;): 2018

Thursday 15 March 2018

SECURITY MEASURE

SECURITY MEASURE

Definition of security measures:

➤The precautionary measures taken toward possible danger or damage.

DATA BACKUP

➼A data backup is the result of copying or archiving files and folders for the

purpose of being able to restore them in case of data loss.

➼Data loss can be caused by many things ranging from computer viruses,

hardware failures, file corruption, system failure or theft.

CRYPTOGRAPHY

How…????

➱To read the data, you must decrypt it into readable form.

➱The unencrypted data is called plain text.

➱The encrypted data is called cipher text.

➱To encrypt, plain text converted into cipher text using an encryption key.

Importance…

➱The process of proving one's identity.

➱Ensuring that no one can read the message except the intended receiver.

➱Assuring the receiver that the received message has not been altered in anyway from the original.

➱A mechanism to prove that the sender really sent this message.

ANTI-VIRUS

⤀Anti-virus software is a program or set of programs that are designed to prevent, search for, detect

and remove software viruses and other malicious software like worms, Trojan horses, adware and

more.

⤀If and when a virus is detected, the computer displays a warning asking what action should be

done, often giving the options to remove, ignore, or move the file to the vault.

⤀If a virus infected a computer without an antivirus program, it may delete files, prevent access to

files, send spam, spy on you, or perform other malicious actions.

⤀Examples: Norton anti-virus, AVG anti-virus, Kaspersky anti-virus

⤀There are several different companies that build and offer anti-virus software and what each offers can vary but all perform some basic functions:

- Scan specific files or directories for any malware or known malicious patterns

- Allow you to schedule scans to automatically run for you

- Allow you to initiate a scan of a specific file or of your computer, or of a CD or flash drive at any time.

- Remove any malicious code detected –sometimes you will be notified of an infection and asked if you want to clean the file, other programs will automatically do this behind the scenes.

ANTI - SPYWARE

⟶Spyware is a type of malware that is installed on a computer without the user's knowledge in order

to collect information about them.

⟶Once installed, spyware can degrades system performance by taking up processing power,

installing additional software, or redirecting users' browser activity.

⟶It also can monitors user activity on the Internet and transmits that information in the background

to someone else.

⟶Spyware can also gather information about email addresses and even passwords and credit card

numbers.

⟶Anti-spyware is a type of software that is designed to detect and remove unwanted spyware

programs.

⟶Anti-spyware software can be used to find and remove spyware that has already been installed on

the user's computer.

⟶OR it can act much like an anti-virus program by providing real-time protection and preventing

spyware from being downloaded in the first place.

⟶Examples :

Spyware Blaster

Spy Sweeper

FIREWALL

➺A firewall is a system designed to prevent unauthorized access to or from a private network.

➺A firewall can be implement either through hardware or software form, or a combination of both.

➺Firewalls prevent unauthorized Internet users from accessing private networks connected to the

Internet, especially intranets.

➺All messages entering or leaving the intranet (i.e., the local network to which you are connected)

must pass through the firewall, which examines each message and blocks those that do not meet

the specified rules/security criteria.

➺Rules will decide who can connect to the internet, what kind of connections can be made, which or

what kind of files can be transmitted in out.

PHYSICAL ACCESS CONTROL

➺Lock your laptop whether you're at home, in a dorm, in an office, or sitting in a coffee shop, use a security device, such as a laptop security cable.

➺Lock doors and windows, usually adequate to protect the equipment.

➺Put the access code at the door to enter the computer room or your office.

➺Put the CCTV (closed-circuit television) in your office or computer room.

➺Make a policies who can access the computer room or your data center.

Thursday 8 March 2018

COMPUTER SECURITY RISK

COMPUTER SECURITY RISK

→ Definition of computer security risk:

Any event or action that could cause a loss of or damage to computer hardware, software, data, information or processing capability

→ Other intruders indicate some evidence of their presence either by leaving a message or by deliberately altering or damaging data.

→Any illegal act involving a computer generally is referred to as a computer crime.

→Cybercrime refers to online or Internet-based illegal acts.

→Software used by cybercriminals sometimes is called crimeware.

→Perpetrators of cybercrime and other intrusions fall into seven basic categories:

Hacker, refers to someone who accesses a computer or network illegally. Some hackers claim the intent of their security breaches is to improve security.

Cracker also is someone who accesses a computer or network illegally but has the intent of. destroying data, stealing information, or other malicious action

Script kiddie has the same intent as a cracker but does not have the technical skills and knowledge. Often use prewritten hacking and cracking programs to break into computers.

