Upload
miles-phelps
View
222
Download
0
Tags:
Embed Size (px)
Citation preview
Our Digital WorldSecond Edition
Chapter 8
Digital Defense: Securing Your Data and Privacy
© Paradigm Publishing, Inc. 2
This chapter will help you to:
• Recognize risks of a networked computer.• Explain types of malware and anti-malware tools.• Identify a trusted online site.• Understand security risks of mobile devices.• Identify risks to hardware and software in the
workplace.
© Paradigm Publishing, Inc. 3
Main Topics• 8.1 The Role of Security and Privacy in Your
Digital World • 8.2 When Security Gets Personal• 8.3 Mobile Security• 8.4 Security at Work• 8.5 Security Defenses Everybody Can Use
© Paradigm Publishing, Inc. 4
Why Should You Care?
• Digital information is valuable and at risk.
• Antivirus software alone isn’t enough.
• Save time and become less vulnerable.
© Paradigm Publishing, Inc. 5
8.1 The Role of Security and Privacy in Your Digital World
© Paradigm Publishing, Inc. 6
Understand Security Threats
• Computer security protects your network and computers.
• Data loss prevention plan reduces risk.• Various threats from malware.• Several sources for threats.
© Paradigm Publishing, Inc. 7
The Secure PC
© Paradigm Publishing, Inc. 8
Spotlight on the Future
• What are some recent digital attacks that Silverman references?
• What is Silverman’s opinion about the future of computer and network security?
• What steps does Silverman advocate for improving computer security?
• Does Silverman think there’s a “magic bullet” that will greatly reduce computer crime? If so, what is it?
• What is “spearfishing” in the context of computer crime?
The Changing Face of Online Crime
© Paradigm Publishing, Inc. 9
Basic Tools of Computer Security
• Authentication.• Technology.• User procedures.
© Paradigm Publishing, Inc. 10
Terms to Know
• computer security• data loss prevention (DLP)• hacker• Authentication• Advanced persistent threat (APT)
© Paradigm Publishing, Inc. 11
Ask Yourself…
What aspect of computer security minimizes risk of loss or theft of data?
a. damage loss plan
b. data loss prevention
c. requiring that all users log in with the same password
d. None of the above
8.2 When Security Gets Personal
© Paradigm Publishing, Inc. 12
© Paradigm Publishing, Inc. 13
Protecting Home Networks
• Unprotected networks are vulnerable.• Access point or router password protection.• Encryption codes data.
© Paradigm Publishing, Inc. 14
Public Key Encryption
© Paradigm Publishing, Inc. 15
Understanding Malware
• Malicious software installs itself on your computer.• Results include pop-ups, viruses, or tracking.• Malware includes:– Viruses– Trojans– Macro viruses and logic bombs– Rootkits– Spyware– Adware
© Paradigm Publishing, Inc. 16
Virus Attacks
© Paradigm Publishing, Inc. 17
Worm Attacks
© Paradigm Publishing, Inc. 18
Trojan Horse
© Paradigm Publishing, Inc. 19
Spyware and Adware
• Spyware spies on the activity of a computer users.
• Adware delivers ads.
© Paradigm Publishing, Inc. 20
How Malware Uses Botnets
© Paradigm Publishing, Inc. 21
How Malware Is Spread
• Opening an email attachment that contains an executable file.
• Downloading a picture with a virus in it.• Visiting an infected website.• Sharing infected storage devices.• Connecting to an infected network.
© Paradigm Publishing, Inc. 22
Playing It Safe
• Email chain letters are used to deliver malware.
• Collect email addresses for spamming.
© Paradigm Publishing, Inc. 23
Recognizing Secure Sites
• Familiarity and accreditations.
• Transport Layer Security (TSL).
• Site advisors.• Use of cookies.
© Paradigm Publishing, Inc. 24
Defensive Browsing
• Free offers really aren’t free.• Risks of clicking on links in
advertisements.• Risks of clicking on email attachments.
