8. Safety and security Flashcards
1
Q
What is physical safety?
A
All about ensuring that you do not suffer any harm whilst working with computers
2
Q
Examples of physical safety issues
A
Electrocution
Fire
Tripping over wires
Heavy equipment falling on you
3
Q
Electrocution
A
Harm, or even death caused by an electric current passing through the body
4
Q
Causes of electrocution
A
Faulty equipment
Spilling drinks over electrical equipment
Opening up an electrical device and messing with the hardware inside
5
Q
Prevention of electrocution
A
Make sure wires and insulated
Keep drinks away from equipment
Report any malfunctioning
6
Q
Causes of fires
A
Too many devices plugged into a single mains outlet
7
Q
Prevention of fires
A
Plenty of main outlets
Don’t plug too many devices in the same outlet
Turn off and unplug devices of away for a long time
Fire extinguisher
8
Q
Causes of tripping over wires
A
Long wires or cables trailing across a floor
9
Q
Prevention of tripping over wires
A
Encase the wires
Tuck under carpets or desks
Use wireless technology
10
Q
Causes of heavy equipment falling
A
Not positioned securely onto desks
Poor quality and flimsy desks
11
Q
Prevention of falling equipment
A
Make sure that equipment is positioned away from the edge of desks
Plenty of space on the table
Strong desks/tables
12
Q
Potential dangers of the Internet
A
Cyber predators
Cyber bullies
Data theft
Adult content
13
Q
What is personal data?
A
Anything that can be used to identify a person
14
Q
Examples of personal data
A
Name
Address
Phone number
Photograph
Bank details
15
Q
Why should you keep personal data private?
A
Prevent identity theft
Prevent theft of your money
Prevent burglary of your home
Prevent physical harm to yourself
16
Q
What is e-safety?
A
Knowing how to use the Internet safely
17
Q
How to use the Internet safely?
A
Never reveal personal info
Only use websites recommended by teachers or parents
Only open emails from people you know
Know how to block people on social media and in chat rooms
Never post or email pictures of yourself in school uniform
Report unwanted users
Use the privacy controls on social media
18
Q
Precautions when playing games online
A
Never reveal personal info
Use a nickname as your game name
Play online games that use anti-virus software
Know how to block people in the game
Report unwanted users
19
Q
What is hacking?
A
Where people gain unauthorised access to computer systems
20
Q
What is a key logger?
A
A special type of software that is secretly sent to a computer system and then ‘logs’ every key press that user of the system make
21
Q
Why do people try to hack into computer systems?
A
Cause damage to files or data by deleting or changing them
Commit fraud by stealing data
Access sensitive information
See if they are clever enough to beat the system’s security
22
Q
Effects of hacking
A
Identity theft
Theft of money
Stealing of customer information
Stealing email addresses
Loss of important information
23
Q
What is ‘authentication’?
A
Check that a person accessing a computer system or a network is allowed to do so.
24
Q
User-IDs and passwords
A
If the correct user enters the correct password, they would be given access to the computer network.
25
User-IDs
are unique and identifies particular users as they log onto a computer system or a network
26
Passwords
a combination of letters, numbers and symbols and should only be known by the user who owns it
27
How to use a password effectively
change your password often
keep your password secret
don’t write your password down anywhere
28
Biometric authorisation
users are authenticated using one of their body parts
e.g. face scans
iris scans
fingerprint
29
Advantages of using biometric authentication
passwords can be forgotten, while body parts aren’t
not possible to forge body parts
30
Disadvantages of using biometric authentication
high initial costs
31
How to protect data online?
Digital certificates
Secure socket layer (SSL)
32
What are digital certificates?
attached to emails and websites in order to prove who has sent the message
33
What does the digital certificate consist of?
Sender’s email address
Name of the sender
A serial number
Certificate expiry date
34
What is a secure socket layer?
used on websites where we use bank or credit card details in order to make purchases
e.g. httpS
35
How does a SSL work?
encrypts the connection between your computer and the e-commerce website and ensure that all transactions are secure
36
What is ‘phishing’?
when fraudsters try and ‘bait’ users into giving up our bank details, credit card info, usernames and passwords
37
Where does phishing usually happen?
usually carried out over emails pretending to be from legitimate organisations like banks and building societies
38
How to protect yourself against phishing?
never give out bank details and passwords over email
phishing sometimes promise you enormous wealth -> ignore them
report any phishing attempts to your email account provider
don’t respond to emails from people you do not know
39
What is ‘pharming’?
obtain personal information such as usernames, passwords and bank details but target shopping and banking websites
40
How is pharming done?
infect legitimate websites with malicious code that will re-direct you to their bogus version of the website
41
How to protect yourself against pharming?
