CIS105: Computer Applications & Information Systems Lect. 11 - toshiki-notebook

Midterm reminder: March 28th - 29th

• Exam Review after Chapter 11KC


• 40 new questions, 10 KC questions
  
  
  
  • Same format as last time
  
  
  
  

11.1: System Security & Computer Privacy ​

• An unsecured computer is extremely easy to breach by any seasoned hacker


• Computer Security: Concerned with risk management, confidentiality, integrity, and the availability of the electronic info processed and stored within a computing system


• Risk Management: Includes the recognition, consequences, and assessment of risk to a computer's assets, and developing strategies to manage and protect them

11.2: Business System Threats ​

• Intranet: A businesses' private version of the internet


• The key aspect of an intranet is privacy


• Firewall: Hardware and software working together to ensure that only authorized personnel can access the business' intranet

11.3: Firewall ​

• Without a firewall, an intranet is just another part of the internet


• Proxy Server: A special security computer that allows communication to flow in and out of an intranet to check for external threats


• Two standard security practices for firewalls:
  
  
  
  • Default-Deny
  
  
  • Default-Allow
  
  
  
  

11.4: Malware Threats ​

• The term "virus" comes from biology


• Malware Motivations:
  
  
  
  • Experimental Malware
  
  
  • Worms
  
  
  • Trojan Horses
  
  
  • Spyware/Keylogging
  
  
  • Adware
  
  
  • Spamming
  
  
  • Denial-of-Service Attach (DoS)
    
    
    
    • The deadliest
    
    
    
    
  
  
  • Reverse Phishing - "Spear Phishing"
  
  
  
  

11.5: Malware Solutions ​

• Antivirus Software
  
  
  
  • Norton AntiVirus
  
  
  • McAfee's VirusScan
  
  
  
  


• System patches


• Data Backup


• Employee training

11.6: Internet Fraud ​

• Internet fraud: Any fraudulent activity in an online setting


• Google AdSense, Google's advertising network; the middleman between the advertiser and the website owner


• Click Fraud: a program that automatically clicks on Ads


• Purchase Scam: scammer asks seller to pay for shipping via credit card, cancels credit card after order has shipped


• Most uncomplicated type of internet fraud


• Phishing: Uses social engineering techniques to gain private information

11.7: Computer Privacy ​

• Privacy: The ability of an individual to keep their personal information out of public view


• Anonymous: One's personal identity Is not be known


• Tracking Cookie: A small text file that tracks your interaction on a website


• History files: A list of stored or cached websites on a user's computer

50% of the time an unsecured computer can be hacked, and a password can be guessed

11.8: Identity Theft ​

• Identity theft: A crime concerning the unlawful practice of assuming another individual's identity


• Ways to acquire personal information:
  
  
  
  • Shoulder Surfing
  
  
  • Dumpster Diving
  
  
  
  


• SCAM
  
  
  
  • Stingy
  
  
  • Check
  
  
  • Ask
  
  
  • Maintain
  
  
  
  


• ASU's Recommended Password Manager: Stache
  
  
  
  • Bitwarden, 1Password, Dashlane, Keeper, KeePass