Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Discovering Computers Fundamentals 3rd Edition
Document related concepts
Unix security wikipedia , lookup
Trusted Computing wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Information privacy law wikipedia , lookup
Mobile security wikipedia , lookup
Medical privacy wikipedia , lookup
Cyberattack wikipedia , lookup
Computer security wikipedia , lookup
Do Not Track legislation wikipedia , lookup
Social engineering (security) wikipedia , lookup
Transcript
Chapter 10 Computer Security, Ethics, and Privacy 51 slides 1 Chapter 10 Objectives Identify ways to safeguard against computer viruses, worms, Trojan horses, denial of service attacks, back doors, and spoofing Discuss techniques to prevent unauthorized computer access and use Identify safeguards against hardware theft and vandalism Explain the ways to protect against software theft and information theft Discuss the types of devices available that protect computers from system failure Identify risks and safeguards associated with wireless communications Discuss issues surrounding information privacy Discuss ways to prevent health-related disorders and injuries due to computer use 2 Next Computer Security Risks What is a computer security risk? Event or action that causes loss of or damage to computer system 3 p. 362 - 363 Fig. 10-1 Next Internet and Network Attacks What are viruses, worms, and Trojan horses? Virus is a potentially damaging computer program Can spread and damage files Worm copies itself repeatedly, using up resources and possibly shutting down computer or network Trojan horse hides within or looks like legitimate program until triggered Does not replicate itself on other computers 4 p. 364 Next Internet and Network Attacks How can a virus spread through an e-mail message? Step 1. Unscrupulous Step 2. They use programmers create a virus program. They hide the virus in a Word document and attach the Word document to an e-mail message. the Internet to send the e-mail message to thousands of users around the world. Step 3b. Other users do not Step 3a. Some users open the attachment and their computers become infected with the virus. p. 365 Fig. 10-2 recognize the name of the sender of the e-mail message. These users do not open the e-mail message -- instead they immediately delete the e-mail message. These users’ computers are not infected with the virus. 5 Next Internet and Network Attacks How can you protect your system from a macro virus? Set macro security level in applications that allow you to write macros At medium security level, warning displays that document contains macro Macros are instructions saved in an application, such as word processing or spreadsheet program 6 p. 365 Next Internet and Network Attacks What is an antivirus program? Identifies and removes computer viruses Most also protect against worms and Trojan horses 7 p. 365 Next Internet and Network Attacks What is a virus signature? Specific pattern of virus code Also called virus definition Antivirus programs look for virus signatures 8 p. 366 Fig. 10-3 Next Internet and Network Attacks What are some tips for preventing virus, worm, and Trojan horse infections? Set the macro security in programs so you can enable or disable macros If the antivirus program flags an e-mail attachment as infected, delete the attachment immediately Install an antivirus program on all of your computers Check all downloaded programs for viruses, worms, or Trojan horses Never open an e-mail attachment unless you are expecting it and it is from a trusted source Install a personal firewall program Click to view Web Link, click Chapter 10, Click Web Link from left navigation, then click Virus Hoaxes below Chapter 10 p. 366 9 Next Internet and Network Attacks What happens if an antivirus program identifies an infected file? Attempts to remove any detected virus Quarantines infected files that it cannot Keeps file in remove separate area of hard disk 10 p. 366 Next Internet and Network Attacks What is a denial of service attack and back door? A denial of service attack is an assault which disrupts access to an Internet service such as the Web or e-mail A back door is a program or set of instructions in a program that allow users to bypass security controls when accessing a program, computer, or network 11 p. 367 Next Internet and Network Attacks What is spoofing? Makes a network or Internet Transmission appear legitimate IP spoofing occurs when an intruder computer fools a network into believing its IP address is from a trusted source Perpetrators of IP spoofing trick their victims into interacting with a phony Web site 12 p. 367 Next Internet and Network Attacks What is a firewall? Security system consisting of hardware and/or software that prevents unauthorized network access 13 p. 367 Fig. 10-5 Next Internet and Network Attacks What is a personal firewall utility? Program that protects personal computer and its data from unauthorized intrusions Monitors transmissions to and from computer Informs you of attempted intrusion Click to view Web Link, click Chapter 10, Click Web Link from left navigation, then click Personal Firewall