SlideShare ist ein Scribd-Unternehmen logo

Chapter 05 Digital Safety and Security

Als PPTX, PDF herunterladen
X
xtin101
1 von 46
Chapter 5 Digital Safety and Security Discovering Computers Technology in a World of Computers, Mobile Devices, and the Internet
Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network attacks, and explain ways to safeguard against these attacks Discuss techniques to prevent unauthorized computer access and use Explain the ways that software manufacturers protect against software piracy Discuss how encryption, digital signatures, and digital certificates work Copyright © Cengage Learning. All rights reserved.See Page 202 for Detailed Objectives
Objectives Overview Identify safeguards against hardware theft, vandalism, and failure Explain the options available for backing up Identify risks and safeguards associated with wireless communications Recognize issues related to information accuracy, intellectual property rights, codes of conduct, and green computing Discuss issues surrounding information privacy Copyright © Cengage Learning. All rights reserved.See Page 202 for Detailed Objectives
Digital Security Risks • A digital security risk is any event or action that could cause a loss of or damage to a computer or mobile device hardware, software, data, information, or processing capability • Any illegal act involving the use of a computer or related devices generally is referred to as a computer crime • A cybercrime is an online or Internet-based illegal act Copyright © Cengage Learning. All rights reserved.Page 202
Digital Security Risks Copyright © Cengage Learning. All rights reserved.Page 203 Figure 5-1
Digital Security Risks Hacker Cracker Script kiddie Corporate spies Unethical employees Cyberextortionist Cyberterrorist Copyright © Cengage Learning. All rights reserved.Page 204
Internet and Network Attacks • Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises • Malware, short for malicious software, consists of programs that act without a user’s knowledge and deliberately alter the operations of computers and mobile devices Copyright © Cengage Learning. All rights reserved. Pages 204 - 205 Table 5-1
Internet and Network Attacks Copyright © Cengage Learning. All rights reserved.Page 205 Figure 5-2
Internet and Network Attacks • A botnet is a group of compromised computers or mobile devices connected to a network – A compromised computer or device is known as a zombie • A denial of service attack (DoS attack) disrupts computer access to Internet services – Distributed DoS (DDoS) • A back door is a program or set of instructions in a program that allow users to bypass security controls • Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate Copyright © Cengage Learning. All rights reserved.Pages 206 - 207
Internet and Network Attacks • A firewall is hardware and/or software that protects a network’s resources from intrusion Copyright © Cengage Learning. All rights reserved.Pages 208 - 209 Figure 5-4
Unauthorized Access and Use Unauthorized access is the use of a computer or network without permission Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities Copyright © Cengage Learning. All rights reserved.Page 210
Unauthorized Access and Use • Organizations take several measures to help prevent unauthorized access and use – Acceptable use policy – Disable file and printer sharing Copyright © Cengage Learning. All rights reserved. Page 210 Figure 5-5
Unauthorized Access and Use • Access controls define who can access a computer, device, or network; when they can access it; and what actions they can take while accessing it • The computer, device, or network should maintain an audit trail that records in a file both successful and unsuccessful access attempts – User name – Password – Passphrase – CAPTCHA Copyright © Cengage Learning. All rights reserved.Pages 211 - 212 Figure 5-6
Unauthorized Access and Use • A possessed object is any item that you must carry to gain access to a computer or computer facility – Often are used in combination with a PIN (personal identification number) • A biometric device authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer Copyright © Cengage Learning. All rights reserved. Page 213
Unauthorized Access and Use Fingerprint reader Face recognition system Hand geometry system Voice verification system Signature verification system Iris recognition system Copyright © Cengage Learning. All rights reserved.Pages 213 – 214 Figures 5-8 – 5-10
Unauthorized Access and Use • Digital forensics is the discovery, collection, and analysis of evidence found on computers and networks • Many areas use digital forensics Copyright © Cengage Learning. All rights reserved.Page 214 Law enforcement Criminal prosecutors Military intelligence Insurance agencies Information security departments
Software Theft • Software theft occurs when someone: Copyright © Cengage Learning. All rights reserved.Page 215 Steals software media Intentionally erases programs Illegally registers and/or activates a program Illegally copies a program
Software Theft • Many manufacturers incorporate an activation process into their programs to ensure the software is not installed on more computers than legally licensed • During the product activation, which is conducted either online or by phone, users provide the software product’s identification number to associate the software with the computer or mobile device on which the software is installed Copyright © Cengage Learning. All rights reserved.Page 215
Software Theft • A single-user license agreement typically contains the following conditions: Copyright © Cengage Learning. All rights reserved.Pages 215 – 216 Figure 5-11
Information Theft • Information theft occurs when someone steals personal or confidential information • Encryption is a process of converting data that is readable by humans into encoded characters to prevent unauthorized access Copyright © Cengage Learning. All rights reserved.Pages 216 - 217 Table 5-2
Information Theft Copyright © Cengage Learning. All rights reserved.Page 217 Figure 5-12
Information Theft • A digital signature is an encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the sender – Often used to ensure that an impostor is not participating in an Internet transaction • A digital certificate is a notice that guarantees a user or a website is legitimate • A website that uses encryption techniques to secure its data is known as a secure site Copyright © Cengage Learning. All rights reserved.Page 218