Corporate spies have excellent computer and networking skills.

hired to break into a specific computer and steal its proprietary data and information.

to help identify security risks in their own

Unethical employees may break into their employers’ computers for a variety of reasons:

want to exploit a security weakness,

seek financial gains from selling confidential information

disgruntled employees may want revenge.

Cyber extortionist is someone who uses e-mail as a medium for extortion.

They will send an organization a threatening e-mail message indicating they will expose confidential information if they are not paid a sum of money.

Cyberterrorist is someone who uses the Internet or network to destroy or damage computers for political reasons. They might targets:

the nation’s air traffic control system,

electricity-generating companies,

a telecommunications infrastructure.

MALICIOUS CODE

→Malicious code is code causing damage to a computer or system. It is code not easily or solely controlled through the use of anti-virus tools.

→Malicious code can either activate itself or be like a virus requiring user to perform an action, such as clicking on something or opening an email attachment.

💀COMPUTER VIRUS💀

Definition : A computer virus is a potentially damaging computer program that affects or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission.

A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels

It may damage files and system software, including the operating system.
Almost all viruses are attached to an executable file.

The virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program.

A computer virus by sharing infecting files or sending emails with viruses as attachments in the email.

Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt.

Examples: Melissa, Tequila, Cascade, Invader

💀WORM💀

⇒ A worm is a program that copies itself repeatedly.

⇒ For example in memory or on a network, using up resources and possibly shutting down the computer or network.

⇒ Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action.

⇒A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided.

⇒The biggest danger with a worm is its capability to replicate itself on your system.

⇒It will causing Web servers, network servers and individual computers to stop responding.

⇒Examples: Jerusalem, Sobig, Nimda, Morris Worm

💀TROJAN HORSE💀

⇢A program that hides within or looks like a legitimate program. It does not replicate itself to other computers.

⇢At first glance will appear to be useful software but will actually do damage once installed or run on your computer.

⇢Examples: It can change your desktop, adding silly active desktop icons or they can cause serious damage by deleting files and destroying information on your system.

⇢Examples: Netbus, Back Orifice, Subseven, Beast

UNAUTHORIZED ACCESS AND USE

➤Unauthorized access - the use of computer or network without permission
Unauthorized use - the use of computer or its data for unapproved or possibly illegal activities.

➤To help prevent unauthorized access and use, they should have a written acceptable use policy (AUP) that outlines the computer activities for which the computer and network may and may not be used.

➤An access control is a security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer.

➤Three methods of identification and authentication include user names and passwords, possessed objects, and bio metric devices.

➤A user name or user ID (identification), is a unique combination of characters, such as letters of the alphabet or numbers, that identifies one specific user.

➤A password is a private combination of characters associated with the user name that allows access to certain computer resources.

HARDWARE THEFT

➦Hardware theft is the act of stealing computer equipment.

➦Hardware vandalism is the act of defacing or destroying computer equipment.

➦Companies, schools, and other organizations that house many computers, however, are at risk of hardware theft.

➦Safeguards against Hardware Theft and Vandalism:

-physical access controls, such as locked doors and windows
-install alarm systems in their buildings
-physical security devices such as cables that lock the equipment to a desk.

SOFTWARE THEFT

⏩Software theft occurs when someone:
- Steals software media
- Intentionally erases programs
- Illegally copies a program
- Illegally registers and/or activates a program.

⏩Steals software media involves a perpetrator physically stealing the media that contain the software or the hardware that contains the media.

⏩Intentionally erases programs can occur when a programmer is terminated from, or stops working for a company.

⏩Although the programs are company property, some dishonest programmers intentionally remove or disable the programs they have written from company computers.

⏩To protect software media from being stolen, owners should keep original software boxes and media in a secure location, out of sight of prying eyes.

⏩All computer users should back up their files and disks regularly.

⏩To protect themselves from software piracy, software manufacturers issue users license agreements.

INFORMATION THEFT

⟶Information theft occurs when someone steals personal or confidential information.

⟶If stolen, the loss of information can cause as much damage as (if not more than) hardware or software theft.

Safeguards against Information Theft

⟶Protecting information on computers located on an organization’s premises.

⟶To protect information on the internet and networks, organizations and individuals use a variety of encryption techniques.

⟶Encryption is a process of converting readable data into unreadable characters to prevent unauthorized access.

SYSTEM FAILURE

➺A system failure is the prolonged malfunction of a computer

➺Can cause loss of hardware, software, data, or information.

➺These include aging hardware; natural disasters such as fires, floods, or hurricanes; random events such as electrical power problems; and even errors in computer programs.

Safeguards against System failure

➺To protect against electrical power variations, use a surge protector.

