Fundamentals of IT Chapter 10

Questions and Answers

What is meant by 'computer security risks'?

Computer security risks refer to any event or action that could cause a loss or damage to computer hardware, software, data, information, or processing capability.

Name three types of cybercrime perpetrators.

Three types of cybercrime perpetrators are hackers, crackers, and corporate spies.

What are some common types of Internet and network attacks?

Common types of Internet and network attacks include phishing, denial-of-service attacks, and malware distribution.

How can unauthorized computer access be prevented?

Unauthorized computer access can be prevented through the use of strong passwords, two-factor authentication, and regular software updates.

What methods do software manufacturers use to prevent software piracy?

Software manufacturers prevent software piracy by employing digital rights management (DRM), license keys, and activation processes.

Why is encryption necessary in computer security?

Encryption is necessary to protect sensitive data by converting it into a secure format that can only be read by authorized parties.

What are some risks associated with wireless communications?

Risks associated with wireless communications include eavesdropping, unauthorized access, and data interception.

What techniques can help prevent health-related issues from computer use?

Techniques to prevent health-related issues include taking regular breaks, maintaining proper ergonomics, and using screen filters.

What is the main reason that information transmitted over networks has a higher security risk than information kept on-site?

Information transmitted over networks can be intercepted or accessed by unauthorized users, increasing the risk of breaches.

How does a computer virus affect a computer's operation?

A computer virus affects a computer by copying itself repeatedly, using up resources, and potentially shutting down the computer or network.

What distinguishes a Trojan horse from a virus?

A Trojan horse is a malicious program that disguises itself as a legitimate application, while a virus spreads by copying itself.

What is a rootkit, and what capabilities does it provide to an attacker?

A rootkit is a program that hides in a computer to give an attacker remote access and control over the system.

Identify one symptom of an infected computer related to its operating system.

One symptom of an infected computer is that the operating system runs much slower than usual.

What impact does a computer virus have on a computer's available memory?

A computer virus can cause the available memory to be less than expected by consuming resources.

How can a web-based security service assist users in protecting their computers?

An online security service evaluates a computer for Internet and email vulnerabilities, helping to identify and mitigate risks.

What kind of unusual symptoms might indicate a computer is infected with malware?

Unusual messages or images displayed on the screen can indicate malware infection.

What is a botnet and how does it relate to compromised computers?

A botnet is a group of compromised computers, also known as zombies, connected to a network.

Describe a denial of service attack (DoS attack) and its impact on Internet access.

A denial of service attack (DoS attack) disrupts computer access to Internet services by overwhelming the system.

What is a back door in the context of computer security?

A back door is a program or a set of instructions that allows users to bypass security controls.

How does spoofing affect network or Internet transmissions?

Spoofing is a technique used by intruders to make their network or Internet transmission appear legitimate.

What role does a firewall play in network security?

A firewall is hardware and/or software that protects a network's resources from intrusion.

What are some signs that a computer might be compromised by malware?

Signs include unusual sound playback, random disappearance of files, and the operating system shutting down unexpectedly.

Why is it essential for users to take precautions against malicious infections?

It is essential to protect devices from malicious infections to maintain security and prevent data loss.

What could happen if an operating system does not start up properly?

If an operating system does not start up properly, it can lead to data loss and inability to access files.

What is the primary function of intrusion detection software?

To analyze network traffic and identify unauthorized intrusions.

How does a honeypot function in network security?

It acts as a vulnerable computer designed to attract and deceive intruders.

What distinguishes unauthorized access from unauthorized use of a computer?

Unauthorized access refers to using a system without permission, while unauthorized use involves using a system for unapproved activities.

List two methods organizations implement to prevent unauthorized access.

Implementing an acceptable use policy and using firewalls.

What are the two phases involved in access controls?

Identification and authentication.

What role does a biometric device play in security systems?

It authenticates a person's identity by translating personal characteristics into a digital code.

What is the purpose of a possessed object in access controls?

To serve as a physical item that users must carry to gain access to a system.

What purpose do firewalls serve in network security?

Firewalls protect networks by controlling incoming and outgoing traffic based on predetermined security rules.

What are two protective devices against electrical power variations?

Surge protectors and uninterruptable power supplies (UPS).

Define a backup in the context of data management.

A backup is a duplicate of a file, program, or disk that can be used if the original is lost or damaged.

