Abstract image of a woman sitting on books and studying on a laptop

Lecture 5.pptx

Download as PPTX, PDF
D
DuncanWachira3

This document contains objectives and content for a module on digital security, ethics, and privacy. It discusses digital security risks like hackers, crackers, and cybercriminals. Various internet and network attacks are described such as malware, viruses, worms, and denial of service attacks. Techniques for preventing unauthorized computer access and use are covered, including access controls, passwords, passphrases, and biometric authentication methods. The document also outlines how software manufacturers protect against piracy and describes encryption, digital signatures, and digital certificates.

Education
1 of 64
Downloaded 16 times
1
2
3
4
Most read
5
6
7
8
Most read
9
10
Most read
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
DISCOVERING COMPUTERS 2018 Digital Technology, Data, and Devices Module 5 Digital Security, Ethics, and Privacy: Threats, Issues, and Defenses Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-2 Objectives Overview (1 of 2) • Define the term, digital security risks, and briefly describe the types of cybercriminals • Describe various types of Internet and network attacks, and explain ways to safeguard against these attacks • Discuss techniques to prevent unauthorized computer access and use • Explain the ways that software manufacturers protect against software piracy • Discuss how encryption, digital signatures, and digital certificates work
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-3 Objectives Overview (2 of 2) • Identify safeguards against hardware theft, vandalism, and failure • Explain options available for backing up • Identify risks and safeguards associated with wireless communications • Recognize issues related to information accuracy, intellectual property rights, codes of conduct, and green computing • Discuss issues surrounding information privacy
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-4 Digital Security Risks (1 of 3) • A digital security risk is any event or action that could cause a loss of or damage to a computer or mobile device hardware, software, data, information, or processing capability • Any illegal act involving the use of a computer or related devices generally is referred to as a computer crime • A cybercrime is an online or Internet-based illegal act
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-5 Digital Security Risks (2 of 3) Figure 5-1 Computers and mobile devices, along with the data and programs they store, are exposed to several types of digital security risks.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-6 Digital Security Risks (3 of 3) • Hacker • Cracker • Script kiddie • Corporate spies • Unethical employees • Cyberextortionist • Cyberterrorist
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-7 Internet and Network Attacks (1 of 5) • Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises • Malware, short for malicious software, consists of programs that act without a user’s knowledge and deliberately alter the operations of computers and mobile devices
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-8 Internet and Network Attacks (2 of 5) Table 5-1 Common Types of Malware Type Description Adware A program that displays an online advertisement in a banner, pop-up window, or pop- under window on webpages, email messages, or other Internet services. Ransomware A program that blocks or limits access to a computer, phone, or file until the user pays a specified amount of money. Rootkit A program that hides in a computer or mobile device and allows someone from a remote location to take full control of the computer or device. Spyware A program placed on a computer or mobile device without the user’s knowledge that secretly collects information about the user and then communicates the information it collects to some outside source while the user is online. Trojan horse A program that hides within or looks like a legitimate program. Unlike a virus or worm, a trojan horse does not replicate itself to other computers or devices. Virus A potentially damaging program that affects, or infects, a computer or mobile device negatively by altering the way the computer or device works without the user’s knowledge or permission. Worm A program that copies itself repeatedly, for example in memory or on a network, using up resources and possibly shutting down the computer, device, or network.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-9 Internet and Network Attacks (3 of 5) Figure 5-2 This figure shows how a virus can spread via an email message.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-10 Internet and Network Attacks (4 of 5) • A botnet is a group of compromised computers or mobile devices connected to a network – A compromised computer or device is known as a zombie • A denial of service attack (DoS attack) disrupts computer access to an Internet service – Distributed DoS attack (DDoS attack) • A back door is a program or set of instructions in a program that allow users to bypass security controls • Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-11 Internet and Network Attacks (5 of 5) • A firewall is hardware and/or software that protects a network’s resources from intrusion Figure 5-4 A firewall is hardware and/or software that protects a home or business’s network resources from
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-12 Unauthorized Access and Use (1 of 12)
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-13 Unauthorized Access and Use (2 of 12) • Organizations take several measures to help prevent unauthorized access and use – Acceptable use policy – Disable file and printer sharing Figure 5-5 To protect files on your device’s hard drive from hackers and other intruders, turn off file and printer sharing on your device. Source: Microsoft
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-14 Unauthorized Access and Use (3 of 12) • Access controls define who can access a computer, device, or network; when they can access it; and what actions they can take while accessing it • The computer, device, or network should maintain an audit trail that records in a file both successful and unsuccessful access attempts – User name – Password
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-15 Unauthorized Access and Use (4 of 12) Figure 5-6 Many websites that maintain personal and confidential data, such as Citibank’s credit card system, require a user to enter a user name (user ID) and password. Source: Citigroup Inc
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-16 Unauthorized Access and Use (5 of 12) • A passphrase is a private combination of words, often containing mixed capitalization and punctuation, associated with a user name that allows access to certain computer resources • A PIN (personal identification number), sometimes called a passcode, is a numeric password, either assigned by a company or selected by a user+
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-17 Unauthorized Access and Use (6 of 12) • A possessed object is any item that you must possess, or carry with you, in order to gain access to a computer or computer facility • A biometric device authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code stored in a computer or mobile device verifying a physical or behavioral characteristic
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-18 Unauthorized Access and Use (7 of 12) • Fingerprint reader Figure 5-8 A fingerprint reader.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-19 Unauthorized Access and Use (8 of 12) • Face recognition system Figure 5-9 Some ways users unlock screens include entering a passcode, scanning a fingerprint, and swiping a gesture.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-20 Unauthorized Access and Use (9 of 12) • Hand geometry system Figure 5-10 A hand geometry system verifies identity based on the shape and size of a person’s hand. Courtesy of Ingersoll Rand Security Technologies
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-21 Unauthorized Access and Use (10 of 12) • Iris recognition system • Signature verification system • Voice verification system Figure 5-10 A hand geometry system verifies identity based on the shape and size of a person’s hand. Courtesy of Ingersoll Rand Security Technologies
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-22 Unauthorized Access and Use (11 of 12) • Two-step verification uses two separate methods, one after the next, to verify the identity of a user Figure 5-12 This figure shows an example of two-step authentication. Source: Microsoft
