CC2 Notes 1 PDF
Document Details
Uploaded by EngagingMiracle9896
NTU
Tags
Summary
These notes cover computational thinking, quantitative reasoning, and cybersecurity. They explain concepts like abstraction, algorithms, decomposition, and pattern recognition. They also discuss data analytics, including descriptive, predictive, and prescriptive techniques, as well as cybersecurity concepts such as phishing, strong passwords, data security, and acceptable IT usage.
Full Transcript
Module 1: Computational Thinking Computational Thinking Competencies Computational: Involving the calculation of answers, amounts, results (e.g., calculations, order) Thinking: The activity of using your mind to consider something (e.g., reasoning, questioning) Competencies: Important skills that ar...
Module 1: Computational Thinking Computational Thinking Competencies Computational: Involving the calculation of answers, amounts, results (e.g., calculations, order) Thinking: The activity of using your mind to consider something (e.g., reasoning, questioning) Competencies: Important skills that are needed to do a job (e.g., managerial competencies) Includes: 1. Abstraction - Identifying and utilizing the structure of concepts / main ideas - Simplifies things o Identifies what is important without worrying too much about the detail - Allows us to manage the complexity of the context or content - Biological Domain o Bioinformatics: Combines different fields of study, including computer sciences, molecular biology, biotechnology, statistics, and engineering Analyse large amount of data: Genomics, Proteomics - Computer Science Manifestations o Pseudocode: An informal description of the steps involved in executing a computer program, often written in something similar to plain [in designed language] - Human Genomes o Structure of cell: Incredibly crowded and incomprehensible for humans o Simplify the representation of cells and make it readable by abstraction (labelling, lettering, shaping, colouring, numbering, etc.) o Formulating in pseudo level can enable us to understand concepts more clearly. o Abstraction simplifies complex life phenomenon to something readable and understandable. -0-00000000 - Real life examples: 2. Algorithms - is about following, identifying, using, and creating an ordered set of instructions - ordering things o ascending order (e.g., from 1 to 5, or from A B C to X Y Z) o descending order (e.g., from 5 to 1, or from Z Y X to C B A) - Allows us to order the complexity of the context or content - Biological Domain o Transcription, Translation o Prediction (Gene Function, Protein Function) - Computer Science Manifestations o IF ELSE o Algorithm efficiency 3. Decomposition - Breaking down data, processes, or problems into smaller and more manageable components to solve a problem - Each subproblem can then be examined or solved individually, as they are simpler to work with - Natural way to solve problems - Also known as divide-and-conquer to synthesize the final solution - Solve complex problems o If a complex problem is not decomposed, it is much harder to solve at once. Subproblems are usually easy to tackle - Each subproblem can be solved by different parties of analysis - Decomposition forces you to analyse your problem from different aspects - Biological Domain o Biological decomposers (Fungi, Bacteria) - Computer Science Manifestations o Functions o Factorials 4. Pattern Recognition - is about observing patterns, trends and regularities in data - A pattern is a discernible regularity o The elements of a pattern repeat in a predictable manner - In computational thinking, a pattern is the spotted similarities and common differences between problems - It involves finding the similarities or patterns among small, decomposed problems, which can help us solve complex problems more efficiently - Patterns make problems simpler and easy to solve - Problems are easier to solve when they share patterns, we can use the same problem-solving solution wherever the pattern exists - The more patterns we can find, the easier and quicker our problem solving will be - Biological Domain o Gene finding o Biomarkers o Protein synthesis - Computer Science Manifestations o Machine learning o Artificial intelligence o Probability and statistics LAMS questions Module 2: Quantitative Reasoning Quantitative Reasoning Steps to obtain the desired insights - How to frame concrete numerical questions? - How to identify tools and data for analysis? - How to build models to analyse the data? - How to analyse the results you obtain? Mean - The “average” behaviour of the data points, and is computed as “average” as well - Single point statistic from entire data distribution Standard deviation - The average deviation of a data point from the Mean of the distribution - Higher SD, wider distribution Correlation - -1 ≤ 0 ≤ 1 - Margin of error is narrower/stronger correlation when CORR closer to -1 or 1 - The higher the correlation, the lower the standard error. Data Analytics: the process of converting raw data into useful information and meaningful insights to make informed decisions. Leverages on tools and techniques to perform analysis on data. (Microsoft Excel, Python) The output of data analytics generally includes visualisation, organisational reports and meaningful insights. This facilitates understanding and enables informed decision making, driving improvement and optimization across various domains. Data Analytics Process: 1) start with available data (collect data) 2) surface long term trends (analyse data) 3) focus on trajectory (analyse data) 4) data visualisation Types of Data Analytics: 1) Descriptive: main technique used are calculating summary statistics & drawing data visualisations. 