CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
Computer security and privacy
1. C.G.E. ICT – SIR JD March2, 2016
COMPUTER SECURITY AND PRIVACY
PART 1
I. Define the term,computer securityrisks,and brieflydescribe the types of cybercrime
perpetrators
A computer securityriskis any event or action that could cause a loss or damage to computer
hardware, software, data, or information.
TYPES OF CYBERCRIME PERPETRATORS
Corporatespy– a person hired by an organization to break into another organization’s
specific computer and steal its proprietary data and information, or to help identify security
risks within their own organization. The hiring of a corporate spy is called corporate
espionage.
Cracker – someone who accessesa computer or network illegally, with the intent of
destroying data, stealing information, or any other malicious action. A cracker usually has
advanced network skills.
Cyberextortionist– aperson who uses e-mails as their drive force for extortion.
A cyberextortionist usually performs actions, such as threatening to expose confidential
information about a company, unless they are paid a certain sum of money.
Cyberterrorist– someone who uses the internet or a network to destroy or damage
computers for political reasons.Cyberterrorists are also associated with cyberwarfare,which
is describedas an attack whose goal ranges from disabling a government’scomputer
network to crippling a country.
Hacker – a person who accessesa computer or network illegally. Some hackers make a claim
or justify their intent for hacking, are to improve security.
Scriptkiddie– someone who has the same intent as a cracker but does not have the
technical expertise,so in turn use pre-writtenhacking andcracking programs to breach
computers or networks.
Unethicalemployee– employeesmay break into their employer’s computer or network
maybe either to simply exploit a security weakness or to seek financial gains from selling
confidential information. Some employees may just want revenge (GrayShelter).
2. C.G.E. ICT – SIR JD March2, 2016
II. Describe varioustypes of Internet and network attacks, and identify ways to safeguard
against these attacks
An internetor network attack is when someone accessesanother person’s computer via the
internet or their network to gain information for their own personal agenda or just to
destroy their data.
TYPES OF INTERNET or NETWORK ATTACK
1) Malware(Malicioussoftware)– aprogram that act without a user’s knowledge and
deliberately alter the computer operation.
Types:
a) computervirus–a program that are designedto affect, or infect a computer
negatively by altering how the computer works without the user’sknowledge or
permission
b) worm–aprogram that copies itself repeatedly
c) Trojan Horse–aprogram that hides within or looks like a legitimate program, but
executeswhena certain condition or action is triggered.
d) Rootkit– program that hides in a computer and allows someone from a remote
location to take full control of the computer.
e) Spyware– a program placed on a computer without the user’s knowledge that
secretly collects information about the user
f) Adware – a program that displays an online advertisement in a banner or a pop-up
window on web pages,e-mail messagesor other internet services
2) Botnets - a group of compromised computers connectedto a network such as the
Internet that are used as part of a network that attacks other networks, usually for
nefarious purposes.
3) BackDoor - A program or set of instructions in a program that allow users to bypass
security controls when accessinga program, computer, or network
4) Denialof ServiceAttacks or DoS attack - is an assault whose purpose is to disrupt
computer accessto an Internet service such as the Web or e-mail.
5) Spoofing- A technique intruders use to make their network or Internet transmission
appear legitimate to a victim computer or network.
3. C.G.E. ICT – SIR JD March2, 2016
These are precautions and measures that canbe taken to prevent an attack:
1). Not starting a computer with removablemedia insertedin the drives or plugged in
the ports.
2). Neveropeningane-mailattachment unless the attachment is expectedandis
from a trusted source.
3). Setting a computer’s macrosecuritylevel to high, in software and programs, and
that macros are only enabled from programs of a trusted source.
4). Installing and frequently updating of anti-virusprogramsandsoftware.
5). Enabling of a computer’sfirewall as this prevents a computer from having hackers
or malicious software from gain accessthrough the internet or network.
6).Installing intrusiondetectionsoftware;which analyzes all network traffic, assesses
system vulnerabilities, identifies any unauthorized intrusions, and notifies network
administrators of suspicious behavior patterns or system breaches.
