Presentation is loading. Please wait.

Presentation is loading. Please wait.

Understanding the Need for Security Measures

Published byBridget Cummings Modified over 6 years ago

Similar presentations

Presentation on theme: "Understanding the Need for Security Measures"— Presentation transcript:

1 Understanding the Need for Security Measures
Chapter 06 Understanding the Need for Security Measures

2 Basic Security Concepts
Threats Anything that can harm a computer Vulnerabilities are weaknesses in security Security attempts to neutralize threats

3 Basic Security Concepts
Degrees of harm Level of potential damage Include all parts of system Potential data loss Loss of privacy Inability to use hardware Inability to use software

4 Basic Security Concepts
Countermeasures Steps taken to block a threat Protect the data from theft Protect the system from theft Teaching tip It is important to note that no countermeasure is 100% effective all of the time. For proof, discuss an instance of a locked car being stolen. A truly dedicated attacker will eventually break through any security.

5 Threats To Users Identity Theft Impersonation by private information
Thief can ‘become’ the victim Reported incidents rising Methods of stealing information Shoulder surfing Snagging Dumpster diving Social engineering High-tech methods Teaching tip The move Hackers includes scenes demonstrating most of these crimes in action.

6 Threats To Users Loss of privacy
Personal information is stored electronically Purchases are stored in a database Data is sold to other companies Public records on the Internet Internet use is monitored and logged None of these techniques are illegal

7 Threats to Users Cookies Files delivered from a web site
Originally improved a site’s function Cookies now track history and passwords Browsers include cookie blocking tools Teaching tip Cookies are named after the ‘magic cookie’.

8 Threats to Users Spyware Software downloaded to a computer
Designed to record personal information Typically undesired software Hides from users Several programs exist to eliminate

9 Threats to Users Web bugs Small programs embedded in gif images
Gets around cookie blocking tools Companies use to track usage Blocked with spyware killers Teaching tip More information regarding web bugs can be found at en.wikipedia.org/wiki/Web_bug.

10 Threats to Users Spam Unsolicited commercial email
Networks and PCs need a spam blocker Stop spam before reaching the inbox Spammers acquire addresses using many methods CAN-SPAM Act passed in 2003 Teaching tip Spam is rumored to be named in honor of the Monty Python skit, Spam!. In the skit, a customer is forced to select spam in his lunch. Much like we are forced to accept a spam message. Visit for the entire spam skit. Discussion point Spam is one topic that nearly everyone in the class can relate to. Have your students think about spam from the other side. Have them consider the point of view of the self proclaimed ‘Spam King’, Scott Richter. For some conversation fodder visit

11 Threats to Hardware Affect the operation or reliability
Power-related threats Power fluctuations Power spikes or browns out Power loss Countermeasures Surge suppressors Line conditioners Uninterruptible power supplies Generators Teaching tip Visit for information regarding UPS solutions. Larger installations use generators to protect networks. Hospitals, grocery stores and insurance companies may all use generators. Quite often the power solution is a combination of battery and generator. The batteries run long enough for the generators to start and stabilize. Then the batteries stop and the generators provide power to the facility.

12 Threats to Hardware Theft and vandalism
Thieves steal the entire computer Accidental or intentional damage Countermeasures Keep the PC in a secure area Lock the computer to a desk Do not eat near the computer Watch equipment Chase away loiterers Handle equipment with care

13 Threats to Hardware Natural disasters Disasters differ by location
Typically result in total loss Disaster planning Plan for recovery List potential disasters Plan for all eventualities Practice all plans Discussion point In 2004 Hurricane Ivan caused massive damage to Florida and several other states. Network administrations in Florida are used to planning for hurricanes. However, computers in Southeastern Pennsylvania suffered massive loss of data due to Ivan. How culpable are the administrators in PA who did not plan for Ivan?

14 Threats to Data The most serious threat
Data is the reason for computers Data is very difficult to replace Protection is difficult Data is intangible

15 Threats to Data Viruses Software that distributes and installs itself
Ranges from annoying to catastrophic Countermeasures Anti-virus software Popup blockers Do not open unknown Teaching tip For information on specific viruses visit securityresponse.Symantec.com/. Detailed information regarding the protection from viruses, see the Computing keynote at the end of the chapter.

16 Threats to Data Trojan horses
Program that poses as beneficial software User willingly installs the software Countermeasures Anti-virus software Spyware blocker Teaching tip Ad Aware is sold by LavaSoft. The homepage is Spybot is a product of Patrick M. Kolla. The true website is

17 Threats to Data Cybercrime Using a computer in an illegal act
Fraud and theft are common acts

18 Threats to Data Internet fraud Most common cybercrime
Fraudulent website Have names similar to legitimate sites

19 Threats to Data Hacking Using a computer to enter another network
Cost users $1.3 trillion in 2003 Hackers motivation Recreational hacking Financial hackers Grudge hacking Hacking methods Sniffing Social engineering Spoofing

20 Threats to Data Distributed denial of service attack
Attempt to stop a public server Hackers plant the code on computers Code is simultaneously launched Too many requests stops the server

21 Threats to Data Cyber terrorism Attacks made at a nations information
Targets include power plants Threat first realized in 1996 Organizations combat cyber terrorism Computer Emergency Response Team (CERT) Department of Homeland Security Teaching tip CERT’s home page is located at

22 Avoiding Identity Theft
Guard your papers Shred unneeded papers Pick up you mail quickly Check statements immediately Keep records for 3 years

23 Avoiding Identity Theft
Guard your personal information Be wary giving out information Avoid giving account numbers Never give personal information in Ensure online shopping is secure Teaching tip Secure online shopping is covered in chapter 10.