➺A surge protector, also called a surge suppressor, uses special electrical components to smooth out minor noise, provide a stable current flow, and keep an overvoltage from reaching the computer and other electronic equipment.

AREAS OF COMPUTER ETHICS

AREAS OF COMPUTER ETHICS

→ The moral guidelines that govern the use of computers, mobile devices and information systems.

→ There have 5 computer ethics such as

= information accuracy

= green computing

= codes of conduct

= intelectual property

= information privacy

INFORMATION ACCURACY

⇁One of the concern because many users access information maintained by other people or companies, such as on the Internet.

⇁Do not assume all the information on the Web is correct.

⇁Users should evaluate the value of a Web page before relying on its content.

⇁Be aware that the organization providing access to the information may not be the creator of the information.

GREEN COMPUTING

⇁ Green computing is the environmentally responsible and eco-friendly use of computers and their resources. In broader terms, it is also defined as the study of designing, manufacturing/engineering, using and disposing of computing devices in a way that reduces their environmental impact.

⇁Involves reducing the electricity and environmental waste while using a computer.

⇁Society has become aware of this waste and is taking measures to combat it.

⇁Some of the actions that has been taken:

∴ Using energy- efficient devices that require little power when they are not in use.

∴ Buy computers with low power consumption processors and power supplies.

∴ When possible, use outside air to cool the data center.

⇁Average computer users can employ the following general tactics to make their computing usage more green:

∴Use the hibernate or sleep mode when away from a computer for extended periods.

∴ Use flat-screen or LCD monitors, instead of conventional cathode ray tube (CRT) monitors.

∴ Buy energy efficient notebook computers, instead of desktop computers.

∴ Activate the power management features for controlling energy consumption.

∴Turn off computers at the end of each day.

∴Refill printer cartridges, rather than buying new ones.

CODES OF CONDUCT

⇁Written guideline that helps determine whether a specific action is ethical/unethical or allowed/not allowed.

1. computer may not use to harm the computer.

2. computer may not be uyse to steal mothers information

3. employees may not copy or use software illegaly

4. employees may not interfere with other's computer file

INFORMATION PRIVACY

⇁The right of individuals and companies to deny or restrict the collection, use, and dissemination of information about them.

⇁The privacy of personal information and usually relates to personal data stored on computer systems.

⇁The need to maintain information privacy is applicable to collected personal information such as medical records, financial data, criminal records, political records, business related information or website data.

⇁Information privacy is also known as data privacy.

⇁Web sites often collect data about you, so that they can customize advertisements and send you personalized e-mail messages.

⇁Some employers monitor your computer usage and e-mail messages.

INTELLECTUAL PROPERTY

⇁Unique and original works such as ideas, inventions, literary and artistic works, processes, names and logos.

⇁Or, refers to creations of the mind: inventions, literary and artistic works, and symbols, names, images, and designs used in commerce.

⇁Intellectual property rights are the rights to which creators are entitled for their work.

⇁Importance of intellectual property:

- To protect any original work that created by an individual or person

- Preserve the features and processes that makes thimg work.

⇁There have 3 types which is :

- patent

- trademark

- copyright

PATENT

⇒ A patent is a set of exclusive rights granted by a government to an inventor or applicant for a limited amount of time (normally 20 years from the filing date).

⇒It is a legal document defining ownership of a particular area of new technology.

⇒Invention - a product or a process that provides a new way of doing something, or offers a new technical solution to a problem.

⇒The right granted by a patent excludes all others from making, using, or selling an invention or products made by an invented process.

TRADEMARK

⇒Trademark is a word, phrase, symbol, design, combination of letters or numbers, or other device that identifies and distinguishes products and services in the marketplace.

⇒Or a distinctive sign which identifies certain goods or services.

⇒Or can be any distinctive name or logo.

⇒Examples of well-known Trademarks are:
Coca-Cola
Samsung
The Apple logo
The Nike “swoosh”.

COPYRIGHT

⇒Protection provided to the authors of “original works” and includes such things as literary, dramatic, musical, artistic, and certain other intellectual creations, both published and unpublished.

⇒Copyright is an exclusive right and gives its creator, or owner :

To reproduce the copyrighted work

To prepare derivative works

To distribute and sell any copies of the copyrighted work

To perform or display the copyrighted work publicly

NETIQUETTES

NETIQUETTES

Netiquette, or net etiquette, refers to etiquette on the Internet.
Is the code of acceptable behaviours users should follow while on the Internet or online or cyberspace.
It is the conduct expected of individuals while online.
Rules for all aspects of the:

= World Wide Web

= E-mail

= Instant Messaging

= Chat rooms

= Newsgroups & message board.

