Protecting Personally Identifiable Information (PII)

Questions and Answers

What is the main concept behind transposition encryption?

It replaces letters with numbers only.

It uses a fixed key for substitution.

It doesn't require a specific pattern to decode.

It alters the position of letters in a message. (correct)

Which of the following is an example of a substitution encryption method?

Reversing the order of letters

Dividing the text into multiple parts

Changing the case of letters in a message

Shifting letters to the right by a fixed number (correct)

How does the Caesar cipher determine which letters to substitute?

By applying a designated shift value (correct)

By counting letters to the left of the alphabet

By replacing vowels with consonants only

By using a random letter generator

In T9 texting, what action is taken to type the letter 'H'?

Press the 4 key twice

Which of these shifts would correspond to an 'F' in the Caesar cipher if the shift is 5?

A

What happens if the encryption information is easily accessible by unauthorized people?

Sensitive information may be exposed.

If the Caesar cipher's shift is 3, what letter corresponds to 'I'?

L

What characterizes substitution ciphers as opposed to transposition ciphers?

They replace letters with different symbols.

How many times do you need to tap the button for the letter 'O' using T9 texting?

Three times

What does a substitution cipher replace in a message?

Letters with other letters, numbers, or symbols

What is the primary purpose of encryption methods?

To protect data from unauthorized access

What is a key feature of the Caesar cipher?

It shifts letters by a fixed number of positions

What is an example of a real-world application of substitution encryption?

T9 texting on early cell phones

What would happen if encryption information was easily accessible by others?

Data could be compromised or stolen

What is the main difference between transposition and substitution encryption methods?

Transposition methods change the position of letters, while substitution methods replace letters

What is the name of the encryption method that Julius Caesar used to communicate with his generals?

Caesar Cipher

How does the Caesar cipher determine the shift?

Using a fixed shift value

What is a characteristic of substitution ciphers?

They replace letters with other letters or characters

What is the purpose of the shift in the Caesar cipher?

To encode the message

What is an advantage of using encryption methods?

Improved data security and confidentiality

What is a key responsibility of citizenship in a digital world?

Safeguarding Personally Identifiable Information (PII)

What is typically needed to access websites or login to online accounts?

Email and password

What is an advantage of using strong passwords?

Harder to hack into the account

What should you avoid including in your password?

Personal identifiable information

What is the purpose of an authentication measure?

To identify the user in the virtual world

How many characters should a strong password have at a minimum?

8 characters

Why is it important to keep your PII safe?

So your information is protected from unauthorized access

What is a characteristic of a strong password?

It is easy for you to remember but hard for others to guess

What is the primary purpose of multi-factor authentication?

To safeguard against unauthorized access to accounts and PII

What is a disadvantage of having accessible PII?

Risk of identity theft and stalking

What can prevent infections and fix errors that could compromise a system?

All of the above

What is an example of multi-factor authentication?

Security image identification

Why is multi-factor authentication more secure than one-step authentication?

It provides more than one layer of security

What can password managers generate for online accounts?

Complex, random passwords

What is a disadvantage of storing PII online?

It can lead to identity theft and stalking

What should you do when allowing a new website access to your personal information?

Limit the permission settings and adjust them accordingly

What is a characteristic of multi-factor authentication?

It uses at least two types of authentication

What is the purpose of protection software?

To protect systems from cyber attacks and infections

What is the primary goal of a phishing email attack?

To trick the recipient into revealing personal information

What is a key indicator of a phishing email?

An unofficial 'From' address

What is the primary objective of a keylogging attack?

To gather usernames and passwords

Why is keylogging considered an unethical practice?

It invades users' privacy and captures sensitive information

What makes public networks particularly vulnerable to cyber attacks?

They are easier to access

What can happen if you respond to a phishing email?

You will unintentionally reveal personal information

What is a characteristic of a phishing email?

It creates a sense of urgency

What can keylogger software do?

Identify if someone is attempting to keylog

Why are public networks insecure?

Because they are often unencrypted

What is the primary risk of using public networks?

Data may be intercepted by hackers

What is the primary function of an access point on a network?

To create a wireless local area network by connecting to a router

What is a major risk associated with connecting to a rogue access point?

Loss of personally identifiable information

What is a key difference between digital and manual files?

All of the above

What is a benefit of using digital files?

Time savings in editing and transferring files

What is a limitation of digital files?

Dependence on internet connectivity

What is file insecurity?

A concept that all files have vulnerabilities

What can happen to insecure files?