1. check the URL of the website
2. make sure you are on a secure website (https)
42
What is ‘smishing’?
SMS phishing - phishing through text messages
43
How to protect yourself against smishing?
never give your bank details or passwords out over phone or text message
ignore text messages from people you don’t know
report any phishing attempts to your mobile phone company
44
What is ‘spam’?
‘junk email’ or ‘bulk email’ sent automatically to thousands, or even millions of email inboxes
45
Why do people send spam?
attempt to gain people’s personal data (like bank info) through phishing
advertise low quality products
spread viruses
46
How do spammer get your email address?
mailing lists
social networking sites
chat rooms
programs that automatically trawl through websites looking for and collecting email addresses
bought illegally from dishonest employees of a busines
47
How to recognise spam email?
strange sender
you are asked to buy something or send cash
asked to send passwords, bank details or other personal information
email is full of spelling or grammar errors
asked to carry out a task immediately
asked to click a link
48
How to prevent spam?
use spam filters
don’t post your email address in public websites like chat rooms or social networking sites
49
What is encryption?
scrambing data into garbled code using an encryption key, so even if data is stolen, it cannot be understood by the thief
50
Process of encrypting a file
create an encryption key
give the receiver a copy of the encryption key
encrypt the personal message using encryption software and the encryption key. once encrypted, the message will just look like scrambled nonsense
send the encrypted message to the receiver via the internet
the receiver gets the message and decrypts it by the encryption key
51
When should you get encryption?
files containing bank account or credit card data
buying items on the internet using credit/bank cards
any data containing confidential medial records
emails you wish to remain private
any data that can be used to commit identity fraud
52
Moderated forums
where all user comments are checked by an administrator before they are posted onto the forum
53
Un-moderated forum
used for online discussions but they do not have administrators or moderators
54
The security of moderated and un-moderated forums
Moderated:
no racist or offensive content
no swearing
less chance of being exposed to spam
personal data is more secure
Un-moderated:
high chance of being exposed to racist/offensive content
swear words
spam adverts
greater risks of phishing
55
Computer virus
programs that automatically make copies of themselves and then attach to other files within the computer
56
Effects of computer virus
pop-up messages on the screen
computer slows down and crashes a lot
delete important files or data
access personal data like passwords, bank details or credit card numbers
57
How do viruses infect computers?
download infected files from the internet
email attachments
portable storage media
58
How to prevent virus infection?
use up-to-date anti-virus software
use genuine copies of software
only open email attachments from people you trust
download software from legitimate websites
59
Security risks of storing data in the cloud
have no control over the physical security of the data
online storage company might go out of business
hackers
back-ups of data
60
What is a ‘firewall’?
a program or hardware device that filters the data packets coming through the internet connection into your computer. [network]
61
Why are firewalls used?
protect your system from hackers, keyloggers, cyber threats
62
VIRUS
- malicious code that infects a computer
attaches itself to files
replicate itself
🏃 causes computer to shut down/crash
🏃 causes computer to slow down
🏃 files up computer memory
🏃 delete/corrupte data
🏃 corrupt/ erase content of hard disk
63
Impact of VIRUS
🏃 causes computer to shut down/crash
🏃 causes computer to slow down
🏃 files up computer memory
🏃 delte/corrupte data
64
what is a virus
malicious code that infects a computer
attaches itself to files
replicate itself
65
List the health risks posed by computer systems.
Back and neck problems/ strain
RSI (Repetitive strain injury)
Eyestrain
Headache
Ozone irritation
66
What causes back and neck problems and how can they be reduced?
Caused by sitting in front of computer for a long time
* Use adjustable ergonomic chairs and workstation
*Maintain correct posture and use footrests
*Use screens that can be tilted so neck is at the right angle
67
What causes RSI and how can it be reduced?
It is the damage to finger and wrists caused by continuous use of mouse or keyboard.
