Scan 04.pdf

Full Transcript

Chapter 1: Data Privacy
Data stored about a person or an organization must remain private and unauthorized access to the data must
be prevented - data privacy is required. So Data must/should be

Fairly and lawfully processed

? Processed for the stated purpose

? Adequate, relevant, not excessive and, accurate

N o t be kept longer than necessary, and kept secure

? Processed i n accordance with the data subject's rights

? N o t be transferred to another country w/oadequate protection
2.1: U s e r accounts
U s e r accounts are used t o authenticate a user

? Used on both standalone and networked computers

? Authentication usually done through a screen prompt asking for a

u s e r n a m e and p a s s w o r d

U s e r accounts c o n t r o l access r i g h t s

? Most systems have a hierarchy of access levels based on a person's
L O G I N

level o f security Rememetime

? Hierarchy achieved by linking each username (account) to the

appropriate level of access

7:52 PM
200m < )
10/29/2024
 2.2: Use o f passwords
Passwords are used to restrict access to data or systems. They should be hard to crack and changed frequently to
retain security. Passwords can also take the form o f biometrics. We use passwords for example

A c c e s s i n g e m a i l accounts
? Carryingout online banking or shopping
Accessing social networking sites. S i d e
 2.2: Use of passwords
It is important that passwords are protected. Some ways o f doing this are to
R u n anti-spyware software

? Regularly change passwords. M a k e sure passwords are difficult to crack or guess (for example, do not use your date o f birth or pet's

name)

Strong passwords should contain
? A t least one capital letter. A t least one numerical value

? A t least one other keyboard character (such as @,*, &)

2. v M u l t i p l e Choice 10 sec

nich o n e y o u t h i n k is as t r o n g password?

7:52 P M
10/29/2024
 2.3 Use of firewalls
? F r e a l l s can be software or h a r d r a r e - b a s e d

Monitor & flter mfo gong into out of your derice from the Internet

O Allow users to approve deny comm wextemal sources & alert them

Tasks performed by firewalls:

- Examine t r a f i c between devices'public n e t v o r k s
Server
- B l o c k t r a f i c t h a t doesn't match specific criteria

-Log all ingoing outgoing traffic for future analysis Internet
Firewall
- P r e v e n t access t o h a r m f u l I P addresses Y o u r PC

-Help protect vs.vinuses, hackers
Hacker
- W a r n users i f any s o f t w a r e tries c o n n e c t i n g t o e x t e r n a l d a t a sources
 2.4 Use of Antivirus software
? Antivirus software continuously monitors for virus attacks i n the background

Different A V software (like Microsoft defender preinstalled i n w i n d o w s 10/11) function differently,

c o m m o n functions include:

o Checking software/files prior to execution

o Comparison with known virus database

o Heuristic checking for suspicious behavior

Quarantine suspect f l e s ; allowing automatic removal or manual review

Regular updates necessary due to constant discovery o f new viruses

W e e k l y f u l l system scans recommended to detect dormant viruses

Slide
 2.5 Use of Encryption
In simpler terns, encryption takesreadable data (plaintext) and alters it so that it appcars random
(ciphertext).
I n more technical terms, it is a mathematical process that alters data using an encryption algorithm and a kéy.
The key and the process is complex enough that a brute force attack (trying to guess or trying all possible
combinations) is unlikely to succeed i n a reasonable time.

Decryption is the process to transform unreadable data back to readable format using the same key or a
different decryption key, However

offers no protection against file deletion by attackers

only safeguards data integrity & confidentiality

slide
2.6USe of Biometrics
? In an attempt to stay one step ahead of hackers and malware writers, many modern computer devices

use biometrics as part o f the password system

? Biometrics rely on the unique characteristics of human beings. Examples include fingerprint scans,

retina scans (pattern of blood capillary structure), face recognition and voice recognition
 3.1 Hacking
There are two types o f backing: malicious and ethical.

? Malicious: Unauthorized access, aims at harm e.g., stealing sensitive info, mnodifying files

o Mitigation: strong passwords, firewalls, intrusion detection tools

? E t h i c a l ( " W h i t e H a t " ) : A u t h o r i z e d testing, evaluating cyber security strength

o L e g a l , commissioned b y organizations, compensated
 3.2 M a l w a r e
Malwares are small programs and are one of the biggest risks to the integrity and sccurity o f data on a
computer system. Antivirus/ Malware removers are nccdcd to removethese.