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-23 Unauthorized Access and Use (12 of 12) • Digital forensics is the discovery, collection, and analysis of evidence found on computers and networks • Many areas use digital forensics – Law enforcementz – Criminal prosecutors – Military intelligence – Insurance agencies – Information security departments
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-24 Software Theft (1 of 4) • Software theft occurs when someone: – Steals software media – Intentionally erases programs – Illegally registers and/or activates a program – Illegally copies a program
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-25 Software Theft (2 of 4) • Many manufacturers incorporate an activation process into their programs to ensure the software is not installed on more computers than legally licensed • During the product activation, which is conducted either online or by phone, users provide the software product’s identification number to associate the software with the computer or mobile device on which the software is installed
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-26 Software Theft (3 of 4) • A license agreement is the right to use software Typical Conditions of a Single-User License Agreement You can… – Install the software on only one computer or device. (Some license agreements allow users to install the software on a specified number of computers and/or mobile devices) – Make one copy of the software as a backup – Give or sell the software to another individual, but only if the software is removed from the user’s computer first.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-27 Software Theft (4 of 4) You cannot… – Install the software on a network, such as a school computer lab. – Give copies to friends and colleagues, while counting to use the software. – Export the software. – Rent or lease the software. Figure 5-13 A user must accept the terms of a license agreement before using the software.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-28 Information Theft (1 of 4) • Information theft occurs when someone steals personal or confidential information • Encryption is a process of converting data that is readable by humans into encoded characters to prevent unauthorized access
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-29 Information Theft (2 of 4) Figure 5-14 This figure shows an example of public key encryption.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-30 Information Theft (3 of 4) • A digital signature is an encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the message sender – Often used to ensure that an impostor is not participating in an Internet transaction • A digital certificate is a notice that guarantees a user or a website is legitimate • A website that uses encryption techniques to secure its data is known as a secure site
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-31 Information Theft (4 of 4) Figure 5-15 Web addresses of secure sites, such as the Amazon.com checkout, often begin with https instead of http. Browsers also often display a lock symbol in the address bar, which you usually can click to see the associated digital certificate.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-32 Hardware Theft, Vandalism, and Failure (1 of 2) • Hardware theft is the act of stealing digital equipment • Hardware vandalism involves defacing or destroying digital equipment
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-33 Hardware Theft, Vandalism, and Failure (2 of 2) • Hardware Theft and Vandalism Safeguards – Physical access controls (i.e., locked doors and windows) – Alarm system – Physical security devices (i.e., cables and locks) – Devices-tracking app • Hardware Failure Safeguards – Surge protector – Uninterruptible power supply (UPS) – Duplicate components or duplicate computers – Fault-tolerant computer Figure 5-16 Summary of safeguards against hardware theft, vandalism, and failure.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-34 Backing Up – The Ultimate Safeguard (1 of 4) • A backup is a duplicate of a file, program, or media that can be used if the original is lost, damaged, or destroyed – To back up a file means to make a copy of it • Off-site backups are stored in a location separate from the computer or mobile device site
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-35 Backing Up – The Ultimate Safeguard (2 of 4) • Categories of backups: – Full – Differential – Incremental – Selective – Continuous data protection – Cloud • Three-generation backup policy
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-36 Backing Up – The Ultimate Safeguard (3 of 4) Table 5-2 Various Backup Methods Type of Backup Description Advantages Disadvantages Full backup Copies all of the files on media in the computer. Fastest recovery method. All files are saved. Longest backup time. Differential backup Copies only the files that have changed since the last full backup. Fast backup method. Requires minimal storage space to back up. Recovery is time- consuming because the last full backup plus the differential backup are needed. Incremental backup Copies only the files that have changed since the last full or incremental backup. Fastest backup method. Requires minimal storage space to back up. Only most recent changes saved. Recovery is most time-consuming baecause the last full backup and all incremental backups since the last full backup are needed.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-37 Backing Up – The Ultimate Safeguard (4 of 4) Type of Backup Description Advantages Disadvantages Selective backup Users choose which folders and files to include in a backup. Fast backup method. Provides great flexibility. Difficult to manage individual file backups. Least Manageable of all the backup methods. Continuous data protection (CDP) All data is backed up whenever a change is made. The only real-time backup. Very fast recovery of data. Very expensive and requires a great amount of storage. Cloud backup Files are backed up to the cloud as they change. Cloud backup provider maintains backup hardware. Files may be retrieved or restored from anywhere with an Internet connection and app on any device. Requires an Internet connection and app, otherwise files are marked for backup when the computer goes back online.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-38 Wireless Security (1 of 2) Figure 5-18 Wireless access points or routers around campus allow students to access the school network wirelessly from their classrooms, the library, dorms, and other campus locations.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-39 Wireless Security (2 of 2) • Wireless access poses additional security risks • Some perpetrators connect to other’s wireless networks to gain free Internet access or confidential data • Others connect to a network through an unsecured wireless access point (WAP) or combination router/WAP
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-40 Ethics and Society (1 of 6) • Technology ethics are the moral guidelines that govern the use of computers, mobile devices, information systems, and related technologies • Information accuracy is a concern – Not all information on the web is correct
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-41 Ethics and Society (2 of 6) Figure 5-20 This digitally edited photo shows a fruit that looks like an apple on the outside and an orange on the inside.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-42 Ethics and Society (3 of 6) • Intellectual property (IP) refers to unique and original works such as ideas, inventions, art, writings, processes, company and product names, and logos • Intellectual property rights are the rights to which creators are entitled to their work • A copyright protects any tangible form of expression • Digital rights management (DRM) is a strategy designed to prevent illegal distribution of movies, music, and other digital content
