Uploaded by Tsm Noobmaster

Chapter 8 ICT Summary

advertisement
CHAPTER 8
Computer security involves protecting computer systems from harm, theft, and unauthorized
use. As computer usage increases, health and security risks increase, particularly with the
internet. Physical safety concerns involve potential injuries or loss of life. Health safety focuses
on preventing illness or daily contact with computers, while physical safety focuses on
preventing serious injuries or loss.
Safety Risk
Electrocution




Fire hazard



Cause of Safety Risk
Spilling liquids / drinks on electric
equipment.
Exposed wires / damaged insulation.
Unsafe electrical equipment.
Unsafe electrics (wall sockets) in the
office.
Overloaded wall sockets (several
items plugged into one wall socket).
Overheating
of
computer
equipment (due to poor heat
dissipation).
Exposed wires causing a short
circuit.











Tripping
hazard


Trailing wires on the floor.
Damaged carpets and other flooring.



Personal
injury


Heavy equipment, unstable, or
falling from desks.
Desks collapsing under weight /
desks not designed to take the
weight.


Prevention Measures
Do not allow drinks to be taken into the
computer room.
Check all wires on regular basis and renew
wires if there is any sign of damaged insulation.
Ensure all equipment is checked by a qualified
electrician on a regular basis.
Make use of an RCB (Residual Current Breaker)
to prevent electrocution.
Increase the number of wall sockets and do not
use too many extension blocks.
Do not cover the cooling vents on computer
equipment.
Clean out dust accumulation in computers to
prevent overheating.
Make sure all equipment is fully tested on a
regular basis.
Ensure there is good room ventilation.
Use low-voltage equipment wherever possible.
Have a number of fully tested carbon dioxide /
dry powder fire extinguishers.
Use cable ducts to make the wires safe.
Cover exposed wires and hide wires under
desks away from general throughfare.
Use wireless connectivity wherever possible,
therefore eliminating the need for trailing
cables.
Use desks strong enough to take the weight of
the computer equipment.
Use large desks and cables so that hardware is
not too close to the edge where it could fall of.
Computer systems are crucial for protecting data and information from harm, theft, and
unauthorized use. As computer usage increases, so do the risks associated with data storage.
Legislation is in place to prevent incorrect or inaccurate data storage, including Data Protection
Acts (DPAs) for both computerized and paper records. These acts protect the rights of
individuals involved in data collection, use, disclosure, destruction, and holding. Failure to
comply can result in fines or imprisonment in many countries.
To prevent data theft, avoid leaving personal information on desks, locking cabinets at the end
of the day, and not leaving data on unattended computer monitors. Log off from the computer
when away from your desk for extended periods. Use secure passwords and user IDs, keeping
them difficult to guess and change frequently. Ensure sensitive emails or faxes are not sent.
Data protection involves fair and lawful processing for the started purpose, ensuring adequate,
relevant, accurate, and not excessive data. Data should not be kept longer than necessary, and
processed in accordance with the data subject's rights. Data must be kept secure and not
transferred to another country without adequate protection.
Personal data includes information about a living person, such as name, address, ID card
number, IP address, and cookie ID. This data can be identified through the individual's
information or in combination with other data.
Personal data, including sensitive information like ethnicity, political views, membership in a
political party, religion, and sexual orientation, is crucial for maintaining confidentiality and
preventing inappropriate disclosure. Encrypting data can help protect it from hackers and
accidental disclosure, ensuring that sensitive information remains secure and protected from
misuse. Therefore, it is essential to take necessary precautions to protect personal and
sensitive data.
E-safety is the balance between the benefits, risks, and responsibilities of using ICT, including
the internet. It involves user behavior and electronic security, particularly when using the
internet. To minimize potential danger, ensure trusted websites, purchase items from secure,
encrypted connections, set device settings to ‘safe search', use recommended websites from
trusted sources, and keep anti-malware software running in the background. It's also important
to log out of sites when finished using them. This approach ensures the safe and responsible
use of technology, while also promoting user behavior and electronic security.
EMAILS
Emails can be dangerous if they come from unknown sources. To avoid these risks, only open
emails from known sources, use an effective email filter, reply only to known senders, verify
email addresses with the real company's website, avoid personal data, and send photos of
yourself. Be cautious of phishing and pharming scams, use strong passwords, and be cautious
when forwarding emails. Avoid clicking on hyperlinks, using unsubscribe links, and using Cc or
To boxes when sending multiple emails.
ONLINE GAMING
Online gaming, a popular form of entertainment, often attracts games players who may not be
aware of the potential risks associated with such activities. These risks include predators,
cyberbullying, webcam use, and voice-masking technology. Additionally, online gaming can lead
to cyber attacks on users' devices and even actual violence in the game itself, which can
potentially escalate into violent behavior in real life.
SOCIAL MEDIA
When using social media, it is crucial to be cautious and know how to block undesirable people.
Avoid sharing personal information, including email addresses or house addresses, with
unknown individuals, and use privacy settings to ensure only trusted individuals can see your
photos. Avoid posting photos in school uniforms, maintain privacy settings, and only make
friends with known or well-known individuals. Be vigilant when using social networking sites,
instant messaging, or chat rooms, reporting suspicious behavior and using appropriate
language. Always use a nickname instead of your real name in chat rooms. Keep private and
personal data secret, and only enter public spaces for private chat rooms. Never arrange to
meet someone on your own, always tell an adult first and meet in a public place. Avoid misuse
of images, including forwarding on others' images, and respect people's confidentiality. In
summary, it is essential to be cautious when using social media and to be vigilant about the
dangers of sharing personal information, sending photos, and respecting confidentiality.
SECURITY OF DATA
Data security is crucial in protecting digital information from unauthorized access throughout its
entire lifecycle. Utilizing technologies like encryption, data masking, and redaction can
streamline audits and regulatory compliance. These tools enhance visibility into critical data
locations and usage, ensuring data security throughout the entire lifecycle.
SUMMARY TYPES OF MALWARES
1. Viruses are programs that replicate to delete or corrupt files, requiring an active host program
on the infected computer or operating system before they can run.
2. Worms are standalone viruses that replicate to spread to other computers, often exploiting
weak security vulnerabilities in networks to exploit their potential.
3. Trojan horses are malicious programs disguised as legitimate software, replacing all parts of
it with the intention of causing harm to the user's computer system.
4. Spyware is software that monitors and collects information, often monitoring key presses, and
sends it back to the sender.
5. Adware is software that displays unwanted advertising, often in the form of pop-ups, and
redirects the user to a fake website with promotional adverbs, often in the browser address
window.
6. Ransomware is a type of software that encrypts user data, requiring payment for a decryption
key, often transmitted through a trojan horse or social engineering.
CARD FRAUD
Card fraud is the illegal use of credit or debit cards, often resulting from theft or cloning.
Shoulder surfing is a form of data theft where criminals steal personal information from victims
while using cash dispensing machines, handheld point-of-sale devices, or smartphones. To
avoid this, shield the keyboard when using ATMs, never key in data in a public place, and avoid
speaking card details into your smartphone. In public places, avoid near security cameras and
use biometrics on your device. Card cloning involves copying a credit or debit card using a
magnetic stripe, which can be recorded by a skimmer. Skimmers can be placed in ATM slots to
read all data from a card. Smart cards, which contain a microchip, have been introduced to
combat card cloning and provide more security. A different device, known as a shimmer, is now
used to read these smart cards.
PROTECTION OF DATA
Data protection is crucial in safeguarding sensitive information from damage, loss, or corruption,
especially as the volume of data generated and stored has surged. Authentication and
encryption are essential tools for verifying data source security and enhancing internet data
security.
BIOMETRICS
1.Fingerprints
 Very high accuracy.
 One of the most developed biometric techniques.
 Very easy to use.
 Relatively small storage requirements for the biometric data created.
 For some people it is very intrusive, because it is related to criminal identification.
2.Signature Recognition
 Non-intrusive.
 Requires very little time to verify.
 Relatively low-cost technology.
 If individuals do not sign their names in a consistent manner there may be problems with
signature verification.
 High error rate of 1 in 50. It can make mistakes if the skin is dirty or damaged.
3. Retina Scans
 Very high accuracy.
 There is no known way to replicate a person's retina pattern.
 It is very intrusive.
 It can be relatively slow to verify retina scan with stored scans.
 Very expensive to install and set up.
4.Iris recognition
 Very high accuracy.
 Verification time is generally less than five seconds.
 Very intrusive.
 Uses a lot of memory for the data to be stored.
 Very expensive to install and set up.
4.Face recognition
 Non-intrusive method.
 Relatively inexpensive technology.
 It is affected by changes in lighting, the person's hair, their age, and if the person is wearing
spectacles.
5.Voice Recognition
 Non-intrusive method.
 Verification takes less than five seconds.
 A person's voice can be easily recorded and used for unauthorized access.
 Low accuracy.
 An illness, can changes a person's voice, making absolute identification difficult or impossible.
DIGITAL CERTIFICATES
Digital certificate is a pair of files stored on user’s computer – these are used to ensure the
security of data sent over the internet. Each pair of files is divided into two:


