Chapter 6 Network and Internet Security and Privacy
|
|
- Frederick Darren May
- 6 years ago
- Views:
Transcription
1 Chapter 6 Network and Internet Security and Privacy Learning Objectives LO6.1: Explain network and Internet security concerns LO6.2: Identify online threats LO6.3: Describe cyberstalking and other personal safety concerns LO6.4: Assess personal computer security LO6.5: Identify privacy concerns LO6.6: Discuss current network and Internet security legislation CMPTR Chapter 6: Network and Internet Security and Privacy 2 1
2 LO6.1: Understanding Security Concerns Computer crime or cybercrime includes any illegal act involving a computer. Cybercrime is a multibillion-dollar business that is often conducted by seasoned criminals. All computer users should be aware of the security concerns surrounding computer network and Internet use, and they should take appropriate precautions. CMPTR Chapter 6: Network and Internet Security and Privacy 3 LO6.1: Understanding Security Concerns Topics Covered: Unauthorized Access and Unauthorized Use Hacking War Driving and Wi-FI Piggybacking Interception of Communications CMPTR Chapter 6: Network and Internet Security and Privacy 4 2
3 Unauthorized Access and Unauthorized Use Unauthorized access occurs whenever an individual gains access to a computer, network, file, or other resource without permission typically by hacking into the resource. Unauthorized use involves using a computer resource for unauthorized activities. To explain acceptable computer use to their employees, students, or other users, many organizations and educational institutions publish guidelines for behavior, often called codes of conduct. CMPTR Chapter 6: Network and Internet Security and Privacy 5 Hacking Hacking refers to the act of breaking into a computer or network. The increased number of systems controlled by computers and connected to the Internet, along with the continually improving abilities of hackers and the increasing availability of sets of tools that allow hackers to access a system, has led to an increased risk of cyberterrorism where terrorists launch attacks via the Internet. CMPTR Chapter 6: Network and Internet Security and Privacy 6 3
4 War Driving and Wi-Fi Piggybacking War driving typically involves driving in a car with a portable computer looking for unsecured Wi-Fi networks to connect to. Wi-Fi piggybacking refers to accessing someone else s unsecured Wi-Fi network from the hacker s current location CMPTR Chapter 6: Network and Internet Security and Privacy 7 Interception of Communications Instead of accessing data stored on a computer via hacking, some criminals gain unauthorized access to data, files, messages, VoIP calls, and other content as it is being sent over the Internet. A new trend is criminals intercepting credit and debit card information during the card verification process; that is, intercepting the data from a card in real time as a purchase is being authorized. CMPTR Chapter 6: Network and Internet Security and Privacy 8 4
5 LO6.2: Online Threats Topics Covered: Botnets Computer Viruses and Other Types of Malware Denial of Service (DoS) Attacks Data, Program, or Web Site Alteration Online Theft, Online Fraud, and Other Dot Cons Theft of Data, Information, and Other Resources Identity Theft, Phishing, and Pharming Protecting Against Identity Theft Online Auction Fraud and Other Internet Scams CMPTR Chapter 6: Network and Internet Security and Privacy 9 Botnets A computer that is controlled by a hacker or other computer criminal is referred to as a bot or zombie computer. A group of bots that are controlled by one individual and can work together in a coordinated fashion is called a botnet. According to the FBI, an estimated one million U.S. computers are currently part of a botnet. CMPTR Chapter 6: Network and Internet Security and Privacy 10 5
6 Computer Viruses and Other Types of Malware Malware is a generic term that refers to any type of malicious software. Virus:a program installed without the user s knowledge and designed to alter the way a computer operates or to cause harm to the computer system. CMPTR Chapter 6: Network and Internet Security and Privacy 11 Computer Viruses and Other Types of Malware CMPTR Chapter 6: Network and Internet Security and Privacy 12 6
7 Computer Viruses and Other Types of Malware Like a computer virus, a computer worm is a malicious program that is typically designed to cause damage. A Trojan horse is a type of malware that masquerades as something else usually an application program. CMPTR Chapter 6: Network and Internet Security and Privacy 13 Computer Viruses and Other Types of Malware CMPTR Chapter 6: Network and Internet Security and Privacy 14 7
8 Denial of Service (DoS) Attacks A denial of service (DoS) attack is an act of sabotage that attempts to flood a network server or Web server with so many requests for action that it shuts down or simply cannot handle legitimate requests any longer, causing legitimate users to be denied service. CMPTR Chapter 6: Network and Internet Security and Privacy 15 Denial of Service (DoS) Attacks DoS attacks today are often directed toward popular sites and typically are carried out via multiple computers. This is known as a distributed denial of service (DDoS) attack. CMPTR Chapter 6: Network and Internet Security and Privacy 16 8
9 Data, Program, or Web Site Alteration Another type of computer sabotage occurs when a hacker breaches a computer system to delete data, change data, modify programs, or otherwise alter the data and programs located there. Data on Web sites can also be altered by hackers. CMPTR Chapter 6: Network and Internet Security and Privacy 17 Online Theft, Online Fraud, and Other Dot Cons The best protection against many dot cons is protecting your identity that is, protecting any identifying information about you that could be used in fraudulent activities. CMPTR Chapter 6: Network and Internet Security and Privacy 18 9
