Toshiki's Note

Appearance

CIS105: Computer Applications & Information Systems Lect. 11

Author:Anda Toshiki
Updated:a day ago
Words:406
Reading:2 min

Chapter 11: Computer Security

Midterm reminder: March 28th - 29th

  • Exam Review after Chapter 11KC
  • 40 new questions, 10 KC questions
    • Same format as last time

11.1: System Security & Computer Privacy

  • An unsecured computer is extremely easy to breach by any seasoned hacker
  • Computer Security: Concerned with risk management, confidentiality, integrity, and the availability of the electronic info processed and stored within a computing system
  • Risk Management: Includes the recognition, consequences, and assessment of risk to a computer's assets, and developing strategies to manage and protect them

11.2: Business System Threats

  • Intranet: A businesses' private version of the internet
  • The key aspect of an intranet is privacy
  • Firewall: Hardware and software working together to ensure that only authorized personnel can access the business' intranet

11.3: Firewall

  • Without a firewall, an intranet is just another part of the internet
  • Proxy Server: A special security computer that allows communication to flow in and out of an intranet to check for external threats
  • Two standard security practices for firewalls:
    • Default-Deny
    • Default-Allow

11.4: Malware Threats

  • The term "virus" comes from biology
  • Malware Motivations:
    • Experimental Malware
    • Worms
    • Trojan Horses
    • Spyware/Keylogging
    • Adware
    • Spamming
    • Denial-of-Service Attach (DoS)
      • The deadliest
    • Reverse Phishing - "Spear Phishing"

11.5: Malware Solutions

  • Antivirus Software
    • Norton AntiVirus
    • McAfee's VirusScan
  • System patches
  • Data Backup
  • Employee training

11.6: Internet Fraud

  • Internet fraud: Any fraudulent activity in an online setting
  • Google AdSense, Google's advertising network; the middleman between the advertiser and the website owner
  • Click Fraud: a program that automatically clicks on Ads
  • Purchase Scam: scammer asks seller to pay for shipping via credit card, cancels credit card after order has shipped
  • Most uncomplicated type of internet fraud
  • Phishing: Uses social engineering techniques to gain private information

11.7: Computer Privacy

  • Privacy: The ability of an individual to keep their personal information out of public view
  • Anonymous: One's personal identity Is not be known
  • Tracking Cookie: A small text file that tracks your interaction on a website
  • History files: A list of stored or cached websites on a user's computer

50% of the time an unsecured computer can be hacked, and a password can be guessed

11.8: Identity Theft

  • Identity theft: A crime concerning the unlawful practice of assuming another individual's identity
  • Ways to acquire personal information:
    • Shoulder Surfing
    • Dumpster Diving
  • SCAM
    • Stingy
    • Check
    • Ask
    • Maintain
  • ASU's Recommended Password Manager: Stache
    • Bitwarden, 1Password, Dashlane, Keeper, KeePass