Lecturer: Mr. Tri Djoko Wahjono, Ir, M.Sc.
By: Veronica Ong (1701317660) of class 01PCT
Task: Chapter Review of Chapter 11 from the Textbook Discovering Computers.
1. What are computer
security risks, and what are the types of cybercrime perpetrators?
A computer security risk is any event or action that could
cause a loss of or damage to computer hardware, software, data, information, or
processing capability. While some breaches to computer security are accidental,
many are intentional. Some intruders do no damage; they merely access data,
information, or programs on the computer before logging off. Other intruders
indicate some evidence of their presence either by leaving a message or by
deliberately altering or damaging data. An intentional breach of computer
security often involves a deliberate act that is against the law. Any illegal
act involving a computer generally is referred to as a computer crime. The term
cybercrime refers to online or Internet-based illegal acts.
Software used by
cybercriminals sometimes is called crimeware. Today, cybercrime is one of the
FBI’s top three priorities. Perpetrators of cybercrime and other intrusions
fall into seven basic categories : hacker, cracker, script kiddie, corporate
spy, unethical employee, cyberextortionist, and cyberterrorist. The term
hacker, although originally a complimentary word for a computer enthusiast, now
has a derogatory meaning and refers to someone who accesses a computer or
network illegally. Some hackers claim the intent of their security breaches is
to improve security. A cracker is also someone who accesses a computer or
network illegally but has the intent of destroying data, stealing information,
or other malicious action. Both hackers and crackers have advanced computer and
network skills. A script kiddie has the same intent as a cracker but does not
have the technical skills and knowledge. Script kiddies often use prewritten
hacking and cracking programs to break into computers. Some corporate spies
have excellent computer and networking skills and are hired to break into a
specific computer and steal its proprietary data and information, or to help
identify security risks in their own organization. Unscrupulous companies hire
corporate spies, a practice known as corporate espionage, to gain a competitive
advantage. Unethical employees may break into their employers’ computers for a
variety of reasons. Some simply want to exploit a security weakness. Others
seek financial gains from selling confidential information. Disgruntled employees
may want revenge. A cyberextortionist is someone who uses e-mail as a vehicle
for extortion. These perpetrators send an organization a threatening e-mail
message indicating they will expose confidential information, exploit a
security flaw, or launch an attack that will compromise the organization’s
network — if they are not paid a sum of money. A cyberterrorist is someone who
uses the Internet or network to destroy or damage computers for political
reasons. The cyberterrorist might target the nation’s air traffic control
system, electricity-generating companies, or a telecommunications
infrastructure. The term, cyberwarfare, describes an attack whose goal ranges
from disabling a government’s computer network to crippling a country.
Cyberterrorism and cyberwarfare usually require a team of highly skilled
individuals, millions of dollars, and several years of planning.
2. What are various
internet and network attacks, and how can users safeguard against these
attacks?
Information transmitted over networks has a higher degree of
security risk than information kept on an organization’s premises. In an
organization, network administrators usually take measures to protect a network
from security risks. On the Internet, where no central administrator is present,
the security risk is greater. To determine if your computer is vulnerable to an
Internet or network attack, you could use an online security service. An online
security service is a Web site that evaluates your computer to check for
Internet and e-mail vulnerabilities. The service then provides recommendations
of how to address the vulnerabilities. Companies and individuals requiring
assistance or information about Internet security breaches can contact or visit
the Web site for the Computer Emergency Response Team Coordination Center, or
CERT/CC, which is a federally funded Internet security research and development
center. Internet and network attacks that jeopardize security include computer
viruses, worms, Trojan horses, and rootkits; botnets; denial of service
attacks; back doors; and spoofing. The following pages address these computer
security risks and suggest measures organizations and individuals can take to
protect their computers while on the Internet or connected to a network. A
computer virus is a potentially damaging computer program that affects, or
infects, a computer negatively by altering the way the computer works without
the user’s knowledge or permission. Once the virus infects the computer, it can
spread throughout and may damage files and system software, including the
operating system. A worm is a program that copies itself repeatedly, for
example in memory or on a network, using up resources and possibly shutting
down the computer or network. A Trojan horse (named after the Greek myth) is a
program that hides within or looks like a legitimate program. A certain
condition or action usually triggers the Trojan horse. Unlike a virus or worm,
a Trojan horse does not replicate itself to other computers. A rootkit is a
program that hides in a computer and allows someone from a remote location to
take full control of the computer. Once the rootkit is installed, the rootkit
author can execute programs, change settings, monitor activity, and access
files on the remote computer. Although rootkits can have legitimate uses, such
as in law enforcement, their use in nefarious and illegal activities is growing
rapidly.