Public key (which can be accessed by anyone).
Private key (known to the computer user only).
SECURE SOCKET LAYER (SSL)
SSL is a protocol that ensures secure data transmission over the internet. It encrypts data when
a user logs onto a website, allowing only the user's computer and web server to understand it.
SSL certificates, small data files, digitally bind an encryption key to an organization's details.
When installed on a web server, they display the green padlock and the https protocol.
ENCYRPTION
Encryption protects data from hacking or illegal access, but it is useless unless the recipient has
the necessary decryption tools. Example of Encryption and Decryption:
Encrypt the connection with your email
provider
Encrypt the actual email
messages
Encrypt stored or archives email
messages

Encryption
of
emails
themselves prevents a
hacker making sense of any
intercepted messages.


Encrypting
your
email
supplier
connection
safeguards
against
unauthorized users from intercepting and
capturing login details and any sent or
received emails.
Encryption provides additional protection
for emails as they leave your email
supplier's server and travel to their
destination server.

Any backed-up messages
stored on your email
supplier’s server also need to
be encrypted.
It a hacker acquires access to
this server, they could then
gain access to your stored or
archived messages.
FIREWALL
A firewall, either software or hardware, protects a user's computer from external threats by
filtering incoming and outgoing network traffic, allowing or denying access based on user
preferences.
Two-factor Authentication
Two-factor authentication utilizes common factors such as a PIN code, a mobile device, and
unique biometrics for verification, primarily used in online purchases with credit/debit cards, to
ensure user identity.
USER ID AND PASSWORD
Passwords are essential for securing data and systems, and should be hard to break and
frequently changed. They are also used for internet access. To protect passwords, run antispyware software and change them regularly. Strong passwords should contain at least one
capital letter, one numerical value, and one other keyboard character, while being easy to
remember.
Download