10 Theft of Data, Information, and Other Resources Data theft or information theft is the theft of data or information located on or being sent from a computer. It can be committed by stealing an actual computer, or it can take place over the Internet or a network by an individual gaining unauthorized access to that data by hacking into the computer or by intercepting the data in transit. CMPTR Chapter 6: Network and Internet Security and Privacy 19 Identity Theft, Phishing, and Pharming Identity theft occurs when someone obtains enough information about a person to be able to masquerade as that person usually to buy products or services in that person s name. CMPTR Chapter 6: Network and Internet Security and Privacy 20 10
11 Identity Theft, Phishing, and Pharming Phishingis the use of a spoofed message to trick the recipient into revealing sensitive personal information, such as credit card numbers. More targeted, personalized phishing schemes are known as spear phishing. Pharming is another type of scam that uses spoofed domain names to obtain personal information for use in fraudulent activities. CMPTR Chapter 6: Network and Internet Security and Privacy 21 Identity Theft, Phishing, and Pharming CMPTR Chapter 6: Network and Internet Security and Privacy 22 11
12 Protecting Against Identity Theft In addition to disclosing personal information only when it is necessary and only via secure Web pages, you should use security software and keep it up to date. To avoid phishing schemes, never click a link in an message to go to a secure Web site always type the URL for that site in your browser. To prevent identity theft, protect your Social Security number and give it out only when necessary. CMPTR Chapter 6: Network and Internet Security and Privacy 23 Protecting Against Identity Theft CMPTR Chapter 6: Network and Internet Security and Privacy 24 12
13 Online Auction Fraud and Other Internet Scams Online auction fraud (sometimes called Internet auction fraud) occurs when an online auction buyer pays for merchandise that is never delivered, or that is delivered but it is not as represented. The best protection against many dot cons is common sense. CMPTR Chapter 6: Network and Internet Security and Privacy 25 LO6.3: Cyberstalking and Other Personal Safety Concerns Topics Covered: Cyberbullying and Cyberstalking Online Pornography Protecting Against Personal Safety Concerns CMPTR Chapter 6: Network and Internet Security and Privacy 26 13
14 Cyberbullying and Cyberstalking Two of the most common ways individuals are harassed online are cyberbullyingand cyberstalking. Although there are as yet no specific federal laws against cyberstalking, all states have made it illegal, and some federal laws do apply if the online actions include computer fraud or another type of computer crime, suggest a threat of personal injury, or involve sending obscene messages. CMPTR Chapter 6: Network and Internet Security and Privacy 27 Online Pornography A variety of controversial and potentially objectionable material is available on the Internet. Although there have been attempts to ban this type of material from the Internet, they have not been successful. Because of the strong link experts believe exists between child pornography and child molestation, many experts are very concerned about the amount of child pornography that can be found and distributed via the Internet. CMPTR Chapter 6: Network and Internet Security and Privacy 28 14
15 Protecting Against Personal Safety Concerns To protect yourself against cyberstalking and other types of online harassment: Use gender-neutral, nonprovocative identifying names. Be careful about the types of photos you post of yourself online and do not reveal personal information to people you meet online. Do not respond to any insults or other harassing comments you may receive online. Consider requesting that your personal information be removed from online directories, especially those associated with your address or other online identifiers. CMPTR Chapter 6: Network and Internet Security and Privacy 29 LO6.4: Personal Computer Security Topics Covered: Hardware Loss and Damage System Failure and Other Disasters Protecting Against Hardware Loss, Hardware Damage, and System Failure Firewalls, Encryption, and Virtual Private Networks (VPNs) CMPTR Chapter 6: Network and Internet Security and Privacy 30 15
16 Hardware Loss and Damage Hardware loss can occur when a personal computer, USB flash drive, mobile device, or other piece of hard-ware is stolen or is lost by the owner. One of the most obvious types of hardware loss is hardware theft, which occurs when hardware is stolen from an individual or from a business, school, or other organization. CMPTR Chapter 6: Network and Internet Security and Privacy 31 System Failure and Other Disasters System failureis the complete malfunction of a computer system. System failure can occur because of a hardware problem, software problem, or computer virus. It can also occur because of a natural disaster, sabotage, or a terrorist attack. CMPTR Chapter 6: Network and Internet Security and Privacy 32 16
17 Protecting Against Hardware Loss, Hardware Damage, and System Failure CMPTR Chapter 6: Network and Internet Security and Privacy 33 Protecting Against Hardware Loss, Hardware Damage, and System Failure Full disk encryption (FDE) provides an easy way to protect the data on an entire computer in case it is lost or stolen. A hard drive that uses FDE, which is often referred to as a selfencrypting hard drive, typically needs a username and password or biometric characteristic before the computer containing the drive will boot. CMPTR Chapter 6: Network and Internet Security and Privacy 34 17