They can be lost, overridden, or corrupted

What is a key feature of digital files?

They can be easily transferred electronically

What is a benefit of using digital files in businesses?

Reduced paper costs

Why should users be cautious when connecting to public networks?

To protect their personally identifiable information

What is the primary objective of encrypting a hard drive and mobile device?

To ensure the confidentiality of information

What is the concept that measures how unpredictable a password is based on the type and combination of characters used and the length of the password?

Password entropy

What is the purpose of implementing anti-virus software?

To prevent cyber attacks and data damage

What is the term for ensuring that information is not disclosed to the wrong individuals?

Confidentiality

What is the result of encrypting plaintext?

Ciphertext

What is the benefit of keeping your computer and devices updated?

To enhance digital security

What is the primary purpose of implementing the five pillars of cybersecurity?

To maintain digital security

What is the calculation for password entropy?

Log base 2

What is the term for proving the identities of the sender and recipient when transferring information?

Non-repudiation

What is the benefit of restricting access to files?

To prevent unauthorized access

What is the primary purpose of a white hat hacker?

To identify and report security flaws to companies.

What type of hacker would likely charge a fee for reporting vulnerabilities they discover?

Grey hat hacker

Which of the following is NOT a type of malware?

Firewall

What is the primary characteristic of a computer virus?

It replicates itself and spreads to other systems.

How can a computer virus be spread?

All of the above

Which of the following is a potential consequence of a virus infection?

All of the above

How can you protect yourself from malware?

All of the above

Which of the following is NOT a characteristic of black hat hackers?

They use their skills for ethical purposes.

What is the primary difference between a worm and a virus?

A worm spreads through networks, while a virus requires a host program to spread.

Which of the following is an example of a ransomware attack?

A hacker encrypts your files and demands payment to unlock them.

What is a common challenge in identifying the source of a DDoS attack?

The attack can involve many machines making requests

What is an example of unintended consequences in the digital age?

Programmer bias and privacy infringement

What is algorithmic bias?

A systematic error in computer systems

What is the Digital Divide?

The gap between those who have access to the Internet and computers, and those who do not

What can contribute to programmer bias?

The programmer's life experience and perception of the world

How do algorithms on social media platforms contribute to algorithmic bias?

By adjusting what users see based on their online activity

What can be used to predict the types of ads a user might want to see?

A user's digital footprint

What can determine whether a person has access to the Internet and computers?

All of the above

What can be a result of unchecked programmer bias?

Unintended consequences

What is a potential risk of the Digital Divide?

Those without access to the Internet and computers may be left behind

What happens to the letters in a message when using the transposition encryption method?

They are rearranged according to a specific pattern.

What is the purpose of the shift in the Caesar cipher?

It specifies the number of positions to shift the letters.

Why was the T9 method of texting used in early cell phones?

To encode messages using substitution cipher.

What is a characteristic of substitution ciphers?

They replace letters with new characters or numbers.

What would happen if encryption information was easily accessible by unauthorized people?

Their data could be compromised or stolen.

What is the main difference between transposition and substitution encryption methods?

Transposition rearranges letters, while substitution replaces letters.

What is the purpose of encryption methods like the Caesar cipher?

To encode plain text messages securely.

What is a real-world application of substitution encryption?

T9 texting on early cell phones.

What is a dictionary attack?

A cyber attack that uses a list of common words and phrases to try and guess a password.

Which of the following is NOT a type of cybercrime?

Network security audits

What is the primary goal of a Denial of Service (DoS) attack?

To disrupt the normal operation of a website or server.

Why is it generally recommended to avoid using dictionary words in passwords?

Dictionary words are easily guessed by hackers using dictionary attack software.

What is the key difference between a DoS attack and a DDoS attack?

A DoS attack is launched from a single source, while a DDoS attack uses multiple sources.

Which of these is a common method used to gain unauthorized access to a system in order to spread malware?

Exploiting vulnerabilities in the system's software.

Which of the following is NOT a type of cyber attack?

Network Security Audit

What is the main reason why using personally identifiable information (PII) in passwords is strongly discouraged?

It's easier for hackers to guess passwords that contain PII.

Why is it important to keep your PII safe?

All of the above.

What is the primary purpose of encryption methods?

To protect data from unauthorized access.

What is the primary difference between symmetric key encryption and public key encryption?

Symmetric key encryption uses one key for both encryption and decryption, while public key encryption uses separate keys for each.

Which of the following is NOT a benefit of using symmetric key encryption?

High security due to the use of separate keys.

