COMPUTER SECURITY RISKS SYMPTOMS OF AN INFECTED COMPUTER

COMPUTER SECURITY RISK - is any event or 1. Slower OS than usual.

action that could cause a loss of or damage to 2. Available memory is less than expected.
computer hardware, software, data, 3. Corrupted files.
information, or processing capability. 4. Screen displays unusual messages or
images.
CYBERCRIME - is an online or Internet-based 5. Music or sounds plays randomly.
illegal act. 6. Programs or files do not work properly.
7. Unknown programs and files
 HACKERS mysteriously appear.
 CRACKERS 8. System properties change.
 SCRIPT KIDDIES 9. OS does not start up.
 CORPORATE SPIES 10. OS shuts down unexpectedly.
 UNETHICAL EMPLOYEES
 CYBEREXTORTIONISTS TIPS FOR PREVENTING VIRUS AND OTHER
 CYBERTERRORISTS MALWARE
1. INTERNET AND NETWORK ATTACKS 1. Never start a computer w/ removable
2. UNAUTHORIZED ACCESS AND USE media inserted in the drives or plugged
3. HARDWARE THEFT in the ports, unless the media are
4. SYSTEM FAILURE uninfected.
5. INFORMATION THEFT 2. Never open an e-mail attachment
6. SOFTWARE THEFT unless you are expecting it and it is
from a trusted source.
1. INTERNET AND NETWORK ATTACKS 3. Set the macro security in programs so
that you can enable or disable macros.
- Information transmitted over networks has a Enables macros only if the document is
higher degree of security risk than information from a trusted source and you are
kept on an organization’s premises. expecting it.
4. Install an anti-virus program on all of
COMPUTER VIRUS – affects a computer by your computers. Update the software
negatively altering the way the computer and the signature files regularly.
works. 5. Scan all downloaded programs for
viruses and other malware.
WORM – copies itself repeatedly. Using up 6. If the anti-virus program flags an e-mail
resources and might shutdown the computer or attachment as infected, delete or
network. quarantine the attachment
immediately.
TROJAN HORSE – malicious program that hides 7. Before using any removable media,
within or looks like a horse. scan the media for malware. Follow this
procedure even for shrink-wrapped
ROOTKIT – program that hides in a computer software from major developers. Some
and allows someone in a remote location to commercial software has been infected
take full control over it. and distributed to unsuspecting users.
8. Install a personal firewall program.
 9. Stay informed about new virus alerts
and virus hoaxes.
ZOMBIE – compromised computer.
BOTNET – is a group of compromised
computers connected to a network.
POSSESSED OBJECT – any item that you must
carry to gain access to a computer or computer
facility. Often used in combination wait a PIN
(Personal Identification Number).

DENIAL OF SERVICE ATTACK (DoS ATTACK) – BIOMETRIC DEVICE – authenticates a person’s

disrupts computer access to internet services. identity by translating a personal characteristic
into a digital code that is compared w/ a digital
BACK DOOR – a program or set of instructions code in a computer.
in a program that allow users to bypass security
controls. DIGITAL FORENSICS – is the discovery,
collection, and analysis of evidence found on
SPOOFING – a technique intruders use to make computers and networks.
their network or internet transmission appear
legitimate. AREAS OF DIGITAL FORENSICS:
 LAW ENFORCEMENT
FIREWALL – is a hardware and/or a software  CRIMINAL PROSECUTORS
that protects a network’s resources from  MILITARY INTELLIGENCE
intrusion.  INSURANCE AGENCIES
 INFORMATION SECURITY
INTRUSION DETECTION SOFTWARE DEPARTMENTS
1. Analyzes all network traffic
2. Assesses system vulnerabilities 3. HARDWARE THEFT AND VANDALISM
3. Identifies any authorized intrusions
4. Notifies network administrators of HARDWARE THEFT – is the act of stealing
suspicious behavior patterns or security computer equipment.
breaches.
HARDWARE VANDALISM – is the act of
2. UNAUTHORIZED ACCESS OR USE defacing or destroying computer equipment.