18 Protecting Against Hardware Loss, Hardware Damage, and System Failure Passwordsare secret words or character combinations associated with an individual. Create strong passwords: At least 8 characters long Combination of upper and lowercase letters, numbers, and symbols Do not form words found in the dictionary or that match the username that the password is associated with CMPTR Chapter 6: Network and Internet Security and Privacy 35 Protecting Against Hardware Loss, Hardware Damage, and System Failure Proper care of hardware can help prevent serious damage to a computer system: Protective cases Ruggedized devices CMPTR Chapter 6: Network and Internet Security and Privacy 36 18
19 Protecting Against Hardware Loss, Hardware Damage, and System Failure To protect hardware from damage due to power fluctuations, everyone should use a surge suppressor with a computer whenever it is plugged into a power outlet. Users who want their desktop computers to remain powered up when the electricity goes off should use an uninterruptible power supply (UPS). CMPTR Chapter 6: Network and Internet Security and Privacy 37 Protecting Against Hardware Loss, Hardware Damage, and System Failure CMPTR Chapter 6: Network and Internet Security and Privacy 38 19
20 Firewalls, Encryption, and Virtual Private Networks (VPNs) A firewall is a security system that essentially creates a barrier between a computer or network and the Internet in order to protect against unauthorized access. Encryptionis a method of scrambling the contents of an message or a file to make it unreadable if an unauthorized user intercepts it. Secure Web pagesuse encryption to protect information transmitted via that Web page. CMPTR Chapter 6: Network and Internet Security and Privacy 39 Firewalls, Encryption, and Virtual Private Networks (VPNs) Private key encryptionuses a single secret private key to both encrypt and decrypt a file or message being sent over the Internet. Public key encryption, also called asymmetric key encryption, utilizes two encryption keys to encrypt and decrypt documents. While and file encryption can be used to transfer individual messages and files securely over the Internet, a virtual private network (VPN) is designed to be used when a continuous secure channel over the Internet is needed. CMPTR Chapter 6: Network and Internet Security and Privacy 40 20
21 Firewalls, Encryption, and Virtual Private Networks (VPNs) CMPTR Chapter 6: Network and Internet Security and Privacy 41 LO6.5: Understanding Privacy Concerns Privacyis usually defined as the state of being concealed or free from unauthorized intrusion. The term information privacy refers to the rights of individuals and companies to control how information about them is collected and used. Topics Covered: Databases, Electronic Profiling, Spam, and Other Marketing Activities Protecting the Privacy of Personal Information Electronic Surveillance and Monitoring Protecting Personal and Workplace Privacy CMPTR Chapter 6: Network and Internet Security and Privacy 42 21
22 Databases, Electronic Profiling, Spam, and Other Marketing Activities Marketing databases contain marketing and demographic data about people, such as where they live and what products they buy. Information about individuals is also available in government databases. Collecting in-depth information about an individual is known as electronic profiling. CMPTR Chapter 6: Network and Internet Security and Privacy 43 Databases, Electronic Profiling, Spam, and Other Marketing Activities CMPTR Chapter 6: Network and Internet Security and Privacy 44 22
23 Databases, Electronic Profiling, Spam, and Other Marketing Activities Most businesses and Web sites that collect personal information have a privacy policy that discloses how the personal information you provide will be used. CMPTR Chapter 6: Network and Internet Security and Privacy 45 Databases, Electronic Profiling, Spam, and Other Marketing Activities Spam refers to unsolicited sent to a large group of individuals at one time. CMPTR Chapter 6: Network and Internet Security and Privacy 46 23
24 Protecting the Privacy of Personal Information For online shopping, signing up for free offers, message boards, product registration, and other activities that typically lead to junk , use a disposable or throw-away address (a second address obtained from your ISP or a free address from Windows Live Hotmail or Google s Gmail). CMPTR Chapter 6: Network and Internet Security and Privacy 47 Protecting the Privacy of Personal Information CMPTR Chapter 6: Network and Internet Security and Privacy 48 24
25 Electronic Surveillance and Monitoring Computer monitoring software: records keystrokes, log the programs or Web sites accessed, or otherwise monitors someone s computer activity. Video surveillance: the use of video cameras to monitor activities of individuals for work-related or crime-preventions purposes. Employee monitoring: recording or observing the actions of employees while on the job. Presence technology: enables one computing device to locate and identify the current status of another device on the same network. CMPTR Chapter 6: Network and Internet Security and Privacy 49 Protecting Personal and Workplace Privacy There are not many options for protecting yourself against computer monitoring by your employer or the government, or against video surveillance systems. Businesses should take the necessary security measures to ensure that employee activities are not being monitored by a hacker or other unauthorized individual. CMPTR Chapter 6: Network and Internet Security and Privacy 50 25
26 LO6.6: Network and Internet Security Legislation It s difficult for the legal system to keep pace with the rate at which technology changes. The high level of concern regarding computer security and personal privacy has led state and federal legislators to pass a variety of laws since the 1970s. CMPTR Chapter 6: Network and Internet Security and Privacy 51 LO6.6: Network and Internet Security Legislation CMPTR Chapter 6: Network and Internet Security and Privacy 52 26
Chapter 4 Network and Internet Security
Understanding Computers in a Changing Society, 3 rd Edition Chapter 4 Network and Internet Security Learning Objectives Explain why computer users should be concerned about network and Internet security.
