Topics

Download Report

Transcript Topics 

2
Paradigm Publishing, Inc.
Computer Concepts
Topics
3
7.1
Unauthorized Access and Unauthorized Use of Computer Resources
7.2
Botnets and Denial of Service Attacks
7.3
Malware Infections
7.4
Phishing, Pharming, and Clickjacking Threats
7.5
Information Privacy
7.6
Mobile Device Security
Chapter Summary
Paradigm Publishing, Inc.
Computer Concepts
Topics
4
7.1 Unauthorized Access and Unauthorized
Use of Computer Resources
 Connecting to a network at home,
at work, or at school has many
advantages that include sharing
access to the Internet and its
resources, storage, and software
 These advantages do not come
without risk
 network attacks at business and
government organizations occur often
Paradigm Publishing, Inc.
Computer Concepts
Topics
5
7.1 Unauthorized Access and Unauthorized
Use of Computer Resources…continued
 Unauthorized access: using a computer, network, or other
resource without permission
 Hacker: an individual who accesses a network without
permission
 hacking: activities involved in gaining unauthorized entry into a
network’s resources
 white hats: hackers with good intentions that attempt to pinpoint
weaknesses in network security
 black hats: hackers who gain unauthorized access with malicious
intent to steal data or for other personal gain
Paradigm Publishing, Inc.
Computer Concepts
Topics
6
7.1 Unauthorized Access and Unauthorized
Use of Computer Resources…continued
 War driving: an individual with a
portable computing device who
drives around trying to connect to
someone else’s unsecured wireless
network
 Piggybacking: connecting to
someone else’s wireless network
without the network owner’s intent
or consent to provide access
Paradigm Publishing, Inc.
Computer Concepts
Topics
7
7.1 Unauthorized Access and Unauthorized
Use of Computer Resources…continued
 Unauthorized use: using a computer, network, or other
resource for purposes other than the intended uses
 Unauthorized use can occur when an employee uses the
employer’s computer for activities such as:
 personal emails
 personal printing
 personal online shopping
Paradigm Publishing, Inc.
Computer Concepts
Topics
8
7.1 Unauthorized Access and Unauthorized
Use of Computer Resources…continued
 Strong password: a password that is difficult to hack by
humans or password detection software programs
 A strong password meets the following criteria:
 is a minimum of eight characters
 uses a combination of uppercase letters, lowercase letters, numbers,
and symbols
 does not contain any dictionary words or words spelled backward
 does not contain consecutive or repeated numbers or letters
 has no personal information such as a birthdate
Paradigm Publishing, Inc.
Computer Concepts
Topics
9
7.1 Unauthorized Access and Unauthorized
Use of Computer Resources…continued
 Biometric devices: authenticate a person’s identity using
physical characteristics such as a fingerprint, iris scan, or voice
recognition
Paradigm Publishing, Inc.
Computer Concepts
Topics
10
7.1 Unauthorized Access and Unauthorized
Use of Computer Resources…continued
 Firewall: hardware,
software, or a
combination of hardware
and software that blocks
unwanted access to your
network
Paradigm Publishing, Inc.
Computer Concepts
Topics
11
7.1 Unauthorized Access and Unauthorized
Use of Computer Resources…continued
 Encryption: scrambles communications between devices so
that the data is not readable
 Wi-Fi Protected Access (WPA) and WPA2: more recent
security standards that authenticate users and employ
sophisticated encryption techniques
 Intrusion detection software: analyzes network traffic for
suspicious data and alerts network administrators to possible
system threats
Paradigm Publishing, Inc.
Computer Concepts
Topics
12
7.1 Unauthorized Access and Unauthorized
Use of Computer Resources…continued
 Acceptable use policy (AUP): a
written policy that describes for
employees, students, or other
network users the permitted uses for
computing equipment and networks
Paradigm Publishing, Inc.
Computer Concepts
Topics
13
7.2 Botnets and Denial of Service Attacks
 Botnet: a collection of zombie computers that work together
to conduct an attack on another network
 zombie computer: a computer that is connected to the Internet and is
controlled by a hacker or other cybercriminal without the owner’s
knowledge
Paradigm Publishing, Inc.
Computer Concepts
Topics
14
7.2 Botnets and Denial of Service
Attacks…continued
 Generally, the infection happens from one of the following
events:
 the individual clicks a link in an email or opens an email attachment
that contains the malicious program code, which is then installed on
the computer
 the individual downloads a video, image, or program from a website
without realizing the file is a cover for the malicious program code
 the individual simply visits a website without realizing that the
malicious code is being downloaded in the background
Paradigm Publishing, Inc.
Computer Concepts
Topics
15
7.2 Botnets and Denial of Service
Attacks…continued
 Once the target computer is infected, it joins the botnet
Paradigm Publishing, Inc.
Computer Concepts
Topics
16
7.2 Botnets and Denial of Service
Attacks…continued
Paradigm Publishing, Inc.
