Presentation is loading. Please wait.

Presentation is loading. Please wait.

Professor Michael J. Losacco CIS 1110 – Using Computers Computer Security Chapter 10.

Published byMeredith Lynch Modified over 8 years ago

Similar presentations

Presentation on theme: "Professor Michael J. Losacco CIS 1110 – Using Computers Computer Security Chapter 10."— Presentation transcript:

1 Professor Michael J. Losacco CIS 1110 – Using Computers Computer Security Chapter 10

2 Chapter10 2/44 Overview Describe Types of Security Risks Identify Safeguards Against Risks Explain Encryption Discuss System Failure Prevention Recognize Ethical Issues Discuss Health-related Disorders

3 Chapter10 3/44 Security Risks Action that Causes Loss of Data Damage to Computer System Cybercrime Online or Internet-based Illegal Act Malware Short for Malicious Software Designed to Damage or Disrupt System

4 Chapter10 4/44 Security Risks Hacker Person Who Breaches Network Security Cracker Person Who Illegally Modifies Software Script Kiddies Use Programs Developed by Others Attack Computer Systems & Networks

5 Chapter10 5/44 Security Risks Corporate Spies Unethical Employess Cyberextortionists Cyberterrorists Cyberespionage Government Body & Agency Incidents Zero-day Exploits Attack Based on Known Vulnerability No Patch or Fix Exists

6 Chapter10 6/44 Internet & Network Attacks Virus Code from Outside Source Implants Itself in Computer Ability to Replicate & Distribute Itself Activation Opening Infected File Payload Event that Transpires when Virus Executes

7 Chapter10 7/44 Internet & Network Attacks Worm Copies Itself Repeatedly Uses Up Resources Possibly Shuts Down Network Trojan Horse Hides in Legitimate Program Captures Logon Keystrokes Redirects to Counterfeit Site

8 Chapter10 8/44 Internet & Network Attacks Denial of Service (DoS) Designed to Make Network Unusable Flooding it With Useless Traffic Disrupts Access to Internet or Email Rootkit Hides in Computer Activated Before OS Completely Loads Remote Takes Full Control of Computer

9 Chapter10 9/44 Internet & Network Attacks Botnet Group of Compromised Computers Connected to a Network Zombie or Bot Compromised Computer Steal Identities, Customer & Employee Data Packet Sniffer Captures Data Traversing a Network

10 Chapter10 10/44 Internet & Network Attacks Back Door Secret Code in Program Bypasses Security when Accessing Computer Spoofing Network or Internet Transmission Appear as Legitimate to Victim RAM Scraper Capture Data from Volatile Memory

11 Chapter10 11/44 Internet & Network Attacks SQL Injection Exploit how Web Pages Communicate With Back-end Databases Social Engineering Attacker Invents Scenario Persuade, Manipulate, or Trick Target Perform an Action or Divulge Information

12 Chapter10 12/44 Internet & Network Attacks Brute-force Attack Automated Process Iterating Possible Username/Password Car Hacking Decrypt RFID Key Fobs Beckham – 2 $180K BMWs

13 Chapter10 13/44 Internet & Network Attacks Prevention Antivirus Detects & Identifies Viruses Looks for Signature Specific Pattern of Virus Code Inoculates Existing Program Files Records File Size & Creation Date Removes or Quarantines Viruses Creates Rescue/Recovery Disk

14 Chapter10 14/44 Internet & Network Attacks Prevention Firewall Security System Consists of Hardware and / or Software Monitors Communication Ports Informs You of Attempted Intrusion

15 Chapter10 15/44 Internet & Network Attacks Prevention Intrusion Detection Software Analyzes Network Traffic Assesses System Vulnerabilities Identifies Intrusions & Suspicious Behavior Honeypot Vulnerable Computer Set Up to Entice Intruder to Break into it

16 Chapter10 16/44 Unauthorized Access & Use Access Control Defines Who Can Access a Computer When They Can Access It What Actions They Can Take Two-phase Processes Identification Authentication

17 Chapter10 17/44 Unauthorized Access & Use Access Control User Name Unique Characters that Identifies User Password Private Characters Associated with User Longer Passwords Provide Greater Security Avoid the Obvious Easy to Remember Passphrase CAPTCHA Type Distorted Characters

18 Chapter10 18/44 Unauthorized Access & Use Possessed Object Item That You Must Carry to Gain Access Often Used with PIN AKA Personal Identification Number Numeric Password