Software below Chapter 10 p. 368 14 Next Internet and Network Attacks How can companies protect against hackers? Intrusion detection software analyzes network traffic, assesses system vulnerabilities, and identifies intrusions and suspicious behavior 15 p. 368 Next Video: Honeynet Project Founder Lance Spitzer The Honeynet tracks hackers and exposes their techniques low quality (click to start) high quality (click to start) 16 Next Unauthorized Access and Use What is a user name? Unique combination of characters that identifies user Password is private combination of characters associated with the user name that allows access to certain computer resources 17 p. 369 Fig. 10-6 Next Unauthorized Access and Use How can you make your password more secure? Longer passwords provide greater security 18 p. 369 Fig. 10-7 Next Unauthorized Access and Use What is a possessed object? Item that you must carry to gain access to computer or facility Often used with numeric password called personal identification number (PIN) 19 p. 370 Next Unauthorized Access and Use What is a biometric device? Authenticates person’s identity using personal characteristic Fingerprint, hand geometry, voice, signature, and iris 20 p. 370 Fig. 10-8 Next Video: ID Security Smile, Big Brother wants your iris scan low quality (click to start) high quality (click to start) 21 Next Hardware Theft and Vandalism What are hardware theft and hardware vandalism? Hardware theft is act of stealing computer equipment Cables sometimes used to lock equipment Some notebook computers use passwords, possessed objects, and biometrics as security methods For PDAs, you can passwordprotect the device Hardware vandalism is act of defacing or destroying computer equipment 22 p. 371 Fig. 10-9 Next Software Theft What is software theft? Act of stealing or illegally copying software or intentionally erasing programs Software piracy is illegal duplication of copyrighted software Click to view Web Link, click Chapter 10, Click Web Link from left navigation, then click Software Piracy below Chapter 10 p. 372 23 Next Software Theft What is a license agreement? Right to use software Single-user license agreement allows user to install software on one computer, make backup copy, and sell software after removing from computer 24 p. 372 Fig. 10-10 Next Software Theft What is product activation? Product activation allows user to input product identification number online or by phone and receive unique installation identification number 25 p. 373 Next Information Theft What is encryption? Safeguards against information theft Process of converting plaintext (readable data) into ciphertext (unreadable characters) Encryption key (formula) often uses more than one method To read the data, the recipient must decrypt, or decipher, the data Click to view Web Link, click Chapter 10, Click Web Link from left navigation, then click Encryption below Chapter 10 p. 373 Fig. 10-11 26 Next Information Theft What are methods for securing e-mail messages? Pretty Good Privacy (PGP) is popular e-mail encryption program Digital signature is encrypted code attached to e-mail message to verify identity of sender Freeware for personal, noncommercial use 27 p. 374 Next Information Theft How do Web browsers provide secure data transmission? Many Web browsers use encryption Secure site is Web site that uses encryption to secure data Digital certificate is notice that guarantees Web site is legitimate Click to view Web Link, click Chapter 10, Click Web Link from left navigation, then click Digital Certificates below Chapter 10 p. 374 28 Next Information Theft What is a certificate authority (CA)? Authorized person or company that issues and verifies digital certificates Users apply for digital certificate from CA 29 p. 374 Next System Failure What is a system failure? Prolonged malfunction of computer Can cause loss of hardware, software, data, or information Caused by aging hardware, natural disasters, or electrical power disturbances 30 p. 374 Next System Failure What is a surge protector? Protects computer and equipment from electrical power disturbances Uninterruptible power supply (UPS) is surge protector that provides power during power loss Click to view Web Link, click Chapter 10, Click Web Link from left navigation, then click Uninterruptible Power Supply below Chapter 10 p. 374 - 375 Figs. 10-13–10-14 31 Next Backing Up — The Ultimate Safeguard What is a backup? Duplicate of file, program, or disk Full backup all files in computer Selective backup select which files to back up Three-generation backup preserves three copies of important files In case of system failure or corrupted files, restore files by copying to original location 32 p. 375 Next Wireless Security How can I ensure my wireless communication is secure? Secure your wireless access point (WAP) WAP should not broadcast your network name Enable Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA) 33 p. 376 Next Ethics and Society What are computer ethics? Moral guidelines that govern use of computers and information systems Unauthorized use of computers and networks Software theft Intellectual property rights—rights to