2) Predictive: leveraging historical data, statistical algorithms & machine learning to forecast future outcomes. 3) Prescriptive: reccomend specific actions to optimise outcome by utilising advanced algorithms & data analysis. Helps suggest most effective action based on objectives, enabling informed decision making. LAMS questions CYBERSECURITY Advanced Offensive Tactics of attackers 1) Reconnaissance: gathering information, identifying targets, look for instances of breach accounts (exploitable vulnerabilities) 2) Weaponization: developing a payload that exploits specific vulnerabilities. 3) Delivery (via social engineering) 4) Exploitation 5) Installation 6) Command and Control 7) Actions on objectives (where damage ensues) Evolving Tactics of Attackers -Target cloud environment, 95% increase in cloud exploitation (there is good return on investment) -Key attack vectors: cloud credentials and identities targeted, lateral movement across cloud environment, cloud misconfiguration abuse. 80 5 his -Ransomeware is one of the biggest notives behind cyberattacks, -Defending against cyber attacks is challenging as although defenders use checklist to ensure safety, attackers look for interconnected vulnerabilities. + Attackers just need to find 1 vulnerability but defenders must secure ALL potential entry points. -Attackers exploit human weaknesses through social engineering tactics. -Cyber crisis management important: helps sustain business operations when recovery from an incident is prolonged or uncertain + involves senior management decision-making and business continuity planning beyond IT recovery. -Key principles of Zero Trust: implementing multi-factor authentication to verify all requests explicitly + adopt an assumed breach mindset to continually monitor for signs of compromise + use least privileged access. Cybersecurity Governance, Risk and Compliance -No one solution can address all hackers tactics and techniques. 1) Defence in Depth: solution across people. process and technology. 2) Defence in Breadth: 2 layers of firewall. 3) Defence in Diversity: diverse products and services. Module 3: Cybersecurity Phishing - Check who the sender of the email is - Be cautious before clicking on any hyperlinks (Type the correct address yourself to ensure you are viewing the actual website) - Look out for the lock icon in the address bar to ensure the website starts with https - Report suspicious email to ServiceNow@NTU - Delete the email - Do not forward the email to anyone - CIA o C: Confidentiality Protect personal information and share only what is necessary o I: Integrity Practice cyber hygiene and beware of fake sources of information o A: Availability Prevent getting locked out of devices, your actions can affect others Strong Passwords - At least 8 characters long - Contains number - Contains symbols - Contains upper case letters - Contains lower case letters - Use uncommon and nonstandard words or create a password from a sentence that makes sense to you - Do not use personal information that people who know you can guess as your password - Use different passwords for different accounts - Change passwords regularly - Use Two Factor Authentication or Multi Factor Authentication (MFA) o By enrolling your mobile number or email address to receive a one-time password, or through an authentication app Data Security - Data can exist in both physical and digital forms - Data can belong to an individual or an organization - Levels of Data Security 1. Open: Data distributed to the public or published on the internet 2. Restrict: Data made accessible to members to the community and not to the public (project reports, presentation files) 3. Confidential: Contractually defined as confidential or by nature confidential (personal identifiable information, audit reports) If data is disclosed, target can face statutory penalties ,cause damage to the organization 4. Classified: Data covered under the Official Secrets Act Unauthorised disclosure leads to damage to national security - Lock workstations when leaving desk - Adopt clean desk policy and keep desk clear - Send and store work information through organizational accounts - Keep data storage devices securely - Secure sensitive digital information through encryption Acceptable IT Usage - Use trusted Wi-Fi networks - Avoid doing sensitive transactions - Use BCC instead of CC when sending mass emails to keep the identities confidential, especially when a third party is incolved - Be mindful when connecting external devices to computer as it may contain viruses and malware - Install antivirus software and always ensure it is up to date Cybersecurity in NTU Objectives: - Confidentiality: Ensuring Data and Information cannot be read by unauthorised personnel - Integrity: Data and Information held by NTU remains accurate and unmodified by unauthorised personnel - Availability: Data and Information remains usable with sufficient capability to deliver educational services Functions: - The Cyber Security Governance: Responsible for development and maintenance of NTU Cyber security policies, standards and procedures - The Cyber Security Engineering: Responsible to explore different technologies to enhance NTU security capabilities - The Cyber Security Defence Team: Manage university Security Operations Centre (SOC). Operates 24/7 365 Days to detect and responds to any cyber-attacks against NTU Acceptable IT Usage Policy (AIUP): - serves to protect information and IT