Scribd
Upload
2 views48 pages

DC16_Ch05

Chapter 5 of 'Discovering Computers 2016' covers digital security, ethics, and privacy, detailing various types of cyber threats, including internet and network attacks, and the importance of safeguarding against unauthorized access. It discusses methods to protect against software piracy, hardware theft, and the significance of encryption and digital signatures. Additionally, the chapter addresses ethical considerations in technology use, information privacy, and the implications of data collection practices.

Uploaded by

muhammadumairakram167
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
2 views48 pages

DC16_Ch05

Chapter 5 of 'Discovering Computers 2016' covers digital security, ethics, and privacy, detailing various types of cyber threats, including internet and network attacks, and the importance of safeguarding against unauthorized access. It discusses methods to protect against software piracy, hardware theft, and the significance of encryption and digital signatures. Additionally, the chapter addresses ethical considerations in technology use, information privacy, and the implications of data collection practices.

Uploaded by

muhammadumairakram167
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 48

Discovering Computers 2016

Tools, Apps, Devices, and the Impact of Technology

Chapter 5
Digital Security,
Ethics, and Privacy
Objectives Overview

Describe various types


Define the term, digital Discuss techniques to
of Internet and network
security risks, and prevent unauthorized
attacks, and explain
briefly describe the computer access and
ways to safeguard
types of cybercriminals use
against these attacks

Explain the ways that Discuss how


software manufacturers encryption, digital
protect against signatures, and digital
software piracy certificates work

See Page 212 © 2016 Cengage Learning®. May not be scanned, copied o 2
for Detailed Objectives r duplicated, or posted to a publicly accessible website, in
Objectives Overview

Identify risks and


Identify safeguards
Explain the options safeguards associated
against hardware theft,
available for backing up with wireless
vandalism, and failure
communications

Recognize issues related


to information accuracy, Discuss issues
intellectual property surrounding information
rights, codes of conduct, privacy
and green computing

See Page 212 © 2016 Cengage Learning®. May not be scanned, copied o 3
for Detailed Objectives r duplicated, or posted to a publicly accessible website, in
Digital Security Risks

• A digital security risk is any event or action that could


cause a loss of or damage to a computer or mobile device
hardware, software, data, information, or processing
capability
• Any illegal act involving the use of a computer or related
devices generally is referred to as a computer crime
• A cybercrime is an online or Internet-based illegal act

Page 212 © 2016 Cengage Learning®. May not be scanned, copied o 4


r duplicated, or posted to a publicly accessible website, in
Digital Security Risks

Page 213 © 2016 Cengage Learning®. May not be scanned, copied o 5


Figure 5-1 r duplicated, or posted to a publicly accessible website, in
Digital Security Risks

Hacker Cracker Script kiddie

Unethical
Corporate spies Cyberextortionist
employees

Cyberterrorist

Page 214 © 2016 Cengage Learning®. May not be scanned, copied o 6


r duplicated, or posted to a publicly accessible website, in
Internet and Network Attacks
• Information transmitted
over networks has a higher
degree of security risk than
information kept on an
organization’s premises
• Malware, short for
malicious software, consists
of programs that act
without a user’s knowledge
and deliberately alter the
operations of computers
and mobile devices
Page 215 7
© 2016 Cengage Learning®. May not be scanned, copied o
Table 5-1 r duplicated, or posted to a publicly accessible website, in
8
© 2016 Cengage Learning®. May not be scanned, copied o
r duplicated, or posted to a publicly accessible website, in
Internet and Network Attacks

Page 215 © 2016 Cengage Learning®. May not be scanned, copied o 9


Figure 5-2 r duplicated, or posted to a publicly accessible website, in
Internet and Network Attacks
• A botnet is a group of compromised computers or mobile devices
connected to a network
– A compromised computer or device is known as a zombie
• A denial of service attack (DoS attack) disrupts computer access to
an Internet service
– Distributed DoS attack (DDoS attack)
• A back door is a program or set of instructions in a program that
allow users to bypass security controls
• Spoofing is a technique intruders use to make their network or
Internet transmission appear legitimate

Pages 216 - 217 © 2016 Cengage Learning®. May not be scanned, copied o 10
r duplicated, or posted to a publicly accessible website, in
Internet and Network Attacks