More informationChapter 9 Security and Privacy
Chapter 9 Security and Privacy permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Overview This chapter covers: Security
More informationCHAPTER 8 SECURING INFORMATION SYSTEMS
CHAPTER 8 SECURING INFORMATION SYSTEMS BY: S. SABRAZ NAWAZ SENIOR LECTURER IN MANAGEMENT & IT SEUSL Learning Objectives Why are information systems vulnerable to destruction, error, and abuse? What is
More informationDiscovering Computers Living in a Digital World
Discovering Computers 2010 Living in a Digital World Objectives Overview Define the term, computer security risks, and briefly describe the types of cybercrime perpetrators Describe various types of Internet
More informationChapter 10: Security and Ethical Challenges of E-Business
Chapter 10: Security and Ethical Challenges of E-Business Learning Objectives Identify several ethical issues in IT that affect employment, individuality, working condition, privacy, crime health etc.
More informationSecuring Information Systems
Chapter 7 Securing Information Systems 7.1 2007 by Prentice Hall STUDENT OBJECTIVES Analyze why information systems need special protection from destruction, error, and abuse. Assess the business value
More informationOnline Threats. This include human using them!
Online Threats There are many dangers from using the web (and computer in general). One should watch out for malware, automated programs designed to cause harm to you, your data, and your system. You are
More informationSecuring Information Systems
Introduction to Information Management IIM, NCKU System Vulnerability and Abuse (1/6) Securing Information Systems Based on Chapter 8 of Laudon and Laudon (2010). Management Information Systems: Managing
More informationSecuring Information Systems
Chapter 7 Securing Information Systems 7.1 Copyright 2011 Pearson Education, Inc. STUDENT LEARNING OBJECTIVES Why are information systems vulnerable to destruction, error, and abuse? What is the business
More informationIS Today: Managing in a Digital World 9/17/12
IS Today: Managing in a Digital World Chapter 10 Securing Information Systems Worldwide losses due to software piracy in 2005 exceeded $34 billion. Business Software Alliance, 2006 Accessories for war
More informationCleveland State University General Policy for University Information and Technology Resources
Cleveland State University General Policy for University Information and Technology Resources 08/13/2007 1 Introduction As an institution of higher learning, Cleveland State University both uses information
More informationELECTRONIC BANKING & ONLINE AUTHENTICATION
ELECTRONIC BANKING & ONLINE AUTHENTICATION How Internet fraudsters are trying to trick you What you can do to stop them How multi-factor authentication and other new techniques can help HELPING YOU STAY
More informationPersonal Cybersecurity
Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions
More informationSecuring Information Systems
Chapter 8 Securing Information Systems 8.1 2010 by Pearson LEARNING OBJECTIVES Explain why information systems are vulnerable to destruction, error, and abuse. Assess the business value of security and
More informationINTERNET SAFETY IS IMPORTANT
INTERNET SAFETY IS IMPORTANT Internet safety is not just the ability to avoid dangerous websites, scams, or hacking. It s the idea that knowledge of how the internet works is just as important as being
More informationAcceptable Use Policy
Acceptable Use Policy. August 2016 1. Overview Kalamazoo College provides and maintains information technology resources to support its academic programs and administrative operations. This Acceptable
More informationBEST PRACTICES FOR PERSONAL Security
BEST PRACTICES FOR PERSONAL Email Security Sometimes it feels that the world of email and internet communication is fraught with dangers: malware, viruses, cyber attacks and so on. There are some simple
More informationEmployee Security Awareness Training
Employee Security Awareness Training September 2016 Purpose Employees have access to sensitive data through the work they perform for York. Examples of sensitive data include social security numbers, medical
More informationIntroduction to Information Security Dr. Rick Jerz
Introduction to Information Security Dr. Rick Jerz 1 Goals Explain the various types of threats to the security of information Discuss the different categorizations of security technologies and solutions
More informationECDL / ICDL IT Security. Syllabus Version 2.0
ECDL / ICDL IT Security Syllabus Version 2.0 Module Goals Purpose This document details the syllabus for the IT Security module. The syllabus describes, through learning outcomes, the knowledge and skills
More informationSECURE USE OF IT Syllabus Version 2.0
ICDL MODULE SECURE USE OF IT Syllabus Version 2.0 Purpose This document details the syllabus for the Secure Use of IT module. The syllabus describes, through learning outcomes, the knowledge and skills