Information Theft Copyright © Cengage Learning. All rights reserved.Page 218 Figure 5-13
Hardware Theft, Vandalism, and Failure Hardware theft is the act of stealing digital equipment Hardware vandalism is the act of defacing or destroying digital equipment Copyright © Cengage Learning. All rights reserved.Page 219
Hardware Theft, Vandalism, and Failure • To help reduce the of chances of theft, companies and schools use a variety of security measures Copyright © Cengage Learning. All rights reserved.Page 219 Figure 5-14
Backing Up – The Ultimate Safeguard • A backup is a duplicate of a file, program, or media that can be used if the original is lost, damaged, or destroyed – To back up a file means to make a copy of it • Off-site backups are stored in a location separate from the computer or mobile device site Copyright © Cengage Learning. All rights reserved.Page 219 Cloud Storage
Backing Up – The Ultimate Safeguard • Categories of backups: – Full – Differential – Incremental – Selective – Continuous data protection • Three-generation backup policy Copyright © Cengage Learning. All rights reserved. Page 219 Grandparent Parent Child
Backing Up – The Ultimate Safeguard Copyright © Cengage Learning. All rights reserved.Page 220 Table 5-3
Wireless Security • Wireless access poses additional security risks • Some intruders intercept and monitor communications as they transmit through the air • Others connect to a network through an unsecured wireless access point (WAP) or combination router/WAP Copyright © Cengage Learning. All rights reserved. Page 221 Figure 5-16
Ethics and Society • Computer ethics are the moral guidelines that govern the use of computers, mobile devices, and information systems • Information accuracy is a concern – Not all information on the web is correct Copyright © Cengage Learning. All rights reserved. Pages 224 - 225 Figure 5-18
Ethics and Society Copyright © Cengage Learning. All rights reserved.Page 225 • Intellectual property refers to unique and original works such as ideas, inventions, art, writings, processes, company and product names, and logos • Intellectual property rights are the rights to which creators are entitled to their work • A copyright protects any tangible form of expression • Digital rights management (DRM) is a strategy designed to prevent illegal distribution of movies, music, and other digital content
Ethics and Society Copyright © Cengage Learning. All rights reserved.Page 226 Figure 5-19 • A code of conduct is a written guideline that helps determine whether a specification is ethical/unethical or allowed/not allowed
Ethics and Society • Green computing involves reducing the electricity and environmental waste while using computers, mobile devices, and related technologies Copyright © Cengage Learning. All rights reserved.Pages 226 - 227 Figure 5-20
Information Privacy • Information privacy refers to the right of individuals and companies to deny or restrict the collection and use of information about them • Huge databases store data online • It is important to safeguard your information Copyright © Cengage Learning. All rights reserved.Page 227
Information Privacy Copyright © Cengage Learning. All rights reserved. Page 228 Figure 5-21
Information Privacy • Information about you can be stored in a database when you: – Fill out a printed or online form – Create a social networking profile – Register a product warranty Copyright © Cengage Learning. All rights reserved. Pages 228 - 229 Figure 5-22
Information Privacy • A cookie is a small text file that a web server stores on your computer • Websites use cookies for a variety of reasons: Copyright © Cengage Learning. All rights reserved.Page 229 Allow for personalization Store user names and/or passwords Assist with online shopping Track how often users visit a site Target advertisements
Information Privacy Copyright © Cengage Learning. All rights reserved.Page 230 Figure 5-23
Information Privacy • Phishing is a scam in which a perpetrator sends an official looking email message that attempts to obtain your personal and/or financial information • With clickjacking, an object that can be clicked on a website contains a malicious program Copyright © Cengage Learning. All rights reserved.Page 231
Information Privacy • Spyware is a program placed on a computer or mobile device without the user’s knowledge that secretly collects information about the user and then communicates the information it collects to some outside source while the user is online • Adware is a program that displays an online advertisement in a banner or pop-up window on webpages, email messages, or other Internet services Copyright © Cengage Learning. All rights reserved.Page 231
Information Privacy • Social engineering is defined as gaining unauthorized access to or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others Copyright © Cengage Learning. All rights reserved.Page 232
Information Privacy • The concern about privacy has led to the enactment of federal and state laws regarding the storage and disclosure of personal data – See Table 5-4 on page 233 for a listing of major U.S. government laws concerning privacy Copyright © Cengage Learning. All rights reserved.Pages 232 - 233
Information Privacy Employee monitoring involves the use of computers, mobile devices, or cameras to observe, record, and review an employee’s use of a technology, including communications such as email messages, keyboard activity (used to measure productivity), and websites visited Many programs exist that easily allow employers to monitor employees. Further, it is legal for employers to use these programs Copyright © Cengage Learning. All rights reserved.Page 233
Ethics and Society • Content filtering is the process of restricting access to certain material on the Web – Many businesses use content filtering • Web filtering software restricts access to specified websites Copyright © Cengage Learning. All rights reserved. Page 234 Figure 5-24
Summary Variety of digital security risks Cybercrime and cybercriminals Risks and safeguards associated with Internet and network attacks, unauthorized access and use, software theft, information theft, and hardware theft, vandalism, and failure Various backup strategies and methods of securing wireless communications Ethical issues in society and various ways to protect the privacy of personal information Copyright © Cengage Learning. All rights reserved.Page 235
Chapter 5 Digital Safety and Security Discovering Computers Technology in a World of Computers, Mobile Devices, and the Internet Chapter 5 Complete

