Chapter 11: Computer Crime and Information Security - PowerPoint PPT Presentation

About This Presentation

Title:

Chapter 11: Computer Crime and Information Security

Description:

Chapter 11: Computer Crime and Information Security Succeeding with Technology: Second Edition Objectives Describe the types of information that must be kept secure ... – PowerPoint PPT presentation

Number of Views:839

Avg rating:3.0/5.0

Slides: 51

Provided by: doctordDy

Learn more at: http://doctord.dyndns.org

Category:

more less

Transcript and Presenter's Notes

Title: Chapter 11: Computer Crime and Information Security

1
Chapter 11 Computer Crime and Information
Security

Succeeding with Technology Second Edition

2
Objectives

Describe the types of information that must be
kept secure and the types of threats against them
Describe five methods of keeping a PC safe and
secure
Discuss the threats and defenses unique to
multiuser networks

3
Objectives (continued)

Discuss the threats and defenses unique to
wireless networks
Describe the threats posed by hackers, viruses,
spyware, frauds, and scams, and the methods of
defending against them

4
Information Security and Vulnerability What is
at Stake?

Identity theft
The criminal act of using stolen information
about a person to assume that persons identity
Intellectual property
Product of the mind or intellect over which the
owner holds legal entitlement
Intellectual property rights
Ownership and use of intellectual property such
as software, music, movies, data, and information

5
(No Transcript)
6
(No Transcript)
7
(No Transcript)
8
What is at Stake? (continued)

Security threats to businesses
Virus
Insider abuse of Internet access
Laptop theft
Unauthorized access by insiders
Denial-of-service attacks
System penetration
Theft of proprietary information
Sabotage

9
What is at Stake? (continued)

Business intelligence
Process of gathering and analyzing information in
the pursuit of business advantage
Competitive intelligence
Form of business intelligence concerned with
information about competitors
Counterintelligence
Concerned with protecting your own information
from access by your competitors

10
(No Transcript)
11
Threats to Information Security

Security vulnerabilities or security holes
Software bugs that allow violations of
information security
Software patches
Corrections to software bugs that cause security
holes
Piracy
The illegal copying, use, and distribution of
digital intellectual property
Plagiarism
Taking credit for someone elses intellectual
property

12
(No Transcript)
13
(No Transcript)
14
Threats to Information Security (continued)

Hackers, crackers, intruders, and attackers
Black-hat hacker
White-hat hacker
Gray-hat hacker
Script kiddie

15
(No Transcript)
16
Machine Level Security

Common forms of authentication
Something you know
Password or personal identification number (PIN)
Something you have
ID cards, smartcards, badges, keys,
Something about you
Unique physical characteristics such as
fingerprints

17
(No Transcript)
18
Passwords

Username
Identifies a user to the computer system
Password
A combination of characters known only to the
user that is used for authentication
Strongest passwords
Minimum of eight characters in length
Do not include any known words or names

19
(No Transcript)
20
(No Transcript)
21
ID Devices and Biometrics

Biometrics
The science and technology of authentication by
scanning and measuring a persons unique physical
features
Facial pattern recognition
Uses mathematical technique to measure the
distances between 128 points on the face
Retinal scanning
Analyzes the pattern of blood vessels at the back
of the eye

22
(No Transcript)
23
Encrypting Stored Data

Encryption
Uses high-level mathematical functions and
computer algorithms to encode data
Files
Can be encrypted on the fly as they are being
saved, and decrypted as they are opened
Encryption and decryption
Tend to slow down computer slightly when opening
and saving files

24
Backing Up Data and Systems

Backup software typically provides the following
options
Select the files and folders you wish to back up.
Choose the location to store the archive file.
Choose whether to back up all files (a full
backup), or
Just those that have changed since the last
backup (an incremental backup)

25
(No Transcript)
26
System Maintenance

Computer housecleaning
Organizing the data files and software on your
computer
Housecleaning activities can include
Deleting unneeded data files
Organizing the remaining data files logically
into folders and subfolders
Emptying the recycle bin (Windows) or trash can
(Mac)
Deleting unneeded saved e-mail messages

27
Network Security - Multiuser System
Considerations

Multiuser system
Computer system where multiple users share access
to resources such as file systems
User permissions
The access privileges afforded to each network
user
File ownership
Files and Folders on the system must carry
information that identifies their creator

28
(No Transcript)
29
(No Transcript)
30
Interior Threats

Threats from within a private network
Problems that occur on networks
Stem from allowing network users to introduce
software and data files from outside the network
Many instances of identity theft
Occur with the assistance of insiders with
corporate network access

31
Security and Usage Policies

Security and network usage policy
Document, agreement, or contract that
Defines acceptable and unacceptable uses of
computer and network resources
Typically warn against using the network for
illegal activities
Employers
Not legally responsible for notifying employees
of network usage policies

32
(No Transcript)
33
Wireless Network Security

Wireless networks
Provide wonderful convenience
Have security risks
Wi-Fi networks
The most popular wireless protocol
Are popping up in offices, homes, on city
streets, in airports, coffee shops, even in
McDonalds

34
(No Transcript)
35
Threats to Wireless Networks

Access point
Sends and receives signals to and from computers
on the wireless local area network or WLAN
By default, are set to broadcast their presence
War driving
Driving through neighborhoods with a wireless
notebook or handheld computer looking for
unsecured Wi-Fi networks

36
(No Transcript)
37
Securing a Wireless Network

Options within the configuration software
Allow you to disable the access points
broadcasting of the network ID, the SSID
Change password used to connect to access point
Access point can be set to only allow certain
computers to connect
Popular wireless encryption protocols
Wired Equivalent Privacy (WEP)
Wi-Fi Protected Access (WPA)

38
Internet Security

When a computer is connected to the Internet
It becomes a target to millions of various attack
Computers IP address
Registered and known to others
Attacks against Internet-connected computers
Can come in the form of direct attacks or
Through viruses, worms, or spyware

39
(No Transcript)
40
Hackers on the Internet

Methods of Attack
Key-logging
packet-sniffing
Port-scanning
Social engineering
Dumpster diving

41
(No Transcript)
42
Viruses and Worms

Virus
Program that attaches itself to a file
Spreads to other files, and delivers a
destructive action called a payload
Trojan horses
Appear to be harmless programs
When they run, install programs on the computer
that can be harmful
Worm
Acts as a free agent, replicating itself numerous
times in an effort to overwhelm systems

43
(No Transcript)
44
Spyware, Adware, and Zombies

Spyware
Software installed on a computer without users
knowledge
Zombie computer
Carries out actions (often malicious) under the
remote control of a hacker
Antispyware
Software that searches a computer for spyware and
other software that may violate a users privacy

45
(No Transcript)
46
Scams, Spam, Fraud, and Hoaxes