• A firewall is hardware and/or software that


protects a network’s resources from intrusion

Pages 219 - 220 © 2016 Cengage Learning®. May not be scanned, copied o 11
Figure 5-4 r duplicated, or posted to a publicly accessible website, in
Unauthorized Access and Use

Unauthorized
Unauthorized use is the use
access is the of a
use of a computer or
computer or its data for
network unapproved
without or possibly
permission illegal
activities

Page 221 © 2016 Cengage Learning®. May not be scanned, copied o 12


r duplicated, or posted to a publicly accessible website, in
Unauthorized Access and Use

• Organizations take
several measures to
help prevent
unauthorized access
and use
– Acceptable use policy
– Disable file and printer
sharing

Page 221 13
© 2016 Cengage Learning®. May not be scanned, copied o
Figure 5-5 r duplicated, or posted to a publicly accessible website, in
Unauthorized Access and Use

• Access controls define who can access a


computer, device, or network; when they can
access it; and what actions they can take while
accessing it
• The computer, device, or network should maintain
an audit trail that records in a file both successful
and unsuccessful access attempts
– User name
– Password
Pages 222 - 223 © 2016 Cengage Learning®. May not be scanned, copied o 14
Figure 5-6 r duplicated, or posted to a publicly accessible website, in
Unauthorized Access and Use
• A passphrase is a private combination of words, often containing
mixed capitalization and punctuation, associated with a user name
that allows access to certain computer resources
• A PIN (personal identification number), sometimes called a
passcode, is a numeric password, either assigned by a company or
selected by a user
• A possessed object is any item that you must possess, or carry with
you, in order to gain access to a computer or computer facility
• A biometric device authenticates a person’s identity by translating
a personal characteristic into a digital code that is compared with a
digital code in a computer or mobile device verifying a physical or
behavioral characteristic
Pages 223 - 224 © 2016 Cengage Learning®. May not be scanned, copied o 15
r duplicated, or posted to a publicly accessible website, in
Unauthorized Access and Use

Face
Fingerprint
recognition
reader
system

Hand Voice
geometry verification
system system

Signature Iris
verification recognition
system system
Pages 224 – 226 © 2016 Cengage Learning®. May not be scanned, copied o 16
Figures 5-8 – 5-11 r duplicated, or posted to a publicly accessible website, in
Unauthorized Access and Use

• Two-step verification uses two separate methods,


one after the next, to verify the identity of a user

Pages 226 – 227 © 2016 Cengage Learning®. May not be scanned, copied o 17
Figure 5-12 r duplicated, or posted to a publicly accessible website, in
Unauthorized Access and Use

• Digital forensics is the discovery, collection, and


analysis of evidence found on computers and
networks
• Many areas use digital forensics
Law Criminal Military
enforcement prosecutors intelligence

Information
Insurance
security
agencies
departments
Page 227 © 2016 Cengage Learning®. May not be scanned, copied o 18
r duplicated, or posted to a publicly accessible website, in
Software Theft

• Software theft occurs when someone:

Steals software Intentionally


media erases programs

Illegally registers
Illegally copies a
and/or activates
program
a program
Page 228 © 2016 Cengage Learning®. May not be scanned, copied o 19
r duplicated, or posted to a publicly accessible website, in
Software Theft

• Many manufacturers incorporate an activation


process into their programs to ensure the
software is not installed on more computers than
legally licensed
• During the product activation, which is conducted
either online or by phone, users provide the
software product’s identification number to
associate the software with the computer or
mobile device on which the software is installed
Page 228 © 2016 Cengage Learning®. May not be scanned, copied o 20
r duplicated, or posted to a publicly accessible website, in
Software Theft

• A license agreement is the right to use software

Pages 228 – 229 © 2016 Cengage Learning®. May not be scanned, copied o 21
Figure 5-13 r duplicated, or posted to a publicly accessible website, in
Information Theft

• Information theft occurs when someone steals


personal or confidential information
• Encryption is a process of converting data that is
readable by humans into encoded characters to
prevent unauthorized access