19 Chapter10 19/44 Unauthorized Access & Use Biometric Device Authenticates Identity Uses Personal Characteristic Signature Voice Fingerprint Hand Geometry Iris Verification

20 Chapter10 20/44 Unauthorized Access & Use Digital Forensics Discovery Collection Analysis Of Evidence Found on Computers

21 Chapter10 21/44 Hardware Theft & Vandalism Hardware Theft Stealing Equipment Vandalism Defacing / Destroying Equipment Security Methods Alarm Cable Lock Possessed Object Biometrics

22 Chapter10 22/44 Software Theft Steal Software Media Intentionally Erase Programs Illegally Copy a Program Illegally Register a Program Illegally Activate a Program Security Method Product Activation Unique ID Required to Install Software

23 Chapter10 23/44 Information Theft Stolen Personal or Confidential Data Encryption Convert Readable Data into Unreadable Used to Transmit Files Over Internet Recipient Must Decrypt to Read Data

24 Chapter10 24/44 Information Theft Encryption Mechanics

25 Chapter10 25/44 Information Theft War Driving Drive Vehicle Through Area Detect Wireless Networks Digital Signature Encrypted Code Attached to Electronic Message Verifies Identity of Sender Digital Certificate Guarantees Site Legitimacy

26 Chapter10 26/44 Information Theft Transport Layer Security (TLS) Protocol that Guarantees Privacy Between Client/Server Apps on Internet S-HTTP HTTP Extension Support Sending Data Securely over Web

27 Chapter10 27/44 Information Theft Data Loss http://www.privacyrights.org/data-breach OrganizationEventWhat# Records Monster.comHackJob Seeker Data1,300,000 UCLAHackStudent/Faculty Data800,000 Digital RiverHackIndia, $500,000200,000 Boston GlobePrintouts as WrappingSubscriber Data240,000 Circuit CityLost Credit Card TapesCustomer Data2,100,000 Dept Veteran AffairsStolen from HomeVeterans Data26,500,000

28 Chapter10 28/44 System Failure Prolonged Malfunction of Computer Aging Hardware Natural Disasters Electrical Power Problems Noise Unwanted Electrical Signal Undervoltage Drop in Electrical Supply Overvoltage (Power Surge, Spike) Significant Increase in Electrical Power

29 Chapter10 29/44 System Failure Surge Protector Protects Against Power Disturbances Uninterruptible Power Supply (UPS) Provides Short-term Power

30 Chapter10 30/44 Backup Duplicate of File, Program, or Disk Full Backup All Files in Computer Selective Backup Select Which Files to Back Up Restore Copy Files Back to Original Location Stored Offsite

31 Chapter10 31/44 Health Concerns CVS (Computer Vision Syndrome) Eye & Vision Problems RSI (Repetitive Strain Injury) Carpal Tunnel Syndrome Nerve Inflammation Forearm to Palm Tendonitis Tendon Inflammation Repeated Motion

32 Chapter10 32/44 Health Concerns Ergonomics Workplace Comfort, Efficiency, & Safety keyboard height: 23” to 28” feet flat on floor adjustable height chair with 4 or 5 legs for stability adjustable seat elbows at 90° and arms and hands parallel to floor

33 Chapter10 33/44 Health Concerns Computer Addiction Computer Consumes Entire Social Life Symptoms Craves Computer Time Unable to Stop Computer Activity Irritable When Not at Computer Neglects Family & Friends

34 Chapter10 34/44 Ethics & Society Computer Ethics Moral Guidelines Govern Use of Computers & Systems Information Accuracy Not All Web Information is Correct

35 Chapter10 35/44 Ethics & Society Copyright Set Of Exclusive Rights Granted to Author of an Original Work Includes Right to Copy, Distribute, Adapt Intellectual Property Rights Rights for Creators of Their Work

36 Chapter10 36/44 Ethics & Society IT Code of Conduct Written Guideline Determines Ethical Computer Action Employers Distribute to Employees

37 Chapter10 37/44 Ethics & Society Green Computing Reduce Computer Electricity U.S. Servers Consume 1.2% of Electricity Reduce Environmental Waste

38 Chapter10 38/44 Information Privacy Restrict Right to Collect Personal Data Difficult to Maintain Data is Stored Online Electronic Profiling Online Data Collected Fill Out Form or Click Advertisement Employee Monitoring Observe Employee Computer Use

39 Chapter10 39/44 Information Privacy Content Filtering Restrict Access to Certain Material ICRA (Internet Content Rating Assoc) Provides Rating System of Web Content Web Filtering Software Restricts Access to Specified Sites

