Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Computer virus wikipedia , lookup
Trusted Computing wikipedia , lookup
Mobile device forensics wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Cyberattack wikipedia , lookup
Computer security wikipedia , lookup
Mobile security wikipedia , lookup
2 Paradigm Publishing, Inc. Computer Concepts Topics 3 7.1 Unauthorized Access and Unauthorized Use of Computer Resources 7.2 Botnets and Denial of Service Attacks 7.3 Malware Infections 7.4 Phishing, Pharming, and Clickjacking Threats 7.5 Information Privacy 7.6 Mobile Device Security Chapter Summary Paradigm Publishing, Inc. Computer Concepts Topics 4 7.1 Unauthorized Access and Unauthorized Use of Computer Resources Connecting to a network at home, at work, or at school has many advantages that include sharing access to the Internet and its resources, storage, and software These advantages do not come without risk network attacks at business and government organizations occur often Paradigm Publishing, Inc. Computer Concepts Topics 5 7.1 Unauthorized Access and Unauthorized Use of Computer Resources…continued Unauthorized access: using a computer, network, or other resource without permission Hacker: an individual who accesses a network without permission hacking: activities involved in gaining unauthorized entry into a network’s resources white hats: hackers with good intentions that attempt to pinpoint weaknesses in network security black hats: hackers who gain unauthorized access with malicious intent to steal data or for other personal gain Paradigm Publishing, Inc. Computer Concepts Topics 6 7.1 Unauthorized Access and Unauthorized Use of Computer Resources…continued War driving: an individual with a portable computing device who drives around trying to connect to someone else’s unsecured wireless network Piggybacking: connecting to someone else’s wireless network without the network owner’s intent or consent to provide access Paradigm Publishing, Inc. Computer Concepts Topics 7 7.1 Unauthorized Access and Unauthorized Use of Computer Resources…continued Unauthorized use: using a computer, network, or other resource for purposes other than the intended uses Unauthorized use can occur when an employee uses the employer’s computer for activities such as: personal emails personal printing personal online shopping Paradigm Publishing, Inc. Computer Concepts Topics 8 7.1 Unauthorized Access and Unauthorized Use of Computer Resources…continued Strong password: a password that is difficult to hack by humans or password detection software programs A strong password meets the following criteria: is a minimum of eight characters uses a combination of uppercase letters, lowercase letters, numbers, and symbols does not contain any dictionary words or words spelled backward does not contain consecutive or repeated numbers or letters has no personal information such as a birthdate Paradigm Publishing, Inc. Computer Concepts Topics 9 7.1 Unauthorized Access and Unauthorized Use of Computer Resources…continued Biometric devices: authenticate a person’s identity using physical characteristics such as a fingerprint, iris scan, or voice recognition Paradigm Publishing, Inc. Computer Concepts Topics 10 7.1 Unauthorized Access and Unauthorized Use of Computer Resources…continued Firewall: hardware, software, or a combination of hardware and software that blocks unwanted access to your network Paradigm Publishing, Inc. Computer Concepts Topics 11 7.1 Unauthorized Access and Unauthorized Use of Computer Resources…continued Encryption: scrambles communications between devices so that the data is not readable Wi-Fi Protected Access (WPA) and WPA2: more recent security standards that authenticate users and employ sophisticated encryption techniques Intrusion detection software: analyzes network traffic for suspicious data and alerts network administrators to possible system threats Paradigm Publishing, Inc. Computer Concepts Topics 12 7.1 Unauthorized Access and Unauthorized Use of Computer Resources…continued Acceptable use policy (AUP): a written policy that describes for employees, students, or other network users the permitted uses for computing equipment and networks Paradigm Publishing, Inc. Computer Concepts Topics 13 7.2 Botnets and Denial of Service Attacks Botnet: a collection of zombie computers that work together to conduct an attack on another network zombie computer: a computer that is connected to the Internet and is controlled by a hacker or other cybercriminal without the owner’s knowledge Paradigm Publishing, Inc. Computer Concepts Topics 14 7.2 Botnets and Denial of Service Attacks…continued Generally, the infection happens from one of the following events: the individual clicks a link in an email or opens an email attachment that contains the malicious program code, which is then installed on the computer the individual downloads a video, image, or program from a website without realizing the file is a cover for the malicious program code the individual simply visits a website without realizing that the malicious code is being downloaded in the