computer concepts – illustrated 8 th edition unit f: data security
TRANSCRIPT
Computer Concepts – Illustrated 8th edition
Unit F: Data SecurityUnit F: Data Security
Computer Concepts – Illustrated 8th Edition 2
Objectives
Know what can go wrong
Protect computer systems
Understand authentication
Explore security threats and malware
Avoid security threats and malware
Computer Concepts – Illustrated 8th Edition 2
Computer Concepts – Illustrated 8th Edition 3
Objectives (continued)
Examine network and Internet access security
Explore Web and email security
Understand backups
Computer Concepts – Illustrated 8th Edition 3
Computer Concepts – Illustrated 8th Edition 4
Knowing What Can Go Wrong
Risk management in computer systems Identify potential threats to equipment and
data Implement plans to avoid threats Develop steps to recover from unavoidable
disasters
Possible problems with electricity Power failure Power spikes (or voltage spikes) Power surges
Computer Concepts – Illustrated 8th Edition 5
Knowing What Can Go Wrong (continued)
Hardware failures
Software failures
Human error
Computer viruses
Safe Mode: a limited version of Windows that is used to troubleshoot some problems
Cyberterrorism: terrorist acts committed via the Internet
Computer Concepts – Illustrated 8th Edition 6
Figure F-3: Troubleshooting guidelines
Computer Concepts – Illustrated 8th Edition 7
Protecting Computer Systems
To reduce likelihood of computer theft: Use common sense Use locking devices Use security plates
Tracking and recovery software Used to track a computer if stolen
Ways to protect data if computer is stolen Software that deletes data if computer is
stolen Use of a password to access computer
Computer Concepts – Illustrated 8th Edition 8
Figure F-4: A locking device Figure F-5: A security plate
Computer Concepts – Illustrated 8th Edition 9
Protecting Computer Systems (continued)
Protection from power problems UPS (uninterruptible power supply)
• Offers the best protection against power problems
• Provides a continuous supply of power Surge strip
• Protects against power surges and voltage spikes
Most computers have a fan Allow for ventilation around the computer
Computer Concepts – Illustrated 8th Edition 10
Understanding Authentication
Authentication protocols Used to confirm a person’s identity when he
or she tries to use a computer system
Three common ways to authenticate a user: Using something a person carries Using something a person knows Using a unique physical characteristic
Biometrics: identification on some physical trait, such as a fingerprint, handprint, etc.
Computer Concepts – Illustrated 8th Edition 11
Figure F-9: Retinal scans are a form of biometric authentication
Computer Concepts – Illustrated 8th Edition 12
Understanding Authentication (continued)
Two-factor authentication: verifies identity using two independent elements of confirmation
User ID: a user’s unique identifier on a computer or Web page; typically public
Password: verifies a user ID and guarantees that the user is the person he or she claims to be
User rights: rules that limit the directories and files that each user can access
Computer Concepts – Illustrated 8th Edition 13
Exploring Security Threats and Malware
Malicious code or malware Created by hackers, crackers, black hats,
or cybercriminals
Computer virus (or virus) Set of program instructions that attaches
itself to a file, reproduces itself, and spreads to other files on the same computer
Computer worm (or worm) Self-copying program that carries out some
unauthorized activity on a victim’s computer
Computer Concepts – Illustrated 8th Edition 14
Figure F-13: A simulated worm attack
Computer Concepts – Illustrated 8th Edition 15
Exploring Security Threats and Malware (continued)
Trojan horse (or Trojan) A program that seems to perform one function
while actually doing something else
Intelligent agent (or bot) Software that can automate a task or
autonomously execute a task Bad bots are used by hackers for
unauthorized or destructive tasks
Spyware A program that secretly gathers personal
information, usually for commercial purposes
Computer Concepts – Illustrated 8th Edition 16
Exploring Security Threats and Malware (continued)
Malware can: Create network traffic jam Initiate a denial-of-Service (DoS) attack Reconfigure a browser Delete and modify files Access confidential information Disable antivirus and firewall software Control your computer Degrade performance