which creators are entitled for their work Information accuracy Information privacy Click to view Web Link, click Chapter 10, Click Web Link from left navigation, then click Digital Rights Management below Chapter 10 p. 376 34 Next Information Privacy What is information privacy? Right of individuals and companies to restrict collection and use of information about them Difficult to maintain today because data is stored online Employee monitoring is using computers to observe employee computer use Legal for employers to use monitoring software programs 35 p. 379 and 384 Next Information Privacy What are some ways to safeguard personal information? Fill in only the necessary information on rebate, warranty, and registration forms Avoid shopping club and buyers cards Inform merchants that you do not want them to distribute your personal information Install a cookie manager to filter cookies Clear your history file when you are finished browsing Set up a free e-mail account; use this e-mail address for merchant forms Turn off file and print sharing on your Internet connection Limit the amount of information you provide to Web sites; fill in only required information Install a personal firewall Sign up for e-mail filtering through your Internet service provider or use an antispam program, such as Brightmail Do not reply to spam for any reason Surf the Web anonymously with a program such as Freedom Web Secure or through an anonymous Web site such as Anonymizer.com 36 p. 379 Next Information Privacy What is an electronic profile? Data collected when you fill out form on Web Merchants sell your electronic profile Often you can specify whether you want personal information distributed 37 p. 380 Next Information Privacy What is a cookie? User preferences How regularly you visit Web sites Small file on your computer that contains data about you Some Web sites sell or trade information stored in your cookies Set browser to accept cookies, prompt you to accept cookies, or disable cookies Interests and browsing habits Click to view Web Link, click Chapter 10, Click Web Link from left navigation, then click Cookies below Chapter 10 p. 380 - 381 38 Next Information Privacy How do cookies work? 39 p. 380 Fig. 10-18 Next Information Privacy What are spyware, adware, and spam? Spyware is program placed on computer without user’s knowledge Adware is a program that displays online advertisements Spam is unsolicited e-mail message sent to many recipients 40 p. 381 - 382 Fig. 10-19 Next Information Privacy How can you control spam? Service that blocks e-mail messages from designated sources E-mail filtering Collects spam in central location that you can view any time Anti-spam program Attempts to remove spam Sometimes removes valid e-mail messages 41 p. 382 Next Information Privacy What is phishing? Scam in which a perpetrator sends an official looking e-mail that attempts to obtain your personal information 42 p. 381 Next Information Privacy What privacy laws have been enacted? 43 p. 383 Fig. 10-20 Next Information Privacy What privacy laws have been enacted? (cont’d) 44 p. 383 Fig. 10-20 Next Information Privacy What is content filtering? Process of restricting access to certain material Internet Content Rating Association (ICRA) provides rating system of Web content Web filtering software restricts access to specified sites 45 p. 384 Fig. 10-21 Next Health Concerns of Computer Use What are some health concerns of computer use? Computer vision syndrome (CVS)—eye and vision problems Carpal tunnel syndrome (CTS)—inflammation of nerve that connects forearm to palm Repetitive strain injury (RSI) Tendonitis—inflammation of tendon due to repeated motion Computer addiction—when computer consumes entire social life 46 p. 385 - 386 Next Health Concerns of Computer Use What precautions can prevent tendonitis or carpal tunnel syndrome? Take frequent breaks during computer session Use wrist rest Exercise hands and arms Minimize number of times you switch between mouse and keyboard 47 p. 385 Next Health Concerns of Computer Use How can you ease eyestrain when working at the computer? 48 p. 386 Fig. 10-23 Next Health Concerns of Computer Use What is ergonomics? Applied science devoted to comfort, efficiency, and safety in workplace keyboard height: 23” to 28” elbows at 90° and arms and hands parallel to floor adjustable backrest adjustable seat adjustable height chair with 5 legs for stability 49 p. 386 Fig. 10-24 feet flat on floor Next Health Concerns of Computer Use What is green computing? Reducing electricity and environmental waste while using computer Click to view Web Link, click Chapter 10, Click Web Link from left navigation, then click Green Computing below Chapter 10 p. 387 Fig. 10-25 50 Next Summary of Computers and Society, Security, Privacy, and Ethics Potential computer risks Ethical issues surrounding information accuracy, intellectual property rights, and information privacy Safeguards that schools, business, and individuals can implement to minimize these risks Computer-related health issues, their preventions, and ways to keep the environment healthy Wireless security risks and safeguards Chapter 10 Complete 51
