SlideShare ist ein Scribd-Unternehmen logo

kevin's powerpoint chapt 6

Als PPTX, PDF herunterladen
K
kkajairo
Technologie
1 von 52
Chapter 6 Network and Internet Security and Privacy
Learning Objectives • LO6.1: Explain network and Internet security concerns • LO6.2: Identify online threats • LO6.3: Describe cyberstalking and other personal safety concerns • LO6.4: Assess personal computer security • LO6.5: Identify privacy concerns • LO6.6: Discuss current network and Internet security legislation CMPTR Chapter 6: Network and Internet Security and Privacy 2
LO6.1: Understanding Security Concerns • Computer crime—or cybercrime—includes any illegal act involving a computer. • Cybercrime is a multibillion-dollar business that is often conducted by seasoned criminals. • All computer users should be aware of the security concerns surrounding computer network and Internet use, and they should take appropriate precautions. CMPTR Chapter 6: Network and Internet Security and Privacy 3
LO6.1: Understanding Security Concerns • Topics Covered: – Unauthorized Access and Unauthorized Use – Hacking – War Driving and Wi-FI Piggybacking – Interception of Communications CMPTR Chapter 6: Network and Internet Security and Privacy 4
Unauthorized Access and Unauthorized Use • Unauthorized access occurs whenever an individual gains access to a computer, network, file, or other resource without permission— typically by hacking into the resource. • Unauthorized use involves using a computer resource for unauthorized activities. • To explain acceptable computer use to their employees, students, or other users, many organizations and educational institutions publish guidelines for behavior, often called codes of conduct. CMPTR Chapter 6: Network and Internet Security and Privacy 5
Hacking • Hacking refers to the act of breaking into a computer or network. • The increased number of systems controlled by computers and connected to the Internet, along with the continually improving abilities of hackers and the increasing availability of sets of tools that allow hackers to access a system, has led to an increased risk of cyberterrorism—where terrorists launch attacks via the Internet. CMPTR Chapter 6: Network and Internet Security and Privacy 6
War Driving and Wi-Fi Piggybacking • War driving typically involves driving in a car with a portable computer looking for unsecured Wi-Fi networks to connect to. • Wi-Fi piggybacking refers to accessing someone else’s unsecured Wi-Fi network from the hacker’s current location CMPTR Chapter 6: Network and Internet Security and Privacy 7
Interception of Communications • Instead of accessing data stored on a computer via hacking, some criminals gain unauthorized access to data, files, email messages, VoIP calls, and other content as it is being sent over the Internet. • A new trend is criminals intercepting credit and debit card information during the card verification process; that is, intercepting the data from a card in real time as a purchase is being authorized. CMPTR Chapter 6: Network and Internet Security and Privacy 8
LO6.2: Online Threats • Topics Covered: – Botnets – Computer Viruses and Other Types of Malware – Denial of Service (DoS) Attacks – Data, Program, or Web Site Alteration – Online Theft, Online Fraud, and Other Dot Cons – Theft of Data, Information, and Other Resources – Identity Theft, Phishing, and Pharming – Protecting Against Identity Theft – Online Auction Fraud and Other Internet Scams CMPTR Chapter 6: Network and Internet Security and Privacy 9
Botnets • A computer that is controlled by a hacker or other computer criminal is referred to as a bot or zombie computer. • A group of bots that are controlled by one individual and can work together in a coordinated fashion is called a botnet. • According to the FBI, an estimated one million U.S. computers are currently part of a botnet. CMPTR Chapter 6: Network and Internet Security and Privacy 10
Computer Viruses and Other Types of Malware • Malware is a generic term that refers to any type of malicious software. – Virus: a program installed without the user’s knowledge and designed to alter the way a computer operates or to cause harm to the computer system. CMPTR Chapter 6: Network and Internet Security and Privacy 11
Computer Viruses and Other Types of Malware CMPTR Chapter 6: Network and Internet Security and Privacy 12
Computer Viruses and Other Types of Malware – Like a computer virus, a computer worm is a malicious program that is typically designed to cause damage. – A Trojan horse is a type of malware that masquerades as something else—usually an application program. CMPTR Chapter 6: Network and Internet Security and Privacy 13
Computer Viruses and Other Types of Malware CMPTR Chapter 6: Network and Internet Security and Privacy 14
Denial of Service (DoS) Attacks • A denial of service (DoS) attack is an act of sabotage that attempts to flood a network server or Web server with so many requests for action that it shuts down or simply cannot handle legitimate requests any longer, causing legitimate users to be denied service. CMPTR Chapter 6: Network and Internet Security and Privacy 15
Denial of Service (DoS) Attacks • DoS attacks today are often directed toward popular sites and typically are carried out via multiple computers. – This is known as a distributed denial of service (DDoS) attack. CMPTR Chapter 6: Network and Internet Security and Privacy 16
Data, Program, or Web Site Alteration • Another type of computer sabotage occurs when a hacker breaches a computer system to delete data, change data, modify programs, or otherwise alter the data and programs located there. • Data on Web sites can also be altered by hackers. CMPTR Chapter 6: Network and Internet Security and Privacy 17
Online Theft, Online Fraud, and Other Dot Cons • The best protection against many dot cons is protecting your identity—that is, protecting any identifying information about you that could be used in fraudulent activities. CMPTR Chapter 6: Network and Internet Security and Privacy 18