24 Avoiding Identity Theft
Look at the big picture Review your credit report yearly Develop an efficient filing system Know your liability limits Teaching tip The Federal Fair Dept Collections Practices Act allow residents one free credit report a year. Several sites offer pay access to a credit report. Visit for a sample report. Visit for a free report.

25 Protecting Your Privacy
Keep marketers at bay Be wary filling out forms Guard your primary address Have a ‘spam account’ for forms

26 Protecting Your Privacy
Know your legal rights 1966 Freedom of Information Act 1970 Fair Credit Reporting Act Privacy Act of 1974 1986 Electronic Communications Act Financial Modernization Act of 1999 2001 USA Patriot Act

27 Managing Cookies and Spyware
Dealing with cookies Browsers provide settings to block cookies No cookies to all cookies allowed Without cookies some sites crash Cookies can be deleted Browsers Spyware programs

28 Managing Cookies and Spyware
Cookie types Session cookies Cookies for the current site Persistent cookies Stored on hard drive until deleted First-party cookies Installed by the current site Third-party cookies Installed by an ad Teaching tip Third party cookies are a primary source for spyware.

29 Deleting Cookies

30 Managing Cookies and Spyware
Removing web bugs and spyware Install a spyware removal program None are 100% effective, use two Install a pop-up blocker Are extremely effective Teaching tip In 2004 PC World ranked Patrick Kolla’s Spybot and LavaSoft’s AdAware as the best spyware programs available. Both are free downloads. Google, Msn and Yahoo all offer excellent free popup blockers. Additionally the new Mozilla browser FireFox includes a popup blocker. Finally, Windows XP Service Pack 2 installs a popup blocker.

31 Managing Cookies and Spyware
Evading spam Contact your ISP Use mail program’s filters Use an anti-spam program Use an online account for purchasing Insider information America Online takes a very aggressive approach about blocking spam. After a certain number of customers mark an as spam, AOL will refuse to accept from that sender. Teaching tip Mozilla products include spam software. For Outlook and Eudora users, download MailWasher from

32 Protection From Malware
Viruses and worms Purchase a good anti-virus product Keep the product updated Keep your OS up to date Teaching tip The Computing Keynote feature at the end of chapter 14B provides a thorough examination of virus removal. PC World routinely picks either Norton AntiVirus or McAfee AntiVirus as best buys. A decent free product is AntiVir personal edition available for download at

33 Protecting Your System
Limit physical access Easiest way to harm or steal data Build an account for each user Require a password for access Software and hardware password Teaching tip Remind students that passwords should be easy to remember but hard to guess.

34 Protecting Your System
Use a firewall Protects from unauthorized remote use Makes your computer invisible Cost between $0 and $80 Teaching tip The built in firewall in XP is not very strong. Many ports remain open. Disable Windows’ Firewall and install a free firewall from Zone Labs instead.

35 Protecting Your System
Backup often Backup is a copy of a file Restore replaces a file on disk Organizations backup at least daily Home users should backup weekly Teaching tip All versions of Windows since 95 have included a good backup utility. Other products include Norton Ghost and EVault InfoStage.

36 System Events OS generates messages for events
Provides clues about computer health Can alert to potential problems Windows includes the Event Viewer Teaching tip Open the event viewer for demonstration in class. A good method to generate an error is to disable the virus software on the system.

37 Event Viewer

38 Handling Storage Media
Store media in the proper container Floppy disks in a hard case CD should be in a sleeve Thumb disks should be closed

39 Handling Storage Media
Avoid magnetism Magnets erase the contents of disks Magnets found in Speakers Televisions and CRT monitors Radios

40 Handling Storage Media
Heat and cold Avoid extreme temperatures Heat expands media Cold contracts media Floppies and CD-ROMs are susceptible Teaching tip Suggest to your students that the CD’s they burn and store in their car are likely to have a short life.

41 Handling Storage Media
Moisture Do not use wet media CDs can be wiped off Floppy disks must dry for days

42 Handling Storage Media
Dust, dirt, and fingerprints Dirty or scratched media will fail Handle media by the edge Clean CDs with gentle strokes

43 Storing Computer Equipment
Never store near large electronics Store in dry, climate controlled rooms Plan for natural disasters Stack equipment safely

44 Keeping Your Computer Clean
Computers should be spotless Avoid eating or smoking at computer Clean the dust from inside the system Change the filters if present

45 End of Chapter

Download ppt "Understanding the Need for Security Measures"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Computer Security 1 Keeping your computer safe. Computer Security 1 Computer Security 1 includes two lessons:  Lesson 1: An overview of computer security.

Computer Security 1 Keeping your computer safe. Computer Security 1 Computer Security 1 includes two lessons:  Lesson 1: An overview of computer security.
Issues Raised by ICT.

Issues Raised by ICT.
Copyright © 2014 Pearson Education, Inc. 1 IS Security is a critical aspect of managing in the digital world Chapter 10 - Securing Information Systems.

Copyright © 2014 Pearson Education, Inc. 1 IS Security is a critical aspect of managing in the digital world Chapter 10 - Securing Information Systems.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Security for Seniors SeniorNet Help Desk 631.629.5426

Security for Seniors SeniorNet Help Desk
Chapter 11 Security and Privacy: Computers and the Internet.

Chapter 11 Security and Privacy: Computers and the Internet.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Data Security.

Data Security.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
PHISHING AND SPAM EMAIL INTRODUCTION There’s a good chance that in the past week you have received at least one email that pretends to be from your bank,

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.

Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.
IT Security for Users By Matthew Moody.

IT Security for Users By Matthew Moody.

Similar presentations

Ads by Google