© Paradigm Publishing, Inc. 8-1 Chapter 8 Security Issues and Strategies Chapter 8 Security Issues and Strategies.

Slides:



Advertisements
Similar presentations
By: Jack, Anna, Cassidy and Patrick October 7, 2008.
Advertisements

Thank you to IT Training at Indiana University Computer Malware.
COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 MIS 2000 Class 22 System Security Update: Winter 2015.
Crime and Security in the Networked Economy Part 4.
1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Chapter 9: Privacy, Crime, and Security
Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy
Security, Privacy, and Ethics Online Computer Crimes.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Viruses & Destructive Programs
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
Business computer application University of Palestine College of Business Instructor: Mr. Ahmed Abumosameh.
Data Security GCSE ICT.
Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.
1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.
Protecting ICT Systems
Chapter 11 Security and Privacy: Computers and the Internet.
Defining Security Issues
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Chapter 13 Security Strategies and Systems. Security Issues The Internet has opened up many new frontiers for everyone, including con artists and computer.
© Paradigm Publishing Inc. 8-1 Chapter 8 Security Issues and Strategies.
© Paradigm Publishing Inc. 8-1 Chapter 8 Security Issues and Strategies.
Business computer application University of Palestine College of Business Instructor: Mr. Ahmed Abumosameh.
1 I.Assets and Treats Information System Assets That Must Be Protected People People Hardware Hardware Software Software Operating systems Operating systems.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Safe Computing. Computer Maintenance  Back up, Back up, Back up  External Hard Drive  CDs or DVDs  Disk Defragmenter  Reallocates files so they use.
Your Interactive Guide to the Digital World Discovering Computers 2012.
BUSINESS B1 Information Security.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
C8- Securing Information Systems
Computer Concepts – Illustrated 8th edition
Computer Threats Cybercrimes are criminal acts conducted through the use of computers by cybercriminals. © 2009 Prentice-Hall, Inc. 1.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
Madison Security Systems. Computer Viruses Types of Viruses  Nuisance Viruses  Data-Destructive Viruses  Espionage Viruses  Hardware-Destructive.
Northland Security Systems. Computer Viruses Types of Viruses  Nuisance viruses  Data-destructive viruses  Espionage viruses  Hardware-destructive.
Caring for Technology Malware. Malware In this Topic we examine: v Viruses (or Malware) v Virus Detection Techniques v When a Virus is Detected v Updating.
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
Chapter 8 Computers and Society, Security, Privacy, and Ethics
Types of Electronic Infection
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.
Security Issues and Strategies Chapter 8 – Computers: Understanding Technology (Third edition)
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Topic 5: Basic Security.
Chap1: Is there a Security Problem in Computing?.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
VIRUS.
Computer Skills and Applications Computer Security.
W elcome to our Presentation. Presentation Topic Virus.
Security and Ethics Safeguards and Codes of Conduct.
Any criminal action perpetrated primarily through the use of a computer.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Computers Are Your Future Eleventh Edition Chapter 9: Privacy, Crime, and Security Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
1 Computer Security and Privacy. 2 Terms Computer security risk Computer crime Cybercrime Hacker Cracker Script kiddie Corporate spy Unethical employee.
SAMET KARTAL No one wants to share own information with unknown person. Sometimes while sharing something with someone people wants to keep.
Unit 1 Understanding computer systems: How legal, ethical, safety and security issues affect how computers should be used OCR Cambridge Nationals in ICT.
Security Issues in Information Technology
UNIT 19 Data Security 2.
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Computer Security, Ethics and Privacy
Computer Security, Ethics and Privacy
Presentation transcript:

© Paradigm Publishing, Inc. 8-1 Chapter 8 Security Issues and Strategies Chapter 8 Security Issues and Strategies

© Paradigm Publishing, Inc. 8-2 Presentation Overview Risk Assessment Network and Internet Security Risks Computer Viruses Hardware and Software Security Risks Security Strategies for Protecting Computer Systems and DataSecurity Strategies for Protecting Computer Systems and Data

© Paradigm Publishing, Inc. 8-3 Risk Assessment Why is risk assessment important when defining security strategies? –In order to protect their systems adequately, organizations need to assess the level of security risk that they face. –The two factors that determine the level of security risk are Threat – the severity of a security breach Vulnerability – the likelihood of a security breach

© Paradigm Publishing, Inc. 8-4 Risk Assessment The higher the level of vulnerability and threat, the higher the level of risk.