Theft of Data, Information, and Other Resources • Data theft or information theft is the theft of data or information located on or being sent from a computer. • It can be committed by stealing an actual computer, or it can take place over the Internet or a network by an individual gaining unauthorized access to that data by hacking into the computer or by intercepting the data in transit. CMPTR Chapter 6: Network and Internet Security and Privacy 19
Identity Theft, Phishing, and Pharming • Identity theft occurs when someone obtains enough information about a person to be able to masquerade as that person—usually to buy products or services in that person’s name. CMPTR Chapter 6: Network and Internet Security and Privacy 20
Identity Theft, Phishing, and Pharming • Phishing is the use of a spoofed email message to trick the recipient into revealing sensitive personal information, such as credit card numbers. • More targeted, personalized phishing schemes are known as spear phishing. • Pharming is another type of scam that uses spoofed domain names to obtain personal information for use in fraudulent activities. CMPTR Chapter 6: Network and Internet Security and Privacy 21
Identity Theft, Phishing, and Pharming CMPTR Chapter 6: Network and Internet Security and Privacy 22
Protecting Against Identity Theft • In addition to disclosing personal information only when it is necessary and only via secure Web pages, you should use security software and keep it up to date. • To avoid phishing schemes, never click a link in an email message to go to a secure Web site—always type the URL for that site in your browser. • To prevent identity theft, protect your Social Security number and give it out only when necessary. CMPTR Chapter 6: Network and Internet Security and Privacy 23
Protecting Against Identity Theft CMPTR Chapter 6: Network and Internet Security and Privacy 24
Online Auction Fraud and Other Internet Scams • Online auction fraud (sometimes called Internet auction fraud) occurs when an online auction buyer pays for merchandise that is never delivered, or that is delivered but it is not as represented. • The best protection against many dot cons is common sense. CMPTR Chapter 6: Network and Internet Security and Privacy 25
LO6.3: Cyberstalking and Other Personal Safety Concerns • Topics Covered: – Cyberbullying and Cyberstalking – Online Pornography – Protecting Against Personal Safety Concerns CMPTR Chapter 6: Network and Internet Security and Privacy 26
Cyberbullying and Cyberstalking • Two of the most common ways individuals are harassed online are cyberbullying and cyberstalking. • Although there are as yet no specific federal laws against cyberstalking, all states have made it illegal, and some federal laws do apply if the online actions include computer fraud or another type of computer crime, suggest a threat of personal injury, or involve sending obscene email messages. CMPTR Chapter 6: Network and Internet Security and Privacy 27
Online Pornography • A variety of controversial and potentially objectionable material is available on the Internet. Although there have been attempts to ban this type of material from the Internet, they have not been successful. • Because of the strong link experts believe exists between child pornography and child molestation, many experts are very concerned about the amount of child pornography that can be found and distributed via the Internet. CMPTR Chapter 6: Network and Internet Security and Privacy 28
Protecting Against Personal Safety Concerns • To protect yourself against cyberstalking and other types of online harassment: – Use gender-neutral, nonprovocative identifying names. – Be careful about the types of photos you post of yourself online and do not reveal personal information to people you meet online. – Do not respond to any insults or other harassing comments you may receive online. – Consider requesting that your personal information be removed from online directories, especially those associated with your email address or other online identifiers. CMPTR Chapter 6: Network and Internet Security and Privacy 29
LO6.4: Personal Computer Security • Topics Covered: – Hardware Loss and Damage – System Failure and Other Disasters – Protecting Against Hardware Loss, Hardware Damage, and System Failure – Firewalls, Encryption, and Virtual Private Networks (VPNs) CMPTR Chapter 6: Network and Internet Security and Privacy 30
Hardware Loss and Damage • Hardware loss can occur when a personal computer, USB flash drive, mobile device, or other piece of hard- ware is stolen or is lost by the owner. • One of the most obvious types of hardware loss is hardware theft, which occurs when hardware is stolen from an individual or from a business, school, or other organization. CMPTR Chapter 6: Network and Internet Security and Privacy 31
System Failure and Other Disasters • System failure is the complete malfunction of a computer system. • System failure can occur because of a hardware problem, software problem, or computer virus. It can also occur because of a natural disaster, sabotage, or a terrorist attack. CMPTR Chapter 6: Network and Internet Security and Privacy 32
Protecting Against Hardware Loss, Hardware Damage, and System Failure CMPTR Chapter 6: Network and Internet Security and Privacy 33
Protecting Against Hardware Loss, Hardware Damage, and System Failure • Full disk encryption (FDE) provides an easy way to protect the data on an entire computer in case it is lost or stolen. • A hard drive that uses FDE, which is often referred to as a self- encrypting hard drive, typically needs a username and password or biometric characteristic before the computer containing the drive will boot. CMPTR Chapter 6: Network and Internet Security and Privacy 34