? Viruses: Selfreplicate, dclete comupt filcs., require active bost prog i n f e c t e d o s

? Worms: Stand-alonc viruscs sccking other vuinerable computers via networks

? Logie Bombs: Embedded codes triggered under specified conditions ( e g. dates)

? Trojans: Harmful progs. masqucrading as legit. softwarcs, replacing parts

? Bots: Automated scripts: potential harn from unauthorized takeover & attacks

?Spyware: Monitors keystrokes, scnds gathercd info to scnder (keylogging)

25.Slide Previ
 3.3 Phishing
Phishing is when someone sends legitimate-looking emails to users containing links or attachments which, when
clicked. take the user toa fake website, or they may trick the user into responding with personal data such as bank

account details or credit card numbers.

Here are condensed points to fit in one slide regarding preventing phishing attacks:
- Be vigilant for new phishing scams (do a web search to see if someone has reported such scams)
- Avoid clicking unconfimed links and unknown File Downloads
- Be cautious of offers that are too good to betrue
-Utilize anti-phishing toolbars on web browsers (tablets, smartphones) for warnings on potentially dangerous URLs
-Periodically examine digital accounts, modify passwords routinely
 Additional steps to take to stay safe and protect your data
w h i l e surfing the internet

? Use 2 F a c t o r Authentication i f available. In 2FA the user is prompted to log in to their account on a

website or application using their usename and password as usual but then

o the user is prompted to provide a second form o f authentication like a phone number,

fingerprint, or security code.

o I n m a n y cases a o n e - t i m e c o d e ( o r o n e t i m e p a s s w o r d O T P ) is sent t o a m o b i l e d e v i c e or

e m a i l address.

o T h a t o n e - t i m e c o d e m u s t also be entered to v e r i f y a c c o u n t o w n e r s h i p b e f o r e t h e user c a n l o g

i n a n d access t h e i r account.
 A d d i t i o n a l steps to take to stay safe a n d protect y o u r data

w h i l e s u r f i n g the i n t e r n e t

? Use a Virtual Private Network (VPN) or Private Browsing

o V P N encrypts your data and location (IP address) and

O allows you to change your virtual location to bypass geo-locked websites

? Check and understand your Social Media Account's privacy setting

O to control w h o can see y o u r personal information

o t o limit access to your profle

o These help protect your data from being misused

? Turn o f f GPS, Bluetooth
 A d d i t i o n a l steps t o take to stay safe and protect y o u r data

while surfing the internet

? Check and understand your browser settings

o Deactivate A u t o f i l l Feature

o Do not let it save your password

o Log out o f accounts instead of just closing the browser

Update cookies and set alerts

o Use caution w i t h hotspots and public W i - F i

o Watch for " H T T P S " and green lock icon in address bars suggesting secured connection

E n p l o y recent browser version equipped with newest safety enhancements

Use caution when using P2P or Tor applications to access the "dark web"

33.SIide Preview
 Computer Ethics
Computer ethics is a set o f principles set out to regulate the use o f computers.
T h r e e f a c t o r s are c o n s i d e r e d :

Intellectual property rights, for example, copying o f software / datawithout the permission o f the owner.

? Privacy issues, for example, hacking or any illegal access to another person's personal data.

? Effect o f computers on society, for example, job losses, social impacts, and so on.

35.Slide Preview
 Internet Ethics / Etiquette
Netiquette and online ethics refer to guidelines for proper conduct in online settings

? What does good web etiquette Look Like?

Recognizing that the internet is an extension o f society, Applying the same standards online as we do in

public

Respect others' privacy - do not share other's private information to others

o Share personal infomation (text, photos) wisely - these will probably live forever and your future

employers and collaborators are likely to check your online profile

3 6. S l i d e O Preview
 Internct Ethics / Etiquette
? Acknowledging cultural differences

o f i n d ways to accept that the social values and n o m s o f some netizens w i l l not be the social values and

norms o f all netizens.

? Refuse to empower abuse and harassment w h i l e online

o theft, b u l l y i n g , h a r a s s m e n t o n l i n e is s t i l l theft. b u l l y i n g a n d harassment

Keep the spam to a minimum

y o u d o n tneed to forward every chain emailyou receive or share every article you read on social media

O share content that is meaningful

Slide