1 / 61

Computer Concepts - Illustrated Introductory, Seventh Edition

Computer Concepts - Illustrated Introductory, Seventh Edition. UNIT F: Data Security. Objectives. Know what can go wrong Protect computer systems Understand authentication Explore security threats and malware Avoid security threats and malware. Objectives.

gwyn
Télécharger la présentation

Computer Concepts - Illustrated Introductory, Seventh Edition

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Concepts - Illustrated Introductory, Seventh Edition UNIT F: Data Security

  2. Objectives Know what can go wrong Protect computer systems Understand authentication Explore security threats and malware Avoid security threats and malware Computer Concepts – Illustrated Introductory, Seventh Edition

  3. Objectives Examine network and Internet access security Explore Web and email security Examine backup procedures Talking points: Prosecuting computer crime Computer Concepts – Illustrated Introductory, Seventh Edition

  4. Knowing What Can Go Wrong • Risk management • Process of identifying potential threats to computer equipment and data • Implementing plans to avoid as many threats as possible • Developing steps to recover from unavoidable disasters • Risk management objectives • Reduce downtime • Maintain good quality service • Promote business continuity Computer Concepts – Illustrated Introductory, Seventh Edition

  5. Knowing What Can Go Wrong • What can go wrong? • Power outages • Hardware failures • Software failures • Human error • Computer viruses • Less common threats include natural disasters, acts of war, security breaches, malicious hackers, and theft Computer Concepts – Illustrated Introductory, Seventh Edition

  6. Knowing What Can Go Wrong • Power failure • Complete loss of power to computer system • Even brief power interruption can force computer to reboot and lose all data in RAM • Power spikes, voltage spikes, and power surges can destroy circuitry or damage a motherboard Computer Concepts – Illustrated Introductory, Seventh Edition

  7. Knowing What Can Go Wrong • Data center - specialized facility designed to house and protect computer system or its data • Includes special features like • Fireproof construction • Earthquake-proof foundations • Sprinkler systems • Power generators • Secure doors and windows • Antistatic floor coverings • Locations safe from floods, earthquakes, and tornadoes Computer Concepts – Illustrated Introductory, Seventh Edition

  8. Knowing What Can Go Wrong • Effect of hardware failure depends on which component fails • Software failure can result in lost or inaccurate data • Common human errors include • Entering inaccurate data • Failing to follow required procedures Computer Concepts – Illustrated Introductory, Seventh Edition

  9. Knowing What Can Go Wrong • Cyberterrorism • Terrorist acts committed via Internet • Uses viruses and worms to destroy data and corrupt systems • Power grids and telecommunications • Disasters that destroy data can and do occur • Despite risk-prevention measures, • Floods, earthquakes, fires, etc. Computer Concepts – Illustrated Introductory, Seventh Edition

  10. Knowing What Can Go Wrong • Disaster recovery plan • Step-by-step plan describes methods used to secure data against disaster • Explains how to recover lost data if and when disaster occurs Computer Concepts – Illustrated Introductory, Seventh Edition

  11. Protecting Computer Systems • Value of stolen computer often determined by data contained in system • Bank account numbers, credit card numbers, PINs • Can allow thief to wipe out checking or savings accounts or use credit card • Thieves can use stolen data to assume identity Computer Concepts – Illustrated Introductory, Seventh Edition

  12. Protecting Computer Systems • Protecting computer from theft • Use common sense • Never leave notebook computer unattended or in unsecured room • Anchor your computer to your desk with special lock or security plate • Motion sensor alarms Computer Concepts – Illustrated Introductory, Seventh Edition

  13. Protecting Computer Systems • Tracking and recovery software - used to track stolen computer as soon as thief connects to Internet • Some tracking software can be configured to delete data if computer is stolen • Passwords can make data difficult to access • Save and store unique information about your computer • Make, model, serial number Computer Concepts – Illustrated Introductory, Seventh Edition

  14. Protecting Computer Systems • Power protection • UPS (uninterruptible power supply) Computer Concepts – Illustrated Introductory, Seventh Edition

  15. Protecting Computer Systems • Surge strip (surge protector, surge suppressor) • Low-cost alternative to UPS • Designed to protect electrical devices from power surges and voltage spikes Computer Concepts – Illustrated Introductory, Seventh Edition

  16. Protecting Computer Systems • Fans help keep computers vented • Be aware of ventilation around computer • Should draw air from room and blow it across inside components • Do not put papers, books, or other items on top of monitor • Can heat up quickly Computer Concepts – Illustrated Introductory, Seventh Edition

  17. Understanding Authentication • Authentication protocol • Any method that confirms person’s identity when using computer system • Something person carries • Something person knows • Some unique physical characteristics • Biometrics Computer Concepts – Illustrated Introductory, Seventh Edition

  18. Understanding Authentication • Two-factor authentication • Verifies identity using two independent elements of confirmation • More secure than single-factor authentication • User ID • Also known as username, login, screen name, online nickname, handle • Typically public and do not offer any level of security Computer Concepts – Illustrated Introductory, Seventh Edition