resources - reduce the risks and damages to the university by governing the usage of all its IT resources (computer, email account, mobile devices, IT services) - Dos o Update your passwords regularly o Always ensure that you keep your password safe o Use the NTU email for all official communications o Use Blind Carbon Copy (BCC) for mass emails o Keep your software updated with security patches - DONTs o Don’t share your password with anyone o Don’t forward any University document to your personal email address or online storage that’s not approved by the University o Don’t install software without appropriate licenses o Don’t turn off your anti-virus software or cancel any software updates o Don’t over share information in social media - Good habits o Spot the signs of phishing emails o Use strong passwords o Enable MFA o Secure your sensitive digital information through encryption o Follow the AIUP and conform to the security bets practices In General P: Passwords A: Anti-Virus S: Software Application S: Spot signs of phishing LAMS questions Module 4 – Fake News Falsehoods: A statement is false or misleading Misinformation: The inadvertent dissemination of false information Disinformation: The intentional dissemination of false information Fake News: A type of falsehood intentionally packaged to look like news to deceive others (intention, format, facticity) Motives: - Financial o Attracting clicks o Advertising Revenues - Ideological o Personal Agenda o Weapons of Mass Misinformation - Political satire - News parody - Propaganda - Advertising - Manipulation - Fabrication What makes people vulnerable? - Sender o Credible or familiar? o Trustworthy or similar? o Proximate or distal? - Message o Format o Plausibility - Channel o Trusted or depended on? o Closed or open? o Feedback - Receiver o Confirmation bias o Motivations o Corrections - Context o Information overload o Instability Different Sources - Original Source - Immediate Source - Invisible Source - Trusted Source - Disregarded Source Message characteristics - Plausible? - Mentions Experts? - Conversation Tone - Stirs Emotions - Asks for call to actions (Forwarding the message)? - Channels where information flows o Popularity cues o Reliance o Lack of gatekeeping o Information overload - Higher social media news use= Higher likelihood to believe in fake news - Avoiding news = more likely to believe in misinformation - Confirmation Bias: Information that aligns with our existing beliefs Informational apathy (Why people ignore telling people they are wrong about news?) - Issue Relevance: Does not concern me - Interpersonal Relationships: Do not want to offend family/friends - Personal Efficacy: There is no point in reasoning as people already believe Consequences of fake news - Short Term o Political Decisions o Business o Peace and Order o Reputation - Long term o Devaluations of Information o Erosion of trust in institutions o Larger social divisions o Chilling Effect What can we do? 1. Individuals Authentication - Internal Acts of Authentication o The Self: We are old enough to judge and think (experience) o The Source: Is the source reliable o The Message: Check the tone and see if its polemical or deliberately misleading to arouse emotions o The Message Cues: If there are more likes shares comments , , - External Acts of Authentication o Incidental & Interpersonal: By chance discussing with family or friends o Incidental & Institutional: Waiting for the follow-up news to confirm it o Intentional & Interpersonal: Asking a reliable group to verify o Intentional & Institutional: Googling the information to check - Social process Motivations for authenticating o Self-image (show that you don’t have questionable beliefs) o Group cohesion Strategies of authentication o Group beliefs; “deep stories” o Source affiliation ⁃ Sharing as authenticating Consequences of authentication o Institutionalisation of Interdependence o Ritualisation of collective authentication 2. Governments Authentication - POFMA: An Act to prevent the electronic communication in Singapore of false statement of fact, to suppress support for and counteract the effects of such communication, to safeguard against the use of online accounts for such communication and for information manipulation, to enable measures to be taken to enhance transparency of online political advertisements, and for related matters. 3. Tech companies Authentication - Intervention (pressure by the public) o Supporting third party fact checkers and journalists o Promoting media literacy among users o Reducing financial incentives for content producers o Implementing new features to flag content o Deleting post and removing accounts 4. Journalists and fact-checkers - Fact checking o Verification: The process of evaluating the story before it becomes news o Fact Checking: The process that occurs post publications - Types of Fact Checkers o Affiliated with news organisation o Government Owned o Independent Organization o Volunteer Groups o Individual - Fact Checking Tools o Monitor What's Trending o Verify Images o Verify Sites o Check the Weather - Fact Check Message o Videos o Rating Scales – demonstrate T or F o Mixed Accuracy Statements o Truth Sandwich (Correction is presented first followed by debunking the falsehood and then reiterating the correction after) Truth lie Truth → → What can we do? 1. Reflect on our own information behaviour. 2. Engage, rather than ignore. 3. Strive to understand others. 4. Use and support reliable and legitimate information sources. 5. Maximise available resources. 6. Equip ourselves. LAMS questions