3. What are
techniques to prevent unauthorized computer access and use?
Another type of computer security risk is unauthorized
access and use. Unauthorized access is the use of a computer or network without
permission. Unauthorized use is the use of a computer or its data for
unapproved or possibly illegal activities. Unauthorized use includes a variety
of activities: an employee using an organization’s computer to send personal
e-mail messages, an employee using the organization’s word processing software
to track his or her child’s soccer league scores, or someone gaining access to
a bank computer and performing an unauthorized transfer. For the home user,
most unauthorized use occurs on computers that have always-on Internet
connections, such as through Internet cable or DSL. Organizations take several
measures to help prevent unauthorized access and use. At a minimum, they should
have a written acceptable use policy (AUP) that outlines the computer
activities for which the computer and network may and may not be used. An
organization’s AUP should specify the acceptable use of computers by employees
for personal reasons. Some organizations prohibit such use entirely. Others
allow personal use on the employee’s own time such as a lunch hour. Whatever
the policy, an organization should document and explain it to employees. To
protect your personal computer from unauthorized intrusions, you should disable
file and printer sharing on your Internet connection. This security measure
attempts to ensure that others cannot access your files or your printer. To
open the window shown in Figure 11-10 in Windows 7, click the Start button on
the taskbar, click Control Panel on the Start menu, and then click the ‘Choose
homegroup and sharing options’ link in the Network and Internet area of the
dialog box. Other measures that safeguard against unauthorized access and use
include firewalls and intrusion detection software, which were discussed in the
previous section, and identifying and authenticating users.
4. What are
safeguards against hardware theft and vandalism?
Hardware theft and vandalism are other types of computer
security risks. Hardware theft is the act of stealing computer equipment.
Hardware vandalism is the act of defacing or destroying computer equipment.
Hardware vandalism takes many forms, from someone cutting a computer cable to
individuals breaking into a business or school computer lab and aimlessly
smashing computers. To help reduce the chances of theft, companies and schools
use a variety of security measures. Physical access controls, such as locked
doors and windows, usually are adequate to protect the equipment. Many
businesses, schools, and some homeowners install alarm systems for additional
security. School computer labs and other areas with a large number of semi
frequent users often attach additional physical security devices such as cables
that lock the equipment to a desk, cabinet, or floor. Small locking devices
also exist that require a key to access a hard disk or optical disc drive. Some
businesses use a real time location system (RTLS) to track and identify the
location of high-risk or high-value items. One implementation of RTLS places
RFID tags in items to be tracked. Mobile computer users must take special care
to protect their equipment. The best preventive measures are common sense and a
constant awareness of the risk. Some users attach a physical device such as a
cable to lock a mobile computer temporarily to a stationary object. For
example, a hotel guest could lock a notebook computer to a desk or table in a
hotel room when he or she leaves the room. Other mobile users install a
mini-security system in the notebook computer. Some of these security systems
shut down the computer and sound an alarm if the computer moves outside a
specified distance. Others can be configured to photograph the thieves when
they use the computer. Notebook computer security systems and tracking software
also can track the location of a stolen notebook computer. Some notebook
computers use passwords, possessed objects, and biometrics as methods of
security. When you start up these computers, you must enter a password, slide a
card in a card reader, or press your finger on a fingerprint reader before the
hard disk unlocks. This type of security does not prevent theft, but it renders
the computer useless if it is stolen. You also can password-protect many
portable storage devices such as USB flash drives, smart phones, and other
mobile devices. This allows only authorized users to access the device’s data.