background Paradigm Publishing, Inc. Computer Concepts Topics 15 7.2 Botnets and Denial of Service Attacks…continued Once the target computer is infected, it joins the botnet Paradigm Publishing, Inc. Computer Concepts Topics 16 7.2 Botnets and Denial of Service Attacks…continued Paradigm Publishing, Inc. Computer Concepts Topics 17 7.2 Botnets and Denial of Service Attacks…continued Denial of service attack (DoS): when a network or web server is overwhelmed with network traffic in the form of a constant stream of bogus emails or other messages to the point that the server’s response time becomes slow or shuts down completely Paradigm Publishing, Inc. Computer Concepts Topics 18 CHECK YOUR UNDERSTANDING 1 1. A type of hacker that breaks into a computer network to pinpoint network weaknesses is known as a ___________. a. b. c. d. 2. Piggybacker Black hat White hat War logger 4. War driver Firewall Encrypter White hat Paradigm Publishing, Inc. This term refers to a computer that is controlled by a hacker without the owner’s knowledge. a. b. c. d. Hardware or software that blocks unwanted access to a network is a(n) _____________. a. b. c. d. 3. This type of attack overwhelms a network server with the intent of slowing or shutting down the server. a. b. c. d. Computer Concepts Botnet DoS Bot Zombie Denial of service Bot attack Piggybacking War driving Topics 19 7.3 Malware Infections Malware: any type of malicious software program that is designed to damage, disable, or steal data Malware programs can: delete files damage files steal personal data track your activities display pop-up windows or messages turn your computer into a zombie Paradigm Publishing, Inc. Computer Concepts Topics 20 7.3 Malware Infections…continued Virus: a form of malware that can replicate itself and spread to other media on the infected computer and to other computers on the network macro virus: a type of virus that is embedded in a document and infects the computer when the user opens the document and enables a macro Paradigm Publishing, Inc. Computer Concepts Topics 21 7.3 Malware Infections…continued Worm: a self-replicating program that requires no action on the part of the user to copy itself to another computer on a network Paradigm Publishing, Inc. Computer Concepts Topics 22 7.3 Malware Infections…continued Trojan horse: a program that disguises itself as a useful program but then infects your computer with malware when you run the application Paradigm Publishing, Inc. Computer Concepts Topics 23 7.3 Malware Infections…continued Rootkit: a program hides on the infected computer and provides a back door for a hacker or other cybercriminal to remotely monitor or take over control of the PC back door: way to bypass computer security Using the remote access, the hacker or cybercriminal can run damaging programs or steal personal information Paradigm Publishing, Inc. Computer Concepts Topics 24 7.3 Malware Infections…continued Antivirus program: programs that allow you to schedule automatic scans to run on a regular basis most programs are also set to scan all incoming emails automatically Paradigm Publishing, Inc. Computer Concepts Topics 25 7.3 Malware Infections…continued Paradigm Publishing, Inc. Computer Concepts Topics 26 7.4 Phishing, Pharming, and Clickjacking Threats Identity theft: occurs when an individual’s personal information is obtained by a criminal who then uses the information to buy products or services under the victim’s name or otherwise pose as the victim for financial gain a growing area of cybercrime Paradigm Publishing, Inc. Computer Concepts Topics 27 7.4 Phishing, Pharming, and Clickjacking Threats…continued Phishing: activities that appear to be initiated by a legitimate organization (such as one’s bank) in an attempt to obtain personal information that can be used in fraud, theft, or identity theft Paradigm Publishing, Inc. Computer Concepts Topics 28 7.4 Phishing, Pharming, and Clickjacking Threats…continued Pharming: the individual is tricked into entering personal information at a phony website that appears to be the real website spoofing: a sender’s email address is altered to a phony address that appears legitimate to the email recipient, or an IP address is altered to appear to be a trusted source Paradigm Publishing, Inc. Computer Concepts Topics 29 7.4 Phishing, Pharming, and Clickjacking Threats…continued Clickjacking: a button, graphic, or link on a web page appears to be real but, when clicked, causes malicious software to run some clickjacks are used to download a virus onto a computer Paradigm Publishing, Inc. Computer Concepts Topics 30 CHECK YOUR UNDERSTANDING 2 1. This type of virus is often embedded in a Microsoft Office document. a. b. c. d. 2. Rootkit virus Worm virus Trojan horse virus Macro virus 4. Rootkit virus Worm virus Macro virus Logic bomb virus Paradigm Publishing, Inc. This term describes activities that appear to be from legitimate organizations but that have malicious intent. a. b. c. d. This type of virus is hidden from the owner and allows the computer to be controlled remotely. a. b. c. d. 3. Computer Concepts Rootkit