© Paradigm Publishing, Inc. 8-5 Risk Assessment Companies today face security problems in three broad areas: –Network and Internet security risks –Computer viruses –Hardware and software security risks

© Paradigm Publishing, Inc. 8-6 Network and Internet Security Risks What are the security risks on networks and the Internet? –Unauthorized access –Denial of service attacks –Information theft

© Paradigm Publishing, Inc. 8-7 Network and Internet Security Risks Unauthorized Access –A hacker is a computer expert that seeks programming, security, and system challenges. –A cracker is a hacker with malicious or criminal intent. –A cyberwar occurs when a group of hackers attacks a site in a competing country when news events between two potential foes cause a flare-up of tensions.

© Paradigm Publishing, Inc. 8-8 Network and Internet Security Risks Annual Percentage of Unauthorized Access to Computers

© Paradigm Publishing, Inc. 8-9 Network and Internet Security Risks Unauthorized Access –User IDs and passwords – hackers gain entry by finding a working user ID and password –System backdoor – a test user ID and password that provides the highest level of authorization

© Paradigm Publishing, Inc Network and Internet Security Risks Unauthorized Access –Spoofing –fooling another computer by pretending to send packets from a legitimate source –Online predator – an individual who uses the Internet to talk young people into meeting or exchanging photos with him or her

© Paradigm Publishing, Inc Network and Internet Security Risks In a denial of service (DoS) attack, one or more hackers run multiple copies of a program that asks for the same information from a Web site over and over again, flooding the system and essentially shutting it down.

© Paradigm Publishing, Inc Network and Internet Security Risks Information Theft –Stealing corporate information is easy to do and difficult to detect. –The limited security of wireless devices has made it even easier. Wired Equivalent Privacy (WEP) is a security protocol that makes it more difficult for hackers to intercept wireless data transmissions. –Data browsing is when workers invade the privacy of others by viewing private data.

© Paradigm Publishing, Inc Computer Viruses A computer virus is a program, written by a hacker or cracker, that is designed to perform some kind of trick upon an unsuspecting victim. A worm doesn’t wait for a user to execute an attachment or open a file with a macro; instead, it actively attempts to move and copy itself.

© Paradigm Publishing, Inc Computer Viruses Viruses are often transmitted over the Internet and through shared devices such as flash drives.

© Paradigm Publishing, Inc Computer Viruses Virus Symptoms

© Paradigm Publishing, Inc Computer Viruses Impact of Viruses –A nuisance virus usually does no real damage, but is rather just an inconvenience. –An espionage virus does not inflict immediate damage, but it allows the hacker or cracker to enter the system later to steal data or spy. –A data-destructive virus is designed to erase or corrupt files so that they are unreadable.

© Paradigm Publishing, Inc Computer Viruses Methods of Virus Operation –A macro virus is written specifically for one program, such as Microsoft Word. If the user activates macros, infecting the program, every file created or edited using that program will become infected too. –A variant virus is programmed to change itself to fool programs meant to stop it. –A stealth virus tries to hide from software designed to find and destroy it.

© Paradigm Publishing, Inc Computer Viruses Methods of Virus Operation –A boot sector virus is designed to alter the boot sector of a disk (which contains a variety of information) so that whenever the operating system reads the boot sector, the computer will become infected. –A Trojan horse virus hides inside another legitimate program or data file.