Some can be set to destroy data if an incorrect password is entered a certain
number of times. You usually can instruct the password screen to display your
name and telephone number, so that a Good Samaritan can return it to you if
lost. Several models also allow you to encrypt data in the device.
5. How do software
manufacturers protect against software piracy?
Another computer security risk is software theft. Software
theft occurs when someone (1) steals software media, (2) intentionally erases
programs, (3) illegally copies a program, or (4) illegally registers and/or
activates a program. The first type of software theft involves a perpetrator
physically stealing the media that contain the software or the hardware that
contains the media, as described in the previous section. For example, an
unscrupulous library patron might steal the Encyclopedia Britannica optical
disc. The second type of software theft can occur when a programmer is
terminated from, or stops working for, a company. Although the programs are
company property, some dishonest programmers intentionally remove or disable
the programs they have written from company computers. The third type of
software theft occurs when software is stolen from software manufacturers. This
type of theft, called piracy, is by far the most common form of software theft.
Software piracy is the unauthorized and illegal duplication of copyrighted
software. The fourth type of software theft involves users illegally obtaining
registration numbers and/or activation codes. A program called a keygen, short
for key generator, creates software registration numbers and sometimes
activation codes. Some unscrupulous individuals create and post keygens so that
users can install software without legally purchasing it. To protect themselves
from software piracy, software manufacturers issue users license agreements. A
license agreement is the right to use the software. That is, you do not own the
software. The license agreement provides specific conditions for use of the
software, which a user must accept before using the software. These terms
usually are displayed when you install the software. Use of the software constitutes
acceptance of the terms on the user’s part. The most common type of license
included with software purchased by individual users is a single-user license
agreement, also called an end-user license agreement (EULA). A single-user
license agreement typically includes many of the following conditions that
specify a user’s responsibility upon acceptance of the agreement. In an attempt
to prevent software piracy, Microsoft and other manufacturers have incorporated
an activation process into many of their consumer products. During the product
activation, which is conducted either online or by telephone, users provide the
software product’s 25-character identification number to receive an
installation identification number unique to the computer on which the software
is installed. Usually, the software does not function or has limited
functionality until you activate it via the Internet or telephone. Many
organizations and businesses also have strict written policies governing the
installation and use of software and enforce their rules by checking networked
or online computers periodically to ensure that all software is licensed
properly. If you are not completely familiar with your school or employer’s
policies governing installation of software, check with the information
technology department or your school’s technology coordinator.
6. How does
encryption work, and why is it necessary?
Encryption is a process of converting readable data into
unreadable characters to prevent unauthorized access. You treat encrypted data
just like any other data. That is, you can store it or send it in an e-mail
message. To read the data, the recipient must decrypt, or decipher, it into a
readable form. In the encryption process, the unencrypted, readable data is
called plaintext. The encrypted (scrambled) data is called ciphertext. An
encryption algorithm, or cypher, is a set of steps that can convert readable
plaintext into unreadable ciphertext. Encryption programs typically use more
than one encryption algorithm, along with an encryption key. An encryption key
is a set of characters that the originator of the data uses to encrypt the
plaintext and the recipient of the data uses to decrypt the ciphertext. Two
basic types of encryption are private key and public key. With private key
encryption, also called symmetric key encryption, both the originator and the
recipient use the same secret key to encrypt and decrypt the data. Public key
encryption, also called asymmetric key encryption, uses two encryption keys: a
public key and a private key. Public key encryption software generates both the
private key and the public key. A message encrypted with a public key can be
decrypted only with the corresponding private key, and vice versa. The public
key is made known to message originators and recipients. For example, public
keys may be posted on a secure Web page or a public-key server, or they may be
e-mailed. The private key, by contrast, should be kept confidential. A digital
signature is an encrypted code that a person, Web site, or organization
attaches to an electronic message to verify the identity of the message sender.