In the context of encryption, what does 'ciphertext' refer to?

The encrypted message that is unreadable without the decryption key.

What is the role of a certificate authority in encryption?

To verify the ownership of encryption keys used in secure communications.

Which of the following best describes the process of decryption?

Converting a ciphertext message back into plain text.

What is the main purpose of using encryption?

To make data more difficult to access and understand.

In the context of encryption, what is a 'key'?

A code used to encrypt a message.

Which of the following is a disadvantage of symmetric key encryption?

It can be vulnerable if the key is compromised.

What is the purpose of a public key in public key encryption?

To encrypt the message.

What is an example of a real-world scenario where encryption is essential?

Making an online purchase with a credit card.

What is the primary focus of the open innovation movement?

Collaborating on projects and ideas

Which of the following best describes open access?

Unrestricted online access to research materials

What is one significant benefit of open access repositories?

Equitable access to information regardless of payment ability

How did the Polish Cipher Bureau contribute during World War II?

Broke the German Enigma code

What role does cryptography play in today's digital age?

Securing personal and financial data

What is the main function of encryption in cryptography?

To obscure data to unauthorized users

Which of the following is NOT a characteristic of open access repositories?

They require users to pay for access

Which ancient civilization is noted for some of the earliest forms of cryptography?

Ancient Egyptians with their hieroglyphics

Which of the following best describes modern cryptography?

The science of storing data securely

What is a critical aspect of maintaining information security in cryptography?

Employing strong encryption methods and protocols

Which of the following is NOT a factor contributing to the digital divide?

Limited access to electricity

What is a key responsibility of programmers in mitigating the negative impacts of computing?

Promoting accountability and transparency in their programming solutions

Which of these options is NOT a potential solution to the digital divide?

Implementing stricter government regulations on internet access

What is a primary purpose of the Digital Millenium Copyright Act (DMCA)?

To protect intellectual property and copyright in the digital age

Which of the following is NOT an example of infrastructure that contributes to the digital divide?

Secure financial systems

How can programmers contribute to addressing the digital divide?

By developing programs that are accessible to people with varying levels of technical skills and resources

What is a key element of a programmer's Code of Ethics?

Promoting transparency and accountability in their work

Which of these options is a potential consequence of ignoring ethical concerns in computing?

Exploitation of privacy and other protections

What is a primary challenge in addressing the digital divide?

The high cost of internet access and connected devices

Which of the following is NOT a factor that can influence the digital divide?

Gender equality

Study Notes

Protecting Personally Identifiable Information (PII)

• PII can be collected through devices, websites, and detection hardware and software that track movements and location.
• Safeguarding PII is a key responsibility of citizenship in a digital world.

Authentication Measures

• One-step authentication measures use email and password to secure information.
• Strong passwords should be:
  • At least 8-12 characters long
  • Include capitalized letters
  • Include lowercase letters
  • Include numbers
  • Include symbols
  • Avoid personal identifiable information (e.g. birthday or name)
  • Not be words found in a dictionary
• Multi-factor authentication provides more than one layer of security, using a minimum of two steps to access a virtual space.
• Examples of multi-factor authentication include:
  • Choosing and identifying a security image
  • reCAPTCHA identification
  • Identifying pictures with a common image in them
  • Answering security questions

Disadvantages of Accessible PII

• Negative consequences of accessible PII include:
  • Credit card information getting into the wrong hands
  • Web browsers tracking search history and preferences
  • Location information being collected
  • Information being used to stalk or steal identities

Protecting PII

• All systems have flaws, so software is needed to protect against cyber attacks.
• Recommendations for protection software include:
  • Kaspersky Anti-Virus
  • AVG Anti-Virus
  • Norton 360 Deluxe Malware Protection
  • ESET Cybersecurity
• Limit permission settings when allowing websites access to personal information.
• Password managers can generate complex, random passwords for online accounts.

Cybersecurity Awareness

• Be aware of where your digital footprint is to keep data secure.
• Cyber attacks include dictionary attacks, brute force attacks, and more.
• Hackers can be categorized as:
  • White hat hackers (ethical hackers who test systems and protect against attacks)
  • Black hat hackers (criminals who use their skills for personal gain)
  • Grey hat hackers (individuals with a combination of white and black hat ethics)

Types of Attacks

• Malware refers to malicious software, including viruses, worms, spyware, and ransomware.
• Viruses are specialized computer programs that replicate and insert their code into a new host.
• Phishing is a type of cyber attack that uses disguised emails to trick recipients into providing personal information.
• Keylogging attacks use software or hardware to track keystrokes and gain access to usernames, passwords, and other information.