40 Chapter10 40/44 Information Privacy Cookie Small File on Your Computer User Preferences Passwords How Regularly You Visit Web Sites Target Advertisements Some Sites Sell / Trade Cookie Data Browser Settings Specify Sites You Will Accept Cookies From

41 Chapter10 41/44 Information Privacy Chip Implants (FDA Approved 2004) Size of a Grain of Rice ID Medical History (1000+ Mexican Patients) Secure Access (Mexico) Access to VIP Areas (Barcelona Nightclub) “Mark of the Beast” (Virginia)

42 Chapter10 42/44 Information Privacy Spam Unsolicited Email Messages Internet Junk Mail 90.5% of All Email in September 08 eWeek 11/08 Email Filtering Blocks Emails from Designated Sources Collects Spam in Central Location Anti-spam Program Remove Spam Before Reaching Inbox

43 Chapter10 43/44 Information Privacy Spyware Placed Without User's Knowledge Result of Installing New Program Secretly Collects Information About User Adware Shows Ads in Lieu of Payment

44 Chapter10 44/44 Information Privacy Phishing Perpetrator Sends Official Looking Email Obtain Personal & Financial Information Pharming Obtain Personal & Financial Information Via Spoofing ShadowCrew Buy/Sell CC#, Identities, Security Holes Recruit Hackers 4,000 Criminals Participating

Download ppt "Professor Michael J. Losacco CIS 1110 – Using Computers Computer Security Chapter 10."

Similar presentations

Your Interactive Guide to the Digital World Discovering Computers 2012 Chapter 9 Computer Security and Safety, Ethics and Privacy.

Your Interactive Guide to the Digital World Discovering Computers 2012 Chapter 9 Computer Security and Safety, Ethics and Privacy.
Computer Security and Safety, Ethics and Privacy

Computer Security and Safety, Ethics and Privacy
Security Objectives Describe the types of computer security risks

Security Objectives Describe the types of computer security risks
Discovering Computers 2008 Fundamentals Fourth Edition Chapter 10 Computer Security, Ethics, and Privacy.

Discovering Computers 2008 Fundamentals Fourth Edition Chapter 10 Computer Security, Ethics, and Privacy.
Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network.

Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network.
Discovering Computers & Microsoft Office 2010 Discovering Computers Chapter 5.

Discovering Computers & Microsoft Office 2010 Discovering Computers Chapter 5.
Objectives Overview Describe various types of network attacks, and identify ways to safeguard against these attacks, including firewalls and intrusion.

Objectives Overview Describe various types of network attacks, and identify ways to safeguard against these attacks, including firewalls and intrusion.
Your Interactive Guide to the Digital World Discovering Computers Part 10 Manage Computing Securely, Safely and Ethically.

Your Interactive Guide to the Digital World Discovering Computers Part 10 Manage Computing Securely, Safely and Ethically.
1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.

1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.
Chapter 11 – Section 4-5.  Techniques use to Access the network  War Driving or access point mapping ▪ Individuals attempt to detect wireless network.

Chapter 11 – Section 4-5.  Techniques use to Access the network  War Driving or access point mapping ▪ Individuals attempt to detect wireless network.
Teachers Discovering Computers Integrating Technology and Digital Media in the Classroom 7 th Edition Security Issues and Ethics in Education Chapter 8.

Teachers Discovering Computers Integrating Technology and Digital Media in the Classroom 7 th Edition Security Issues and Ethics in Education Chapter 8.
Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Privacy, Security, and Ethics Chapter 9.

Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Privacy, Security, and Ethics Chapter 9.
Living in a Digital World Discovering Computers 2010.

Living in a Digital World Discovering Computers 2010.
Discovering Computers Fundamentals, 2012 Edition Living in a Digital World.

Discovering Computers Fundamentals, 2012 Edition Living in a Digital World.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Discovering Computers 2008 Chapter 11 Computer Security, Ethics and Privacy.

Discovering Computers 2008 Chapter 11 Computer Security, Ethics and Privacy.
Living in a Digital World Discovering Computers 2011.

Living in a Digital World Discovering Computers 2011.
Discovering Computers 2010

Discovering Computers 2010
Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network.

Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network.
Discovering Computers 2008 Chapter 11 Computer Security, Ethics and Privacy.

Discovering Computers 2008 Chapter 11 Computer Security, Ethics and Privacy.

Similar presentations

Ads by Google