  19. Understanding Authentication • Password • Verifies user ID and guarantees that you are the person you claim to be Computer Concepts – Illustrated Introductory, Seventh Edition

  20. Understanding Authentication • PIN • Like passwords, PINs are something user knows • PIN - short sequence of numbers, can be entered using numeric keypad • Password tends to be longer sequence letters, numbers, and special characters • If password(s) stolen, could become victim of identity theft Computer Concepts – Illustrated Introductory, Seventh Edition

  21. Understanding Authentication • Brute force attack • Method for stealing user IDs and passwords • Uses password-cracking software to steal information • Password manager • Utility software that generates secure passwords and stores them along with user IDs • Allows for use of unique and secure passwords for every one of your online accounts Computer Concepts – Illustrated Introductory, Seventh Edition

  22. Understanding Authentication • Restricting access to computer • Keep it in locked room when not in use • Password protection and authentication • User rights • Rules that limit directories and files each user can access Computer Concepts – Illustrated Introductory, Seventh Edition

  23. Exploring Security Threatsand Malware • Malware • Malicious code - one of biggest threats to your computer security • Computer virus • Set of program instructions • Attaches itself to file, reproduces itself, and spreads to other files on same computer • Does NOT spread by itself from one computer to another • Spreads when infected files are distributed Computer Concepts – Illustrated Introductory, Seventh Edition

  24. Exploring Security Threatsand Malware • Hackers, crackers, black hats, and cybercriminals create and unleash malware • Some malware intended to be prank or mildly annoying vandalism • Some created to distribute political messages or disrupt operations at specific companies • In many cases motivation is money Computer Concepts – Illustrated Introductory, Seventh Edition

  25. Exploring Security Threatsand Malware • Viruses can • Corrupt files • Destroy data • Display irritating message • Disrupt operations • Deliver payload or trigger event • Time bombs, logic bombs • Boot sector virus • Infects system files computer uses every time it turns on Computer Concepts – Illustrated Introductory, Seventh Edition

  26. Exploring Security Threatsand Malware • Computer worm • Self-copying program designed to carry out unauthorized activity on victim’s computer • Able to spread themselves from one computer to another • Enter through security holes in browsers and OSs • Usually sent via emails or by victims clicking infected pop-up ads or links contained in emails • Can even infect mobile phones • Mass-mailing worm spreads by sending itself to every address on infected computer Computer Concepts – Illustrated Introductory, Seventh Edition

  27. Exploring Security Threatsand Malware Simulated Worm Attack Computer Concepts – Illustrated Introductory, Seventh Edition

  28. Exploring Security Threatsand Malware • Trojan horse • Computer program seems to perform one function while actually doing something else • Not designed to spread to other computers • Notorious for stealing passwords using keylogger • Remote Access Trojan (RAT) • Backdoor capabilities that allow remote hackers to • Transmit files to victim’s computer • Search for data • Run programs • Use victim’s computer as relay station for breaking into other computers Computer Concepts – Illustrated Introductory, Seventh Edition

  29. Exploring Security Threatsand Malware • Bot • Software that can automate task or autonomously execute task when commanded to do so • Called intelligent agent • Because intelligent agent behaves like robot, often called bot • Zombie • Computer under control of bot • Botmaster • Person who controls many bot-infested computers and can link them together into network called botnet Computer Concepts – Illustrated Introductory, Seventh Edition

  30. Exploring Security Threatsand Malware • Spyware • Program that secretly gathers personal information without victim’s knowledge • Usually for advertising and commercial purposes • Can piggyback on seemingly legitimate freeware or shareware downloads • Can also allow spyware into computer by: • Clicking infected pop-up ads • Surfing through seemingly valid and secure but compromised Web sites Computer Concepts – Illustrated Introductory, Seventh Edition

  31. Exploring Security Threatsand Malware • Blended threat • Malware that combines more than one type of malicious program • What does malware do? • Network traffic jam • Denial-of-service attacks • Browser reconfiguration • Delete and modify files • Access confidential information • Disable antivirus and firewall software • Control your computer • Performance degradation Computer Concepts – Illustrated Introductory, Seventh Edition

  32. Avoiding Security Threatsand Malware • May not even be aware that computer is infected • Symptoms of infected computer include • Irritating messages or sounds • Frequent pop-up ads (often pornographic in nature) • Sudden appearance of new Internet toolbar • Addition to favorites list Computer Concepts – Illustrated Introductory, Seventh Edition

  33. Avoiding Security Threatsand Malware • More symptoms of infected computer • Prolonged system start-up • Slower than usual response to clicking or typing • Browser or application crashes • Missing files • Disabled security • Network activity when not actively browsing or sending email • Frequent rebooting Computer Concepts – Illustrated Introductory, Seventh Edition