More informationThe Tension. Security vs. ease of use: the more security measures added, the more difficult a site is to use, and the slower it becomes
s10 Security 1 The Tension Security vs. ease of use: the more security measures added, the more difficult a site is to use, and the slower it becomes Security vs. desire of individuals to act anonymously
More informationIT ACCEPTABLE USE POLICY
CIO Signature Approval & Date: IT ACCEPTABLE USE POLICY 1.0 PURPOSE The purpose of this policy is to define the acceptable and appropriate use of ModusLink s computing resources. This policy exists to
More information716 West Ave Austin, TX USA
Fundamentals of Computer and Internet Fraud GLOBAL Headquarters the gregor building 716 West Ave Austin, TX 78701-2727 USA TABLE OF CONTENTS I. INTRODUCTION What Is Computer Crime?... 2 Computer Fraud
More informationCyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)
Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,
More informationChapter 12. Information Security Management
Chapter 12 Information Security Management We Have to Design It for Privacy... and Security. Tension between Maggie and Ajit regarding terminology to use with Dr. Flores. Overly technical communication
More informationOnline Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts
A Guide to Protecting Your Identity and Accounts As part of SunTrust s commitment to protecting your accounts and identity, we ve created the Online Fraud & Identity Theft Guide, which provides information
More informationJacksonville State University Acceptable Use Policy 1. Overview 2. Purpose 3. Scope
Jacksonville State University Acceptable Use Policy 1. Overview Information Technology s (IT) intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to Jacksonville
More informationState of New Mexico Public School Facilities Authority Information Technology (IT) Acceptable Use Policy
State of New Mexico Public School Facilities Authority Information Technology (IT) Acceptable Use Policy Public School Facilities Authority, IT Acceptable Use Policy 1 State of NM Public School Facilities
More informationIdentity Theft, Fraud & You. PrePare. Protect. Prevent.
PrePare. Protect. Prevent. Identity Theft, Fraud & You Fraud and identity theft incidents claimed fewer victims in 2010 than in previous years. But don t get too comfortable. Average out-of-pocket consumer
More informationII.C.4. Policy: Southeastern Technical College Computer Use
II.C.4. Policy: Southeastern Technical College Computer Use 1.0 Overview Due to the technological revolution in the workplace, businesses such as Southeastern Technical College (STC) have turned to computer
More informationSecurity Awareness. Presented by OSU Institute of Technology
Security Awareness Presented by OSU Institute of Technology Information Technologies Division Security Awareness Topics Social Engineering Phishing Social Networks Displaying Sensitive Information Wireless
More informationSecuring Information Systems
Securing Information Systems System Vulnerability and Abuse Security: Policies, procedures and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information
More informationUnit 2 Essentials of cyber security
2016 Suite Cambridge TECHNICALS LEVEL 2 IT Unit 2 Essentials of cyber security A/615/1352 Guided learning hours: 30 Version 1 September 2016 ocr.org.uk/it LEVEL 2 UNIT 2: Essentials of cyber security A/615/1352
More information3.5 SECURITY. How can you reduce the risk of getting a virus?
3.5 SECURITY 3.5.4 MALWARE WHAT IS MALWARE? Malware, short for malicious software, is any software used to disrupt the computer s operation, gather sensitive information without your knowledge, or gain
More informationWho We Are! Natalie Timpone
Who We Are! Natalie Timpone Manager of Security Business Management Office Enterprise Security Awareness Manager Carmelo Walsh Security, Risk, and Compliance Security Awareness Subject Matter Expert Who
More informationAcceptable Use Policy
Acceptable Use Policy 1. Overview ONS IT s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to ONS established culture of openness, trust and integrity.
More informationAcceptable Use Policy
Acceptable Use Policy 1. Overview The Information Technology (IT) department s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to Quincy College s established
More informationManaging IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services
Managing IT Risk: What Now and What to Look For Presented By Tina Bode IT Assurance Services Agenda 1 2 WHAT TOP TEN IT SECURITY RISKS YOU CAN DO 3 QUESTIONS 2 IT S ALL CONNECTED Introduction All of our
More informationCertified Cyber Security Analyst VS-1160
VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The
More informationSample BYOD Policy. Copyright 2015, PWW Media, Inc. All Rights Reserved. Duplication, Reproduction or Distribution by Any Means Prohibited.