Protecting Against Hardware Loss, Hardware Damage, and System Failure • Passwords are secret words or character combinations associated with an individual. • Create strong passwords: – At least 8 characters long – Combination of upper and lowercase letters, numbers, and symbols – Do not form words found in the dictionary or that match the username that the password is associated with CMPTR Chapter 6: Network and Internet Security and Privacy 35
Protecting Against Hardware Loss, Hardware Damage, and System Failure • Proper care of hardware can help prevent serious damage to a computer system: – Protective cases – Ruggedized devices CMPTR Chapter 6: Network and Internet Security and Privacy 36
Protecting Against Hardware Loss, Hardware Damage, and System Failure • To protect hardware from damage due to power fluctuations, everyone should use a surge suppressor with a computer whenever it is plugged into a power outlet. • Users who want their desktop computers to remain powered up when the electricity goes off should use an uninterruptible power supply (UPS). CMPTR Chapter 6: Network and Internet Security and Privacy 37
Protecting Against Hardware Loss, Hardware Damage, and System Failure CMPTR Chapter 6: Network and Internet Security and Privacy 38
Firewalls, Encryption, and Virtual Private Networks (VPNs) • A firewall is a security system that essentially creates a barrier between a computer or network and the Internet in order to protect against unauthorized access. • Encryption is a method of scrambling the contents of an email message or a file to make it unreadable if an unauthorized user intercepts it. – Secure Web pages use encryption to protect information transmitted via that Web page. CMPTR Chapter 6: Network and Internet Security and Privacy 39
Firewalls, Encryption, and Virtual Private Networks (VPNs) • Private key encryption uses a single secret private key to both encrypt and decrypt a file or message being sent over the Internet. • Public key encryption, also called asymmetric key encryption, utilizes two encryption keys to encrypt and decrypt documents. • While email and file encryption can be used to transfer individual messages and files securely over the Internet, a virtual private network (VPN) is designed to be used when a continuous secure channel over the Internet is needed. CMPTR Chapter 6: Network and Internet Security and Privacy 40
Firewalls, Encryption, and Virtual Private Networks (VPNs) CMPTR Chapter 6: Network and Internet Security and Privacy 41
LO6.5: Understanding Privacy Concerns • Privacy is usually defined as the state of being concealed or free from unauthorized intrusion. • The term information privacy refers to the rights of individuals and companies to control how information about them is collected and used. • Topics Covered: – Databases, Electronic Profiling, Spam, and Other Marketing Activities – Protecting the Privacy of Personal Information – Electronic Surveillance and Monitoring – Protecting Personal and Workplace Privacy CMPTR Chapter 6: Network and Internet Security and Privacy 42
Databases, Electronic Profiling, Spam, and Other Marketing Activities • Marketing databases contain marketing and demographic data about people, such as where they live and what products they buy. • Information about individuals is also available in government databases. • Collecting in-depth information about an individual is known as electronic profiling. CMPTR Chapter 6: Network and Internet Security and Privacy 43
Databases, Electronic Profiling, Spam, and Other Marketing Activities CMPTR Chapter 6: Network and Internet Security and Privacy 44
Databases, Electronic Profiling, Spam, and Other Marketing Activities • Most businesses and Web sites that collect personal information have a privacy policy that discloses how the personal information you provide will be used. CMPTR Chapter 6: Network and Internet Security and Privacy 45
Databases, Electronic Profiling, Spam, and Other Marketing Activities • Spam refers to unsolicited email sent to a large group of individuals at one time. CMPTR Chapter 6: Network and Internet Security and Privacy 46
Protecting the Privacy of Personal Information • For online shopping, signing up for free offers, message boards, product registration, and other activities that typically lead to junk email, use a disposable or throw-away email address (a second address obtained from your ISP or a free email address from Windows Live Hotmail or Google’s Gmail). CMPTR Chapter 6: Network and Internet Security and Privacy 47
Protecting the Privacy of Personal Information CMPTR Chapter 6: Network and Internet Security and Privacy 48
Electronic Surveillance and Monitoring • Computer monitoring software: records keystrokes, log the programs or Web sites accessed, or otherwise monitors someone’s computer activity. • Video surveillance: the use of video cameras to monitor activities of individuals for work-related or crime-preventions purposes. • Employee monitoring: recording or observing the actions of employees while on the job. • Presence technology: enables one computing device to locate and identify the current status of another device on the same network. CMPTR Chapter 6: Network and Internet Security and Privacy 49
Protecting Personal and Workplace Privacy • There are not many options for protecting yourself against computer monitoring by your employer or the government, or against video surveillance systems. • Businesses should take the necessary security measures to ensure that employee activities are not being monitored by a hacker or other unauthorized individual. CMPTR Chapter 6: Network and Internet Security and Privacy 50
LO6.6: Network and Internet Security Legislation • It’s difficult for the legal system to keep pace with the rate at which technology changes. • The high level of concern regarding computer security and personal privacy has led state and federal legislators to pass a variety of laws since the 1970s. CMPTR Chapter 6: Network and Internet Security and Privacy 51
LO6.6: Network and Internet Security Legislation CMPTR Chapter 6: Network and Internet Security and Privacy 52

