1 / 45

Chapter 06

Chapter 06. Understanding the Need for Security Measures. Basic Security Concepts. Threats Anything that can harm a computer Vulnerabilities are weaknesses in security Security attempts to neutralize threats. Basic Security Concepts. Degrees of harm Level of potential damage

warr
Télécharger la présentation

Chapter 06

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 06 Understanding the Need for Security Measures

  2. Basic Security Concepts • Threats • Anything that can harm a computer • Vulnerabilities are weaknesses in security • Security attempts to neutralize threats

  3. Basic Security Concepts • Degrees of harm • Level of potential damage • Include all parts of system • Potential data loss • Loss of privacy • Inability to use hardware • Inability to use software

  4. Basic Security Concepts • Countermeasures • Steps taken to block a threat • Protect the data from theft • Protect the system from theft

  5. Threats To Users • Identity Theft • Impersonation by private information • Thief can ‘become’ the victim • Reported incidents rising • Methods of stealing information • Shoulder surfing • Snagging • Dumpster diving • Social engineering • High-tech methods

  6. Threats To Users • Loss of privacy • Personal information is stored electronically • Purchases are stored in a database • Data is sold to other companies • Public records on the Internet • Internet use is monitored and logged • None of these techniques are illegal

  7. Threats to Users • Cookies • Files delivered from a web site • Originally improved a site’s function • Cookies now track history and passwords • Browsers include cookie blocking tools

  8. Threats to Users • Spyware • Software downloaded to a computer • Designed to record personal information • Typically undesired software • Hides from users • Several programs exist to eliminate

  9. Threats to Users • Web bugs • Small programs embedded in gif images • Gets around cookie blocking tools • Companies use to track usage • Blocked with spyware killers

  10. Threats to Users • Spam • Unsolicited commercial email • Networks and PCs need a spam blocker • Stop spam before reaching the inbox • Spammers acquire addresses using many methods • CAN-SPAM Act passed in 2003

  11. Threats to Hardware • Affect the operation or reliability • Power-related threats • Power fluctuations • Power spikes or browns out • Power loss • Countermeasures • Surge suppressors • Line conditioners • Uninterruptible power supplies • Generators

  12. Threats to Hardware • Theft and vandalism • Thieves steal the entire computer • Accidental or intentional damage • Countermeasures • Keep the PC in a secure area • Lock the computer to a desk • Do not eat near the computer • Watch equipment • Chase away loiterers • Handle equipment with care

  13. Threats to Hardware • Natural disasters • Disasters differ by location • Typically result in total loss • Disaster planning • Plan for recovery • List potential disasters • Plan for all eventualities • Practice all plans

  14. Threats to Data • The most serious threat • Data is the reason for computers • Data is very difficult to replace • Protection is difficult • Data is intangible

  15. Threats to Data • Viruses • Software that distributes and installs itself • Ranges from annoying to catastrophic • Countermeasures • Anti-virus software • Popup blockers • Do not open unknown email

  16. Threats to Data • Trojan horses • Program that poses as beneficial software • User willingly installs the software • Countermeasures • Anti-virus software • Spyware blocker

  17. Threats to Data • Cybercrime • Using a computer in an illegal act • Fraud and theft are common acts

  18. Threats to Data • Internet fraud • Most common cybercrime • Fraudulent website • Have names similar to legitimate sites

  19. Threats to Data • Hacking • Using a computer to enter another network • Cost users $1.3 trillion in 2003 • Hackers motivation • Recreational hacking • Financial hackers • Grudge hacking • Hacking methods • Sniffing • Social engineering • Spoofing

  20. Threats to Data • Distributed denial of service attack • Attempt to stop a public server • Hackers plant the code on computers • Code is simultaneously launched • Too many requests stops the server

  21. Threats to Data • Cyber terrorism • Attacks made at a nations information • Targets include power plants • Threat first realized in 1996 • Organizations combat cyber terrorism • Computer Emergency Response Team (CERT) • Department of Homeland Security

  22. Avoiding Identity Theft • Guard your papers • Shred unneeded papers • Pick up you mail quickly • Check statements immediately • Keep records for 3 years

  23. Avoiding Identity Theft • Guard your personal information • Be wary giving out information • Avoid giving account numbers • Never give personal information in e-mail • Ensure online shopping is secure

  24. Avoiding Identity Theft • Look at the big picture • Review your credit report yearly • Develop an efficient filing system • Know your liability limits

  25. Protecting Your Privacy • Keep marketers at bay • Be wary filling out forms • Guard your primary email address • Have a ‘spam account’ for forms

  26. Protecting Your Privacy • Know your legal rights • 1966 Freedom of Information Act • 1970 Fair Credit Reporting Act • Privacy Act of 1974 • 1986 Electronic Communications Act • Financial Modernization Act of 1999 • 2001 USA Patriot Act

  27. Managing Cookies and Spyware • Dealing with cookies • Browsers provide settings to block cookies • No cookies to all cookies allowed • Without cookies some sites crash • Cookies can be deleted • Browsers • Spyware programs

  28. Managing Cookies and Spyware • Cookie types • Session cookies • Cookies for the current site • Persistent cookies • Stored on hard drive until deleted • First-party cookies • Installed by the current site • Third-party cookies • Installed by an ad

  29. Deleting Cookies

  30. Managing Cookies and Spyware • Removing web bugs and spyware • Install a spyware removal program • None are 100% effective, use two • Install a pop-up blocker • Are extremely effective

  31. Managing Cookies and Spyware • Evading spam • Contact your ISP • Use mail program’s filters • Use an anti-spam program • Use an online account for purchasing

  32. Protection From Malware • Viruses and worms • Purchase a good anti-virus product • Keep the product updated • Keep your OS up to date

  33. Protecting Your System • Limit physical access • Easiest way to harm or steal data • Build an account for each user • Require a password for access • Software and hardware password

  34. Protecting Your System • Use a firewall • Protects from unauthorized remote use • Makes your computer invisible • Cost between $0 and $80

  35. Protecting Your System • Backup often • Backup is a copy of a file • Restore replaces a file on disk • Organizations backup at least daily • Home users should backup weekly

  36. System Events • OS generates messages for events • Provides clues about computer health • Can alert to potential problems • Windows includes the Event Viewer

  37. Event Viewer

  38. Handling Storage Media • Store media in the proper container • Floppy disks in a hard case • CD should be in a sleeve • Thumb disks should be closed

  39. Handling Storage Media • Avoid magnetism • Magnets erase the contents of disks • Magnets found in • Speakers • Televisions and CRT monitors • Radios

  40. Handling Storage Media • Heat and cold • Avoid extreme temperatures • Heat expands media • Cold contracts media • Floppies and CD-ROMs are susceptible

  41. Handling Storage Media • Moisture • Do not use wet media • CDs can be wiped off • Floppy disks must dry for days

  42. Handling Storage Media • Dust, dirt, and fingerprints • Dirty or scratched media will fail • Handle media by the edge • Clean CDs with gentle strokes

  43. Storing Computer Equipment • Never store near large electronics • Store in dry, climate controlled rooms • Plan for natural disasters • Stack equipment safely

  44. Keeping Your Computer Clean • Computers should be spotless • Avoid eating or smoking at computer • Clean the dust from inside the system • Change the filters if present

  45. End of Chapter

More Related