UNAUTHORIZED ACCESS – use of a computer or SECURITY MEASURES

network without permission. 1. PHYSICAL ACCESS CONTROLS
2. ALARM SYSTEMS
UNAUTHORIZED USE – the use of a computer 3. CABLES TOLOCK EQUIPMENT
or its data for unapproved or possibly illegal 4. REAL TIME LOCATION SYSTEM
activities. 5. PASSWORDS, POSSESSED OBJECTS AND
BIOMETRICS
ACCESS CONTROLS – defines who can access a
computer, when they can access it, and what
4. SOFTWARE THEFT
actions they can take.
Occurs when:
IDENTIFICATION
 Steals software media.
AUTHENTICATION
 Intentionally erases programs.
- USERNAME  Illegally copies a program.
- PASSWORD  Illegally registers and/or activates a
- CAPTCHA program.
 CONDITIONS OF A SINGLE-USER
LICENSE AGREEMENT
PERMITTED TO:
• Install the software on one computer.
• Make one copy of the software.
• Remove the software from your
computer before giving it away or
selling it.
NOT PERMITTED TO:
• Install the software on a network.
• Give copies to friends or colleagues
while continuing to use the software.
• Export the software.
• Rent or lease the software.
5. INFORMATION THEFT
INFORMATION THEFT – occurs when someone
steals personal or confidential information.
ENCRYPTION – is a process of converting
readable data into unreadable characters to
prevent unauthorized access.
SIMPLE ENCRYPTION ALGORITHMS
TRANSPOSITION – switch the order of
characters.
SUBSTITUTION – replace characters with other
characters.
EXPANSION – insert characters within existing
characters.
COMPACTION – remove characters and store
elsewhere.
DIGITALSIGNATURE - is an encrypted code that
a person, Web site, or organization attaches to
an electronic message to verify the identity of
the sender.
DIGITAL CERTIFICATE - is a notice that
guarantees a user or a Web site is legitimate.
Issued by a certificate authority.
6. SYSTEM FAILURE
SYSTEM FAILURE - is the prolonged malfunction
of a computer.
SURGE PROTECTORS AND UNINTERRUPTABLE
POWER SUPPLIES (UPS) – two ways to protect
from system failures caused by electrical power
variations.
VARIETY OF FACTORS THAT CAN LEAD TO A
SYSTEM FAILURE
 Aging hardware
 Natural disasters
 Electrical power problems
 Errors in computer programs
BACKING UP – THE ULTIMATE SAFEGUARD
BACK-UP - is a duplicate of a file, program, or
disk that can be used if the original is lost,
damaged, or destroyed.
- To back up a file means to make a copy
of it.
OFFSITE BACK-UPS - are stored in a location
separate from the computer site.
FULL BACK-UP
SELECTIVE BACK-UP
(THREE-GENERATION BACK-UP POLICY)
GRANDPARENT – PARENT – CHILD
WIRELESS SECURITY
WIRELESS ACCESS - poses additional security
risks
- About 80 percent of wireless networks
have no security protection.
WAR DRIVING - allows individuals to detect
wireless networks while driving a vehicle
through the area.
 • A wireless access point should not
broadcast a network name
• Change the default network name
• Configure a WAP so that only
certain devices
can access it
• Use WPA or WPA2 security standards
HEALTH CONCERNS OF COMPUTER USE
HEALTH CONCERNS:
1. Repetitive strain injury (RSI)
- Tendonitis
- Carpal tunnel syndrome (CTS)
2. Computer vision syndrome (CVS)
TECNIQUES TO EASE EYESTRAIN:
1. Every 10 – 15 mins., take an eye break.
- look into the distance and focus on an
object for 20 – 30 seconds.
- roll your eyes in a complete circle.
- close your eyes and rest them for at
least 1 minute.
2. Blink your eyes every five seconds.
3. Place your display device about an arm’s
length away from your eyes with the top of the
screen at eye level or below.
4. Use large fonts.
5. If you wear glasses, ask your doctor about
computer glasses.
6. Adjust the lighting.
ERGONOMICS - is an applied science devoted to
incorporating comfort, efficiency, and safety
into the design of items in the workplace.
COMPUTER ADDICTION - occurs when the
computer consumes someone’s entire social
life.
SYMPTOMS OF COMPUTER ADDICTION:
• Craves computer time
• Overjoy when at the computer
• Unable to stop computer activity
• Irritable when not at the computer
• Neglects family and friends
• Problems at work or school
ETHICS AND SOCIETY
COMPUTER ETHICS - are the moral guidelines
that govern the use of computers and
information systems.
INFORMATION ACCURACY - is a concern. Not
all information on the Web is correct.
INTELLECTUAL PROPERTY RIGHTS - are the
rights to which creators are entitled for their
work.
COPYRIGHT - protects any tangible form of
expression.
DIGITAL RIGHTS MANAGEMENT - is a strategy
designed to prevent illegal distribution of
movies, music, and other digital content.
GREEN COMPUTING - involves reducing the
electricity and environmental waste while using
a computer
– ENERGY STAR program
GREEN COMPUTING SUGGESTIONS
1. Use computers and devices that comply with
the ENERGY STAR Program.
2. Do not leave the computer running
overnight.
3. Turn off the monitor, printer, and other
devices when not in use.
4. Use LCD monitors instead of CRT monitors.
5. Use paperless methods to communicate.
6. Recycle paper.
7. Buy recycled paper.
8. Recycle toner cartridges.
9. Recycle old computers, printers, and other
devices.
10. Telecommute (saves gas)
11. Use video conferencing and VoIP for
meetings.
INFORMATION PRIVACY - refers to the right of WEB FILTERING SOFTWARE - restricts access to
individuals and companies to deny or restrict specified Web sites.
the collection and use of information about the.

• Huge databases store data online

• It is important to safeguard your
information

COOKIE - is a small text file that a Web server

stores on your computer.

REASONS OF USING COOKIE:

• Allow for personalization
• Store users’ passwords
• Assist with online shopping
• Track how often users visit a site
• Target advertisements

SPAM - is an unsolicited e-mail message or

newsgroup posting.

E-MAIL FILTERING - blocks e-mail messages

from designated sources.

ANTI-SPAM PROGRAMS - attempt to remove

spam before it reaches your inbox.

PHISHING - is a scam in which a perpetrator

sends an official looking e-mail message that
attempts to obtain your personal and financial
information.

PHARMING - is a scam where a perpetrator

attempts to obtain your personal and financial
information via spoofing.

SOCIAL ENGINEERING - is defined as gaining

unauthorized access or obtaining confidential
information by taking advantage of trust and
naivety.

EMPLOYEE MONITORING - involves the use of

computers to observe, record, and review an
employee’s use of a computer.
CONTENT FILTERING - is the process of
restricting access to certain material on the
Web. Many businesses use content filtering.