Empfohlen

Cyber security
Cyber securityCyber security
Cyber security
PawanKalyanAmbati
 
Data Breaches. Are you next? What does the data say?
Data Breaches. Are you next? What does the data say? Data Breaches. Are you next? What does the data say?
Data Breaches. Are you next? What does the data say?
Phil Agcaoili
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and Solutions
Goutama Bachtiar
 
cyber crime
cyber crime cyber crime
cyber crime
sonalpandey11
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
SumanPramanik7
 
Cyber crime and fraud
Cyber crime and fraudCyber crime and fraud
Cyber crime and fraud
FCA - Future Chartered Accountants
 
Protecting Your Business From Cybercrime
Protecting Your Business From CybercrimeProtecting Your Business From Cybercrime
Protecting Your Business From Cybercrime
David J Rosenthal
 
File000145
File000145File000145
File000145
Desmond Devendran
 

Empfohlen

Cyber security
Cyber securityCyber security
Cyber security
PawanKalyanAmbati
 
Data Breaches. Are you next? What does the data say?
Data Breaches. Are you next? What does the data say? Data Breaches. Are you next? What does the data say?
Data Breaches. Are you next? What does the data say?
Phil Agcaoili
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and Solutions
Goutama Bachtiar
 
cyber crime
cyber crime cyber crime
cyber crime
sonalpandey11
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
SumanPramanik7
 
Cyber crime and fraud
Cyber crime and fraudCyber crime and fraud
Cyber crime and fraud
FCA - Future Chartered Accountants
 
Protecting Your Business From Cybercrime
Protecting Your Business From CybercrimeProtecting Your Business From Cybercrime
Protecting Your Business From Cybercrime
David J Rosenthal
 
File000145
File000145File000145
File000145
Desmond Devendran
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Goutham Shetty
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Rafel Ivgi
 
Cyberlaw
CyberlawCyberlaw
Cyberlaw
ambadesuhas
 
Cybe Crime & Its Type
Cybe Crime & Its TypeCybe Crime & Its Type
Cybe Crime & Its Type
Deepak Kumar (D3)
 
Online privacy & security
Online privacy & securityOnline privacy & security
Online privacy & security
Priyab Satoshi
 
How to analyze cyber threats
How to analyze cyber threatsHow to analyze cyber threats
How to analyze cyber threats
AkankshaPathak27
 
Web Application Security Session for Web Developers
Web Application Security Session for Web DevelopersWeb Application Security Session for Web Developers
Web Application Security Session for Web Developers
Krishna Srikanth Manda
 
document on cyber terrorism
document on cyber terrorismdocument on cyber terrorism
document on cyber terrorism
Kirti Temani
 
Cyber crime in Pakistan
Cyber crime in PakistanCyber crime in Pakistan
Cyber crime in Pakistan
Mustufain Ahmed Ansari
 
Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
Varshil Patel
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case Study
Pratham Jaiswal
 
Internet Use, Privacy and security
Internet Use, Privacy and securityInternet Use, Privacy and security
Internet Use, Privacy and security
Awais Haider
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
S.M.Mustofa Kauser
 
Computer crime
Computer crime Computer crime
Computer crime
Anika Rahman Orin
 
Chapter three e-security
Chapter three e-securityChapter three e-security
Chapter three e-security
Marya Sholevar
 
Cyber security
Cyber security Cyber security
Cyber security
REVA UNIVERSITY
 
Cyber security
Cyber security Cyber security
Cyber security
Tanu Basoiya
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj Yunos
Commonwealth Telecommunications Organisation
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
UthsoNandy
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
karthickB24
 
OS
OSOS
OS
Ramasubbu .P
 
Entropy and denial of service attacks
Entropy and denial of service attacksEntropy and denial of service attacks
Entropy and denial of service attacks
chris zlatis
 

Weitere ähnliche Inhalte

Was ist angesagt?

document on cyber terrorism
document on cyber terrorismdocument on cyber terrorism
document on cyber terrorism
Kirti Temani
 
Chapter three e-security
Chapter three e-securityChapter three e-security
Chapter three e-security
Marya Sholevar
 

