Computer Essentials Module 13 - Computer Security

Questions and Answers

Which strategy is most effective in preventing phishing attacks related to email addresses?

• Change passwords regularly regardless of email content
• Only click on links from known contacts
• Ignore emails that seem suspicious
• Verify email addresses match organizational standards (correct)

What is a key feature of multi-factor authentication that enhances security against phishing?

• It makes use of email verification exclusively
• It uses only biometric data for login
• It requires a password alone to access accounts
• It combines multiple verification methods for access (correct)

In terms of data backup best practices, which action is crucial to mitigate data loss from phishing attacks?

• Regularly updating software without backing up data
• Backing up data before clicking on unknown email links (correct)
• Maintaining only physical copies of important documents
• Implementing backups without scheduling regular updates

Which factor is NOT essential for ensuring effective antivirus and anti-malware solutions against phishing threats?

Using a single method of detection without updating (C)

What aspect of email verification is often overlooked but essential for avoiding security threats?

Reviewing the ScreenTip address when hovering over links (A)

Which of the following is NOT a type of cyber threat associated with phishing?

Pharming (A)

What is an effective strategy for preventing phishing attacks?

Regularly updating software (D)

Multi-factor authentication enhances security by requiring how many forms of verification?

Two (B)

Which of the following is considered a best practice in data backup to protect against phishing attacks?

Implementing regular, automated backups (A)

What is the primary function of antivirus and anti-malware solutions in the context of phishing?

To detect and remove malicious software (D)

Flashcards

Email address check

Verify if an email address conforms to the organization's standard format.

Textual address

The visible email address displayed within the email message.

ScreenTip address

The email address revealed when the mouse cursor hovers over it.

Organization standard

Specific email format required by the company.

Matching addresses

The visible and hover email addresses must be consistent.

Phishing

A cyber attack that tries to trick people into giving away their personal information.

Cyber threats

Online risks and dangers.

Security considerations (phishing)

Ways to be careful when detecting phishing emails/messages.

Grammar and spelling mistakes (phishing)

Common signs that an email or message may be a phishing attempt.

Restricted

Limited or controlled access to something(potentially important to cyber security).

Study Notes

Saudi Electronic University - Computer Essentials - Module 13 - Computer Security

• Computer Security: An essential aspect of digital life, requiring continuous effort from individuals, organizations, and governments to protect against a wide range of cyber threats.

Weekly Learning Outcomes

• WLOC1: Summarize the dangers of sharing personal information online.
• WLOC2: Explain how cookies and unique identifiers compromise privacy.
• WLOC3: Detail cybercrime and its techniques.
• WLOC4: Discuss various types of malware.
• WLOC5: Describe methods for avoiding cybercrime.

Contents

• Wireless Network Authentication
• Sharing Personal Information Online: Dangers of sharing personal information online.
• Privacy Concerns: How cookies and unique identifiers compromise privacy.
• Security Threats from Criminals: Security threats posed by computer criminals.
• Cybercrime Techniques: Detail cybercrime techniques.
• Spoofing and Sniffing: Explain spoofing and sniffing techniques.
• Malware: Discussion of various types of malware.
• Malicious Programs: Description of malicious programs.

CIA Triad

• Confidentiality: Protecting sensitive information from unauthorized access. Techniques include encryption, two-factor authentication.
• Integrity: Maintaining data's accuracy and preventing unauthorized alterations. Techniques for integrity include hashing and access controls.
• Availability: Ensuring authorized users access data when needed. Techniques include hardware maintenance, software updating, network optimization, and backup systems.

Types of Encryption

• Symmetric Encryption: Uses the same key for encryption and decryption, but requires secure key management.
• Asymmetric Encryption: Uses a pair of keys (public and private) for encryption and decryption, with the public key being shared openly.

Types of Cyber Threats

• Malware: Malicious software designed to cause damage to a computer. Types include:
  • Virus: Attaches to files and spreads.
  • Trojan Horse: Hidden in legitimate software.
  • Worm: Copies itself from computer to computer without human interaction.
  • Ransomware: Encrypts files and demands payment for decryption.
  • Spyware: Secretly records user activity.
  • Keyloggers: Record keystrokes to steal passwords.
• Spoofing: Attacker's computer assumes a false internet address to gain access to the network.
• Sniffing: Ability to capture copies of data packets as they travel across the network and decode their content.
• Phishing: Tricking individuals into sharing sensitive information, using various forms like general phishing, spear phishing, whaling, and pharming.

Prevention and Mitigation Techniques

• Antivirus Software: Use reputable antivirus and anti-malware programs.
• Software Updates: Keep software (including operating systems) updated with security patches.
• Email Caution: Be cautious with email attachments and links from unknown or untrusted sources; do not click unknown email links.
• Backups: Regularly back up important data.
• Education & Awareness: Training users to recognize and report phishing attempts.
• Spam Filters: Implement email filtering solutions.
• Multifactor Authentication: Use methods like OTPs (One-Time Passwords), biometric verification, or security tokens.

Best Practices in Cyber Security

• Strong, Unique Passwords: Avoid common words and phrases. Use a mix of letters, numbers, and symbols.
• Multi-Factor Authentication: Use additional verification methods beyond passwords.
• Regular Software Updates and Patch Management: Keep software current.
• Antivirus and Anti-Malware Solutions: Install and update reputable antivirus/anti-malware programs, and perform regular scans.
• Regular Backups: Back up critical data using multiple methods and ensure secure storage and recovery.

Required and Recommended Reading

• Required Reading: Chapter 32 (Introduction to Computers and Information Technology: Preparing for IC3 Certification)
• Recommended Reading: Chapter 15 (Essential for Computing Studies, Profession, and Entrance Examinations)

Description

This quiz covers the critical aspects of computer security as outlined in Module 13 of Saudi Electronic University's Computer Essentials course. It addresses the dangers of sharing personal information online, privacy concerns related to cookies, and various types of cybercrime. Additionally, you'll learn about malware and methods to protect against cyber threats.