Computer Concepts – Illustrated 8th Edition 17
Avoiding Security Threats and Malware
Some guidelines to avoid threats: Install and activate security software Keep software and operating system updated Do not open suspicious email attachments Obtain software only from reliable sources Use security software to scan for malware Do not click pop-up ads Avoid unsavory Web sites Disable the option Hide extensions for known
file types in Windows
Computer Concepts – Illustrated 8th Edition 18
Avoiding Security Threats and Malware (continued)
Security suite Typically includes antivirus, firewall, and
anti-spyware modules
Antivirus software Utility software that looks for and removes
viruses, Trojan horses, worms, and bots Virus signature
• A section of code that can be used to identify a known malicious program
Computer Concepts – Illustrated 8th Edition 19
Avoiding Security Threats and Malware (continued)
Virus definitions Contains information that antivirus software
uses to identify and remove malware Needs to be updated regularly
Make regular backups of your data
Computer Concepts – Illustrated 8th Edition 20
Examining Network and Internet Access Security
Wireless networks Susceptible to unauthorized access and
use, especially if unsecured
LANjacking or war driving Hackers can intercept signals with a Wi-Fi
enabled notebook computer
Wireless encryption WEP (Wired Equivalent Privacy) WPA (Wi-Fi Protected Access) WPA2
Computer Concepts – Illustrated 8th Edition 21
Examining Network and Internet Access Security (continued)
Wireless network key The basis for scrambling and unscrambling
data transmitted between wireless devices
Encryption Transforms a message so that its contents
are hidden from unauthorized readers
Firewall Software or hardware that filters out
suspicious packets attempting to enter or leave a computer
Computer Concepts – Illustrated 8th Edition 22
Figure F-20: Windows Firewall settings
Computer Concepts – Illustrated 8th Edition 23
Exploring Web and Email Security
Cookie Contains information about the user Stored on the user’s hard drive Ad-serving cookie
InPrivate feature of Internet Explorer No user data is stored after a browsing
session
Antispyware Security software designed to identify and
neutralize spyware
Computer Concepts – Illustrated 8th Edition 24
Figure F-23: Anti-Spyware software
Computer Concepts – Illustrated 8th Edition 25
Exploring Web and Email Security (continued)
Phishing Email-based or IM scam that persuades users
to reveal confidential information
Pharming Redirects users to fake sites by poisoning a
domain name server with a false IP address
Spam Unwanted electronic junk mail Techniques to combat spam:
• Email authentication techniques
• Spam filter
Computer Concepts – Illustrated 8th Edition 26
Understanding Backups
Backup: a copy made in case the original files become damaged Full backup (or full-system backup) Differential backup Incremental backup
Backup storage media include: Writable CDs, DVDs, BDs, solid-state
storage cards, tapes, and USB flash drives
Can back up data to a network server
Some Web sites offer Web-based storage
Computer Concepts – Illustrated 8th Edition 27
Understanding Backups (continued)
Backup software is designed to back up and restore files
Boot disk A removable storage medium containing the
operating system files needed to boot a computer
Recovery CD (or recovery disk) A bootable CD, DVD, or other media that
contains a complete copy of a computer’s hard drive, as it existed when shipped from the manufacturer
Computer Concepts – Illustrated 8th Edition 28
Talking Points: Prosecuting Computer Crime
Traditional laws do not cover the range of possibilities for computer crimes
Computer crime laws Many countries have laws that specifically
define computer data and software as personal property
Computer Concepts – Illustrated 8th Edition 29
Talking Points: Prosecuting Computer Crime (continued)
Computer crimes include: Data diddling Identity theft Salami shaving Denial of service Information theft Virus distribution Vandalism
Are hackers dangerous cyberterrorists or harmless pranksters?
Computer Concepts – Illustrated 8th Edition 30
Summary
This chapter introduced: Potential threats to computer equipment and
data Ways to protect computer system hardware Authentication How to use software to protect or recover
computer data How to back up data Network and Internet access security Different positions on prosecuting computer
crimeComputer Concepts – Illustrated 8th Edition 30