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-43 Ethics and Society (4 of 6) • A code of conduct is a written guideline that helps determine whether a specification is ethical/unethical or allowed/not allowed Sample IT Code of Conduct 1. Technology may not be used to harm other people. 2. Employees may not meddle in others’ files 3. Employees may use technology only for purpose in which they have been authorized. 4. Technology may not be used to steal. 5. Technology may not be used to bear false witness.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-44 Ethics and Society (5 of 6) 6. Employees may not copy or use software illegally. 7. Employees may not use others’ technology resource without authorization. 8. Employees may not use others’ intellectual property as their own. 9. Employees shall consider the social impact of programs and systems they design. 10.Employees always should use technology in a way that demonstrates consideration and respect for fellow humans.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-45 Ethics and Society (6 of 6) • Green computing involves reducing the electricity and environmental waste while using computers, mobile devices, and related technologies Figure 5-22 A list of suggestions to make computing healthy for the environment. US Environmental Protection Agency, ENERGY STAR program; Roman Sotola / Shutterstock.com
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-46 Information Privacy (1 of 18) • Information privacy refers to the right of individuals and companies to deny or restrict the collection, use, and dissemination of information about them • Huge databases store data online • Websites often collect data about you, so that they can customize advertisements and send you personalized email messages • Some employers monitor your computer usage and email messages
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-47 Information Privacy (2 of 18) How to Safeguard Personal Information 1. Fill in only necessary information on rebate, warranty, and registration forms. 2. Do not preprint your phone number or Social Security number on personal checks. 3. Have an unlisted or unpublished phone number. 4. If you have Caller ID, nd out how to block your number from displaying on the receiver’s system. 5. Do not write your phone number on charge or credit receipts.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-48 Information Privacy (3 of 18) 6. Ask merchants not to write credit card numbers, phone numbers, Social Security numbers, and driver’s license numbers on the back of your personal checks. 7. Purchase goods with cash, rather than credit or checks. 8. Avoid shopping club and buyer cards.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-49 Information Privacy (4 of 18) 9. View or download a copy of the information associated with your Google, Facebook, Microsoft, or other online accounts you access frequently. Disable search history, location history, and usage information sent to these websites. 10.Inform merchants that you do not want them to distribute your personal information. 11.Request, in writing, to be removed from mailing lists.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-50 Information Privacy (5 of 18) 12.Obtain your credit report once a year from each of the three major credit reporting agencies (Equifax, Experian, and TransUnion) and correct any errors. 13.Request a free copy of your medical records once a year from the Medical Information Bureau. 14. Limit the amount of information you provide to websites. Fill in only required information. 15. Install a cookie manager to filter cookies. 16. Clear your browsing history when you are finished browsing.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-51 Information Privacy (6 of 18) 17. Set up a free email account. Use this email address for merchant forms. 18. Turn off le and printer sharing on your Internet connection. 19. Install a personal firewall. 20. Sign up for email filtering through your ISP or use an anti-spam program. 21. Do not reply to spam for any reason. 22. Surf the web anonymously using private browsing.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-52 Information Privacy (7 of 18) • Information about you can be stored in a database when you: – Fill out a printed or online form – Create a profile on an online social network – Register a product warranty
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-53 Information Privacy (8 of 18) Figure 5-24 Many companies, such as Toys"R"Us shown here, allow users to specify whether they want the company to retain their preferences.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-54 Information Privacy (9 of 18) • A cookie is a small text file that a web server stores on your computer • Websites use cookies for a variety of purposes: – Allow for personalization – Store user names and/or passwords – Assist with online shopping – Track how often users visit a site – Target advertisements
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-55 Information Privacy (10 of 18) Figure 5-25 This figure shows how cookies work.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-56 Information Privacy (11 of 18) • Phishing is a scam in which a perpetrator sends an official looking message that attempts to obtain your personal and/or financial information • With clickjacking, an object that can be tapped or clicked on a website contains a malicious program
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-57 Information Privacy (12 of 18) • Spyware is a program placed on a computer or mobile device without the user’s knowledge that secretly collects information about the user and then communicates the information it collects to some outside source while the user is online • Adware is a program that displays an online advertisement in a banner, a pop-up window, or pop- under window on webpages, email messages, or other Internet services
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-58 Information Privacy (13 of 18) • Social engineering is defined as gaining unauthorized access to or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others • The concern about privacy has led to the enactment of federal and state laws regarding the storage and disclosure of personal data
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-59 Information Privacy (14 of 18) Table 5-3 Major U.S. Government Laws Concerning Privacy Law Purpose Children'sInternet ProtectionAct Protectsminorsfrom inappropriatecontentwhen accessingthe Internet in schools and libraries Children'sOnlinePrivacyProtectionAct (COPPA) Requires websites to protect personal information of children under 13 years of age Computer AbuseAmendments Act Outlaws transmission of harmful computer code, such as viruses Digital Millennium Copyright Act (DMCA) Makes it illegal to circumvent antipiracy schemes in commercial software; outlaws sale of devices that copy software illegally Electronic Communications PrivacyAct (ECPA) Provides the same right of privacy protection of the postal delivery service and phone companies to various forms of electronic communications, such as voice mail, email, and mobile phones
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-60 Information Privacy (15 of 18) Law Purpose Financial ModernizationAct Protectsconsumersfromdisclosureoftheirpersonalfinancial informationandrequin-±institutions to alert customers of information disclosure policies Freedom of InformationAct (F01A) Enables public access to most government records HIPAA(HealthInsurancePortabilityand AccountabilityAct) Protects individualsagainst the wrongful disclosure of their health information PATRIOT(ProvideAppropriateTootsRequired toIntercept andObstructTerrorism) Giveslawenforcementthe right to monitorpeople's activities,including webandemail habits PrivacyAct Forbids federal agencies from allowinginformation to be used for a reason other thanthat for which it was collected
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-61 Information Privacy (16 of 18) • Content filtering is the process of restricting access to certain material – Many businesses use content filtering • Web filtering software restricts access to specified websites
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-62 Information Privacy (17 of 18) Figure 5-26 Web filtering software restricts access to specified websites.
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-63 Information Privacy (18 of 18) • Employee monitoring involves the use of computers, mobile devices, or cameras to observe, record, and review an employee’s use of a technology, including communications such as email messages, keyboard activity (used to measure productivity), and websites visited • Many programs exist that easily allow employers to monitor employees. Further, it is legal for employers to use these programs
Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-64 Summary • Variety of digital security risks • Cybercrime and cybercriminals • Risks and safeguards associated with Internet and network attacks, unauthorized access and use, software theft, information theft, and hardware theft, vandalism, and failure • Various backup strategies and methods of securing wireless communications • Ethical issues in society and various ways to protect the privacy of personal information