Sample BYOD Policy Copyright 2015, PWW Media, Inc. All Rights Reserved. Duplication, Reproduction or Distribution by Any Means Prohibited. SAMPLE BRING YOUR OWN DEVICE POLICY TERMS OF USE This Sample Bring
More informationCyber Security Practice Questions. Varying Difficulty
Cyber Security Practice Questions Varying Difficulty 1 : This is a class of programs that searches your hard drive and floppy disks for any known or potential viruses. A. intrusion detection B. security
More informationData Communication. Chapter # 5: Networking Threats. By: William Stalling
Data Communication Chapter # 5: By: Networking Threats William Stalling Risk of Network Intrusion Whether wired or wireless, computer networks are quickly becoming essential to everyday activities. Individuals
More information4 Information Security
4 Information Security 1. Identify the five factors that contribute to the increasing vulnerability of information resources, and provide a specific example of each one. 2. Compare and contrast human mistakes
More informationAcceptable Use Policy
Acceptable Use Policy 1. Purpose The purpose of this policy is to outline the acceptable use of computer equipment at Robotech CAD Solutions. These rules are in place to protect the employee and Robotech
More informationManagement of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model
Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model Abhijit Vitthal Sathe Modern Institute of Business Management, Shivajinagar, Pune 411 005 abhijit_sathe@hotmail.com
More informationAccounting Information Systems
Accounting Information Systems Fourteenth Edition Chapter 6 Computer Fraud and Abuse Techniques ALW AYS LEARNING Learning Objectives Compare and contrast computer attack and abuse tactics. Explain how
More informationReview Ch. 3 Connecting to the World s Information. 2010, 2006 South-Western, Cengage Learning
Review Ch. 3 Connecting to the World s Information 2010, 2006 South-Western, Cengage Learning Networks Two linked computers is a network A network of computers located within a short distance is called
More informationCommunication and Usage of Internet and Policy
Communication and Usage of Internet and Email Policy Policy Category Administration Policy Code ADM HE 27 Policy owner Chief Executive Officer Responsible Officer Chief Executive Officer Approving authority
More informationOnline Security and Safety Protect Your Computer - and Yourself!
Online Security and Safety Protect Your Computer - and Yourself! www.scscu.com Fraud comes in many shapes and sizes, but the outcome is simple: the loss of both money and time. That s why protecting your
More informationSecuring Information Systems Barbarians at the Gateway
Securing Information Systems Barbarians at the Gateway Learning Objectives Security breaches are on the rise Understand the potentially damaging impact of security breaches Security must be made a top
More informationQuick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page
Workshop #7 Email Security Previous workshops 1. Introduction 2. Smart phones & Tablets 3. All about WatsApp 4. More on WatsApp 5. Surfing the Internet 6. Emailing Quick recap on Emailing Email Security
More informationRed Flag Regulations
Red Flag Regulations Identity Theft Put In Context Overview of Topics Red Flag Regulations Overview How UM Protects Information What is the Student Workers role in identity theft prevention? What s this
More informationQuestion 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1:
Cybercrime Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1: Organizations can prevent cybercrime from occurring through the proper use of personnel, resources,
More informationA practical guide to IT security
Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or
More informationSUMMARIES OF INTERACTIVE MULTIMEDIA
SUMMARIES OF INTERACTIVE MULTIMEDIA GRADE 10-12 INTERNET TECHNOLOGIES 1. Introduction to Electronic Communications Use this lesson to: Understand the differences between the various e-communications modes
More informationLesson-1 Computer Security
Threats to computer Security: What do they mean by a threat? Lesson-1 Computer Security A threat, in the context of computer security, refers to anything that has the potential to cause serious harm to
More informationMorley Chapter 04: Network and Internet Security
Morley Chapter 04: Network and Internet Security 36. Computer crime is sometimes referred to as. a. hacking b. cybercrime c. cyberstalking d. spoofing 37. To explain acceptable computer use to their employees,
More informationPROTECTING YOUR BUSINESS ASSETS
PROTECTING YOUR BUSINESS ASSETS How to Spot Danger Before Your Computer Gets Infected, Your Site Hosts Malware, and Your Credit Card Number Gets Stolen A MyNAMS Presentation by Regina Smola @2012 Regina
More informationDONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY
DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY Published By: Fusion Factor Corporation 2647 Gateway Road Ste 105-303 Carlsbad, CA 92009 USA 1.0 Overview Fusion Factor s intentions for publishing an
More informationPCI Compliance. What is it? Who uses it? Why is it important?