Empfohlen

Chapter 4 Programs and Apps
Chapter 4 Programs and AppsChapter 4 Programs and Apps
Chapter 4 Programs and Apps
xtin101
 
Chapter 01 Digital Literacy
Chapter 01 Digital LiteracyChapter 01 Digital Literacy
Chapter 01 Digital Literacy
xtin101
 
Chapter 3 Computers and Mobile Devices
Chapter 3 Computers and Mobile DevicesChapter 3 Computers and Mobile Devices
Chapter 3 Computers and Mobile Devices
xtin101
 
DC16_Ch05.pptx
DC16_Ch05.pptxDC16_Ch05.pptx
DC16_Ch05.pptx
Dyrandz Lantita
 
Multimedia Planning
Multimedia PlanningMultimedia Planning
Multimedia Planning
lunkyo
 
Ethics,security and privacy control
Ethics,security and privacy controlEthics,security and privacy control
Ethics,security and privacy control
Sifat Hossain
 
LIVING IN THE IT ERA LESSON 2.pptx
LIVING IN THE IT ERA LESSON 2.pptxLIVING IN THE IT ERA LESSON 2.pptx
LIVING IN THE IT ERA LESSON 2.pptx
Russel Carilla
 
Chapter 02 The Internet
Chapter 02 The InternetChapter 02 The Internet
Chapter 02 The Internet
xtin101
 

Empfohlen

Chapter 4 Programs and Apps
Chapter 4 Programs and AppsChapter 4 Programs and Apps
Chapter 4 Programs and Apps
xtin101
 
Chapter 01 Digital Literacy
Chapter 01 Digital LiteracyChapter 01 Digital Literacy
Chapter 01 Digital Literacy
xtin101
 
Chapter 3 Computers and Mobile Devices
Chapter 3 Computers and Mobile DevicesChapter 3 Computers and Mobile Devices
Chapter 3 Computers and Mobile Devices
xtin101
 
DC16_Ch05.pptx
DC16_Ch05.pptxDC16_Ch05.pptx
DC16_Ch05.pptx
Dyrandz Lantita
 
Multimedia Planning
Multimedia PlanningMultimedia Planning
Multimedia Planning
lunkyo
 
Ethics,security and privacy control
Ethics,security and privacy controlEthics,security and privacy control
Ethics,security and privacy control
Sifat Hossain
 
LIVING IN THE IT ERA LESSON 2.pptx
LIVING IN THE IT ERA LESSON 2.pptxLIVING IN THE IT ERA LESSON 2.pptx
LIVING IN THE IT ERA LESSON 2.pptx
Russel Carilla
 
Chapter 02 The Internet
Chapter 02 The InternetChapter 02 The Internet
Chapter 02 The Internet
xtin101
 
Iss lecture 1
Iss lecture 1Iss lecture 1
Iss lecture 1
Ali Habeeb
 
Computer security
Computer securityComputer security
Computer security
Ayesha Arshad
 
Personal privacy and computer technologies
Personal privacy and computer technologiesPersonal privacy and computer technologies
Personal privacy and computer technologies
sidra batool
 
Ethics and information security 2
Ethics and information security 2Ethics and information security 2
Ethics and information security 2
PT Bank Syariah Mandiri
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
bdemchak
 
Application Software
Application SoftwareApplication Software
Application Software
Zaid Hameed
 
Whitman_Ch02.pptx
Whitman_Ch02.pptxWhitman_Ch02.pptx
Whitman_Ch02.pptx
Siphamandla9
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
PraphullaShrestha1
 
Social & professional issues in IT
Social & professional issues in ITSocial & professional issues in IT
Social & professional issues in IT
Rohana K Amarakoon
 
Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerability
A. Shamel
 
Chapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxChapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptx
FannyKwok1
 