7). Using a honeypot; a purposely vulnerable computer that is set up to entice an
intruder to break into it.
III. Discusstechniquesto prevent unauthorizedcomputer accessand use
Identify your weaknesses. Make sure every entry point is securedwith passwords and
encryption.
Install anti-virussoftware on your computers. Invest in an anti-virus program to prevent
malware attacks on your system.
Install perimetersecuritysolutions. There are three types of network perimeter security:
1) Firewall – Prevents unauthorized Internetusers from accessing your private network via
the Internet
2) Intrusion DetectionSystem – Monitors and reports on threats to your network
3) Intrusion Prevention Program – Stops threats as well as reports on them
Use a spam filter. You can either install spam filtering software on your computer or network
server or buy a dedicated appliance or outsource spam filtering to an online service provider.
Backupyour important data. Identify the vital data you need to protect. Then choose from
offline and online data backup solutions to ensure the security and availability of your critical
business information. Seta backup schedule and test your solutions regularly.
Encrypt your files,hard drives and backup disks. Byencrypting your hardware and data, only
people with a valid password will have access.
4. C.G.E. ICT – SIR JD March2, 2016
Set up a virtual private network (VPN). Bycreating a VPN, team members working from
home or on the road using Wi-Fi in public won’t be exposingyour business to security
threats.
Automate securityupdates. Byenabling auto updates, your computer will always have the
most recentform of software and anti-virus programs installed.
Restricttotal access.Don’t give all team members universal access to everypart of your
network. Protect sensitive files and databases with passwords that only your key people
know.
Monitor network traffic. Install software or hardware that keeps an eye on who’s visiting
which sites and which of your computers they’re using.
Reviewyoursecurity periodically.Stayaware of new security threats and improved
solutions by visiting your security software/service vendor websites.
Don’t host your business website.Consider using a website hosting service that will take
care of your website’s security needs and provide redundancy,which will allow your website
to be properly restored if attacked.
IV. Identify safeguards against hardware theft and vandalism
1) Real time location systems (RTLS) for high-risk or high-value items allow the user to always
know the whereabouts of their hardware.
2) Physical accesscontrols, such as locked doors and windows, are a good way to protect a
mass amount of hardware equipment.
3) Installation and use of alarm systems that go off when someone enters a room.
4) Physical security devices,suchas cables, that allow a user to lock their equipment to a
desk, drawer or eventhe floor. This does not prevent vandalism though unfortunately.
5) Mini-securitysystems for mobile devices, such as a shutting down of the device or
sounding an alarm if the device moves outside a certain distance.
6) Locking of hard disks, with a cable,requiry of a card to slide in a card reader or finger print
scans and encryption of data.
7) Implementing the requiry of a password or biometrics, to unlock mobile devices.
5. C.G.E. ICT – SIR JD March2, 2016
V. Explainthe ways software manufacturers protect against software piracy
1) Issue a license agreement
A license agreementis the right to use the software. A license agreementis a legal
agreementthat grants someone permission to use something trademarked, copyrighted or
otherwise protected in specificcircumstances. Usually this right is givenwhen the person has
bought the software therefore licensing agreementsare essentially permission slips that
describe authorized use of the subject of the license.When people install software on their
computers, they must review a legal document describing how the software can be used.
2) Require a product activation
Product activation is the procedure by which a piece of software or operating system is
proven to be legitimately installed.
VI. Discusshow encryption works,and explainwhy it is necessary
Encryption works by scrambling the original message with a verylarge digital number (key).
This is done using advanced mathematics. Commercial-level encryption uses 128 bit key that
is very,very hard to crack. The computer receivingthe message knows the digital key and so
is able to work out the original message.
Encryption is extremelyimportant for e-commerce asit allows confidential information such
as your credit card details to be sent safely to the online shop you are visiting.
6. C.G.E. ICT – SIR JD March2, 2016
COMPUTER SECURITY AND PRIVACY
PART 2
I. Discussthe types of devicesavailable that protect computers from system failure
1) A surge protector
Also called a surge suppressor, this device is able to protect against system failure
because it uses special electrical components to smooth out minor noises, provide a
stable current flow and keep an under voltage from reaching the computer and other
electronic components.