Page 229 © 2016 Cengage Learning®. May not be scanned, copied o 22


r duplicated, or posted to a publicly accessible website, in
Information Theft

Page 230 © 2016 Cengage Learning®. May not be scanned, copied o 23


Figure 5-14 r duplicated, or posted to a publicly accessible website, in
Information Theft

• A digital signature is an encrypted code that a


person, website, or organization attaches to an
electronic message to verify the identity of the
message sender
– Often used to ensure that an impostor is not participating
in an Internet transaction
• A digital certificate is a notice that guarantees a user
or a website is legitimate
• A website that uses encryption techniques to secure
its data is known as a secure site
Page 231 © 2016 Cengage Learning®. May not be scanned, copied o 24
r duplicated, or posted to a publicly accessible website, in
Information Theft

Page 231 © 2016 Cengage Learning®. May not be scanned, copied o 25


Figure 5-15 r duplicated, or posted to a publicly accessible website, in
Hardware Theft, Vandalism, and Failure

Hardware vandalism
Hardware theft is the
is the act of defacing
act of stealing digital
or destroying digital
equipment
equipment

Page 233 © 2016 Cengage Learning®. May not be scanned, copied o 26


r duplicated, or posted to a publicly accessible website, in
Hardware Theft, Vandalism, and Failure

Page 233 © 2016 Cengage Learning®. May not be scanned, copied o 27


Figure 5-16 r duplicated, or posted to a publicly accessible website, in
Backing Up – The Ultimate Safeguard

• A backup is a duplicate of a file, program, or


media that can be used if the original is lost,
damaged, or destroyed
– To back up a file means to make a copy of it
• Off-site backups are stored in a location separate
from the computer or mobile device site

Cloud
Storage

Pages 233 - 234 © 2016 Cengage Learning®. May not be scanned, copied o 28
r duplicated, or posted to a publicly accessible website, in
Backing Up – The Ultimate Safeguard

• Categories of backups: • Three-generation


– Full backup policy
– Differential
– Incremental Grandparent

– Selective
– Continuous data
protection Parent
– Cloud

Child

Page 234 29
© 2016 Cengage Learning®. May not be scanned, copied o
r duplicated, or posted to a publicly accessible website, in
Backing Up – The Ultimate Safeguard

Page 234 © 2016 Cengage Learning®. May not be scanned, copied o 30


Table 5-2 r duplicated, or posted to a publicly accessible website, in
Wireless Security
• Wireless access poses
additional security risks
• Some perpetrators connect
to other’s wireless networks
to gain free Internet access
or confidential data
• Others connect to a
network through an
unsecured wireless access
point (WAP) or combination
router/WAP

Page 236 31
© 2016 Cengage Learning®. May not be scanned, copied o
Figure 5-18 r duplicated, or posted to a publicly accessible website, in
Ethics and Society

• Technology ethics are


the moral guidelines that
govern the use of
computers, mobile
devices, information
systems, and related
technologies
• Information accuracy is a
concern
– Not all information on the
Internet is correct
Pages 238 - 240 32
© 2016 Cengage Learning®. May not be scanned, copied o
Figure 5-20 r duplicated, or posted to a publicly accessible website, in
Ethics and Society

• Intellectual property refers to unique and original


works such as ideas, inventions, art, writings,
processes, company and product names, and logos
• Intellectual property rights are the rights to which
creators are entitled to their work
• A copyright protects any tangible form of expression
• Digital rights management (DRM) is a strategy
designed to prevent illegal distribution of movies,
music, and other digital content
Page 240 © 2016 Cengage Learning®. May not be scanned, copied o 33
r duplicated, or posted to a publicly accessible website, in
Ethics and Society

• A code of conduct is a written guideline that helps


determine whether a specification is
ethical/unethical or allowed/not allowed

Page 241 © 2016 Cengage Learning®. May not be scanned, copied o 34


Figure 5-21 r duplicated, or posted to a publicly accessible website, in
Ethics and Society

• Green computing involves reducing the electricity


and environmental waste while using computers,
mobile devices, and related technologies

Page 241 © 2016 Cengage Learning®. May not be scanned, copied o 35


Figure 5-22 r duplicated, or posted to a publicly accessible website, in
Information Privacy