The code usually consists of the user’s name and a hash of all or part of the
message. A hash is a mathematical formula that generates a code from the contents
of the message. Thus, the hash differs for each message. Receivers of the
message decrypt the digital signature. The recipient generates a new hash of
the received message and compares it with one in the digital signature to
ensure they match. Digital signatures often are used to ensure that an impostor
is not participating in an Internet transaction. That is, digital signatures
help to prevent e-mail forgery. A digital sig nature also can verify that the
content of a message has not changed. Many Web browsers also use encryption.
Some browsers offer a protection level known as 40-bit encryption. Many also
offer 128-bit encryption and 1024-bit encryption, which are even higher levels
of protection because they have longer encryption keys. Applications requiring
more security, such as banks, brokerage firms, or online retailers that use
credit card or other financial information, require 128-bit or 1024-bit
encryption. A Web site that uses encryption techniques to secure its data is
known as a secure site. Secure sites use digital certificates along with a
security protocol. Two popular security protocols are Transport Layer Security
and Secure HTTP. Organizations often use VPNs.
7. What types of
devices are available to protect computers from system failure?
System failure is yet another type of computer security
risk. A system failure is the prolonged malfunction of a computer. System
failure also can cause loss of hardware, software, data, or information. A
variety of causes can lead to system failure. These include aging hardware;
natural disasters such as fires, floods, or hurricanes; random events such as
electrical power problems; and even errors in computer programs. One of the
more common causes of system failure is an electrical power variation. Electrical
power variations can cause loss of data and loss of equipment. If the computer
equipment is networked, a single power disturbance can damage multiple systems.
Electrical disturbances include noise, undervoltages, and overvoltages. To
protect against electrical power variations, use a surge protector. A surge
protector, also called a surge suppressor, uses special electrical components
to smooth out minor noise, provide a stable current flow, and keep an
overvoltage from reaching the computer and other electronic equipment (Figure
11-21). Sometimes resembling a power strip, the computer and other devices plug
in the surge protector, which plugs in the power source. The surge protector
absorbs small overvoltages — generally without damage to the computer and
equipment. To protect the computer and other equipment from large overvoltages,
such as those caused by a lightning strike, some surge protectors completely
stop working when an overvoltage reaches a certain level. Surge protectors also
usually protect the computer from undervoltages. For additional electrical
protection, some users connect an uninterruptible power supply to the computer.
An uninterruptible power supply (UPS) is a device that contains surge
protection circuits and one or more batteries that can provide power during a
temporary or permanent loss of power. A UPS connects between your computer and
a power source.
8. What are options
for backing up computer resources?
To protect against data loss caused by system failure or
hardware/software/information theft, computer users should back up files
regularly. A backup is a duplicate of a file, program, or disk that can be used
if the original is lost, damaged, or destroyed. Thus, to back up a file means
to make a copy of it. In the case of system failure or the discovery of
corrupted files, you restore the files by copying the backed up files to their
original location on the computer. You can use just about any media to store
backups. Be sure to use high-quality media. A good choice for a home user might
be optical discs or external hard disks. Some home users also set up a RAID
configuration, as described in Chapter 7, to automatically back up the contents
of a disk. Keep backup copies in a fireproof and heatproof safe or vault, or
offsite. Offsite means in a location separate from the computer site. Home and
business users keep backup copies offsite so that a single disaster, such as a
fire, does not destroy both the original and the backup copy of the data. An
offsite location can be a safe deposit box at a bank or a briefcase. A growing
trend is to use cloud storage as an offsite location. As discussed in Chapter
7, cloud storage is an Internet service that provides storage to computer
users. Most backup programs for the home user provide for a full backup and a
selective backup. A full backup copies all of the files in the computer. With a
selective backup, users choose which folders and files to include in a backup.
Some users implement a three-generation backup policy to preserve three copies
of important files. The grandparent is the oldest copy of the file. The parent
is the second oldest copy of the file. The child is the most recent copy of the
file. Others use RAID to duplicate the contents of a disk. Instead of multiple
backup copies, some users choose continuous backup, where data is backed up
whenever a change is made. Backup programs are available from many sources.