Public Network Insecurities

• Public networks are especially dangerous to cybersecurity because data can be easily accessed by hackers.
• Rogue access points can be created by hackers to steal personal information.

Digital Files

• Digital files have benefits, including:
  • Time-saving in editing and transferring files
  • Better efficiency in record-keeping
  • Easier access to files
• However, digital files also have limitations and risks, including:
  • Security breaches
  • File insecurity
  • Losing or corrupting information

File Security

• File security is a feature of the file system that controls access and limits what users can do to files.
• Effects of file insecurity include losing, overriding, or corrupting information.
• Steps to ensure file security include:
  • Keeping computers and devices updated
  • Using strong passwords
  • Using anti-virus software
  • Encrypting hard drives and mobile devices
  • Restricting access to files

Five Pillars of Cybersecurity

• The five pillars are:
  • Confidentiality (ensuring information is not disclosed to the wrong individuals)
  • Integrity (ensuring information is not damaged or modified during transmission)
  • Availability (ensuring services are accessible to users)
  • Non-repudiation (proving the identities of the sender and recipient)
  • Authentication (confirming identities before allowing access to cyber services)### Password Entropy
• Formula to calculate password entropy: log2(SL)
• S: Size of the pool of unique possible symbols
• L: Password Length
• Example: 6-character password with 26 possible symbols (all lowercase letters)
  • Possible combinations: 26^6 = 308,915,776
  • Bits of entropy: log2(26^6) = 28.2

Encryption and Decryption

• Encryption: process of changing plaintext (original message) to ciphertext (encrypted text) for security
• Decryption: process of converting ciphertext back to plaintext using a key

Downfalls of Computing

• Intentional misuse (cybercrime): using computing to commit crimes, e.g. fraud, hacking, identity theft, malware, phishing, cyberstalking
• Unintentional negative side effects: programmer bias, algorithmic bias, privacy infringement, inequitable access to technology and the internet

Cyber Attacks

• Dictionary attacks: using algorithms to try common words and variations for passwords
• Brute force attacks: using software to generate many password guesses based on user information
• Denial of Service (DoS) attacks: overwhelming a network server with traffic to prevent legitimate access
• Distributed Denial of Service (DDoS) attacks: using multiple devices to attack a single target

Unintended Consequences

• Programmer bias: unintended consequences due to programmers' own biases and limited testing
• Algorithmic bias: systematic errors in computer systems that create unfair outcomes
• Privacy infringement: collection and use of personal data without consent
• Digital Divide: unequal access to technology and the internet due to infrastructure, geographic barriers, government restrictions, and socioeconomic status

Solutions to the Digital Divide

• Increase affordability of internet access and devices
• Develop more infrastructure for global connectivity
• Create informational resources for low-cost devices and internet access

Programmer Responsibilities

• Code of Ethics: guidelines for programmers to promote accountability and transparency
• Mitigating negative impacts of computing: programmer bias, algorithmic bias, privacy infringement, and digital divide

Legal Issues in Computing

• Digital Millennium Copyright Act (DMCA): protects copyrighted material online and provides safe harbor for web hosts and ISPs
• Intellectual property: creative works or inventions that can be patented, copyrighted, or trademarked
• Plagiarism: taking someone else's work or ideas without proper citation
• Creative Commons: non-profit organization promoting open sharing and collaboration of creative works
• Open Source: materials and software allowing others to build upon and adapt
• Open Access: providing free online access to informational materials and research for the greater good### History of Cryptography
• During World War II, the German army used the Enigma machine to encrypt messages to their generals.
• The Polish Cipher Bureau broke the code, allowing Allied code breakers to decrypt the German messages and predict the German army's movements.

Modern Cryptography

• Cryptography is the science of storing data securely in the digital age.
• Four important categories must be maintained when storing information virtually: confidentiality, authenticity, integrity, and ownership.
• Cryptography uses concepts like encryption and decryption to store data securely.

Encryption Explained

• Encryption is the process of changing a message or information to hide its true meaning.
• Plaintext (original message) is turned into ciphertext (encrypted text) for security.
• An encrypted message requires a key to be decrypted.
• Certificate authorities issue digital certificates that validate the ownership of encryption keys used in secure communications.

Decryption Explained

• Decryption takes the encrypted message and converts it back to the original plaintext.
• The key is needed to decrypt the message.