More Related Content

PPTX
DC18_M01.pptx
GaneshSegar
 
PPTX
Lecture 1 (1).pptx
DuncanWachira3
 
PPTX
Lecture 3.pptx
DuncanWachira3
 
PDF
Introduction to Microsoft Azure Cloud
Dinesh Kumar Wickramasinghe
 
PPTX
Internet safety
Aleksandra Brmbota
 
PPTX
SANHI AT BUNGA.pptx
ariston borac
 
PPT
Collective nouns
Linda Midy
 
PPTX
Introduction to HTML+CSS+Javascript.pptx
KADAMBARIPUROHIT
 
DC18_M01.pptx
GaneshSegar
 
Lecture 1 (1).pptx
DuncanWachira3
 
Lecture 3.pptx
DuncanWachira3
 
Introduction to Microsoft Azure Cloud
Dinesh Kumar Wickramasinghe
 
Internet safety
Aleksandra Brmbota
 
SANHI AT BUNGA.pptx
ariston borac
 
Collective nouns
Linda Midy
 
Introduction to HTML+CSS+Javascript.pptx
KADAMBARIPUROHIT
 

What's hot (20)

PPTX
Lecture 2.pptx
DuncanWachira3
 
PPTX
Chapter 4 Programs and Apps
xtin101
 
PPTX
Whitman_Ch10.pptx
Siphamandla9
 
PDF
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Knowledge Group
 
PPTX
Cyber security
Aman Pradhan
 
PPTX
protection & security of e-commerce ...
Rishav Gupta
 
PPTX
Email security
Baliram Yadav
 
PPTX
Cyber crime-140128140443-phpapp02 (1)
Anshuman Tripathi
 
PPT
Chapter 2 Presentation
Amy McMullin
 
PPTX
Cryptography
prasham95
 
PPTX
Security in E-commerce
m8817
 
PPT
Introduction To Computer Security
Vibrant Event
 
PPTX
Discovering computers- Chapter 2 (2).pptx
ssuserb72afe
 
PPTX
Whitman_Ch02.pptx
Siphamandla9
 
PPT
8. operations security
7wounders
 
PPTX
Basic concepts in computer security
Arzath Areeff
 
PPTX
Chapter 05 Digital Safety and Security
xtin101
 
PPTX
Whitman_Ch05.pptx
Siphamandla9
 
PDF
Cyber Security
Tushar Nikam
 
PPTX
Chapter 10 Communications and Networks
xtin101
 
Lecture 2.pptx
DuncanWachira3
 
Chapter 4 Programs and Apps
xtin101
 
Whitman_Ch10.pptx
Siphamandla9
 
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Knowledge Group
 
Cyber security
Aman Pradhan
 
protection & security of e-commerce ...
Rishav Gupta
 
Email security
Baliram Yadav
 
Cyber crime-140128140443-phpapp02 (1)
Anshuman Tripathi
 
Chapter 2 Presentation
Amy McMullin
 
Cryptography
prasham95
 
Security in E-commerce
m8817
 
Introduction To Computer Security
Vibrant Event
 
Discovering computers- Chapter 2 (2).pptx
ssuserb72afe
 
Whitman_Ch02.pptx
Siphamandla9
 
8. operations security
7wounders
 
Basic concepts in computer security
Arzath Areeff
 
Chapter 05 Digital Safety and Security
xtin101
 
Whitman_Ch05.pptx
Siphamandla9
 
Cyber Security
Tushar Nikam
 
Chapter 10 Communications and Networks
xtin101
 
Ad

Similar to Lecture 5.pptx (20)

PPTX
Lecture 8- information technology slides
Aiman Niazi
 
PPTX
DC16_Ch05.pptx
MegatRidwanbinMegatA
 
PPTX
Chapter 2 Slide ::The need of security.
sanawarali920
 
PPTX
DC16_Ch05.pptx3u2ed82bd8y32byd823ybd8yb32db823dbb32d
muhammadumairakram16
 
PDF
Ethical Decisions Regarding IT Security and more
NourMaged6
 
PPT
15 digital security issues
ssusere50573
 
PDF
Ch- 03 Malware, Threats and Attacks. viruses
AlinaGulzar
 
PPTX
ITT450 Chapter 1.pptx
AliffDarfriz
 
PPTX
Digital Forensics_Lecture.pptx
khalifaAlMarzooqi3
 
PPTX
DC16_Ch05.pptx
Dyrandz Lantita
 
PPTX
Living-in-IT-Era-Module-1.pptx please read
rheacomilang04
 
DOCX
Chapter 10.0
Adebisi Tolulope
 
PPTX
ch09-update.pptxaaaaaaaaaaaaaaaaaaaaaaaa
kajite8321
 
PPTX
Pp 16-new
Sri Apriyanti Husain
 
PDF
How LoginRadius CIAM Enhances Developer Experience: 5 Key Benefits
Kevin Mathew
 
PDF
Graph Gurus Episode 22: Guarding Against Cyber Security Threats with a Graph ...
Amanda Morris
 
PDF
Your Skill Boost Masterclass Online Safety and Cybersecurity Tips
Excellence Foundation for South Sudan
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
Belayet Hossain
 
PDF
Securing Your Intellectual Property: Preventing Business IP Leaks
Hokme
 
Lecture 8- information technology slides
Aiman Niazi
 
DC16_Ch05.pptx
MegatRidwanbinMegatA
 
Chapter 2 Slide ::The need of security.
sanawarali920
 
DC16_Ch05.pptx3u2ed82bd8y32byd823ybd8yb32db823dbb32d
muhammadumairakram16
 
Ethical Decisions Regarding IT Security and more
NourMaged6
 
15 digital security issues
ssusere50573
 
Ch- 03 Malware, Threats and Attacks. viruses
AlinaGulzar
 
ITT450 Chapter 1.pptx
AliffDarfriz
 
Digital Forensics_Lecture.pptx
khalifaAlMarzooqi3
 
DC16_Ch05.pptx
Dyrandz Lantita
 
Living-in-IT-Era-Module-1.pptx please read
rheacomilang04
 
Chapter 10.0
Adebisi Tolulope
 
ch09-update.pptxaaaaaaaaaaaaaaaaaaaaaaaa
kajite8321
 
Pp 16-new
Sri Apriyanti Husain
 
How LoginRadius CIAM Enhances Developer Experience: 5 Key Benefits
Kevin Mathew
 
Graph Gurus Episode 22: Guarding Against Cyber Security Threats with a Graph ...
Amanda Morris
 