Information risk management
Information risk managementInformation risk management
Information risk management
Akash Saraswat
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security Threats
Quick Heal Technologies Ltd.
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids
Nicholas Davis
 
Information security management
Information security managementInformation security management
Information security management
UMaine
 
Information Security
Information SecurityInformation Security
Information Security
Dhilsath Fathima
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1
Vamsee Krishna Kiran
 
Ict application in business
Ict application in businessIct application in business
Ict application in business
Charlotte Quemada
 
Information and communication technology
Information and communication technologyInformation and communication technology
Information and communication technology
zfhh01
 
Information security management system
Information security management systemInformation security management system
Information security management system
Arani Srinivasan
 
Digital safety and security
Digital safety and securityDigital safety and security
Digital safety and security
mdhague
 
PSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & SecurityPSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & Security
PSFK
 

Weitere ähnliche Inhalte

Was ist angesagt?

Information security management
Information security managementInformation security management
Information security management
UMaine
 
Information security management system
Information security management systemInformation security management system
Information security management system
Arani Srinivasan
 

Was ist angesagt? (20)

Iss lecture 1
Iss lecture 1Iss lecture 1
Iss lecture 1
 
Computer security
Computer securityComputer security
Computer security
 
Personal privacy and computer technologies
Personal privacy and computer technologiesPersonal privacy and computer technologies
Personal privacy and computer technologies
 
Ethics and information security 2
Ethics and information security 2Ethics and information security 2
Ethics and information security 2
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
 
Application Software
Application SoftwareApplication Software
Application Software
 
Whitman_Ch02.pptx
Whitman_Ch02.pptxWhitman_Ch02.pptx
Whitman_Ch02.pptx
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
 
Social & professional issues in IT
Social & professional issues in ITSocial & professional issues in IT
Social & professional issues in IT
 
Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerability
 
Chapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptxChapter 5 - Digital Security, Ethics, Privacy.pptx
Chapter 5 - Digital Security, Ethics, Privacy.pptx
 
Information risk management
Information risk managementInformation risk management
Information risk management
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security Threats
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids
 
Information security management
Information security managementInformation security management
Information security management
 
Information Security
Information SecurityInformation Security
Information Security
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1
 
Ict application in business
Ict application in businessIct application in business
Ict application in business
 
Information and communication technology
Information and communication technologyInformation and communication technology
Information and communication technology
 
Information security management system
Information security management systemInformation security management system
Information security management system
 

Andere mochten auch

PSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & SecurityPSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & Security
PSFK
 
Chapter 06 Inside Computers and Mobile Devices
Chapter 06 Inside Computers and Mobile DevicesChapter 06 Inside Computers and Mobile Devices
Chapter 06 Inside Computers and Mobile Devices
xtin101
 
CH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and PrivacyCH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and Privacy
malik1972
 
Chapter 09 Operating Systems
Chapter 09 Operating SystemsChapter 09 Operating Systems
Chapter 09 Operating Systems
xtin101
 
C6 deploying applications to your private cloud 7 to 10 times faster
C6 deploying applications to your private cloud 7 to 10 times fasterC6 deploying applications to your private cloud 7 to 10 times faster
C6 deploying applications to your private cloud 7 to 10 times faster
Dr. Wilfred Lin (Ph.D.)
 
A7 getting value from big data how to get there quickly and leverage your c...
A7 getting value from big data how to get there quickly and leverage your c...A7 getting value from big data how to get there quickly and leverage your c...
A7 getting value from big data how to get there quickly and leverage your c...
Dr. Wilfred Lin (Ph.D.)
 

Andere mochten auch (20)

Digital safety and security
Digital safety and securityDigital safety and security
Digital safety and security
 
PSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & SecurityPSFK Presents the Future of Digital Safety & Security
PSFK Presents the Future of Digital Safety & Security
 
Chapter 06 Inside Computers and Mobile Devices
Chapter 06 Inside Computers and Mobile DevicesChapter 06 Inside Computers and Mobile Devices
Chapter 06 Inside Computers and Mobile Devices
 
CH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and PrivacyCH. 5 Computer Security and Safety, Ethics and Privacy
CH. 5 Computer Security and Safety, Ethics and Privacy
 
Discovering Computers: Chapter 01
Discovering Computers: Chapter 01Discovering Computers: Chapter 01
Discovering Computers: Chapter 01
 
Digital Security
Digital Security Digital Security
Digital Security
 
Mobile Security: Apps are our digital lives.
Mobile Security: Apps are our digital lives.Mobile Security: Apps are our digital lives.
Mobile Security: Apps are our digital lives.
 