Encoding and Decoding

• Encoding refers to the algorithm that changes plaintext into ciphertext.
• Decoding algorithms are used to convert ciphertext back into plaintext.
• Encoding and decoding algorithms are consistent and public information.
• Encryption keys are needed to secure the encoded data.

Symmetric Key Encryption

• Symmetric key encryption uses one key for both encryption and decryption.
• Advantages: fast and efficient for secure data storage.
• Disadvantages: trust issues and key security can be a challenge since the key can exist with multiple parties or companies.

Public Key Encryption

• Public key encryption uses different keys for encryption and decryption.
• A public key is used to encrypt a message, and a private key is used to decrypt it.
• Example: Bob sends a message to Alice, encrypting it with her public key, and she decrypts it with her private key.

Why is Encryption Necessary?

• Encryption is necessary to protect sensitive information from unauthorized access.
• Examples: ATM transactions, military communications, and website data storage.

Encryption Methods

• Transposition Encryption: changes the position of letters in a message.
• Substitution Encryption: replaces letters in a message with new letters, characters, or numbers (cipher text).
• Examples of Substitution Encryption: T9 Texting and Caesar Cipher.

Substitution Methods

• T9 Texting: uses numbers associated with letters on a telephone keypad to write words.
• Caesar Cipher: a simple encryption method that shifts letters in the plaintext by a certain number of positions.
• Caesar Cipher uses a shift as its key, and the shift determines the letter substitution.

Caesar Cipher Shift

• The shift in the Caesar Cipher determines the letter substitution.
• Example: if the shift is 3, A is substituted for D, B for E, and so on.
• If the shift is 5, F would correspond to A, G to B, and so on through the alphabet.

Protecting Personally Identifiable Information (PII)

• PII can be collected through devices, websites, and detection hardware and software that track movements and location.
• Safeguarding PII is a key responsibility of citizenship in a digital world.

Authentication Measures

• One-step authentication measures use email and password to secure information.
• Strong passwords should be:
  • At least 8-12 characters long
  • Include capitalized letters
  • Include lowercase letters
  • Include numbers
  • Include symbols
  • Avoid personal identifiable information (e.g. birthday or name)
  • Not be words found in a dictionary
• Multi-factor authentication provides more than one layer of security, using a minimum of two steps to access a virtual space.
• Examples of multi-factor authentication include:
  • Choosing and identifying a security image
  • reCAPTCHA identification
  • Identifying pictures with a common image in them
  • Answering security questions

Disadvantages of Accessible PII

• Negative consequences of accessible PII include:
  • Credit card information getting into the wrong hands
  • Web browsers tracking search history and preferences
  • Location information being collected
  • Information being used to stalk or steal identities

Protecting PII

• All systems have flaws, so software is needed to protect against cyber attacks.
• Recommendations for protection software include:
  • Kaspersky Anti-Virus
  • AVG Anti-Virus
  • Norton 360 Deluxe Malware Protection
  • ESET Cybersecurity
• Limit permission settings when allowing websites access to personal information.
• Password managers can generate complex, random passwords for online accounts.

Cybersecurity Awareness

• Be aware of where your digital footprint is to keep data secure.
• Cyber attacks include dictionary attacks, brute force attacks, and more.
• Hackers can be categorized as:
  • White hat hackers (ethical hackers who test systems and protect against attacks)
  • Black hat hackers (criminals who use their skills for personal gain)
  • Grey hat hackers (individuals with a combination of white and black hat ethics)

Types of Attacks

• Malware refers to malicious software, including viruses, worms, spyware, and ransomware.
• Viruses are specialized computer programs that replicate and insert their code into a new host.
• Phishing is a type of cyber attack that uses disguised emails to trick recipients into providing personal information.
• Keylogging attacks use software or hardware to track keystrokes and gain access to usernames, passwords, and other information.

Public Network Insecurities

• Public networks are especially dangerous to cybersecurity because data can be easily accessed by hackers.
• Rogue access points can be created by hackers to steal personal information.