Your Skill Boost Masterclass Online Safety and Cybersecurity Tips
Excellence Foundation for South Sudan
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
Belayet Hossain
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Hokme
 
Ad

More from DuncanWachira3 (11)

PPTX
WIBA.pptx202420242023039393877376366373673
DuncanWachira3
 
PPTX
NHIF ACT.pptx2024202420242024444444444444
DuncanWachira3
 
PPTX
GATT 1.pptx 2024 welll donee 2024 gooood
DuncanWachira3
 
PPTX
class D.pptx202444444444444444444444444444
DuncanWachira3
 
PPTX
THE EU SYSTEM SLIDES.pptx20242024 202420242024
DuncanWachira3
 
PPTX
MERGERS AND ACQUISITIONS (1).pptxeeeeeee
DuncanWachira3
 
PPTX
2. Creation of Agency.pptx3eeeeeeeeeeeee
DuncanWachira3
 
PPTX
Class IV B Land Registrat3eeeeeeeeeeeeeeeeeeeeeeee
DuncanWachira3
 
PPTX
Class VIIa - COMPULSORY ACQUISITION EMINENT DOMAIN.pptx
DuncanWachira3
 
PPTX
Lecture 7.pptx
DuncanWachira3
 
PPTX
computer.pptx
DuncanWachira3
 
WIBA.pptx202420242023039393877376366373673
DuncanWachira3
 
NHIF ACT.pptx2024202420242024444444444444
DuncanWachira3
 
GATT 1.pptx 2024 welll donee 2024 gooood
DuncanWachira3
 
class D.pptx202444444444444444444444444444
DuncanWachira3
 
THE EU SYSTEM SLIDES.pptx20242024 202420242024
DuncanWachira3
 
MERGERS AND ACQUISITIONS (1).pptxeeeeeee
DuncanWachira3
 
2. Creation of Agency.pptx3eeeeeeeeeeeee
DuncanWachira3
 
Class IV B Land Registrat3eeeeeeeeeeeeeeeeeeeeeeee
DuncanWachira3
 
Class VIIa - COMPULSORY ACQUISITION EMINENT DOMAIN.pptx
DuncanWachira3
 
Lecture 7.pptx
DuncanWachira3
 
computer.pptx
DuncanWachira3
 

Recently uploaded (20)

PPTX
Theoretical for class.pptxgshdhddhdhdhgd
MoybonKalif
 
PDF
Fun with Grammar (Communicative Activities for the Azar Grammar Series)
JohanaWulandari2
 
PPT
hemostasis and its significance, physiology
rakshasb
 
PPTX
PLASMA AND ITS CONSTITUENTS 123.pptx
sweet2th18
 
PDF
CAT 2024 VARC One - Shot Revision Marathon by Shabana.pptx.pdf
VaibhavBhardwaj394603
 
PDF
Compact First Student's Book Cambridge Official
TunHng48
 
PPTX
Diploma pharmaceutics notes..helps diploma students
zonuntluangimph
 
PPTX
BSCE 2 NIGHT (CHAPTER 2) just cases.pptx
TristanLimotan
 
PPTX
principlesofmanagementsem1slides-131211060335-phpapp01 (1).ppt
Jeyasunitha
 
PDF
Physical education and sports and CWSN notes
0rajeev14
 
PPTX
Thinking Routines and Learning Engagements.pptx
n646vnqyjz
 
PDF
The TKT Course. Modules 1, 2, 3.for self study
Aydelina Medina
 
PDF
Health aspects of bilberry: A review on its general benefits
Open Access Research Paper
 
PPTX
ACFE CERTIFICATION TRAINING ON LAW.pptx
Godwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
PDF
Nurlina - Urban Planner Portfolio (english ver)
Nurlina Y.
 
PDF
Hospital Case Study .architecture design
Amlan Priyadarshan
 
PDF
anganwadi services for the b.sc nursing and GNM
shaila55
 
PDF
fundamentals-of-heat-and-mass-transfer-6th-edition_incropera.pdf
gloryjsingh
 
PPTX
Climate Change and Its Global Impact.pptx
vaishalidobhal148
 
PDF
African Communication Research: A review
AgathaMashindano1
 
Theoretical for class.pptxgshdhddhdhdhgd
MoybonKalif
 
Fun with Grammar (Communicative Activities for the Azar Grammar Series)
JohanaWulandari2
 
hemostasis and its significance, physiology
rakshasb
 
PLASMA AND ITS CONSTITUENTS 123.pptx
sweet2th18
 
CAT 2024 VARC One - Shot Revision Marathon by Shabana.pptx.pdf
VaibhavBhardwaj394603
 
Compact First Student's Book Cambridge Official
TunHng48
 
Diploma pharmaceutics notes..helps diploma students
zonuntluangimph
 
BSCE 2 NIGHT (CHAPTER 2) just cases.pptx
TristanLimotan
 
principlesofmanagementsem1slides-131211060335-phpapp01 (1).ppt
Jeyasunitha
 
Physical education and sports and CWSN notes
0rajeev14
 
Thinking Routines and Learning Engagements.pptx
n646vnqyjz
 
The TKT Course. Modules 1, 2, 3.for self study
Aydelina Medina
 
Health aspects of bilberry: A review on its general benefits
Open Access Research Paper
 
ACFE CERTIFICATION TRAINING ON LAW.pptx
Godwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
Nurlina - Urban Planner Portfolio (english ver)
Nurlina Y.
 