Was ist angesagt? (20)

Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyberlaw
CyberlawCyberlaw
Cyberlaw
 
Cybe Crime & Its Type
Cybe Crime & Its TypeCybe Crime & Its Type
Cybe Crime & Its Type
 
Online privacy & security
Online privacy & securityOnline privacy & security
Online privacy & security
 
How to analyze cyber threats
How to analyze cyber threatsHow to analyze cyber threats
How to analyze cyber threats
 
Web Application Security Session for Web Developers
Web Application Security Session for Web DevelopersWeb Application Security Session for Web Developers
Web Application Security Session for Web Developers
 
document on cyber terrorism
document on cyber terrorismdocument on cyber terrorism
document on cyber terrorism
 
Cyber crime in Pakistan
Cyber crime in PakistanCyber crime in Pakistan
Cyber crime in Pakistan
 
Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case Study
 
Internet Use, Privacy and security
Internet Use, Privacy and securityInternet Use, Privacy and security
Internet Use, Privacy and security
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Computer crime
Computer crime Computer crime
Computer crime
 
Chapter three e-security
Chapter three e-securityChapter three e-security
Chapter three e-security
 
Cyber security
Cyber security Cyber security
Cyber security
 
Cyber security
Cyber security Cyber security
Cyber security
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj Yunos
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
 

Andere mochten auch

Andere mochten auch (9)

OS
OSOS
OS
 
Entropy and denial of service attacks
Entropy and denial of service attacksEntropy and denial of service attacks
Entropy and denial of service attacks
 
Penetration testing the cloud - vlad gostom
Penetration testing the cloud - vlad gostomPenetration testing the cloud - vlad gostom
Penetration testing the cloud - vlad gostom
 
Network Traffic Analysis at a financial institution with 788 branches for 350...
Network Traffic Analysis at a financial institution with 788 branches for 350...Network Traffic Analysis at a financial institution with 788 branches for 350...
Network Traffic Analysis at a financial institution with 788 branches for 350...
 
Penetration testing
Penetration testingPenetration testing
Penetration testing
 
Prensa digital
Prensa digitalPrensa digital
Prensa digital
 
El Blog, punto de encuentro lector
El Blog, punto de encuentro lectorEl Blog, punto de encuentro lector
El Blog, punto de encuentro lector
 
Clase música20
Clase música20Clase música20
Clase música20
 
Aprendizaje musical TIC
Aprendizaje musical TICAprendizaje musical TIC
Aprendizaje musical TIC
 

Ähnlich wie kevin's powerpoint chapt 6

2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
Raffa Learning Community
 

Ähnlich wie kevin's powerpoint chapt 6 (20)

CYBER.pptx
CYBER.pptxCYBER.pptx
CYBER.pptx
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
 
Cyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj AhirwarCyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj Ahirwar
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber crime and issues
Cyber crime and issuesCyber crime and issues
Cyber crime and issues
 
hacking
hackinghacking
hacking
 
Cyber crime ✔
Cyber crime ✔Cyber crime ✔
Cyber crime ✔
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
 
Cyber Security Introduction project comprehensive
Cyber Security Introduction project comprehensiveCyber Security Introduction project comprehensive
Cyber Security Introduction project comprehensive
 
Cybercrimeppt 160421074211
Cybercrimeppt 160421074211Cybercrimeppt 160421074211
Cybercrimeppt 160421074211
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime lecture one definition and nature
Cyber crime lecture one definition and natureCyber crime lecture one definition and nature
Cyber crime lecture one definition and nature
 

Kürzlich hochgeladen

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Kürzlich hochgeladen (20)