© Paradigm Publishing, Inc Computer Viruses Methods of Virus Operation –A multipartite virus utilizes several forms of attack. –A logic bomb virus sits quietly dormant, waiting for a specific event or set of conditions to occur before it infects the computer.

© Paradigm Publishing, Inc Hardware and Software Security Risks Systems Failure A power spike is a sudden rise or fall in the power level that can cause poor performance or permanently damage hardware. A surge protector can guard against power spikes. An uninterruptible power supply (UPS) is a more vigorous power protection system which provides a battery backup and can keep computers running during a blackout.

© Paradigm Publishing, Inc Hardware and Software Security Risks Employee Theft –Businesses lose millions of dollars a year in stolen computer hardware and software. –The costs involved include The cost of the stolen software and hardware The cost of replacing lost data The cost of the time lost while the machines are gone The cost of installing new machines and training people to use them

© Paradigm Publishing, Inc Hardware and Software Security Risks Cracking Software for Copying –A crack is a method of circumventing a security scheme that prevents a user from copying a program. For example, copying a CD with a burner –Some companies are trying to make duplication difficult by scrambling some of the data on their original CDs.

© Paradigm Publishing, Inc Security Strategies for Protecting Computer Systems and Data Components of Physical Security –The location of devices –The use of locking equipment

© Paradigm Publishing, Inc Security Strategies for Protecting Computer Systems and Data Firewalls –A firewall will generally allow normal Web browser operations but will prevent many other types of communication. –The firewall checks incoming data against a list of known, trusted sources. If a packet does not fit the profile of anything on the firewall’s list, it is rejected.

© Paradigm Publishing, Inc Security Strategies for Protecting Computer Systems and Data Network Sniffers –A network sniffer is a software package that displays network traffic data. –It shows which resources employees are using and the Web sites they are visiting. –It can be used to monitor, prevent unauthorized activity, or troubleshoot network connections and improve system performance.

© Paradigm Publishing, Inc Security Strategies for Protecting Computer Systems and Data Antivirus Software –Antivirus software detects and deletes known viruses. –The Internet helps antivirus software to update itself. There are 10 to 20 new viruses reported daily. Antivirus programs must be upgraded constantly.

© Paradigm Publishing, Inc Security Strategies for Protecting Computer Systems and Data Data Backups –Data should always be backed up and placed in a safe spot. –A rotating backup involves many copies of data which are updated on a set schedule. This is a time-saving method of backup. If the database is lost or corrupted, many copies exist, some of which may predate the problem.

© Paradigm Publishing, Inc Security Strategies for Protecting Computer Systems and Data Disaster Recovery Plan –A disaster recovery plan is a safety system that allows a company to restore its systems after a complete loss of data. –A typical disaster recovery plan includes Data backup procedures Remotely located backup copies Redundant systems A mirrored hard drive is one that contains exactly the same data as the original.

© Paradigm Publishing, Inc Security Strategies for Protecting Computer Systems and Data Authentication –Authentication is proof that a user is who he says he is, and that he is authorized to access an account. –Common forms of authentication include Personal identification numbers User IDs and passwords Smart cards Biometrics

© Paradigm Publishing, Inc Security Strategies for Protecting Computer Systems and Data Data Encryption –Encryption scrambles information so that it is unreadable. This unreadable text is called ciphertext. –Data encryption schemes include an encryption key that is shared between the two computers that wish to communicate.

© Paradigm Publishing, Inc Security Strategies for Protecting Computer Systems and Data Monitoring and Auditing –Employers can monitor their employees at work in a number of ways. Keyboard loggers store keystrokes on hard drive. Internet traffic trackers record the Web sites that employees visit for later auditing. –Auditing involves a review of monitoring data and systems logins to look for unauthorized access or suspicious behavior.

© Paradigm Publishing, Inc On the Horizon Based on the information presented in this chapter and your own experience, what do you think is on the horizon?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.