• Information privacy refers to the right of individuals


and companies to deny or restrict the collection,
use, and dissemination of information about them
• Huge databases store data online
• Websites often collect data about you, so that they
can customize advertisements and send you
personalized email messages
• Some employers monitor your computer usage and
email messages
Page 242 © 2016 Cengage Learning®. May not be scanned, copied o 36
r duplicated, or posted to a publicly accessible website, in
Information Privacy

Page 242 37
© 2016 Cengage Learning®. May not be scanned, copied o
Figure 5-23 r duplicated, or posted to a publicly accessible website, in
Information Privacy

• Information about you


can be stored in a
database when you:
– Fill out a printed or
online form
– Create a profile on an
online social network
– Register a product
warranty

Pages 242 - 243 38


© 2016 Cengage Learning®. May not be scanned, copied o
Figure 5-24 r duplicated, or posted to a publicly accessible website, in
Information Privacy

• A cookie is a small text file that a web server stores on


your computer
• Websites use cookies for a variety of reasons:
Store user Assist with
Allow for
names and/or online
personalization
passwords shopping

Track how
Target
often users visit
advertisements
a site
Pages 243 - 244 © 2016 Cengage Learning®. May not be scanned, copied o 39
r duplicated, or posted to a publicly accessible website, in
Information Privacy

Page 244 © 2016 Cengage Learning®. May not be scanned, copied o 40


Figure 5-25 r duplicated, or posted to a publicly accessible website, in
Information Privacy

• Phishing is a scam in which a perpetrator sends an


official looking email message that attempts to
obtain your personal and/or financial information
• With clickjacking, an object that can be tapped or
clicked on a website contains a malicious program

Pages 244 - 245 © 2016 Cengage Learning®. May not be scanned, copied o 41
r duplicated, or posted to a publicly accessible website, in
Information Privacy

• Spyware is a program placed on a computer or


mobile device without the user’s knowledge that
secretly collects information about the user and
then communicates the information it collects to
some outside source while the user is online
• Adware is a program that displays an online
advertisement in a banner or pop-up window on
webpages, email messages, or other Internet
services
Page 245 © 2016 Cengage Learning®. May not be scanned, copied o 42
r duplicated, or posted to a publicly accessible website, in
Information Privacy

• Social engineering is defined as gaining


unauthorized access to or obtaining confidential
information by taking advantage of the trusting
human nature of some victims and the naivety of
others

Page 245 © 2016 Cengage Learning®. May not be scanned, copied o 43


r duplicated, or posted to a publicly accessible website, in
Information Privacy

• The concern about privacy has led to the


enactment of federal and state laws regarding the
storage and disclosure of personal data
– See Table 5-3 on page 246 for a listing of major U.S.
government laws concerning privacy

Page 246 © 2016 Cengage Learning®. May not be scanned, copied o 44


r duplicated, or posted to a publicly accessible website, in
Information Privacy

Employee monitoring involves the use of computers, mobile


devices, or cameras to observe, record, and review an employee’s
use of a technology, including communications such as email
messages, keyboard activity (used to measure productivity), and
websites visited

Many programs exist that easily allow employers to monitor


employees. Further, it is legal for employers to use these
programs

Page 247 © 2016 Cengage Learning®. May not be scanned, copied o 45


r duplicated, or posted to a publicly accessible website, in
Information Privacy

• Content filtering is the


process of restricting
access to certain
material
– Many businesses use
content filtering
• Web filtering software
restricts access to
specified websites

Pages 247 - 248 46


© 2016 Cengage Learning®. May not be scanned, copied o
Figure 5-26 r duplicated, or posted to a publicly accessible website, in
Summary

Risks and safeguards associated


with Internet and network
attacks, unauthorized access and
Variety of digital security risks Cybercrime and cybercriminals
use, software theft, information
theft, and hardware theft,
vandalism, and failure

Various backup strategies and Ethical issues in society and


methods of securing wireless various ways to protect the
communications privacy of personal information

Page 249 © 2016 Cengage Learning®. May not be scanned, copied o 47


r duplicated, or posted to a publicly accessible website, in
Discovering Computers 2016
Tools, Apps, Devices, and the Impact of Technology

Chapter 5
Digital Security,
Ethics, and Privacy
Chapter 5 Complete

You might also like