2) An uninterruptible power supply (UPS)
A UPS connects between your computer and a power source. It is a device that contains
surge protection circuits and one or more batteries that can provide power during a
temporary or permanent loss of power. There are two types of UPS: standby (also called
offline), which switches to battery power when a problem occurs in the power line. The
second type is online, which always runs off the battery in order to provide continuous
protection.
II. Explainthe options available for backingup computer resources
BACKUP DISCS – Back up your files using CDs and DVDs
CONVENTIONALEXTERNALDRIVE– Backup your files using USBand externalhard disk
drives which canstore a huge amount of data
NETWORK-ATTACHED STORAGE/WINDOWSHOMESERVER -usinga drive that's
attached through your network can make the data accessible across all of your
computers and also allow all of your computers to back up data onto a single unit
ONLINE SERVICES(i.e.DROPBOX)- Online data backup is generally pretty reliable, and by
virtue of being online, the data is accessible to you from just about anywhere
RAID or Redundant Array of IndependentDisks - It involves using multiple hard drives in
a single computer and having thempresented to the operating system as a single drive,
and can be good for keeping data safe from drive failure or evenimproving overall
system performance.
7. C.G.E. ICT – SIR JD March2, 2016
III. Identify risks and safeguards associated with wirelesscommunications
Signal strength.In general,the closer the user is to the access point, the stronger the
signal and the faster the transfer rate. Rogue (unauthorized) accesspoints may or may
not be in the same facility as authorized devices. Users should know that signal strength
alone, is not sufficient to determine authorized networks.
Manual connection. Portable devices such as laptops and handhelds should be
configured so that they do not automatically connectto wireless networks. A manual
process helps ensure that the device connectsto the appropriate wireless network.
Legitimate network. Since Wi-Fi signals can travel a long distance, users should check
with the management of the facility that provides the connectivity to ensure they are
connectingto the appropriate network. Unauthorized "evil twin" networks can capture
logon credentials and other sensitive information.
Encryption. There are many different types of encryption methods usedto secure
wireless networks. Wired Equivalent Privacy (WEP) is the oldest and least preferred. Wi-
Fi Protected Access(WPA) is newer and offers better protection. WPA2 is the newest
and should be used if possible. Users should use Virtual Private Network (VPN) when
connectingto corporate systems.
Shouldersurfing. Ensure that others cannot obtain the user's ID and password as it is
typed. In addition, sensitive information should not be able to be read on the screen by
unauthorized personnel.
Screenaware.Usersshould look at the address bar URL. This will help protect against
phishing attacks. Secure pagestypically have a URL starting with https and include a
secure page notification such as a lock.
Firewalls. Firewalls help restrict traffic to and from the device. Users should ensure the
firewall is turned on so it can actively protect the device.
Patch management. Users should ensure that operating system and security protection
software is patched and up-to-date. Ensure browsers and updates to third party
software packages are applied in a timely manner. Critical updates should be tested and
applied as soon as possible.
Battery saver. Portable devicesconstantly search for available networks. Users can
increase battery life by turning off Wi-Fi when it isn't needed. This also helps ensure that
an intruder can't connectto the device.
Incident management. Users should inform the appropriate personnel if theybelieve
they logged into the wrong network, sensitive information such as their ID/password was
compromised, their device was lost or stolen, etc.
8. C.G.E. ICT – SIR JD March2, 2016
IV. Discussways to prevent health-relateddisordersand injuriesdue to computer use
• Whenyou are typing, your keyboard should be at elbow level and your mouse should be
close to your body.
• Your computer screen or monitor has to be at, or slightly below, your eye level with the
screenabout an arm's length away from your eyes.
• Frequently used items should not be more than 45cms away from you.
• Whensitting at a computer desk,you should place your feetflat on the floor with thighs
parallel to the floor.
• Sit up straight and try to maintain the sitting posture of an S-shaped spine, not a C-shaped
one. Adjust the backrest if necessary,to support your lower back.