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

kevin's powerpoint chapt 6

  • 1. Chapter 6 Network and Internet Security and Privacy
  • 2. Learning Objectives • LO6.1: Explain network and Internet security concerns • LO6.2: Identify online threats • LO6.3: Describe cyberstalking and other personal safety concerns • LO6.4: Assess personal computer security • LO6.5: Identify privacy concerns • LO6.6: Discuss current network and Internet security legislation CMPTR Chapter 6: Network and Internet Security and Privacy 2
  • 3. LO6.1: Understanding Security Concerns • Computer crime—or cybercrime—includes any illegal act involving a computer. • Cybercrime is a multibillion-dollar business that is often conducted by seasoned criminals. • All computer users should be aware of the security concerns surrounding computer network and Internet use, and they should take appropriate precautions. CMPTR Chapter 6: Network and Internet Security and Privacy 3
  • 4. LO6.1: Understanding Security Concerns • Topics Covered: – Unauthorized Access and Unauthorized Use – Hacking – War Driving and Wi-FI Piggybacking – Interception of Communications CMPTR Chapter 6: Network and Internet Security and Privacy 4
  • 5. Unauthorized Access and Unauthorized Use • Unauthorized access occurs whenever an individual gains access to a computer, network, file, or other resource without permission— typically by hacking into the resource. • Unauthorized use involves using a computer resource for unauthorized activities. • To explain acceptable computer use to their employees, students, or other users, many organizations and educational institutions publish guidelines for behavior, often called codes of conduct. CMPTR Chapter 6: Network and Internet Security and Privacy 5
  • 6. Hacking • Hacking refers to the act of breaking into a computer or network. • The increased number of systems controlled by computers and connected to the Internet, along with the continually improving abilities of hackers and the increasing availability of sets of tools that allow hackers to access a system, has led to an increased risk of cyberterrorism—where terrorists launch attacks via the Internet. CMPTR Chapter 6: Network and Internet Security and Privacy 6
  • 7. War Driving and Wi-Fi Piggybacking • War driving typically involves driving in a car with a portable computer looking for unsecured Wi-Fi networks to connect to. • Wi-Fi piggybacking refers to accessing someone else’s unsecured Wi-Fi network from the hacker’s current location CMPTR Chapter 6: Network and Internet Security and Privacy 7
  • 8. Interception of Communications • Instead of accessing data stored on a computer via hacking, some criminals gain unauthorized access to data, files, email messages, VoIP calls, and other content as it is being sent over the Internet. • A new trend is criminals intercepting credit and debit card information during the card verification process; that is, intercepting the data from a card in real time as a purchase is being authorized. CMPTR Chapter 6: Network and Internet Security and Privacy 8
  • 9. LO6.2: Online Threats • Topics Covered: – Botnets – Computer Viruses and Other Types of Malware – Denial of Service (DoS) Attacks – Data, Program, or Web Site Alteration – Online Theft, Online Fraud, and Other Dot Cons – Theft of Data, Information, and Other Resources – Identity Theft, Phishing, and Pharming – Protecting Against Identity Theft – Online Auction Fraud and Other Internet Scams CMPTR Chapter 6: Network and Internet Security and Privacy 9
  • 10. Botnets • A computer that is controlled by a hacker or other computer criminal is referred to as a bot or zombie computer. • A group of bots that are controlled by one individual and can work together in a coordinated fashion is called a botnet. • According to the FBI, an estimated one million U.S. computers are currently part of a botnet. CMPTR Chapter 6: Network and Internet Security and Privacy 10
  • 11. Computer Viruses and Other Types of Malware • Malware is a generic term that refers to any type of malicious software. – Virus: a program installed without the user’s knowledge and designed to alter the way a computer operates or to cause harm to the computer system. CMPTR Chapter 6: Network and Internet Security and Privacy 11
  • 12. Computer Viruses and Other Types of Malware CMPTR Chapter 6: Network and Internet Security and Privacy 12
  • 13. Computer Viruses and Other Types of Malware – Like a computer virus, a computer worm is a malicious program that is typically designed to cause damage. – A Trojan horse is a type of malware that masquerades as something else—usually an application program. CMPTR Chapter 6: Network and Internet Security and Privacy 13
  • 14. Computer Viruses and Other Types of Malware CMPTR Chapter 6: Network and Internet Security and Privacy 14
  • 15. Denial of Service (DoS) Attacks • A denial of service (DoS) attack is an act of sabotage that attempts to flood a network server or Web server with so many requests for action that it shuts down or simply cannot handle legitimate requests any longer, causing legitimate users to be denied service. CMPTR Chapter 6: Network and Internet Security and Privacy 15
  • 16. Denial of Service (DoS) Attacks • DoS attacks today are often directed toward popular sites and typically are carried out via multiple computers. – This is known as a distributed denial of service (DDoS) attack. CMPTR Chapter 6: Network and Internet Security and Privacy 16
  • 17. Data, Program, or Web Site Alteration • Another type of computer sabotage occurs when a hacker breaches a computer system to delete data, change data, modify programs, or otherwise alter the data and programs located there. • Data on Web sites can also be altered by hackers. CMPTR Chapter 6: Network and Internet Security and Privacy 17
  • 18. Online Theft, Online Fraud, and Other Dot Cons • The best protection against many dot cons is protecting your identity—that is, protecting any identifying information about you that could be used in fraudulent activities. CMPTR Chapter 6: Network and Internet Security and Privacy 18