Chapter 09 Operating Systems
Chapter 09 Operating SystemsChapter 09 Operating Systems
Chapter 09 Operating Systems
 
Cloud computing understanding security risk and management
Cloud computing understanding security risk and managementCloud computing understanding security risk and management
Cloud computing understanding security risk and management
 
Digital security presentation
Digital security presentationDigital security presentation
Digital security presentation
 
Digital security
Digital securityDigital security
Digital security
 
Discovering Computers: Chapter 11
Discovering Computers: Chapter 11Discovering Computers: Chapter 11
Discovering Computers: Chapter 11
 
C6 deploying applications to your private cloud 7 to 10 times faster
C6 deploying applications to your private cloud 7 to 10 times fasterC6 deploying applications to your private cloud 7 to 10 times faster
C6 deploying applications to your private cloud 7 to 10 times faster
 
Chapter 02
Chapter 02Chapter 02
Chapter 02
 
Git Internals
Git InternalsGit Internals
Git Internals
 
A7 getting value from big data how to get there quickly and leverage your c...
A7 getting value from big data how to get there quickly and leverage your c...A7 getting value from big data how to get there quickly and leverage your c...
A7 getting value from big data how to get there quickly and leverage your c...
 
Big Data: Implications for Marketing and Strategy
Big Data: Implications for Marketing and StrategyBig Data: Implications for Marketing and Strategy
Big Data: Implications for Marketing and Strategy
 
Digital Security Slide Show
Digital Security Slide ShowDigital Security Slide Show
Digital Security Slide Show
 
Large-scale digitisation options at the Natural History Museum, London.
Large-scale digitisation options at the Natural History Museum, London.Large-scale digitisation options at the Natural History Museum, London.
Large-scale digitisation options at the Natural History Museum, London.
 
Methodological principles in dealing with Big Data, Reijo Sund
Methodological principles in dealing with Big Data, Reijo SundMethodological principles in dealing with Big Data, Reijo Sund
Methodological principles in dealing with Big Data, Reijo Sund
 

Ähnlich wie Chapter 05 Digital Safety and Security

Chapter 9 security privacy csc
Chapter 9 security privacy cscChapter 9 security privacy csc
Chapter 9 security privacy csc
Hisyam Rosly
 
chapter11-120214225647-phpapp01.pptx
chapter11-120214225647-phpapp01.pptxchapter11-120214225647-phpapp01.pptx
chapter11-120214225647-phpapp01.pptx
ssuser666f98
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
PradeeshSAI
 
Chapter 11 computer security and safety, ethics, and privacy
Chapter 11 computer security and safety, ethics, and privacyChapter 11 computer security and safety, ethics, and privacy
Chapter 11 computer security and safety, ethics, and privacy
haider ali
 

Ähnlich wie Chapter 05 Digital Safety and Security (20)

Chapter 9 security privacy csc
Chapter 9 security privacy cscChapter 9 security privacy csc
Chapter 9 security privacy csc
 
chapter11-120214225647-phpapp01.pptx
chapter11-120214225647-phpapp01.pptxchapter11-120214225647-phpapp01.pptx
chapter11-120214225647-phpapp01.pptx
 
chapter11-120214225647-phpapp01.pdf
chapter11-120214225647-phpapp01.pdfchapter11-120214225647-phpapp01.pdf
chapter11-120214225647-phpapp01.pdf
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
 
Chapter 11 computer security and safety, ethics, and privacy
Chapter 11 computer security and safety, ethics, and privacyChapter 11 computer security and safety, ethics, and privacy
Chapter 11 computer security and safety, ethics, and privacy
 
Lecture 5.1.pptx
Lecture 5.1.pptxLecture 5.1.pptx
Lecture 5.1.pptx
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in mis
 
DC16_Ch05.pptx
DC16_Ch05.pptxDC16_Ch05.pptx
DC16_Ch05.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Week 12
Week 12Week 12
Week 12
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Computer crime
Computer crimeComputer crime
Computer crime
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information system
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks Shelly
 
Lecture 5.pptx
Lecture 5.pptxLecture 5.pptx
Lecture 5.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 

Mehr von xtin101

Access Chapter 01
Access Chapter 01Access Chapter 01
Access Chapter 01
xtin101
 
Access2013 ch03
Access2013 ch03Access2013 ch03
Access2013 ch03
xtin101
 
Access Chapter 02
Access Chapter 02Access Chapter 02
Access Chapter 02
xtin101
 
Excel Chapter 03
Excel Chapter 03Excel Chapter 03
Excel Chapter 03
xtin101
 
Excel Chapter 02
Excel Chapter 02Excel Chapter 02
Excel Chapter 02
xtin101
 
Excel Chapter 01
Excel Chapter 01Excel Chapter 01
Excel Chapter 01
xtin101
 
PowerPoint Chapter 03
PowerPoint Chapter 03PowerPoint Chapter 03
PowerPoint Chapter 03
xtin101
 
PowerPoint Chapter 2
PowerPoint Chapter 2PowerPoint Chapter 2
PowerPoint Chapter 2
xtin101
 
PowerPoint Chapter 01
PowerPoint Chapter 01PowerPoint Chapter 01
PowerPoint Chapter 01
xtin101
 