• Many with RSI symptoms report theyfeel less pain when typing, compared to when using
a mouse. Use keyboard shortcuts as often as possible.
• Whenusing a laptop it can help to plug in an attachable keyboard so that the screencan be
positioned at an appropriate height.
• Keepyour hands warm. Working in a cold environment increases chancesof hand pain and
stiffness. If you can’t control the temperature, rub your palms against eachother
vigorously when you feel them growing cold.
• Take frequent breaks to stretch and relax—momentary breaks everynow and then to
relax and longer breaks once everyhour or so, for stretching.
• Whenyou are not typing, your wrists should not rest on the keyboard, should not be bent
up or down or to the side.
• Increase your font sizesso you don’t have to read things pressurizing the nervesand blood
vessels in the neck and shoulders.
• Try to reduce computer usage. Replace some emailmessages with phone calls or personal
interactionwherever possible. Cut down on computer games or pause the game every3-4
minutes.
9. C.G.E. ICT – SIR JD March2, 2016
V. Recognize issuesrelatedto information accuracy,intellectualproperty rights,codes of
conduct, and greencomputing
Information Accuracy
The issues:
1. The accuracyof computer input, do not assume that info is correct because it’s on
the web. Users should evaluate this information before relying on its content.
2. Some individuals and organization ask questions about the ethics of using computers
to alter output, primarily graphical output such as retouched photo.
IntellectualProperty Rights
Intellectual property rights are the rights to which a creator is entitled to his or her work.
The issue: People illegaly acquire software, movies and music.
The issues with copyright led to developing DRM(Digital rights management) to prevent
illegal distribution of movies, music, etc.
Codes of Conduct
It is a written guideline that helps determine whether a specific computer action is ethical or
unethical.
GreenComputing
It involves reducing electricityand environmental waste while using computer.
The ENERGY STARprogram was developed to help reduce the amount of elecritcity used by
computers & other related devices.This program encouragesmanufacturers to create
energyefficient devicesthat require little power when they’re not used.
VI. Discussissues surrounding information privacy
Information Privacy is the right of individuals and companies to deny or restrict collection and use of
information about them.
Electronic Profile – It is the data collected when you fill out form on web. Merchantssell your
electronic profile.
Cookies – It is a small text file on your computer that contains data about you:user
preferences,interests,browsing habits and how you regularly visit web sites
Spam – unsolicited e-mail message sent to many recipients
10. C.G.E. ICT – SIR JD March2, 2016
Scam – perpetrator sends an official looking e-mail that attempts to obtain your personal and
financial information.
SOURCES
http://www.wong-sir.com/cit/social_impacts/computer_security_risks.htm
https://grayshelter.wordpress.com/2014/09/30/computer-security-risks-types-of-cybercrime-
perpetrator/
https://grayshelter.wordpress.com/2014/09/30/various-internet-network-attacks-along-with-their-
safeguards/
https://grayshelter.wordpress.com/2014/09/18/safeguards-against-hardware-theft-and-vandalism/
http://www.slideshare.net/hazirma/421-computer-security-risks-15398144
http://www.slideshare.net/PriSim/computer-security-threats-prevention
https://cybersafety2014.wordpress.com/2014/09/25/how-do-software-manufacturers-protect-against-
software-piracy/
http://www.teach-ict.com/technology_explained/encryption/encryption.html
https://cybersafety2014.wordpress.com/2014/09/25/what-types-of-devices-are-available-to-protect-
computers-from-system-failure/
http://www.storagereview.com/how_to_options_for_backing_up_your_computer
http://www.altiusit.com/files/blog/Top10UserWiFiSafeguards.htm
http://www.medindia.net/patients/lifestyleandwellness/computer-related-injuries-prevention.htm
http://www.slideshare.net/samudin/computer-security-and-safety-ethics-privacy
https://prezi.com/aladbfr3eqrb/recognize-issues-related-to-information-accuracy-intellectual-
property-rights-codes-of-conduct-and-green-computing/