  • 19. Theft of Data, Information, and Other Resources • Data theft or information theft is the theft of data or information located on or being sent from a computer. • It can be committed by stealing an actual computer, or it can take place over the Internet or a network by an individual gaining unauthorized access to that data by hacking into the computer or by intercepting the data in transit. CMPTR Chapter 6: Network and Internet Security and Privacy 19
  • 20. Identity Theft, Phishing, and Pharming • Identity theft occurs when someone obtains enough information about a person to be able to masquerade as that person—usually to buy products or services in that person’s name. CMPTR Chapter 6: Network and Internet Security and Privacy 20
  • 21. Identity Theft, Phishing, and Pharming • Phishing is the use of a spoofed email message to trick the recipient into revealing sensitive personal information, such as credit card numbers. • More targeted, personalized phishing schemes are known as spear phishing. • Pharming is another type of scam that uses spoofed domain names to obtain personal information for use in fraudulent activities. CMPTR Chapter 6: Network and Internet Security and Privacy 21
  • 22. Identity Theft, Phishing, and Pharming CMPTR Chapter 6: Network and Internet Security and Privacy 22
  • 23. Protecting Against Identity Theft • In addition to disclosing personal information only when it is necessary and only via secure Web pages, you should use security software and keep it up to date. • To avoid phishing schemes, never click a link in an email message to go to a secure Web site—always type the URL for that site in your browser. • To prevent identity theft, protect your Social Security number and give it out only when necessary. CMPTR Chapter 6: Network and Internet Security and Privacy 23
  • 24. Protecting Against Identity Theft CMPTR Chapter 6: Network and Internet Security and Privacy 24
  • 25. Online Auction Fraud and Other Internet Scams • Online auction fraud (sometimes called Internet auction fraud) occurs when an online auction buyer pays for merchandise that is never delivered, or that is delivered but it is not as represented. • The best protection against many dot cons is common sense. CMPTR Chapter 6: Network and Internet Security and Privacy 25
  • 26. LO6.3: Cyberstalking and Other Personal Safety Concerns • Topics Covered: – Cyberbullying and Cyberstalking – Online Pornography – Protecting Against Personal Safety Concerns CMPTR Chapter 6: Network and Internet Security and Privacy 26
  • 27. Cyberbullying and Cyberstalking • Two of the most common ways individuals are harassed online are cyberbullying and cyberstalking. • Although there are as yet no specific federal laws against cyberstalking, all states have made it illegal, and some federal laws do apply if the online actions include computer fraud or another type of computer crime, suggest a threat of personal injury, or involve sending obscene email messages. CMPTR Chapter 6: Network and Internet Security and Privacy 27
  • 28. Online Pornography • A variety of controversial and potentially objectionable material is available on the Internet. Although there have been attempts to ban this type of material from the Internet, they have not been successful. • Because of the strong link experts believe exists between child pornography and child molestation, many experts are very concerned about the amount of child pornography that can be found and distributed via the Internet. CMPTR Chapter 6: Network and Internet Security and Privacy 28
  • 29. Protecting Against Personal Safety Concerns • To protect yourself against cyberstalking and other types of online harassment: – Use gender-neutral, nonprovocative identifying names. – Be careful about the types of photos you post of yourself online and do not reveal personal information to people you meet online. – Do not respond to any insults or other harassing comments you may receive online. – Consider requesting that your personal information be removed from online directories, especially those associated with your email address or other online identifiers. CMPTR Chapter 6: Network and Internet Security and Privacy 29
  • 30. LO6.4: Personal Computer Security • Topics Covered: – Hardware Loss and Damage – System Failure and Other Disasters – Protecting Against Hardware Loss, Hardware Damage, and System Failure – Firewalls, Encryption, and Virtual Private Networks (VPNs) CMPTR Chapter 6: Network and Internet Security and Privacy 30
  • 31. Hardware Loss and Damage • Hardware loss can occur when a personal computer, USB flash drive, mobile device, or other piece of hard- ware is stolen or is lost by the owner. • One of the most obvious types of hardware loss is hardware theft, which occurs when hardware is stolen from an individual or from a business, school, or other organization. CMPTR Chapter 6: Network and Internet Security and Privacy 31
  • 32. System Failure and Other Disasters • System failure is the complete malfunction of a computer system. • System failure can occur because of a hardware problem, software problem, or computer virus. It can also occur because of a natural disaster, sabotage, or a terrorist attack. CMPTR Chapter 6: Network and Internet Security and Privacy 32
  • 33. Protecting Against Hardware Loss, Hardware Damage, and System Failure CMPTR Chapter 6: Network and Internet Security and Privacy 33
  • 34. Protecting Against Hardware Loss, Hardware Damage, and System Failure • Full disk encryption (FDE) provides an easy way to protect the data on an entire computer in case it is lost or stolen. • A hard drive that uses FDE, which is often referred to as a self- encrypting hard drive, typically needs a username and password or biometric characteristic before the computer containing the drive will boot. CMPTR Chapter 6: Network and Internet Security and Privacy 34
