Tuesday 11 October 2016

chapter 11

                                            Chapter 11

-A computer security risk is any event or action that could cause a loss or damage to computer hardware, software, data, or information. Some breaches to computer security are accidental, but some are planned.
-Cyber crime  is crime conducted via the Internet or some other computer network such as hacker ,crackers ,scrip kiddies ,corporate spies, unethical employees ,cyber extortionists ,cyber terrorists .
- information transmitted over networks has a higher degree of security risk than information kept on organization's premises.
- Internet security is an online system that prevents credit card numbers from being stolen on a shopping website.
                .Computer virus is a piece of code that is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data.
                .Worm is a standalone malware computer program that replicates itself in order to spread to other computers.
                .Trojan horse is a program designed to breach the security of a computer system while ostensibly performing some innocuous function.
                . A rootkit is a type of software designed to hide the fact that an operating system has been compromised, sometimes by replacing vital executables. Rootkits allow viruses and malware to “hide in plain sight” by disguising as necessary files that your antivirus software will overlook.
- An infected computer has one or more of the following symptoms: file become corrupted ,operating system runs much slower, etc...
- Users can take several precautions to protect their home and work computers and mobile devices from these malicious infections .
-Bot net is a network of private computers infected with malicious software and controlled as a group without the owners' knowledge, e.g., to send spam messages.
-A denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.
-A back door is a means of access to a computer program that bypasses security mechanisms.
-Spoofing is a technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host.
-A firewall is a system designed to prevent unauthorized access to or from a private network.
-Intrusion detection software: analyses ,assesses ,identifies ,notifies
-Honeypot : vulnerable computer that is set up to entice an intruder to break into it.
-Unauthorized Access is an act of illegally gaining access into any computer, network etc , or promoting such activity, which is banned under the “Unauthorized Access while Unauthorized use of a computer is a class A misdemeanor.  Computer trespass. A person is guilty of computer trespass when he or she knowingly uses, causes to be used, or accesses a computer.
.Organizations take several measures to help prevent unauthorized access and use            -Acceptable use policy
-Disable file and printer sharing
-Firewalls
-Intrusion detection software .
-access control (AC) is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization by using : User name ,Password etc...
-A Biometric device is a security identification and authentication device. Such devices use automated methods of verifying or recognising the identity of a living person based on a physiological or behavioural characteristic.
-Digital forensics is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime.(law enforcement ,criminal prosecutors, military intelligence, insurance agencies ,information security departments).
-Hardware theft is the act of stealing computer equipment and the help reduce are : alarm system ,physical access controls, etc...while The act of defacing or destroying computer equipment is known as hardware vandalism.
-software theft in Technology Expand. legal. Unauthorised duplication and/or use of computer software and occurs when someone : steals software media ,illegally copies ,intentionally erases programs ,illegally registers and or activates a programs.
-A single users license agreement contains:
   .Permitted to: install ,copy ,and remove the software
   .No permitted to : install, copy, export , and rent the software.
- Information theft occurs when someone steals personal or confidential information .
-Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it.
-A digital signature (not to be confused with a digital certificate) is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document.
-system failure is a hardware or operating system malfunction. See fault tolerant. There is two ways to protect :surge protectors and uninterruptable power supplies 
   ex; Aging hardware ,Natural disasters, Electrical power problems, Errors in computer programs.
-Backup  is the procedure for making extra copies of data in case the original is lost or damaged and have two categories : full backup and selective backup
-Three generation backup policy : grandparent , parent , and child
- Wireless access poses additional security risks : 80 percent of wireless networks have no security protection.
- War driving allows individuals to detect wireless networks while driving a vehicle through the area
-Computer ethics is a part of practical philosophy which concerns with how computing professionals should make decisions regarding professional and social conduct.
-Intellectual property rights refers to creations of the mind: inventions, literary and artistic works, and symbols, names, images, and designs used in commerce.
-An IT code of conduct is written guideline that helps to determine whether a specific computer action is ethical or unethical.
-information privacy, is the aspect of information technology (IT) that deals with the ability an organization or individual has to determine what data in a computer system can be shared with third parties.
-cookie. A small text file (up to 4KB) created by a Web site that is stored in the user's computer either temporarily for that session only or permanently on the hard disk.
-Web site use cookies for many reasons: allow personalization ,store user's password ,assist with online shopping, track how often users visit a site ,targets advertisements.
-Spam also known as unsolicited bulk email (UBE), junk mail, or unsolicited commercial email (UCE), is the practice of sending unwanted email messages, frequently with commerce
al content, in large quantities to an indiscriminate set of recipients.
- E-mail filtering blocks e-mail messages from designated sources.
-anti-spam is the methods that detect e-mail messages that are unsolicited advertisements, called "spam."
-Social engineering is an attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures.
-Employee monitoring software is a means of employee monitoring, and allows company administrators to monitor and supervise all their employee computers from a central location.
-Content filtering is the process of restricting access to certain material on the Web .
-Web filtering software is the process of restricting access to certain material on the Web .
















Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)