Computer Security Risks
- a computer security risk is any event or action that could cause a loss of or damage to computer hardware , software , data , information , or processing cability
- A cybercrime is an online or Internet-based illegal act for example hackers , crackers , script kiddies , corporate spie and etc
- Information transmitted over networks has a higher degree of security risk than information kept on an organization premises
- an online security service is web site that evaluates our computer to check for Internet and e-mail vulerabilities
Worm -copies itself repeatedly , using up resources and possibly shutting down the computer or network
Trojan horse-a malicious program that hides within or looks like a legitimate program
Rootkit-program that hides in a computer and allows someone from a remote location to take full control
An infected computer has one or more of the following symptoms
- Operating system runs much slower than usual
- Available memory is lee than expected
- files becomes corrupted
- Screen displays unusual message or image
- Music or unusual sound plays randomly
- Existing programs and files disappear
- Programs or files do not work properly
- Unknown programs or files mysteriously appear
- System properties change
- Operating system does not start up
- Operating system shuts down unexpectedly
User can take several precautions to protect their home and work computers and mobile devices from these malicious infections
- a botnet is a group of compromised computers connected to a network
- a denial of service attack (DoS attack)disrupts computer access to Internet services
- a back door is a program or set of instructions in a program that allow user to bypass security controls
- spoofing is a technique intruders use to make their network or Internet transmission appear legitimate
- a firewall is hardware or software that protect a network resources from intrusion
- analyzes all network traffic
- assesses system vulnerabilities
- identifies any unauthorized intrusions
- notifies network administrators of suspicious behavior patterns or system breaches
- vulnerable computer that is set up to entice an intruder too break into it
Unauthorized access is the use of a computer or network without permission
Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities
- organizations take several measures to help prevent unauthorized access and use
-disable file and printer sharing
-firewall
-intrusion detection software
- access control define who can access it, and what action they can take for example two-phase processes called identification and authentication , user name , password ,passphrase and CAPTCHA
- A possessed object is any item that we must carry to gain access to a computer or computer facility
- A biometric device authenticates a person identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer
- digital forensics is the discovery, collection, and analysis of evidence found on computers and network
- Many areas use digital forensics for example law enforcement ,criminal prosecutors , military intelligence , insurance agencies and information security departments
Hardware Theft and Vandalism
Hardware theft is the act of stealing computer equipment
Hardware vandalism is the act of defacing or destroying computer equipment
- to help reduce the chances of the theft,companies and use a variety of security measures
-physical access control
-alarm system
-cables to lock equipment
-real time location system
-password,possessed object,and biometrics
Software Theft
software theft occurs when someone steals software media,intentionally erases programs, illegally copies a program and illegally registers and activates a program
A single-user license agreement typically contains the following conditions
Permitted to
-Install the software on one computer
-make one copy of the software
-Remove the software from our computer before giving it away or selling it
Not permitted to
-Install the software on a network
-give copies to friends or while continuing to use the software
-export the software
-rent or lease the software
- copying, loaning , borrowing , renting , or distributing software can be a violation of copyright law
- some software requires product activation to function fully
Information theft occurs when someone steals personal or confidential information
- Encryption is a process of converting readable data into unreadable characters to prevent unauthorized access
- a digital signature is an encrypted code that a person , wed site , or organization attaches to an electronic message to verify the identity of the sender
- Web browsers and Web sites use encryption techniques
- popular security techniques include digital certificates , transport layer security(TLS) , secure HTTP and VPN
- A system failure is the prolonged malfunction of a computer
- a variety of factors can lead to system failure including
- -aging hardware -natural disasters -electrical power problems -errors in computer programs
- two ways to protect from system failures cauesd by electrical power variations include surge protectors and uninterruptable power supplies (UPS)
- a backup is a duplicate of a file , program , or disk that can be used if the original is lost , damaged or destroyed
- Offsite backups are stored in a location separate from the computer site
- two categories of backup - full backup , selective backup
- three-generation backup policy
- wireless access poses additional security risks -about 80 percent of wireless network have no security protection
- war driving allows individual to detect wireless network while driving a vehicle through the area
- in additional to using firewall some safeguards improve security of wireless network
- -a wireless access point should not broadcast an SSID -change the default SSID -configure a WAP so that only certain devices can access it -use WPA or WPA2 security standards
- Computer ethics are the moral guidelines that govern the use of computers and information systems.
- Information accuracy is a concern.
- Intellectual property rights are the rights to which creators are entitled for their work.
- An IT code of conduct is a written guideline that helps determine whether a specific computer action is ethical or unethical.
- Green Computing involves reducing the electricity and environmental waste while using a computer.
- Information privacy refers to the right of individuals and companies to deny or restrict the collection nad use of information about them.
- Huge databases store data online.
- It is important to safeguard your information.
- a cookie is a small text file that a web server stores on our computer
- spam is an unsolicited e-mail message or newsgroup posting
- E-mail filtering blocks e-mail messages from designated sources
- Anti-spam programs attempt to removes spam before it reaches our inbox
- Phishing is a scam in which a perpetrator sends an official looking e-mail message that attempts to obtain our personal and financial information
- Pharming is a scam where a perpetrator attempts to obtain your personal and financial information via spoofing
- Content filtering is the process of restricting access to certain material on the Web
- Web filtering software restricts access to specified Wed sites
No comments:
Post a Comment