Computer Concepts
Topics
17
7.2 Botnets and Denial of Service
Attacks…continued
 Denial of service attack (DoS):
when a network or web server is
overwhelmed with network traffic
in the form of a constant stream
of bogus emails or other
messages to the point that the
server’s response time becomes
slow or shuts down completely
Paradigm Publishing, Inc.
Computer Concepts
Topics
18
CHECK YOUR UNDERSTANDING 1
1.
A type of hacker that breaks into a computer
network to pinpoint network weaknesses is
known as a ___________.
a.
b.
c.
d.
2.
Piggybacker
Black hat
White hat
War logger
4.
War driver
Firewall
Encrypter
White hat
Paradigm Publishing, Inc.
This term refers to a computer that is
controlled by a hacker without the owner’s
knowledge.
a.
b.
c.
d.
Hardware or software that blocks unwanted
access to a network is a(n) _____________.
a.
b.
c.
d.
3.
This type of attack overwhelms a network
server with the intent of slowing or shutting
down the server.
a.
b.
c.
d.
Computer Concepts
Botnet
DoS
Bot
Zombie
Denial of service
Bot attack
Piggybacking
War driving
Topics
19
7.3 Malware Infections
 Malware: any type of malicious software program that is
designed to damage, disable, or steal data
 Malware programs can:






delete files
damage files
steal personal data
track your activities
display pop-up windows or messages
turn your computer into a zombie
Paradigm Publishing, Inc.
Computer Concepts
Topics
20
7.3 Malware Infections…continued
 Virus: a form of malware that
can replicate itself and spread
to other media on the infected
computer and to other
computers on the network
 macro virus: a type of virus that
is embedded in a document and
infects the computer when the
user opens the document and
enables a macro
Paradigm Publishing, Inc.
Computer Concepts
Topics
21
7.3 Malware Infections…continued
 Worm: a self-replicating program that requires no action on
the part of the user to copy itself to another computer on a
network
Paradigm Publishing, Inc.
Computer Concepts
Topics
22
7.3 Malware Infections…continued
 Trojan horse: a program that disguises
itself as a useful program but then
infects your computer with malware
when you run the application
Paradigm Publishing, Inc.
Computer Concepts
Topics
23
7.3 Malware Infections…continued
 Rootkit: a program hides on the
infected computer and provides a back
door for a hacker or other cybercriminal
to remotely monitor or take over
control of the PC
 back door: way to bypass computer
security
 Using the remote access, the hacker or
cybercriminal can run damaging
programs or steal personal information
Paradigm Publishing, Inc.
Computer Concepts
Topics
24
7.3 Malware Infections…continued
 Antivirus program: programs
that allow you to schedule
automatic scans to run on a
regular basis
 most programs are also set to scan
all incoming emails automatically
Paradigm Publishing, Inc.
Computer Concepts
Topics
25
7.3 Malware Infections…continued
Paradigm Publishing, Inc.
Computer Concepts
Topics
26
7.4 Phishing, Pharming, and Clickjacking
Threats
 Identity theft: occurs when an individual’s personal
information is obtained by a criminal who then uses the
information to buy products or services under the victim’s
name or otherwise pose as the victim for financial gain
 a growing area of cybercrime
Paradigm Publishing, Inc.
Computer Concepts
Topics
27
7.4 Phishing, Pharming, and Clickjacking
Threats…continued
 Phishing: activities that appear
to be initiated by a legitimate
organization (such as one’s bank)
in an attempt to obtain personal
information that can be used in
fraud, theft, or identity theft
Paradigm Publishing, Inc.
Computer Concepts
Topics
28
7.4 Phishing, Pharming, and Clickjacking
Threats…continued
 Pharming: the individual is tricked into
entering personal information at a phony
website that appears to be the real
website
 spoofing: a sender’s email address is altered
to a phony address that appears legitimate to
the email recipient, or an IP address is altered
to appear to be a trusted source
Paradigm Publishing, Inc.
Computer Concepts
Topics
29
7.4 Phishing, Pharming, and Clickjacking
Threats…continued
 Clickjacking: a button, graphic, or
link on a web page appears to be real
but, when clicked, causes malicious
software to run
 some clickjacks are used to download a
virus onto a computer
Paradigm Publishing, Inc.
Computer Concepts
Topics
30
CHECK YOUR UNDERSTANDING 2
1.
This type of virus is often embedded in a
Microsoft Office document.
a.
b.
c.
d.
2.
Rootkit virus
Worm virus
Trojan horse virus
Macro virus
4.
Rootkit virus
Worm virus
Macro virus
Logic bomb virus
Paradigm Publishing, Inc.
This term describes activities that appear to
be from legitimate organizations but that
have malicious intent.
a.
b.
c.
d.
This type of virus is hidden from the owner
and allows the computer to be controlled
remotely.
a.
b.
c.
d.