What is the three-generation backup policy?

It consists of a grandparent, parent, and child backup system.

Why are offsite backups important?

They protect data by storing it in a location separate from the original site.

What percentage of wireless networks reportedly lack security protection?

About 80 percent.

What is 'war driving' in relation to wireless networks?

War driving involves detecting wireless networks while driving through an area.

What is one recommended configuration for a wireless access point to enhance security?

Change the default SSID and ensure it does not broadcast.

Name one electrical power problem that can lead to system failures.

Undervoltages or overvoltages.

Study Notes

Objectives Overview

• Understand computer security risks and types of cybercrime perpetrators.
• Identify Internet and network attack types, and explore safeguarding methods.
• Implement techniques to prevent unauthorized computer access and usage.
• Develop safeguards against hardware theft and vandalism.
• Recognize methods software manufacturers use to combat piracy.
• Learn about encryption mechanisms and their necessity.
• Assess devices that protect against system failure.
• Explore backup options for computer resources.
• Identify risks and safety measures in wireless communications.
• Discuss ways to mitigate health issues related to computer use.
• Address issues around information accuracy, intellectual property rights, and green computing.
• Investigate concerns regarding information privacy.

Computer Security Risks

• A computer security risk includes events or actions that could damage or compromise hardware, software, data, or processing power.
• Cybercrime refers to illegal acts conducted online or over the internet.
• Types of cybercrime perpetrators include:
  • Hackers
  • Crackers
  • Script kiddies
  • Corporate spies
  • Unethical employees
  • Cyber extortionists
  • Cyber terrorists

Internet and Network Attacks

• Transmitting information over networks is riskier than storing it on-premises.
• Online security services evaluate computers for vulnerabilities related to Internet and email.
• Types of malware:
  • Virus: Replicates itself, consuming system resources and potentially shutting down operations.
  • Worm: Spreads independently across systems.
  • Trojan Horse: Disguised as legitimate software but malicious in nature.
  • Rootkit: Obscures its presence and allows remote control of an infected machine.
• Symptoms of infection include slowed performance, memory issues, corrupted files, and unexpected system behaviors.

Protective Measures Against Internet Attacks

• Precautions to protect computers include:
  • Implementing firewalls, which block unauthorized access.
  • Using intrusion detection software to monitor traffic and identify breaches.
  • Utilizing honeypots to lure intruders into a controlled environment.
• Botnets consist of interconnected compromised computers, with individual units referred to as zombies.
• A Denial of Service (DoS) attack disrupts access to services, often through Distributed DoS (DDoS) methods.
• Spoofing deceives users by masquerading illegitimate transmissions as trustworthy.

Unauthorized Access and Use

• Unauthorized access: Using a computer or network without permission.
• Unauthorized use: Engaging in unapproved or illegal activities on a computer or its data.
• Organizations can mitigate unauthorized actions through:
  • Acceptable use policies.
  • Disabling file and printer sharing.
  • Firewalls and intrusion detection software.

Access Control Measures

• Access controls determine who can access computers, timing, and permissible actions.
• Identification and authentication processes rely on:
  • Usernames and passwords.
  • Passphrases and CAPTCHAs.
  • Possessed objects like ID cards or tokens.
  • Biometric devices to confirm identity using personal characteristics.

System Failures and Safeguards

• Protecting against system failures involves addressing threats from aging hardware, natural disasters, and power issues.
• Surge protectors and Uninterruptible Power Supplies (UPS) are effective against electrical power disruptions.

Data Backup Strategies

• Backups provide retrievable duplicates of files or data in case of loss.
• Offsite backups are critical for data safety, stored away from the primary system site.
• Backup categories include:
  • Full backup: Complete data copy.
  • Selective backup: Only critical data copied.
• The three-generation backup policy includes:
  • Grandparent (oldest backup)
  • Parent (current backup)
  • Child (latest backup)

Wireless Security Risks

• Wireless networks often lack security measures, with about 80% remaining unprotected.
• War driving enables identifying wireless networks while driving.
• To secure wireless networks, implement the following:
  • Avoid broadcasting the default SSID.
  • Change the default SSID for better security.

Description

This quiz covers Chapter 10 on Issues and Trends in Fundamentals of Information Technology. It focuses on computer security risks, types of cybercrime, internet attacks, and safeguarding techniques. Test your knowledge on preventing unauthorized access and hardware theft.