PCI Compliance What is it? Who uses it? Why is it important? Definitions: PCI- Payment Card Industry DSS-Data Security Standard Merchants Anyone who takes a credit card payment 3 rd party processors companies
More informationcommtech Online Holiday Shopping Tips A Guide Presented by: CommTech Industries
Online Holiday Shopping Tips A Guide Presented by: CommTech Industries Holiday season is already upon us and that means high traffic for online shopping and higher risk for internet scams. The scammers
More informationOverview. Handling Security Incidents. Attack Terms and Concepts. Types of Attacks
Overview Handling Security Incidents Chapter 7 Lecturer: Pei-yih Ting Attacks Security Incidents Handling Security Incidents Incident management Methods and Tools Maintaining Incident Preparedness Standard
More informationCHAPTER 3. Information Systems: Ethics, Privacy, and Security
CHAPTER 3 Information Systems: Ethics, Privacy, and Security CHAPTER OUTLINE 3.1 Ethical Issues 3.2 Threats to Information Security 3.3 Protecting Information Resources LEARNING OBJECTIVES n Describe the
More informationComputer Security. Assoc. Prof. Pannipa Phaiboonnimit. Adapted for English Section by Kittipitch Kuptavanich and Prakarn Unachak
Computer Security Assoc. Prof. Pannipa Phaiboonnimit 1 Adapted for English Section by Kittipitch Kuptavanich and Prakarn Unachak Classification of Threats Computer Attack Intend to damage files, computers
More informationWeb Cash Fraud Prevention Best Practices
Web Cash Fraud Prevention Best Practices Tips on what you can do to prevent Online fraud. This document provides best practices to avoid or reduce exposure to fraud. You can use it to educate your Web
More informationHow to Build a Culture of Security
How to Build a Culture of Security March 2016 Table of Contents You are the target... 3 Social Engineering & Phishing and Spear-Phishing... 4 Browsing the Internet & Social Networking... 5 Bringing Your
More informationWHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN?
WHAT IS CORPORATE ACCOUNT TAKEOVER? Corporate Account Takeover (also referred to as CATO) is a type of fraud where criminals gain access to a business financial accounts to make unauthorized transactions.
More informationCOMMON WAYS IDENTITY THEFT CAN HAPPEN:
COMMON WAYS IDENTITY THEFT CAN HAPPEN: OLD FASHIONED STEALING / DUMPSTER DIVING Thieves typically steal wallets and purses. They also steal mail such as credit card and bank statements, pre-approved credit
More informationTERMS OF USE Terms You Your CMT Underlying Agreement CMT Network Subscribers Services Workforce User Authorization to Access and Use Services.
TERMS OF USE A. PLEASE READ THESE TERMS CAREFULLY. YOUR ACCESS TO AND USE OF THE SERVICES ARE SUBJECT TO THESE TERMS. IF YOU DISAGREE OR CANNOT FULLY COMPLY WITH THESE TERMS, DO NOT ATTEMPT TO ACCESS AND/OR
More informationMULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question.
CS Chapter 7 Study Guide _ MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question. 1) Throughput, the actual speed of data transfer that is achieved in a
More informationWhy you MUST protect your customer data
Why you MUST protect your customer data If you think you re exempt from compliance with customer data security and privacy laws because you re a small business, think again. Businesses of all sizes are
More informationChapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.
Name Date Chapter 10: Security After completion of this chapter, students should be able to: Explain why security is important and describe security threats. Explain social engineering, data wiping, hard
More informationBest Practices Guide to Electronic Banking
Best Practices Guide to Electronic Banking City Bank & Trust Company offers a variety of services to our customers. As these services have evolved over time, a much higher percentage of customers have
More informationName of Policy: Computer Use Policy
Page: Page 1 of 5 Director Approved By: Approval Date: Reason(s) for Change Responsible: Corporate Services Leadership April 22, Reflect current technology and practice Corporate Services Leadership Leadership
More informationTechnology in Action
Technology in Action Chapter 7 Networking and Security: Connecting Computers and Keeping Them Safe from Hackers and Viruses 1 Peer-to-Peer Networks Nodes communicate with each other Peers Share peripheral
More informationGod is in the Small Stuff and it all matters. .In the Small Stuff. Security and Ethical Challenges. Introduction to Information Systems Chapter 11
Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise 1 Eleventh Edition 2 Chapter Objectives C h a p t e r 11 Eleventh Edition James A. O Brien Identify several ethical
More informationSecuring Information Systems
Securing Information Systems You re on LinkedIn? Watch Out! Problem: Massive data breach; using old security practices Solution: Initiative to use minimal up-to-date industry practices, for example, salting
More informationProtecting Your Business From Hackers
Protecting Your Business From Hackers Technology Has Changed Real Estate Today, consumers have access to vast troves of information that enable them to make decisions faster than ever before Real estate
More informationProtect Yourself From. Identify Theft
Protect Yourself From Identify Theft What is Identity Theft? Identity theft occurs when someone uses another person identifying information without their permission in order to access resources, obtain
More informationHIPAA Privacy & Security Training. Privacy and Security of Protected Health Information
HIPAA Privacy & Security Training Privacy and Security of Protected Health Information Course Competencies: This training module addresses the essential elements of maintaining the HIPAA Privacy and Security
More information13. Acceptable Use Policy
13. Acceptable Use Policy Purpose Indian River State College s intention for publishing an Acceptable Use Policy is to outline the acceptable use of computer equipment and services at Indian River State
More informationSafety and Security. April 2015
Safety and Security April 2015 Protecting your smartphone and your data 2 Set a passcode on your smartphone For some smartphone models: 1. Go to Settings. 2. Tap ID & Passcode. 3. Set a 4-digit passcode.
