protect or recover

computer data How to back up data Network and Internet access security Different positions on prosecuting computer

crimeComputer Concepts – Illustrated 8th Edition 30

Computer Concepts – Illustrated 8 th edition Unit F: Data Security.

Documents

Transcript of Computer Concepts – Illustrated 8 th edition Unit F: Data Security.