Hospital Case Study .architecture design
Amlan Priyadarshan
 
anganwadi services for the b.sc nursing and GNM
shaila55
 
fundamentals-of-heat-and-mass-transfer-6th-edition_incropera.pdf
gloryjsingh
 
Climate Change and Its Global Impact.pptx
vaishalidobhal148
 
African Communication Research: A review
AgathaMashindano1
 

Lecture 5.pptx

  • 1. DISCOVERING COMPUTERS 2018 Digital Technology, Data, and Devices Module 5 Digital Security, Ethics, and Privacy: Threats, Issues, and Defenses Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
  • 2. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-2 Objectives Overview (1 of 2) • Define the term, digital security risks, and briefly describe the types of cybercriminals • Describe various types of Internet and network attacks, and explain ways to safeguard against these attacks • Discuss techniques to prevent unauthorized computer access and use • Explain the ways that software manufacturers protect against software piracy • Discuss how encryption, digital signatures, and digital certificates work
  • 3. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-3 Objectives Overview (2 of 2) • Identify safeguards against hardware theft, vandalism, and failure • Explain options available for backing up • Identify risks and safeguards associated with wireless communications • Recognize issues related to information accuracy, intellectual property rights, codes of conduct, and green computing • Discuss issues surrounding information privacy
  • 4. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-4 Digital Security Risks (1 of 3) • A digital security risk is any event or action that could cause a loss of or damage to a computer or mobile device hardware, software, data, information, or processing capability • Any illegal act involving the use of a computer or related devices generally is referred to as a computer crime • A cybercrime is an online or Internet-based illegal act
  • 5. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-5 Digital Security Risks (2 of 3) Figure 5-1 Computers and mobile devices, along with the data and programs they store, are exposed to several types of digital security risks.
  • 6. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-6 Digital Security Risks (3 of 3) • Hacker • Cracker • Script kiddie • Corporate spies • Unethical employees • Cyberextortionist • Cyberterrorist
  • 7. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-7 Internet and Network Attacks (1 of 5) • Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises • Malware, short for malicious software, consists of programs that act without a user’s knowledge and deliberately alter the operations of computers and mobile devices
  • 8. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-8 Internet and Network Attacks (2 of 5) Table 5-1 Common Types of Malware Type Description Adware A program that displays an online advertisement in a banner, pop-up window, or pop- under window on webpages, email messages, or other Internet services. Ransomware A program that blocks or limits access to a computer, phone, or file until the user pays a specified amount of money. Rootkit A program that hides in a computer or mobile device and allows someone from a remote location to take full control of the computer or device. Spyware A program placed on a computer or mobile device without the user’s knowledge that secretly collects information about the user and then communicates the information it collects to some outside source while the user is online. Trojan horse A program that hides within or looks like a legitimate program. Unlike a virus or worm, a trojan horse does not replicate itself to other computers or devices. Virus A potentially damaging program that affects, or infects, a computer or mobile device negatively by altering the way the computer or device works without the user’s knowledge or permission. Worm A program that copies itself repeatedly, for example in memory or on a network, using up resources and possibly shutting down the computer, device, or network.
  • 9. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-9 Internet and Network Attacks (3 of 5) Figure 5-2 This figure shows how a virus can spread via an email message.
  • 10. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-10 Internet and Network Attacks (4 of 5) • A botnet is a group of compromised computers or mobile devices connected to a network – A compromised computer or device is known as a zombie • A denial of service attack (DoS attack) disrupts computer access to an Internet service – Distributed DoS attack (DDoS attack) • A back door is a program or set of instructions in a program that allow users to bypass security controls • Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate
  • 11. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-11 Internet and Network Attacks (5 of 5) • A firewall is hardware and/or software that protects a network’s resources from intrusion Figure 5-4 A firewall is hardware and/or software that protects a home or business’s network resources from
  • 12. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-12 Unauthorized Access and Use (1 of 12)
  • 13. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-13 Unauthorized Access and Use (2 of 12) • Organizations take several measures to help prevent unauthorized access and use – Acceptable use policy – Disable file and printer sharing Figure 5-5 To protect files on your device’s hard drive from hackers and other intruders, turn off file and printer sharing on your device. Source: Microsoft
  • 14. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-14 Unauthorized Access and Use (3 of 12) • Access controls define who can access a computer, device, or network; when they can access it; and what actions they can take while accessing it • The computer, device, or network should maintain an audit trail that records in a file both successful and unsuccessful access attempts – User name – Password
  • 15. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-15 Unauthorized Access and Use (4 of 12) Figure 5-6 Many websites that maintain personal and confidential data, such as Citibank’s credit card system, require a user to enter a user name (user ID) and password. Source: Citigroup Inc
  • 16. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-16 Unauthorized Access and Use (5 of 12) • A passphrase is a private combination of words, often containing mixed capitalization and punctuation, associated with a user name that allows access to certain computer resources • A PIN (personal identification number), sometimes called a passcode, is a numeric password, either assigned by a company or selected by a user+
  • 17. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-17 Unauthorized Access and Use (6 of 12) • A possessed object is any item that you must possess, or carry with you, in order to gain access to a computer or computer facility • A biometric device authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code stored in a computer or mobile device verifying a physical or behavioral characteristic
  • 18. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-18 Unauthorized Access and Use (7 of 12) • Fingerprint reader Figure 5-8 A fingerprint reader.
  • 19. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-19 Unauthorized Access and Use (8 of 12) • Face recognition system Figure 5-9 Some ways users unlock screens include entering a passcode, scanning a fingerprint, and swiping a gesture.
  • 20. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-20 Unauthorized Access and Use (9 of 12) • Hand geometry system Figure 5-10 A hand geometry system verifies identity based on the shape and size of a person’s hand. Courtesy of Ingersoll Rand Security Technologies
  • 21. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-21 Unauthorized Access and Use (10 of 12) • Iris recognition system • Signature verification system • Voice verification system Figure 5-10 A hand geometry system verifies identity based on the shape and size of a person’s hand. Courtesy of Ingersoll Rand Security Technologies
  • 22. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-22 Unauthorized Access and Use (11 of 12) • Two-step verification uses two separate methods, one after the next, to verify the identity of a user Figure 5-12 This figure shows an example of two-step authentication. Source: Microsoft
  • 23. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-23 Unauthorized Access and Use (12 of 12) • Digital forensics is the discovery, collection, and analysis of evidence found on computers and networks • Many areas use digital forensics – Law enforcementz – Criminal prosecutors – Military intelligence – Insurance agencies – Information security departments