  34. Avoiding Security Threatsand Malware • Keeping your computer safe • Install and activate security software • Keep software patches and operating system service packs up to date • Do not open suspicious email attachments • Obtain software only from reliable sources • Use security software to scan for malware • Do not click pop-up ads • Avoid unsavory Web sites • Disable option Hide extensions for known file types in Windows Computer Concepts – Illustrated Introductory, Seventh Edition

  35. Avoiding Security Threatsand Malware • Security suite • Integrates several security modules to protect against the most common types of malware Computer Concepts – Illustrated Introductory, Seventh Edition

  36. Avoiding Security Threatsand Malware • Security suite advantages • Costs less than buying stand-alone modules • Learning one interface simpler than learning several • Security suite disadvantages • Installation requires uninstalling or disabling all other antivirus, antispyware, and firewall software on your computer • Suites cannot generally run with other stand-alone security products • Overlapping coverage can cause glitches Computer Concepts – Illustrated Introductory, Seventh Edition

  37. Avoiding Security Threatsand Malware • Antivirus software • Utility software that looks for and removes viruses, Trojan horses, worms, and bots • Included in several suites or as stand-alone • Available for all types of computer and data storage • Dependable, but not infallible • Antivirus software searches for virus signature • Section of program code that can be used to identify known malicious program Computer Concepts – Illustrated Introductory, Seventh Edition

  38. Avoiding Security Threatsand Malware • Once antivirus software installed: • Set it to start when your computer starts • Keep running full time in background • List of virus signatures updated frequently • Information stored in one or more files called virus definitions • Can be manually or automatically downloaded Computer Concepts – Illustrated Introductory, Seventh Edition

  39. Avoiding Security Threatsand Malware • Configure antivirus software to periodically scan all files on computer • If you suspect that computer has been infected • Immediately use security software to scan computer • If scan finds malware, program can • Try to remove infection • Quarantine file • Delete file Computer Concepts – Illustrated Introductory, Seventh Edition

  40. Examining Network and InternetAccess Security • Local area networks (LAN) • Susceptible to attacks from within network and from outside • Threats to wireless networks • LANjacking or war driving • War chalking Computer Concepts – Illustrated Introductory, Seventh Edition

  41. Examining Network and InternetAccess Security • Securing wireless network • Wireless encryption • WEP, WPA, WPA2 • Wireless network key (network security key) • Basis for scrambling and unscrambling data transmitted between wireless devices • Similar to password, only longer Computer Concepts – Illustrated Introductory, Seventh Edition

  42. Examining Network and InternetAccess Security Many wireless networks are not encrypted and are open to public Others are for public use but are encrypted and require network key Computer Concepts – Illustrated Introductory, Seventh Edition

  43. Examining Network and InternetAccess Security • Encryption transforms message so contents are hidden from unauthorized readers • Prevents intrusions • Secures credit card numbers and other personal information transferred while using e-commerce sites • Secures computer archives Computer Concepts – Illustrated Introductory, Seventh Edition

  44. Examining Network and InternetAccess Security • Firewall • Software or hardware designed to filter out suspicious packets attempting to enter or leave a computer Computer Concepts – Illustrated Introductory, Seventh Edition

  45. Exploring Web and Email Security • Cookie • Message containing information about user sent from Web server to browser • Stored on user’s hard drive • Marketers, hackers, and pranksters have found harmful uses for cookies • Ad-serving cookie • Allows third party to track activities at any site containing their banner ads • Privacy issues have developed Computer Concepts – Illustrated Introductory, Seventh Edition

  46. Exploring Web and Email Security Browser may have setting that blocks all third-party cookies to prevent ad-serving cookies Some companies may allow opting out of allowing cookies to be stored on computer Computer Concepts – Illustrated Introductory, Seventh Edition

  47. Exploring Web and Email Security • Flash cookie (local shared object) • Flash equivalent of conventional cookie • Marketers turning to Flash cookies as alternative way to track customers • Web bug (clear GIF) • Typically 1X1 pixel graphic embedded in Web page or email • Almost invisible • Designed to track who’s reading page or message • Can generate third-party ad-serving cookies Computer Concepts – Illustrated Introductory, Seventh Edition

  48. Exploring Web and Email Security • Antispyware • Security software designed to identify and neutralize Web bugs, ad-serving cookies, and spyware Computer Concepts – Illustrated Introductory, Seventh Edition

  49. Exploring Web and Email Security • Spam • Unwanted electronic junk mail that arrives in online mailbox • Blocking spam • Email authentication techniques • Sender ID, Domain Keys • Spam filter • Utility that captures unsolicited email before it reaches inbox Computer Concepts – Illustrated Introductory, Seventh Edition

  50. Exploring Web and Email Security • Fake Web site • Looks legitimate, created by third party to be clever replication of real site • Used to collect credit card numbers from unwary shoppers • Always review URL in Address box to ensure site is authentic before entering sensitive information Computer Concepts – Illustrated Introductory, Seventh Edition

More Related