Word Chapter 03
Word Chapter 03Word Chapter 03
Word Chapter 03
xtin101
 
Word Chapter 02
Word Chapter 02Word Chapter 02
Word Chapter 02
xtin101
 
Word Chapter 01
Word Chapter 01Word Chapter 01
Word Chapter 01
xtin101
 
Chapter 10 Communications and Networks
Chapter 10 Communications and NetworksChapter 10 Communications and Networks
Chapter 10 Communications and Networks
xtin101
 
Chapter 8 Digital Storage
Chapter 8 Digital StorageChapter 8 Digital Storage
Chapter 8 Digital Storage
xtin101
 
Ch12 records management
Ch12 records managementCh12 records management
Ch12 records management
xtin101
 
Ch10 records management
Ch10 records managementCh10 records management
Ch10 records management
xtin101
 
Ch11 records management
Ch11 records managementCh11 records management
Ch11 records management
xtin101
 
Ch09 records management
Ch09 records managementCh09 records management
Ch09 records management
xtin101
 
Ch07 records management
Ch07 records managementCh07 records management
Ch07 records management
xtin101
 
Ch08 records management
Ch08 records managementCh08 records management
Ch08 records management
xtin101
 

Mehr von xtin101 (20)

Access Chapter 01
Access Chapter 01Access Chapter 01
Access Chapter 01
 
Access2013 ch03
Access2013 ch03Access2013 ch03
Access2013 ch03
 
Access Chapter 02
Access Chapter 02Access Chapter 02
Access Chapter 02
 
Excel Chapter 03
Excel Chapter 03Excel Chapter 03
Excel Chapter 03
 
Excel Chapter 02
Excel Chapter 02Excel Chapter 02
Excel Chapter 02
 
Excel Chapter 01
Excel Chapter 01Excel Chapter 01
Excel Chapter 01
 
PowerPoint Chapter 03
PowerPoint Chapter 03PowerPoint Chapter 03
PowerPoint Chapter 03
 
PowerPoint Chapter 2
PowerPoint Chapter 2PowerPoint Chapter 2
PowerPoint Chapter 2
 
PowerPoint Chapter 01
PowerPoint Chapter 01PowerPoint Chapter 01
PowerPoint Chapter 01
 
Word Chapter 03
Word Chapter 03Word Chapter 03
Word Chapter 03
 
Word Chapter 02
Word Chapter 02Word Chapter 02
Word Chapter 02
 
Word Chapter 01
Word Chapter 01Word Chapter 01
Word Chapter 01
 
Chapter 10 Communications and Networks
Chapter 10 Communications and NetworksChapter 10 Communications and Networks
Chapter 10 Communications and Networks
 
Chapter 8 Digital Storage
Chapter 8 Digital StorageChapter 8 Digital Storage
Chapter 8 Digital Storage
 
Ch12 records management
Ch12 records managementCh12 records management
Ch12 records management
 
Ch10 records management
Ch10 records managementCh10 records management
Ch10 records management
 
Ch11 records management
Ch11 records managementCh11 records management
Ch11 records management
 
Ch09 records management
Ch09 records managementCh09 records management
Ch09 records management
 
Ch07 records management
Ch07 records managementCh07 records management
Ch07 records management
 
Ch08 records management
Ch08 records managementCh08 records management
Ch08 records management
 