  • 24. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-24 Software Theft (1 of 4) • Software theft occurs when someone: – Steals software media – Intentionally erases programs – Illegally registers and/or activates a program – Illegally copies a program
  • 25. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-25 Software Theft (2 of 4) • Many manufacturers incorporate an activation process into their programs to ensure the software is not installed on more computers than legally licensed • During the product activation, which is conducted either online or by phone, users provide the software product’s identification number to associate the software with the computer or mobile device on which the software is installed
  • 26. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-26 Software Theft (3 of 4) • A license agreement is the right to use software Typical Conditions of a Single-User License Agreement You can… – Install the software on only one computer or device. (Some license agreements allow users to install the software on a specified number of computers and/or mobile devices) – Make one copy of the software as a backup – Give or sell the software to another individual, but only if the software is removed from the user’s computer first.
  • 27. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-27 Software Theft (4 of 4) You cannot… – Install the software on a network, such as a school computer lab. – Give copies to friends and colleagues, while counting to use the software. – Export the software. – Rent or lease the software. Figure 5-13 A user must accept the terms of a license agreement before using the software.
  • 28. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-28 Information Theft (1 of 4) • Information theft occurs when someone steals personal or confidential information • Encryption is a process of converting data that is readable by humans into encoded characters to prevent unauthorized access
  • 29. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-29 Information Theft (2 of 4) Figure 5-14 This figure shows an example of public key encryption.
  • 30. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-30 Information Theft (3 of 4) • A digital signature is an encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the message sender – Often used to ensure that an impostor is not participating in an Internet transaction • A digital certificate is a notice that guarantees a user or a website is legitimate • A website that uses encryption techniques to secure its data is known as a secure site
  • 31. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-31 Information Theft (4 of 4) Figure 5-15 Web addresses of secure sites, such as the Amazon.com checkout, often begin with https instead of http. Browsers also often display a lock symbol in the address bar, which you usually can click to see the associated digital certificate.
  • 32. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-32 Hardware Theft, Vandalism, and Failure (1 of 2) • Hardware theft is the act of stealing digital equipment • Hardware vandalism involves defacing or destroying digital equipment
  • 33. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-33 Hardware Theft, Vandalism, and Failure (2 of 2) • Hardware Theft and Vandalism Safeguards – Physical access controls (i.e., locked doors and windows) – Alarm system – Physical security devices (i.e., cables and locks) – Devices-tracking app • Hardware Failure Safeguards – Surge protector – Uninterruptible power supply (UPS) – Duplicate components or duplicate computers – Fault-tolerant computer Figure 5-16 Summary of safeguards against hardware theft, vandalism, and failure.
  • 34. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-34 Backing Up – The Ultimate Safeguard (1 of 4) • A backup is a duplicate of a file, program, or media that can be used if the original is lost, damaged, or destroyed – To back up a file means to make a copy of it • Off-site backups are stored in a location separate from the computer or mobile device site
  • 35. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-35 Backing Up – The Ultimate Safeguard (2 of 4) • Categories of backups: – Full – Differential – Incremental – Selective – Continuous data protection – Cloud • Three-generation backup policy
  • 36. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-36 Backing Up – The Ultimate Safeguard (3 of 4) Table 5-2 Various Backup Methods Type of Backup Description Advantages Disadvantages Full backup Copies all of the files on media in the computer. Fastest recovery method. All files are saved. Longest backup time. Differential backup Copies only the files that have changed since the last full backup. Fast backup method. Requires minimal storage space to back up. Recovery is time- consuming because the last full backup plus the differential backup are needed. Incremental backup Copies only the files that have changed since the last full or incremental backup. Fastest backup method. Requires minimal storage space to back up. Only most recent changes saved. Recovery is most time-consuming baecause the last full backup and all incremental backups since the last full backup are needed.
  • 37. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-37 Backing Up – The Ultimate Safeguard (4 of 4) Type of Backup Description Advantages Disadvantages Selective backup Users choose which folders and files to include in a backup. Fast backup method. Provides great flexibility. Difficult to manage individual file backups. Least Manageable of all the backup methods. Continuous data protection (CDP) All data is backed up whenever a change is made. The only real-time backup. Very fast recovery of data. Very expensive and requires a great amount of storage. Cloud backup Files are backed up to the cloud as they change. Cloud backup provider maintains backup hardware. Files may be retrieved or restored from anywhere with an Internet connection and app on any device. Requires an Internet connection and app, otherwise files are marked for backup when the computer goes back online.
  • 38. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-38 Wireless Security (1 of 2) Figure 5-18 Wireless access points or routers around campus allow students to access the school network wirelessly from their classrooms, the library, dorms, and other campus locations.
  • 39. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-39 Wireless Security (2 of 2) • Wireless access poses additional security risks • Some perpetrators connect to other’s wireless networks to gain free Internet access or confidential data • Others connect to a network through an unsecured wireless access point (WAP) or combination router/WAP
  • 40. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-40 Ethics and Society (1 of 6) • Technology ethics are the moral guidelines that govern the use of computers, mobile devices, information systems, and related technologies • Information accuracy is a concern – Not all information on the web is correct
  • 41. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-41 Ethics and Society (2 of 6) Figure 5-20 This digitally edited photo shows a fruit that looks like an apple on the outside and an orange on the inside.
  • 42. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-42 Ethics and Society (3 of 6) • Intellectual property (IP) refers to unique and original works such as ideas, inventions, art, writings, processes, company and product names, and logos • Intellectual property rights are the rights to which creators are entitled to their work • A copyright protects any tangible form of expression • Digital rights management (DRM) is a strategy designed to prevent illegal distribution of movies, music, and other digital content
  • 43. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-43 Ethics and Society (4 of 6) • A code of conduct is a written guideline that helps determine whether a specification is ethical/unethical or allowed/not allowed Sample IT Code of Conduct 1. Technology may not be used to harm other people. 2. Employees may not meddle in others’ files 3. Employees may use technology only for purpose in which they have been authorized. 4. Technology may not be used to steal. 5. Technology may not be used to bear false witness.
  • 44. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-44 Ethics and Society (5 of 6) 6. Employees may not copy or use software illegally. 7. Employees may not use others’ technology resource without authorization. 8. Employees may not use others’ intellectual property as their own. 9. Employees shall consider the social impact of programs and systems they design. 10.Employees always should use technology in a way that demonstrates consideration and respect for fellow humans.