3.
Computer Concepts
Rootkit virus
Logic bomb virus
Phishing
War driving
A phony button, graphic, or link on a website
is used for ______________.
a.
b.
c.
d.
Phishing
Pharming
Spoofing
Clickjacking
Topics
31
7.5 Information Privacy
 Information privacy: the right of individuals or
organizations to control the information that is collected about
them
 consider all of the websites at which you have set up accounts and the
personal information you provided at each site
 consider that some websites track the pages you visit and store
information about you
 software may be installed on your computer that is tracking everything
you do
Paradigm Publishing, Inc.
Computer Concepts
Topics
32
7.5 Information Privacy…continued
 Cookie: a small text file sent
by a web server to be stored
on your computer’s hard disk
that contains data about you
such as your user name and
the pages you visited
Paradigm Publishing, Inc.
Computer Concepts
Topics
33
7.5 Information Privacy…continued
 Spyware: software programs that exist
on your computer without your
knowledge and track your activities
 keystroke logger (or keylogger): may be
activated as part of a rootkit or Trojan horse
that records every keystroke you type and
sends it back to a cybercriminal
 Adware: software programs responsible
for pop-up ads that appear on your
desktop or while viewing web pages
Paradigm Publishing, Inc.
Computer Concepts
Topics
34
7.5 Information Privacy…continued
 Spam: electronic junk mail—
unsolicited emails sent to a large
group of people at the same time
 Twitter bots: software
programmed to follow people
based on popular keywords
Paradigm Publishing, Inc.
Computer Concepts
Topics
35
7.5 Information Privacy…continued
 To be safe, never post files at a cloud
provider that contains sensitive
information, such as your birthdate
and social security number
 At social networks such as Facebook
and Twitter, make sure you review
and change privacy settings so that
only the information you want public
is viewable by anyone
Paradigm Publishing, Inc.
Computer Concepts
Topics
36
7.5 Information Privacy…continued
 When shopping online or conducting other business that
requires a financial transaction, make sure the URL at the
website begins with https and that you see a small closed
padlock next to the address bar or in the Status bar of the
browser window
 Transport Layer Security (TLS): encrypts transmitted data
so that the data is unreadable if intercepted
Paradigm Publishing, Inc.
Computer Concepts
Topics
37
7.5 Information Privacy…continued
Paradigm Publishing, Inc.
Computer Concepts
Topics
38
7.6 Mobile Device Security
 Mobile malware: viruses designed for
mobile devices
 Make sure all mobile devices, including
tablets and smartphones, have mobile
security software to prevent malware
infections
Paradigm Publishing, Inc.
Computer Concepts
Topics
39
7.6 Mobile Device Security…continued
 The following tools assist with securing mobile devices and data:
 physical locks with cables that attach a notebook to a table or desk in a public
place are a deterrent to thieves looking for an easy target
 many devices now come equipped with fingerprint readers that restrict access to
the authenticated user only
 technology for remote wiping, locking, and tracking of a lost or stolen mobile
device allows the owner to wipe the device clean of data and track the device’s
location
 a strong password or passcode for access to the data should be enabled on all
devices; should the device be stolen or lost, the password/passcode may provide
enough time to employ remote wiping utilities
 regular backups of data stored on mobile devices should be mandatory
Paradigm Publishing, Inc.
Computer Concepts
Topics
40
7.6 Mobile Device Security…continued
 Bluetooth technology, which
wirelessly connects and exchanges
data between two devices in close
proximity, is subject to risk from
intrusion from others within range
 Bluetooth range is approximately 30 feet
 a risk exists that someone else can
connect to your device and send you a
virus or access personal data
Paradigm Publishing, Inc.
Computer Concepts
Topics
41
CHECK YOUR UNDERSTANDING 3
1.
This is a small text file placed on your hard
drive after visiting a website.
a.
b.
c.
d.
2.
4.
Adware
Spam
Cookie
Keylogger
Paradigm Publishing, Inc.
Bluetooth range is approximately _____ feet.
a.
b.
c.
d.
Spyware
Cookie
Adware
Spam
This type of spyware records everything you
type.
a.
b.
c.
d.
3.
10
20
30
40
Viruses designed for a notebook, tablet, or
smartphone are referred to by this term.
a.
b.
c.
d.
Computer Concepts
Mobile
Mobile
Mobile
Mobile
malware
mania
risk
software
Topics
42
Chapter Summary
 After successfully completing this chapter, you are now able to:
 Explain various types of network risks that occur when computers are
connected to a network or the Internet
 Describe techniques used to protect against network and Internet intrusions
 Distinguish various types of malware and methods to prevent malware
 Recognize privacy concerns when using the Internet and strategies for
safeguarding personal information
 Identify mobile device security risks and techniques for minimizing risk
Paradigm Publishing, Inc.
Computer Concepts
Topics