Digital Files

• Digital files have benefits, including:
  • Time-saving in editing and transferring files
  • Better efficiency in record-keeping
  • Easier access to files
• However, digital files also have limitations and risks, including:
  • Security breaches
  • File insecurity
  • Losing or corrupting information

File Security

• File security is a feature of the file system that controls access and limits what users can do to files.
• Effects of file insecurity include losing, overriding, or corrupting information.
• Steps to ensure file security include:
  • Keeping computers and devices updated
  • Using strong passwords
  • Using anti-virus software
  • Encrypting hard drives and mobile devices
  • Restricting access to files

Five Pillars of Cybersecurity

• The five pillars are:
  • Confidentiality (ensuring information is not disclosed to the wrong individuals)
  • Integrity (ensuring information is not damaged or modified during transmission)
  • Availability (ensuring services are accessible to users)
  • Non-repudiation (proving the identities of the sender and recipient)
  • Authentication (confirming identities before allowing access to cyber services)### Password Entropy
• Formula to calculate password entropy: log2(SL)
• S: Size of the pool of unique possible symbols
• L: Password Length
• Example: 6-character password with 26 possible symbols (all lowercase letters)
  • Possible combinations: 26^6 = 308,915,776
  • Bits of entropy: log2(26^6) = 28.2

Encryption and Decryption

• Encryption: process of changing plaintext (original message) to ciphertext (encrypted text) for security
• Decryption: process of converting ciphertext back to plaintext using a key

Downfalls of Computing

• Intentional misuse (cybercrime): using computing to commit crimes, e.g. fraud, hacking, identity theft, malware, phishing, cyberstalking
• Unintentional negative side effects: programmer bias, algorithmic bias, privacy infringement, inequitable access to technology and the internet

Cyber Attacks

• Dictionary attacks: using algorithms to try common words and variations for passwords
• Brute force attacks: using software to generate many password guesses based on user information
• Denial of Service (DoS) attacks: overwhelming a network server with traffic to prevent legitimate access
• Distributed Denial of Service (DDoS) attacks: using multiple devices to attack a single target

Unintended Consequences

• Programmer bias: unintended consequences due to programmers' own biases and limited testing
• Algorithmic bias: systematic errors in computer systems that create unfair outcomes
• Privacy infringement: collection and use of personal data without consent
• Digital Divide: unequal access to technology and the internet due to infrastructure, geographic barriers, government restrictions, and socioeconomic status

Solutions to the Digital Divide

• Increase affordability of internet access and devices
• Develop more infrastructure for global connectivity
• Create informational resources for low-cost devices and internet access

Programmer Responsibilities

• Code of Ethics: guidelines for programmers to promote accountability and transparency
• Mitigating negative impacts of computing: programmer bias, algorithmic bias, privacy infringement, and digital divide

Legal Issues in Computing

• Digital Millennium Copyright Act (DMCA): protects copyrighted material online and provides safe harbor for web hosts and ISPs
• Intellectual property: creative works or inventions that can be patented, copyrighted, or trademarked
• Plagiarism: taking someone else's work or ideas without proper citation
• Creative Commons: non-profit organization promoting open sharing and collaboration of creative works
• Open Source: materials and software allowing others to build upon and adapt
• Open Access: providing free online access to informational materials and research for the greater good### History of Cryptography
• During World War II, the German army used the Enigma machine to encrypt messages to their generals.
• The Polish Cipher Bureau broke the code, allowing Allied code breakers to decrypt the German messages and predict the German army's movements.

Modern Cryptography

• Cryptography is the science of storing data securely in the digital age.
• Four important categories must be maintained when storing information virtually: confidentiality, authenticity, integrity, and ownership.
• Cryptography uses concepts like encryption and decryption to store data securely.

Encryption Explained

• Encryption is the process of changing a message or information to hide its true meaning.
• Plaintext (original message) is turned into ciphertext (encrypted text) for security.
• An encrypted message requires a key to be decrypted.
• Certificate authorities issue digital certificates that validate the ownership of encryption keys used in secure communications.

Decryption Explained

• Decryption takes the encrypted message and converts it back to the original plaintext.
• The key is needed to decrypt the message.

Encoding and Decoding

• Encoding refers to the algorithm that changes plaintext into ciphertext.
• Decoding algorithms are used to convert ciphertext back into plaintext.
• Encoding and decoding algorithms are consistent and public information.
• Encryption keys are needed to secure the encoded data.

Symmetric Key Encryption

• Symmetric key encryption uses one key for both encryption and decryption.
• Advantages: fast and efficient for secure data storage.
• Disadvantages: trust issues and key security can be a challenge since the key can exist with multiple parties or companies.

Public Key Encryption

• Public key encryption uses different keys for encryption and decryption.
• A public key is used to encrypt a message, and a private key is used to decrypt it.
• Example: Bob sends a message to Alice, encrypting it with her public key, and she decrypts it with her private key.

Why is Encryption Necessary?

• Encryption is necessary to protect sensitive information from unauthorized access.
• Examples: ATM transactions, military communications, and website data storage.