  • 45. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-45 Ethics and Society (6 of 6) • Green computing involves reducing the electricity and environmental waste while using computers, mobile devices, and related technologies Figure 5-22 A list of suggestions to make computing healthy for the environment. US Environmental Protection Agency, ENERGY STAR program; Roman Sotola / Shutterstock.com
  • 46. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-46 Information Privacy (1 of 18) • Information privacy refers to the right of individuals and companies to deny or restrict the collection, use, and dissemination of information about them • Huge databases store data online • Websites often collect data about you, so that they can customize advertisements and send you personalized email messages • Some employers monitor your computer usage and email messages
  • 47. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-47 Information Privacy (2 of 18) How to Safeguard Personal Information 1. Fill in only necessary information on rebate, warranty, and registration forms. 2. Do not preprint your phone number or Social Security number on personal checks. 3. Have an unlisted or unpublished phone number. 4. If you have Caller ID, nd out how to block your number from displaying on the receiver’s system. 5. Do not write your phone number on charge or credit receipts.
  • 48. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-48 Information Privacy (3 of 18) 6. Ask merchants not to write credit card numbers, phone numbers, Social Security numbers, and driver’s license numbers on the back of your personal checks. 7. Purchase goods with cash, rather than credit or checks. 8. Avoid shopping club and buyer cards.
  • 49. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-49 Information Privacy (4 of 18) 9. View or download a copy of the information associated with your Google, Facebook, Microsoft, or other online accounts you access frequently. Disable search history, location history, and usage information sent to these websites. 10.Inform merchants that you do not want them to distribute your personal information. 11.Request, in writing, to be removed from mailing lists.
  • 50. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-50 Information Privacy (5 of 18) 12.Obtain your credit report once a year from each of the three major credit reporting agencies (Equifax, Experian, and TransUnion) and correct any errors. 13.Request a free copy of your medical records once a year from the Medical Information Bureau. 14. Limit the amount of information you provide to websites. Fill in only required information. 15. Install a cookie manager to filter cookies. 16. Clear your browsing history when you are finished browsing.
  • 51. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-51 Information Privacy (6 of 18) 17. Set up a free email account. Use this email address for merchant forms. 18. Turn off le and printer sharing on your Internet connection. 19. Install a personal firewall. 20. Sign up for email filtering through your ISP or use an anti-spam program. 21. Do not reply to spam for any reason. 22. Surf the web anonymously using private browsing.
  • 52. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-52 Information Privacy (7 of 18) • Information about you can be stored in a database when you: – Fill out a printed or online form – Create a profile on an online social network – Register a product warranty
  • 53. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-53 Information Privacy (8 of 18) Figure 5-24 Many companies, such as Toys"R"Us shown here, allow users to specify whether they want the company to retain their preferences.
  • 54. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-54 Information Privacy (9 of 18) • A cookie is a small text file that a web server stores on your computer • Websites use cookies for a variety of purposes: – Allow for personalization – Store user names and/or passwords – Assist with online shopping – Track how often users visit a site – Target advertisements
  • 55. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-55 Information Privacy (10 of 18) Figure 5-25 This figure shows how cookies work.
  • 56. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-56 Information Privacy (11 of 18) • Phishing is a scam in which a perpetrator sends an official looking message that attempts to obtain your personal and/or financial information • With clickjacking, an object that can be tapped or clicked on a website contains a malicious program
  • 57. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-57 Information Privacy (12 of 18) • Spyware is a program placed on a computer or mobile device without the user’s knowledge that secretly collects information about the user and then communicates the information it collects to some outside source while the user is online • Adware is a program that displays an online advertisement in a banner, a pop-up window, or pop- under window on webpages, email messages, or other Internet services
  • 58. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-58 Information Privacy (13 of 18) • Social engineering is defined as gaining unauthorized access to or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others • The concern about privacy has led to the enactment of federal and state laws regarding the storage and disclosure of personal data
  • 59. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-59 Information Privacy (14 of 18) Table 5-3 Major U.S. Government Laws Concerning Privacy Law Purpose Children'sInternet ProtectionAct Protectsminorsfrom inappropriatecontentwhen accessingthe Internet in schools and libraries Children'sOnlinePrivacyProtectionAct (COPPA) Requires websites to protect personal information of children under 13 years of age Computer AbuseAmendments Act Outlaws transmission of harmful computer code, such as viruses Digital Millennium Copyright Act (DMCA) Makes it illegal to circumvent antipiracy schemes in commercial software; outlaws sale of devices that copy software illegally Electronic Communications PrivacyAct (ECPA) Provides the same right of privacy protection of the postal delivery service and phone companies to various forms of electronic communications, such as voice mail, email, and mobile phones
  • 60. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-60 Information Privacy (15 of 18) Law Purpose Financial ModernizationAct Protectsconsumersfromdisclosureoftheirpersonalfinancial informationandrequin-±institutions to alert customers of information disclosure policies Freedom of InformationAct (F01A) Enables public access to most government records HIPAA(HealthInsurancePortabilityand AccountabilityAct) Protects individualsagainst the wrongful disclosure of their health information PATRIOT(ProvideAppropriateTootsRequired toIntercept andObstructTerrorism) Giveslawenforcementthe right to monitorpeople's activities,including webandemail habits PrivacyAct Forbids federal agencies from allowinginformation to be used for a reason other thanthat for which it was collected
  • 61. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-61 Information Privacy (16 of 18) • Content filtering is the process of restricting access to certain material – Many businesses use content filtering • Web filtering software restricts access to specified websites
  • 62. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-62 Information Privacy (17 of 18) Figure 5-26 Web filtering software restricts access to specified websites.
  • 63. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-63 Information Privacy (18 of 18) • Employee monitoring involves the use of computers, mobile devices, or cameras to observe, record, and review an employee’s use of a technology, including communications such as email messages, keyboard activity (used to measure productivity), and websites visited • Many programs exist that easily allow employers to monitor employees. Further, it is legal for employers to use these programs
  • 64. Copyright © 2018 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. 5-64 Summary • Variety of digital security risks • Cybercrime and cybercriminals • Risks and safeguards associated with Internet and network attacks, unauthorized access and use, software theft, information theft, and hardware theft, vandalism, and failure • Various backup strategies and methods of securing wireless communications • Ethical issues in society and various ways to protect the privacy of personal information