Most operating systems include a backup program. Backup devices, such as
external disk drives, also include backup programs. Numerous stand-alone backup
utilities exist. Many of these can be downloaded from the Web at no cost.
9. What risks and
safeguards are associated with wireless communications?
Wireless technology has made dramatic changes in the way
computer users communicate worldwide. Billions of home and business users have
notebook computers, smart phones, and other mobile devices to access the
Internet, send e-mail and instant messages, chat online, or share network
connections — all without wires. Home users set up wireless home networks.
Mobile users access wireless networks in hot spots at airports, hotels,
shopping malls, bookstores, restaurants, and coffee shops. Schools have
wireless networks so that students can access the school network using their
mobile computers and devices as they move from building to building. Although
wireless access provides many conveniences to users, it also poses additional
security risks. One study showed that about 80 percent of wireless networks
have no security protection. Some perpetrators connect to other’s wireless
networks to gain free Internet access; others may try to access an
organization’s confidential data. To access the network, the individual must be
in range of the wireless network. Some intruders intercept and monitor
communications as they transmit through the air. Others connect to a network
through an unsecured wireless access point (WAP). In one technique, called war
driving or access point mapping, individuals attempt to detect wireless
networks via their notebook computer or mobile device while driving a vehicle
through areas they suspect have a wireless network. Some individuals instead
use war flying, where they use airplanes instead of vehicles to detect
unsecured wireless networks. Once located, some individuals use a GPS device to
add the WAP to a war driving access point map on the Internet, making the
wireless network vulnerable. In addition to using firewalls, some safeguards
that improve the security of wireless networks include reconfiguring the wireless
access point and ensuring equipment uses one or more wireless security
standards such as Wi-Fi Protected Access and 802.11i. A wireless access point
(WAP) should be configured so that it does not broadcast a network name, known
as an SSID (service set identifier). Users should change the default SSID to
prevent unauthorized users from accessing their wireless network. The WAP also
can be programmed so that only certain devices can access it. Wi-Fi Protected
Access (WPA) is a security standard that improves on older security standards
by authenticating network users and providing more advanced encryption
techniques. An 802.11i network, sometimes called WPA2, the most recent network
security standard, conforms to the government’s security standards and uses
more sophisticated encryption techniques than WPA.
10. How can
health-related disorders and injuries due to computer use be prevented?
A repetitive strain injury (RSI) is an injury or disorder of
the muscles, nerves, tendons, ligaments, and joints. Computer-related RSIs
include tendonitis and carpal tunnel syndrome. RSIs are the largest job-related
injury and illness problem in the United States today. For this reason, OSHA
(Occupational Safety and Health Administration) has developed industry-specific
and task-specific guidelines designed to prevent workplace injuries with
respect to computer usage. You can take many precautions to prevent these types
of injuries. Take frequent breaks during the computer session to exercise your
hands and arms. To prevent injury due to typing, place a wrist rest between the
keyboard and the edge of your desk. To prevent injury while using a mouse,
place the mouse at least six inches from the edge of the desk. In this
position, your wrist is flat on the desk. Finally, minimize the number of times
you switch between the mouse and the keyboard, and avoid using the heel of your
hand as a pivot point while typing or using the mouse. Another type of
health-related condition due to computer usage is computer vision syndrome (CVS).
You may have CVS if you have sore, tired, burning, itching, or dry eyes;
blurred or double vision; distance blurred vision after prolonged staring at a
display device; headache or sore neck; difficulty shifting focus between a
display device and documents; difficulty focusing on the screen image; color
fringes or after-images when you look away from the display device; and
increased sensitivity to light. Eyestrain associated with CVS is not thought to
have serious or long-term consequences. People who spend their workday using
the computer sometimes complain of lower back pain, muscle fatigue, and
emotional fatigue. Lower back pain sometimes is caused from poor posture.