virus Logic bomb virus Phishing War driving A phony button, graphic, or link on a website is used for ______________. a. b. c. d. Phishing Pharming Spoofing Clickjacking Topics 31 7.5 Information Privacy Information privacy: the right of individuals or organizations to control the information that is collected about them consider all of the websites at which you have set up accounts and the personal information you provided at each site consider that some websites track the pages you visit and store information about you software may be installed on your computer that is tracking everything you do Paradigm Publishing, Inc. Computer Concepts Topics 32 7.5 Information Privacy…continued Cookie: a small text file sent by a web server to be stored on your computer’s hard disk that contains data about you such as your user name and the pages you visited Paradigm Publishing, Inc. Computer Concepts Topics 33 7.5 Information Privacy…continued Spyware: software programs that exist on your computer without your knowledge and track your activities keystroke logger (or keylogger): may be activated as part of a rootkit or Trojan horse that records every keystroke you type and sends it back to a cybercriminal Adware: software programs responsible for pop-up ads that appear on your desktop or while viewing web pages Paradigm Publishing, Inc. Computer Concepts Topics 34 7.5 Information Privacy…continued Spam: electronic junk mail— unsolicited emails sent to a large group of people at the same time Twitter bots: software programmed to follow people based on popular keywords Paradigm Publishing, Inc. Computer Concepts Topics 35 7.5 Information Privacy…continued To be safe, never post files at a cloud provider that contains sensitive information, such as your birthdate and social security number At social networks such as Facebook and Twitter, make sure you review and change privacy settings so that only the information you want public is viewable by anyone Paradigm Publishing, Inc. Computer Concepts Topics 36 7.5 Information Privacy…continued When shopping online or conducting other business that requires a financial transaction, make sure the URL at the website begins with https and that you see a small closed padlock next to the address bar or in the Status bar of the browser window Transport Layer Security (TLS): encrypts transmitted data so that the data is unreadable if intercepted Paradigm Publishing, Inc. Computer Concepts Topics 37 7.5 Information Privacy…continued Paradigm Publishing, Inc. Computer Concepts Topics 38 7.6 Mobile Device Security Mobile malware: viruses designed for mobile devices Make sure all mobile devices, including tablets and smartphones, have mobile security software to prevent malware infections Paradigm Publishing, Inc. Computer Concepts Topics 39 7.6 Mobile Device Security…continued The following tools assist with securing mobile devices and data: physical locks with cables that attach a notebook to a table or desk in a public place are a deterrent to thieves looking for an easy target many devices now come equipped with fingerprint readers that restrict access to the authenticated user only technology for remote wiping, locking, and tracking of a lost or stolen mobile device allows the owner to wipe the device clean of data and track the device’s location a strong password or passcode for access to the data should be enabled on all devices; should the device be stolen or lost, the password/passcode may provide enough time to employ remote wiping utilities regular backups of data stored on mobile devices should be mandatory Paradigm Publishing, Inc. Computer Concepts Topics 40 7.6 Mobile Device Security…continued Bluetooth technology, which wirelessly connects and exchanges data between two devices in close proximity, is subject to risk from intrusion from others within range Bluetooth range is approximately 30 feet a risk exists that someone else can connect to your device and send you a virus or access personal data Paradigm Publishing, Inc. Computer Concepts Topics 41 CHECK YOUR UNDERSTANDING 3 1. This is a small text file placed on your hard drive after visiting a website. a. b. c. d. 2. 4. Adware Spam Cookie Keylogger Paradigm Publishing, Inc. Bluetooth range is approximately _____ feet. a. b. c. d. Spyware Cookie Adware Spam This type of spyware records everything you type. a. b. c. d. 3. 10 20 30 40 Viruses designed for a notebook, tablet, or smartphone are referred to by this term. a. b. c. d. Computer Concepts Mobile Mobile Mobile Mobile malware mania risk software Topics 42 Chapter Summary After successfully completing this chapter, you are now able to: Explain various types of network risks that occur when computers are connected to a network or the Internet Describe techniques used to protect against network and Internet intrusions Distinguish various types of malware and methods to prevent malware Recognize privacy concerns when using the Internet and strategies for safeguarding personal information Identify mobile device security risks and techniques for minimizing risk Paradigm Publishing, Inc. Computer Concepts Topics