Electronic communication lacks the facial expression, gestures and tone of voice to convey your meaning. It’s easy to misinterpret meaning of words.

Remember, when you communicate through cyberspace your words are written.

Chances are they're stored somewhere and they can come back and haunt you.

Any message you send could be saved or forwarded by its recipient. You have no control over where it goes.

# Be polite and avoid offensive language

# Don't use all in capital letters because it shown you like shouting to others

# Do not send spam

# Use emoticons to express your emotions.

TYPES OF WEBSITE

TYPE OF WEBSITES

😎 A WEBSITE THAT OFFERS VARIETY OF INTERNET SERVICES.
😎 Have online communities :
⇻a web site that joins a specific group of people with similar interests or
relationship.
😎 Most portals offers these free services:
⇻ Search engine
⇻ News
⇻Sports and weather
⇻Web publishing

➦Contains content that promotes or sells products or services.
➦Many of these enterprises also allow you to purchase their products or services online.
➦Examples: Pearl Haya Gallery, Anakku brand, Walt Disney Company and Kraft Brands .

➼An informal website consisting of time-stamped articles, or posts in a diary or journal format.
➼A blog is basically a journal that is available on the web.
➼The activity of updating a blog is “blogging” and someone who keeps a blog is a “blogger.”‘

➼Types of blog :-

Microblogs = allows user to publish short messages in about 100 characters.

= example, TWITTER

Vlog = a blog contain vide clip

➦A collaborative website that allows users to create, add to,modify or delete the web site content via their web browser.
➦The difference between a wiki and blog is that users cannot modify original posts made by the blogger.
➦Visitors can also create new content and change the organization of existing content.
➦The simplest wiki programs allow editing of text and hyperlinks only.
➦More advanced wikis make it possible to add or change images, tables, and certain interactive components such as games.

ONLINE SOCIAL NETWORK

💀Encourages members in its online community to share their interests, ideas, stories, photos, music and videos with other registered user.
💀Examples: Facebook, MySpace
💀A media sharing web site
- a specific type of online social network that enables members to share media such as photos, music and videos.

Thursday 1 March 2018

INTERNET SERVICES

INTERNET SERVICES

There have 6 types of internet services:

- world wide web (www)
- e-mail
- instant messaging
- message board
- VoIP
- FTP

world wide web (www)

•The World Wide Web (WWW), or Web, consists of a worldwide collection of electronic documents.

•Each electronic document on the Web is called a Web page which can contain text,

graphics, animation, audio, and video.

•Some web pages are static (fixed); others are dynamic (changing).

•Visitors to a static web page see all the same content.

•Visitors to a dynamic web page, can customize some or all of the viewed content such as

desired stock quotes, weather for a region or ticket availability for flights.

E-MAIL

•The transmission of messages and files via a computer network

•An e-mail address is a unique name that consists of a user name and domain name that identifies the user.

•Basic form of an email address is:

• username@hostname.subdomain.domain

Example: amir@gmail.com

•A user name is a unique combination of characters, such as letters of the alphabet and/or numbers, that identifies a specific user.

•User name must be different from the other user names in the same domain.

INSTANT MESSAGING

👉A real-time Internet communications service that notifies you when one or more people are online and allows you to exchange messages or files or join a private chat room with them.

👉Real time means that you and the people with whom you are conversing are online at the same time.

VOICE OVER INTERNET PROTOCOL (VOIP)

👉Voice over Internet Protocol, a technology for making telephone calls over the Internet in which speech sounds are converted into binary data.

👉To place an Internet telephone call, you need:

👉 high-speed Internet connection (such as DSL or Cable Modem),

-Internet telephone service,

- microphone or telephone

-internet telephone software or VoIP router.

👉VoIP services are also available on some mobile services that have wireless Internet service.

MESSAGE BOARD

→Type of discussion group.

→Many web sites use message boards because they are easier to use.

→Also known as discussion group, discussion forum and online forum.

→A general term for any online "bulletin board" where you can leave and expect to see responses to messages you have left.

→A popular Web-based type of discussion group that does not require a newsreader

FILE TRANSFER PROTOCOL

→ Is an Internet standard that permits file uploading and downloading with other
computers on the Internet.
→ A standard for the exchange of program and data files across a network.
→ Uploading is the process of transferring documents, graphics and other objects from your
computer to a server on the internet.

→ FTP is one method, users have to transfer webpages files from their local machine to the server.

→ An FTP server is a computer that allows users to upload and/or download file using FTP.

→FileZilla is an FTP program for file uploading and downloading to and from your FTP site,

server or host.