Always sit properly in the chair while you work. To alleviate back pain, muscle
fatigue, and emotional fatigue, take a 15- to 30-minute break every 2 hours —
stand up, walk around, stretch, and relax. Another way to help prevent these
injuries is to be sure your workplace is designed ergonomically.
11. What are issues
related to information accuracy, intellectual property rights, codes of
conduct, and green computing?
Information accuracy today is a concern because many users
access information maintained by other people or companies, such as on the
Internet. Do not assume that because the information is on the Web that it is
correct. As Chapter 2 discussed, users should evaluate the value of a Web page
before relying on its content. Be aware that the organization providing access
to the information may not be the creator of the information. In addition to
concerns about the accuracy of computer input, some individuals and
organizations raise questions about the ethics of using computers to alter
output, primarily graphical output such as a retouched photo. Using graphics
equipment and software, users easily can digitize photos and then add, change,
or remove images. A common infringement of copyright is piracy. People pirate
(illegally copy) software, movies, and music. Many areas are not clearcut with
respect to the law, because copyright law gives the public fair use to
copyrighted material. The issues surround the phrase, fair use, which allows
use for educational and critical purposes. This vague definition is subject to
widespread interpretation and raises many questions:
• Should individuals be able to download contents of your
Web site, modify it, and then put it on the Web again as their own?
• Should a faculty member have the right to print material
from the Web and distribute it to all members of the class for teaching
purposes only?
• Should someone be able to scan photos or pages from a
book, publish them to the Web, and allow others to download them?
• Should someone be able to put the lyrics of a song on the
Web?
• Should students be able to post term papers they have
written on the Web, making it tempting for other students to download and
submit them as their own work?
These issues with copyright law led to the development of
digital rights management (DRM), a strategy designed to prevent illegal
distribution of movies, music, and other digital content.
Recognizing that individuals need specific standards for the
ethical use of computers, a number of computer-related organizations have
established IT (information technology) codes of conduct (Figure 11-29). An IT
code of conduct is a written guideline that helps determine whether a specific
computer action is ethical or unethical.
IT Code of Conduct
1. Computers may not be used to harm other people.
2. Employees may not interfere with others’ computer work.
3. Employees may not meddle in others’ computer files.
4. Computers may not be used to steal.
5. Computers may not be used to bear false witness.
6. Employees may not copy or use software illegally.
7. Employees may not use others’ computer resources without
authorization.
8. Employees may not use others’ intellectual property as
their own.
9. Employees shall consider the social impact of programs
and systems they design.
10. Employees always should use computers in a way that
demonstrates consideration and respect for fellow humans.
Green computing involves reducing the electricity and
environmental waste while using a computer. People use, and often waste,
resources such as electricity and paper while using a computer. Society has
become aware of this waste and is taking measures to combat it. Personal
computers, display devices, and printers should comply with guidelines of the
ENERGY STAR program. The United States Department of Energy (DOE) and the
United States Environmental Protection Agency (EPA) developed the ENERGY STAR
program to help reduce the amount of electricity used by computers and related
devices. This program encourages manufacturers to create energy- efficient
devices that require little power when they are not in use. For example, many
devices switch to sleep or power save mode after a specified number of inactive
minutes or hours. Computers and devices that meet the ENERGY STAR guidelines
display an ENERGY STAR label.
12. What are issues
surrounding information privacy?
Information privacy refers to the right of individuals and
companies to deny or restrict the collection and use of information about them.
In the past, information privacy was easier to maintain because information was
kept in separate locations. Each retail store had its own credit files. Each
government agency maintained separate records. Doctors had their own patient
files. Today, huge databases store this data online. Much of the data is
personal and confidential and should be accessible only to authorized users.
Many individuals and organizations, however, question whether this data really
is private. That is, some companies and individuals collect and use this
information without your authorization. Web sites often collect data about you,
so that they can customize advertisements and send you personalized e-mail
messages. Some employers monitor your computer usage and e-mail messages.
No comments:
Post a Comment