Encryption Methods

• Transposition Encryption: changes the position of letters in a message.
• Substitution Encryption: replaces letters in a message with new letters, characters, or numbers (cipher text).
• Examples of Substitution Encryption: T9 Texting and Caesar Cipher.

Substitution Methods

• T9 Texting: uses numbers associated with letters on a telephone keypad to write words.
• Caesar Cipher: a simple encryption method that shifts letters in the plaintext by a certain number of positions.
• Caesar Cipher uses a shift as its key, and the shift determines the letter substitution.

Caesar Cipher Shift

• The shift in the Caesar Cipher determines the letter substitution.
• Example: if the shift is 3, A is substituted for D, B for E, and so on.
• If the shift is 5, F would correspond to A, G to B, and so on through the alphabet.

Protecting Personally Identifiable Information (PII)

• PII can be collected through devices, websites, and detection hardware and software that track movements and location.
• Safeguarding PII is a key responsibility of citizenship in a digital world.

Authentication Measures

• One-step authentication measures use email and password to secure information.
• Strong passwords should be:
  • At least 8-12 characters long
  • Include capitalized letters
  • Include lowercase letters
  • Include numbers
  • Include symbols
  • Avoid personal identifiable information (e.g. birthday or name)
  • Not be words found in a dictionary
• Multi-factor authentication provides more than one layer of security, using a minimum of two steps to access a virtual space.
• Examples of multi-factor authentication include:
  • Choosing and identifying a security image
  • reCAPTCHA identification
  • Identifying pictures with a common image in them
  • Answering security questions

Disadvantages of Accessible PII

• Negative consequences of accessible PII include:
  • Credit card information getting into the wrong hands
  • Web browsers tracking search history and preferences
  • Location information being collected
  • Information being used to stalk or steal identities

Protecting PII

• All systems have flaws, so software is needed to protect against cyber attacks.
• Recommendations for protection software include:
  • Kaspersky Anti-Virus
  • AVG Anti-Virus
  • Norton 360 Deluxe Malware Protection
  • ESET Cybersecurity
• Limit permission settings when allowing websites access to personal information.
• Password managers can generate complex, random passwords for online accounts.

Cybersecurity Awareness

• Be aware of where your digital footprint is to keep data secure.
• Cyber attacks include dictionary attacks, brute force attacks, and more.
• Hackers can be categorized as:
  • White hat hackers (ethical hackers who test systems and protect against attacks)
  • Black hat hackers (criminals who use their skills for personal gain)
  • Grey hat hackers (individuals with a combination of white and black hat ethics)

Types of Attacks

• Malware refers to malicious software, including viruses, worms, spyware, and ransomware.
• Viruses are specialized computer programs that replicate and insert their code into a new host.
• Phishing is a type of cyber attack that uses disguised emails to trick recipients into providing personal information.
• Keylogging attacks use software or hardware to track keystrokes and gain access to usernames, passwords, and other information.

Public Network Insecurities

• Public networks are especially dangerous to cybersecurity because data can be easily accessed by hackers.
• Rogue access points can be created by hackers to steal personal information.

Digital Files

• Digital files have benefits, including:
  • Time-saving in editing and transferring files
  • Better efficiency in record-keeping
  • Easier access to files
• However, digital files also have limitations and risks, including:
  • Security breaches
  • File insecurity
  • Losing or corrupting information

File Security

• File security is a feature of the file system that controls access and limits what users can do to files.
• Effects of file insecurity include losing, overriding, or corrupting information.
• Steps to ensure file security include:
  • Keeping computers and devices updated
  • Using strong passwords
  • Using anti-virus software
  • Encrypting hard drives and mobile devices
  • Restricting access to files

Five Pillars of Cybersecurity

• The five pillars are:
  • Confidentiality (ensuring information is not disclosed to the wrong individuals)
  • Integrity (ensuring information is not damaged or modified during transmission)
  • Availability (ensuring services are accessible to users)
  • Non-repudiation (proving the identities of the sender and recipient)
  • Authentication (confirming identities before allowing access to cyber services)### Password Entropy
• Formula to calculate password entropy: log2(SL)
• S: Size of the pool of unique possible symbols
• L: Password Length
• Example: 6-character password with 26 possible symbols (all lowercase letters)
  • Possible combinations: 26^6 = 308,915,776
  • Bits of entropy: log2(26^6) = 28.2

Encryption and Decryption

• Encryption: process of changing plaintext (original message) to ciphertext (encrypted text) for security
• Decryption: process of converting ciphertext back to plaintext using a key