  • 35. Protecting Against Hardware Loss, Hardware Damage, and System Failure • Passwords are secret words or character combinations associated with an individual. • Create strong passwords: – At least 8 characters long – Combination of upper and lowercase letters, numbers, and symbols – Do not form words found in the dictionary or that match the username that the password is associated with CMPTR Chapter 6: Network and Internet Security and Privacy 35
  • 36. Protecting Against Hardware Loss, Hardware Damage, and System Failure • Proper care of hardware can help prevent serious damage to a computer system: – Protective cases – Ruggedized devices CMPTR Chapter 6: Network and Internet Security and Privacy 36
  • 37. Protecting Against Hardware Loss, Hardware Damage, and System Failure • To protect hardware from damage due to power fluctuations, everyone should use a surge suppressor with a computer whenever it is plugged into a power outlet. • Users who want their desktop computers to remain powered up when the electricity goes off should use an uninterruptible power supply (UPS). CMPTR Chapter 6: Network and Internet Security and Privacy 37
  • 38. Protecting Against Hardware Loss, Hardware Damage, and System Failure CMPTR Chapter 6: Network and Internet Security and Privacy 38
  • 39. Firewalls, Encryption, and Virtual Private Networks (VPNs) • A firewall is a security system that essentially creates a barrier between a computer or network and the Internet in order to protect against unauthorized access. • Encryption is a method of scrambling the contents of an email message or a file to make it unreadable if an unauthorized user intercepts it. – Secure Web pages use encryption to protect information transmitted via that Web page. CMPTR Chapter 6: Network and Internet Security and Privacy 39
  • 40. Firewalls, Encryption, and Virtual Private Networks (VPNs) • Private key encryption uses a single secret private key to both encrypt and decrypt a file or message being sent over the Internet. • Public key encryption, also called asymmetric key encryption, utilizes two encryption keys to encrypt and decrypt documents. • While email and file encryption can be used to transfer individual messages and files securely over the Internet, a virtual private network (VPN) is designed to be used when a continuous secure channel over the Internet is needed. CMPTR Chapter 6: Network and Internet Security and Privacy 40
  • 41. Firewalls, Encryption, and Virtual Private Networks (VPNs) CMPTR Chapter 6: Network and Internet Security and Privacy 41
  • 42. LO6.5: Understanding Privacy Concerns • Privacy is usually defined as the state of being concealed or free from unauthorized intrusion. • The term information privacy refers to the rights of individuals and companies to control how information about them is collected and used. • Topics Covered: – Databases, Electronic Profiling, Spam, and Other Marketing Activities – Protecting the Privacy of Personal Information – Electronic Surveillance and Monitoring – Protecting Personal and Workplace Privacy CMPTR Chapter 6: Network and Internet Security and Privacy 42
  • 43. Databases, Electronic Profiling, Spam, and Other Marketing Activities • Marketing databases contain marketing and demographic data about people, such as where they live and what products they buy. • Information about individuals is also available in government databases. • Collecting in-depth information about an individual is known as electronic profiling. CMPTR Chapter 6: Network and Internet Security and Privacy 43
  • 44. Databases, Electronic Profiling, Spam, and Other Marketing Activities CMPTR Chapter 6: Network and Internet Security and Privacy 44
  • 45. Databases, Electronic Profiling, Spam, and Other Marketing Activities • Most businesses and Web sites that collect personal information have a privacy policy that discloses how the personal information you provide will be used. CMPTR Chapter 6: Network and Internet Security and Privacy 45
  • 46. Databases, Electronic Profiling, Spam, and Other Marketing Activities • Spam refers to unsolicited email sent to a large group of individuals at one time. CMPTR Chapter 6: Network and Internet Security and Privacy 46
  • 47. Protecting the Privacy of Personal Information • For online shopping, signing up for free offers, message boards, product registration, and other activities that typically lead to junk email, use a disposable or throw-away email address (a second address obtained from your ISP or a free email address from Windows Live Hotmail or Google’s Gmail). CMPTR Chapter 6: Network and Internet Security and Privacy 47
  • 48. Protecting the Privacy of Personal Information CMPTR Chapter 6: Network and Internet Security and Privacy 48
  • 49. Electronic Surveillance and Monitoring • Computer monitoring software: records keystrokes, log the programs or Web sites accessed, or otherwise monitors someone’s computer activity. • Video surveillance: the use of video cameras to monitor activities of individuals for work-related or crime-preventions purposes. • Employee monitoring: recording or observing the actions of employees while on the job. • Presence technology: enables one computing device to locate and identify the current status of another device on the same network. CMPTR Chapter 6: Network and Internet Security and Privacy 49
  • 50. Protecting Personal and Workplace Privacy • There are not many options for protecting yourself against computer monitoring by your employer or the government, or against video surveillance systems. • Businesses should take the necessary security measures to ensure that employee activities are not being monitored by a hacker or other unauthorized individual. CMPTR Chapter 6: Network and Internet Security and Privacy 50
  • 51. LO6.6: Network and Internet Security Legislation • It’s difficult for the legal system to keep pace with the rate at which technology changes. • The high level of concern regarding computer security and personal privacy has led state and federal legislators to pass a variety of laws since the 1970s. CMPTR Chapter 6: Network and Internet Security and Privacy 51
  • 52. LO6.6: Network and Internet Security Legislation CMPTR Chapter 6: Network and Internet Security and Privacy 52