More informationEthics and Information Security. 10 주차 - 경영정보론 Spring 2014
Ethics and Information Security 10 주차 - 경영정보론 Spring 2014 Ethical issue in using ICT? Learning Outcomes E-policies in an organization relationships and differences between hackers and viruses relationship
More informationWhitepaper on AuthShield Two Factor Authentication with SAP
Whitepaper on AuthShield Two Factor Authentication with SAP By AuthShield Labs Pvt. Ltd Table of Contents Table of Contents...2 1.Overview...4 2. Threats to account passwords...5 2.1 Social Engineering
More informationInformation Privacy and Security Training 2016 for Instructors and Students. Authored by: Office of HIPAA Administration
Information Privacy and Security Training 2016 for Instructors and Students Authored by: Office of HIPAA Administration Objectives After you finish this Computer-Based Learning (CBL) module, you should
More informationIntroduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright Chapter 12 1
Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright 2005 Chapter 12 1 IT Ethics, Impacts, and Security Chapter 12 2 Chapter Outline Ethical Issues Impact
More informationHIPAA UPDATE. Michael L. Brody, DPM
HIPAA UPDATE Michael L. Brody, DPM Objectives: How to respond to a patient s request for a copy of their records. Understand your responsibilities after you send information out to another doctor, hospital
More informationSecuring Information Systems
Securing Information Systems You re on LinkedIn? Watch Out! Problem: Massive data breach; using old security practices Solution: Initiative to use minimal up-to-date industry practices, for example, salting
More informationCISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks
CISNTWK-440 Intro to Network Security Chapter 4 Network Vulnerabilities and Attacks Objectives Explain the types of network vulnerabilities List categories of network attacks Define different methods of
More informationDiscussion Ppt To work on completing questions you need your book and exercise copies
8.1 Physical Safety 8.2 e-safety Draw attention to: Book Chapter 8 Page 205 Three subtopics Handout Questions Three subtopics Class PowerPoint Three subtopics Discussion Ppt To work on completing questions
More informationInformation Privacy and Security Training Authored by: Office of HIPAA Administration
Information Privacy and Security Training 2018 Authored by: Office of HIPAA Administration Objectives After you finish this Computer-Based Learning (CBL) module, you should be able to: Define privacy practices
More informationSecurity Awareness Company Policies and Processes. For Biscuitville, Inc. with operations in North Carolina and Virginia
Security Awareness Company Policies and Processes For Biscuitville, Inc. with operations in North Carolina and Virginia Issued on 11/22/2013 Updated on 06/17/2015 Table of Contents 1 COMPANY POLICIES AND
More informationA Review Paper on Network Security Attacks and Defences
EUROPEAN ACADEMIC RESEARCH Vol. IV, Issue 12/ March 2017 ISSN 2286-4822 www.euacademic.org Impact Factor: 3.4546 (UIF) DRJI Value: 5.9 (B+) A Review Paper on Network Security Attacks and ALLYSA ASHLEY
More informationUNIQUE IAS ACADEMY-COMPUTER QUIZ-15
1. Which menu should you access if you need to edit header or footer of a document: a) Insert b) Edit c) View 2. Watermark is available on: a) Insert b) Page Layout c) Format 3. Background color or picture
More informationTechnology in Action 12/11/2014. Cybercrime and Identity Theft (cont.) Cybercrime and Identity Theft (cont.) Chapter Topics
Technology in Action Alan Evans Kendall Martin Mary Anne Poatsy Eleventh Edition Technology in Action Chapter 9 Securing Your System: Protecting Your Digital Data and Devices Copyright 2015 Pearson Education,
More informationFAQ: Privacy, Security, and Data Protection at Libraries
FAQ: Privacy, Security, and Data Protection at Libraries This FAQ was developed out of workshops and meetings connected to the Digital Privacy and Data Literacy Project (DPDL) and Brooklyn Public Library
More informationFAQ. Usually appear to be sent from official address
FAQ 1. What is Phishing Email? A form of fraud by which an attacker masquerades as a reputable entity in order to obtain your personal information. Usually appear to be sent from official email address
More informationSecurity and Privacy. Xin Liu Computer Science University of California, Davis. Introduction 1-1
Security and Privacy Xin Liu Computer Science University of California, Davis Introduction 1-1 What is network security? Confidentiality: only sender, intended receiver should understand message contents
More informationMain area: Security Additional areas: Digital Access, Information Literacy, Privacy and Reputation
Public Wi Fi Created: March 2016 Last Updated: July 2018 Estimated time: Group or individual activity: Ages: 60 minutes [10 minutes] Activity #1 [15 minutes] Activity #2 [10 minutes] Activity #3 [10 minutes]
More information