Downfalls of Computing

• Intentional misuse (cybercrime): using computing to commit crimes, e.g. fraud, hacking, identity theft, malware, phishing, cyberstalking
• Unintentional negative side effects: programmer bias, algorithmic bias, privacy infringement, inequitable access to technology and the internet

Cyber Attacks

• Dictionary attacks: using algorithms to try common words and variations for passwords
• Brute force attacks: using software to generate many password guesses based on user information
• Denial of Service (DoS) attacks: overwhelming a network server with traffic to prevent legitimate access
• Distributed Denial of Service (DDoS) attacks: using multiple devices to attack a single target

Unintended Consequences

• Programmer bias: unintended consequences due to programmers' own biases and limited testing
• Algorithmic bias: systematic errors in computer systems that create unfair outcomes
• Privacy infringement: collection and use of personal data without consent
• Digital Divide: unequal access to technology and the internet due to infrastructure, geographic barriers, government restrictions, and socioeconomic status

Solutions to the Digital Divide

• Increase affordability of internet access and devices
• Develop more infrastructure for global connectivity
• Create informational resources for low-cost devices and internet access

Programmer Responsibilities

• Code of Ethics: guidelines for programmers to promote accountability and transparency
• Mitigating negative impacts of computing: programmer bias, algorithmic bias, privacy infringement, and digital divide

Legal Issues in Computing

• Digital Millennium Copyright Act (DMCA): protects copyrighted material online and provides safe harbor for web hosts and ISPs
• Intellectual property: creative works or inventions that can be patented, copyrighted, or trademarked
• Plagiarism: taking someone else's work or ideas without proper citation
• Creative Commons: non-profit organization promoting open sharing and collaboration of creative works
• Open Source: materials and software allowing others to build upon and adapt
• Open Access: providing free online access to informational materials and research for the greater good### History of Cryptography
• During World War II, the German army used the Enigma machine to encrypt messages to their generals.
• The Polish Cipher Bureau broke the code, allowing Allied code breakers to decrypt the German messages and predict the German army's movements.

Modern Cryptography

• Cryptography is the science of storing data securely in the digital age.
• Four important categories must be maintained when storing information virtually: confidentiality, authenticity, integrity, and ownership.
• Cryptography uses concepts like encryption and decryption to store data securely.

Encryption Explained

• Encryption is the process of changing a message or information to hide its true meaning.
• Plaintext (original message) is turned into ciphertext (encrypted text) for security.
• An encrypted message requires a key to be decrypted.
• Certificate authorities issue digital certificates that validate the ownership of encryption keys used in secure communications.

Decryption Explained

• Decryption takes the encrypted message and converts it back to the original plaintext.
• The key is needed to decrypt the message.

Encoding and Decoding

• Encoding refers to the algorithm that changes plaintext into ciphertext.
• Decoding algorithms are used to convert ciphertext back into plaintext.
• Encoding and decoding algorithms are consistent and public information.
• Encryption keys are needed to secure the encoded data.

Symmetric Key Encryption

• Symmetric key encryption uses one key for both encryption and decryption.
• Advantages: fast and efficient for secure data storage.
• Disadvantages: trust issues and key security can be a challenge since the key can exist with multiple parties or companies.

Public Key Encryption

• Public key encryption uses different keys for encryption and decryption.
• A public key is used to encrypt a message, and a private key is used to decrypt it.
• Example: Bob sends a message to Alice, encrypting it with her public key, and she decrypts it with her private key.

Why is Encryption Necessary?

• Encryption is necessary to protect sensitive information from unauthorized access.
• Examples: ATM transactions, military communications, and website data storage.

Encryption Methods

• Transposition Encryption: changes the position of letters in a message.
• Substitution Encryption: replaces letters in a message with new letters, characters, or numbers (cipher text).
• Examples of Substitution Encryption: T9 Texting and Caesar Cipher.

Substitution Methods

• T9 Texting: uses numbers associated with letters on a telephone keypad to write words.
• Caesar Cipher: a simple encryption method that shifts letters in the plaintext by a certain number of positions.
• Caesar Cipher uses a shift as its key, and the shift determines the letter substitution.

Caesar Cipher Shift

• The shift in the Caesar Cipher determines the letter substitution.
• Example: if the shift is 3, A is substituted for D, B for E, and so on.
• If the shift is 5, F would correspond to A, G to B, and so on through the alphabet.

Description

Learn how to keep your personal data safe and secure from unwanted collection and tracking. Discover the ways programs and devices can collect your location and personal information.