© Paradigm Publishing, Inc. 25
Terms to Know
• encryption• public key• private key• public key encryption• Wi-Fi Protected Access (WPA)• Wired Equivalent Privacy (WEP)• malware• spam• virus
© Paradigm Publishing, Inc. 26
Terms to Know
• worm• Trojan horse• macro virus• logic bomb virus• rootkit• botnet• zombie
© Paradigm Publishing, Inc. 27
Terms to Know
• spyware• adware• scareware• Transport Layer Security (TLS)• cookie• Secure Socket Layer (SSL)• phishing
© Paradigm Publishing, Inc. 28
Ask Yourself…
When looking for a trustworthy retailer, it is best to
a. follow an email link from a retailer that has a free offer.
b. follow links in an advertisement to locate retailers that provide the item at a good price.
c. enter the URL for a brick-and-mortar retail store.
d. All of the above
8.3 Mobile Security
© Paradigm Publishing, Inc. 29
© Paradigm Publishing, Inc. 30
Protecting a Laptop
• Use a lock. • Use a fingerprint
reader.• Activate password
protection.• Company mobile
computing policies.
© Paradigm Publishing, Inc. 31
Using Public Wi-Fi Access
• Public computers aren’t protected.
• Avoid accessing financial accounts or making purchases.
© Paradigm Publishing, Inc. 32
Cell Phone Safety
• Cell phone theft.• Exposure when using Bluetooth.
© Paradigm Publishing, Inc. 33
Ask Yourself…
What can you do to protect your laptop?a. enable password protection.
b. purchase a fingerprint reader
c. use a cable and lock.
d. All of the above
8.4 Security at Work
© Paradigm Publishing, Inc. 34
Corporate Security Tools
• Intrusion Prevision System (IPS)• Honeypot• Symmetric encryption
© Paradigm Publishing, Inc. 35
© Paradigm Publishing, Inc. 36
Symmetric Encryption
© Paradigm Publishing, Inc. 37
Controlling Access
• Physical security.• Authentication.• Employee training.
© Paradigm Publishing, Inc. 38
Denial of Service Attacks
© Paradigm Publishing, Inc. 39
Disaster Planning and Training
• Disaster recovery plan (DRP).• Backing up.• Uninterruptable power supply (UPS).• Employee training.
© Paradigm Publishing, Inc. 40
Computers in Your Career
• Extracting evidence from computers.• Decrypting data.• Mobile forensics.
© Paradigm Publishing, Inc. 41
Terms to Know
• symmetric encryption• Intrusion Prevention System (IPS)• anomaly-based intrusion detection
system• honeypot• social engineer• biometrics• spoofing
© Paradigm Publishing, Inc. 42
Terms to Know
• denial-of-service (DoS) attack• disaster recovery plan (DRP)• cold server• warm server• hot server• failover
© Paradigm Publishing, Inc. 43
Terms to Know
• surge protector• uninterruptible power supply (UPS)• cyberforensics• mobile forensics• decryption• digital rights management (DRM)
© Paradigm Publishing, Inc. 44
Ask Yourself…
What is the process of redirecting users to a hot server called?
a. disaster recovery
b. failsafe
c. failover
d. cold server fallback
8.5 Security Defenses Everybody Can Use
© Paradigm Publishing, Inc. 45
© Paradigm Publishing, Inc. 46
Security Defenses
• Firewalls.• Antivirus/antispyware.• Using passwords
effectively.
© Paradigm Publishing, Inc. 47
Terms to Know
• antivirus software• antispyware software• virus definitions• strong password• digital certificate• digital signature
© Paradigm Publishing, Inc. 48
Ask Yourself…
What do some forms of authentication rely on to a great extent?
a. strong user passwords
b. frequent software updates
c. antivirus definitions
d. firewalls
Our Digital World
© Paradigm Publishing, Inc. 49