Chapter 05 Digital Safety and Security

  • 1. Chapter 5 Digital Safety and Security Discovering Computers Technology in a World of Computers, Mobile Devices, and the Internet
  • 2. Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network attacks, and explain ways to safeguard against these attacks Discuss techniques to prevent unauthorized computer access and use Explain the ways that software manufacturers protect against software piracy Discuss how encryption, digital signatures, and digital certificates work Copyright © Cengage Learning. All rights reserved.See Page 202 for Detailed Objectives
  • 3. Objectives Overview Identify safeguards against hardware theft, vandalism, and failure Explain the options available for backing up Identify risks and safeguards associated with wireless communications Recognize issues related to information accuracy, intellectual property rights, codes of conduct, and green computing Discuss issues surrounding information privacy Copyright © Cengage Learning. All rights reserved.See Page 202 for Detailed Objectives
  • 4. Digital Security Risks • A digital security risk is any event or action that could cause a loss of or damage to a computer or mobile device hardware, software, data, information, or processing capability • Any illegal act involving the use of a computer or related devices generally is referred to as a computer crime • A cybercrime is an online or Internet-based illegal act Copyright © Cengage Learning. All rights reserved.Page 202
  • 5. Digital Security Risks Copyright © Cengage Learning. All rights reserved.Page 203 Figure 5-1
  • 6. Digital Security Risks Hacker Cracker Script kiddie Corporate spies Unethical employees Cyberextortionist Cyberterrorist Copyright © Cengage Learning. All rights reserved.Page 204
  • 7. Internet and Network Attacks • Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises • Malware, short for malicious software, consists of programs that act without a user’s knowledge and deliberately alter the operations of computers and mobile devices Copyright © Cengage Learning. All rights reserved. Pages 204 - 205 Table 5-1
  • 8. Internet and Network Attacks Copyright © Cengage Learning. All rights reserved.Page 205 Figure 5-2
  • 9. Internet and Network Attacks • A botnet is a group of compromised computers or mobile devices connected to a network – A compromised computer or device is known as a zombie • A denial of service attack (DoS attack) disrupts computer access to Internet services – Distributed DoS (DDoS) • A back door is a program or set of instructions in a program that allow users to bypass security controls • Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate Copyright © Cengage Learning. All rights reserved.Pages 206 - 207
  • 10. Internet and Network Attacks • A firewall is hardware and/or software that protects a network’s resources from intrusion Copyright © Cengage Learning. All rights reserved.Pages 208 - 209 Figure 5-4
  • 11. Unauthorized Access and Use Unauthorized access is the use of a computer or network without permission Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities Copyright © Cengage Learning. All rights reserved.Page 210
  • 12. Unauthorized Access and Use • Organizations take several measures to help prevent unauthorized access and use – Acceptable use policy – Disable file and printer sharing Copyright © Cengage Learning. All rights reserved. Page 210 Figure 5-5
  • 13. Unauthorized Access and Use • Access controls define who can access a computer, device, or network; when they can access it; and what actions they can take while accessing it • The computer, device, or network should maintain an audit trail that records in a file both successful and unsuccessful access attempts – User name – Password – Passphrase – CAPTCHA Copyright © Cengage Learning. All rights reserved.Pages 211 - 212 Figure 5-6
  • 14. Unauthorized Access and Use • A possessed object is any item that you must carry to gain access to a computer or computer facility – Often are used in combination with a PIN (personal identification number) • A biometric device authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer Copyright © Cengage Learning. All rights reserved. Page 213
  • 15. Unauthorized Access and Use Fingerprint reader Face recognition system Hand geometry system Voice verification system Signature verification system Iris recognition system Copyright © Cengage Learning. All rights reserved.Pages 213 – 214 Figures 5-8 – 5-10
  • 16. Unauthorized Access and Use • Digital forensics is the discovery, collection, and analysis of evidence found on computers and networks • Many areas use digital forensics Copyright © Cengage Learning. All rights reserved.Page 214 Law enforcement Criminal prosecutors Military intelligence Insurance agencies Information security departments
  • 17. Software Theft • Software theft occurs when someone: Copyright © Cengage Learning. All rights reserved.Page 215 Steals software media Intentionally erases programs Illegally registers and/or activates a program Illegally copies a program
  • 18. Software Theft • Many manufacturers incorporate an activation process into their programs to ensure the software is not installed on more computers than legally licensed • During the product activation, which is conducted either online or by phone, users provide the software product’s identification number to associate the software with the computer or mobile device on which the software is installed Copyright © Cengage Learning. All rights reserved.Page 215
  • 19. Software Theft • A single-user license agreement typically contains the following conditions: Copyright © Cengage Learning. All rights reserved.Pages 215 – 216 Figure 5-11
  • 20. Information Theft • Information theft occurs when someone steals personal or confidential information • Encryption is a process of converting data that is readable by humans into encoded characters to prevent unauthorized access Copyright © Cengage Learning. All rights reserved.Pages 216 - 217 Table 5-2
  • 21. Information Theft Copyright © Cengage Learning. All rights reserved.Page 217 Figure 5-12
  • 22. Information Theft • A digital signature is an encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the sender – Often used to ensure that an impostor is not participating in an Internet transaction • A digital certificate is a notice that guarantees a user or a website is legitimate • A website that uses encryption techniques to secure its data is known as a secure site Copyright © Cengage Learning. All rights reserved.Page 218
  • 23. Information Theft Copyright © Cengage Learning. All rights reserved.Page 218 Figure 5-13
  • 24. Hardware Theft, Vandalism, and Failure Hardware theft is the act of stealing digital equipment Hardware vandalism is the act of defacing or destroying digital equipment Copyright © Cengage Learning. All rights reserved.Page 219
  • 25. Hardware Theft, Vandalism, and Failure • To help reduce the of chances of theft, companies and schools use a variety of security measures Copyright © Cengage Learning. All rights reserved.Page 219 Figure 5-14
  • 26. Backing Up – The Ultimate Safeguard • A backup is a duplicate of a file, program, or media that can be used if the original is lost, damaged, or destroyed – To back up a file means to make a copy of it • Off-site backups are stored in a location separate from the computer or mobile device site Copyright © Cengage Learning. All rights reserved.Page 219 Cloud Storage
  • 27. Backing Up – The Ultimate Safeguard • Categories of backups: – Full – Differential – Incremental – Selective – Continuous data protection • Three-generation backup policy Copyright © Cengage Learning. All rights reserved. Page 219 Grandparent Parent Child
  • 28. Backing Up – The Ultimate Safeguard Copyright © Cengage Learning. All rights reserved.Page 220 Table 5-3
  • 29. Wireless Security • Wireless access poses additional security risks • Some intruders intercept and monitor communications as they transmit through the air • Others connect to a network through an unsecured wireless access point (WAP) or combination router/WAP Copyright © Cengage Learning. All rights reserved. Page 221 Figure 5-16
  • 30. Ethics and Society • Computer ethics are the moral guidelines that govern the use of computers, mobile devices, and information systems • Information accuracy is a concern – Not all information on the web is correct Copyright © Cengage Learning. All rights reserved. Pages 224 - 225 Figure 5-18
  • 31. Ethics and Society Copyright © Cengage Learning. All rights reserved.Page 225 • Intellectual property refers to unique and original works such as ideas, inventions, art, writings, processes, company and product names, and logos • Intellectual property rights are the rights to which creators are entitled to their work • A copyright protects any tangible form of expression • Digital rights management (DRM) is a strategy designed to prevent illegal distribution of movies, music, and other digital content
  • 32. Ethics and Society Copyright © Cengage Learning. All rights reserved.Page 226 Figure 5-19 • A code of conduct is a written guideline that helps determine whether a specification is ethical/unethical or allowed/not allowed
  • 33. Ethics and Society • Green computing involves reducing the electricity and environmental waste while using computers, mobile devices, and related technologies Copyright © Cengage Learning. All rights reserved.Pages 226 - 227 Figure 5-20
  • 34. Information Privacy • Information privacy refers to the right of individuals and companies to deny or restrict the collection and use of information about them • Huge databases store data online • It is important to safeguard your information Copyright © Cengage Learning. All rights reserved.Page 227
  • 35. Information Privacy Copyright © Cengage Learning. All rights reserved. Page 228 Figure 5-21
  • 36. Information Privacy • Information about you can be stored in a database when you: – Fill out a printed or online form – Create a social networking profile – Register a product warranty Copyright © Cengage Learning. All rights reserved. Pages 228 - 229 Figure 5-22
  • 37. Information Privacy • A cookie is a small text file that a web server stores on your computer • Websites use cookies for a variety of reasons: Copyright © Cengage Learning. All rights reserved.Page 229 Allow for personalization Store user names and/or passwords Assist with online shopping Track how often users visit a site Target advertisements
  • 38. Information Privacy Copyright © Cengage Learning. All rights reserved.Page 230 Figure 5-23
  • 39. Information Privacy • Phishing is a scam in which a perpetrator sends an official looking email message that attempts to obtain your personal and/or financial information • With clickjacking, an object that can be clicked on a website contains a malicious program Copyright © Cengage Learning. All rights reserved.Page 231
  • 40. Information Privacy • Spyware is a program placed on a computer or mobile device without the user’s knowledge that secretly collects information about the user and then communicates the information it collects to some outside source while the user is online • Adware is a program that displays an online advertisement in a banner or pop-up window on webpages, email messages, or other Internet services Copyright © Cengage Learning. All rights reserved.Page 231
  • 41. Information Privacy • Social engineering is defined as gaining unauthorized access to or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others Copyright © Cengage Learning. All rights reserved.Page 232
  • 42. Information Privacy • The concern about privacy has led to the enactment of federal and state laws regarding the storage and disclosure of personal data – See Table 5-4 on page 233 for a listing of major U.S. government laws concerning privacy Copyright © Cengage Learning. All rights reserved.Pages 232 - 233
  • 43. Information Privacy Employee monitoring involves the use of computers, mobile devices, or cameras to observe, record, and review an employee’s use of a technology, including communications such as email messages, keyboard activity (used to measure productivity), and websites visited Many programs exist that easily allow employers to monitor employees. Further, it is legal for employers to use these programs Copyright © Cengage Learning. All rights reserved.Page 233
  • 44. Ethics and Society • Content filtering is the process of restricting access to certain material on the Web – Many businesses use content filtering • Web filtering software restricts access to specified websites Copyright © Cengage Learning. All rights reserved. Page 234 Figure 5-24
  • 45. Summary Variety of digital security risks Cybercrime and cybercriminals Risks and safeguards associated with Internet and network attacks, unauthorized access and use, software theft, information theft, and hardware theft, vandalism, and failure Various backup strategies and methods of securing wireless communications Ethical issues in society and various ways to protect the privacy of personal information Copyright © Cengage Learning. All rights reserved.Page 235
  • 46. Chapter 5 Digital Safety and Security Discovering Computers Technology in a World of Computers, Mobile Devices, and the Internet Chapter 5 Complete