* Take regular breaks and do exercise
* Use voice-activated software wherever possible
* Use ergonomic devices
* Use wrist rest
* Maintain correct posture of arms
68
What causes eyestrain and how can it be reduced?
Caused by staring at a screen for too long or incorrect lighting.
* Change from CRT to LCD so there is less flickering
* Use antiglare screens
* Use window blinds to reduce sunlight entering
* Get regular eye check-ups or use glasses
* Take regular breaks
69
What causes headache and how can it be reduced?
Caused by incorrect lighting, flickering screens and screen reflections.
* Use LCD screens
* Use anti-glare screens
* Take regular breaks
* Test your eyes
70
What causes ozone irritation and how can it be reduced?
Caused by laser printers (dry skin and respiratory problems).
* Use a separate room for printers
* Switch to inkjet printers
* Have proper ventilation in the office
71
List the safety risks posed by computers.
Trailing wires (trip hazard)
Electrocution
Fire hazard
Heavy equipment falling and causing injury
72
List ways of reducing risk of electrocution.
Check equipment regularly
Don’t bring drinks/ fluids near computers
Use an RCB (residual current breaker)
Insulate wires
73
List ways of reducing risk of tripping over trailing wires.
Tuck away wires and cover them
Use wireless wherever possible
Use cable ducts
74
List ways of reducing risk of injury by heavy equipment.
Use strong desks and supports
Use large desks
Don’t place equipment near edge as they could fall
75
List ways of reducing risk of fires.
* Check equipment regularly
* Don’t overload sockets with too many items
* Have a CO2 extinguisher in the office
* Ensure there is good ventilation to prevent
overheating
* Don’t cover equipment or any vents
*Use low voltage hardware (LCD instead of CRT)
76
What are few precautions home users can take to prevent health and safety risks?
* Don’t bring drinks near electronic equipment
* Fix wires or tuck them away to prevent chance of people coming in contact with wires
* Don’t cover computers with cloth, etc as that can block vents
* Don’t plug too many devices into sockets
Exercise and take regular breaks
* Use ergonomic workstations
77
What is personal data?
Data concerning a living person who can be identified directly from the data itself or by a data conjunction.
78
Examples of personal data.
Name
Address
DOB
Medical history
Banking details
79
Examples of sensitive personal data.
Ethnic origin
Sexual orientation
Criminal activity
Religion
Political views
80
List the Dos and Donts of e-safety.
Don’t give out personal information to unknown people
Don’t share pictures of yourself with other people
Always maintain your privacy settings
Use only trusted websites (padlock symbol or HTTPS)
Open emails from known sources only
Use and ISP that has an effective email filtering feature
81
List the Dos and Donts of social networking sites.
Block or report anyone who acts suspiciously or inappropriately
Use appropriate language
Always use nock names ( never reveal your real name)
Don’t share personal data
Never enter private chat rooms, stay public
Don’t meet anyone alone on the first time and tell someone before meeting
Avoid the misuse of images
Respect people’s confidentiality
Use a private account
82
Risks of online gaming.
Predators who attack vulnerable people
Misuse of webcams and other video-related threats
Use of voice-masking technology
Violence in the game can lead to violence in real life
Cyberbullying
Cyber attacks like viruses, phishing or spyware.
83
List the security risks associated with any device that connects to a network.
Hacking
Phishing
Vishing
Smishing
Pharming
Spyware
Viruses
Spam
84
Hacking
Act of gaining unauthorized access to a computer system.
Can lead to identity theft, misuse of personal data.
Data can be deleted, corrupted or changed.
Use a firewall
Use IDs and strong passwords and frequently change them
Use intrusion detection software.
85
Cracking
Editing a source code of a program for a malicious purpose like sending a user to a fake website.
86
What is phishing?
A recipient receives a legitimate-looking email from a seemingly trustable source. The email has links that redirect them to a fake website where they are asked to enter personal data which is then stolen.
87
Threats and methods of preventing phishing.
* People can gain your personal data (bank account data, etc)
* Identity theft and fraud
PREVENTION:
* Use an ISP that has an effective phishing email filter feature
* Be careful while opening mails and attachments
* Don’t click on attachments that end in:
.exe , .bat , .com or .php
88
Smishing
* Recipients recieve legitimate SMSs from seemingly trustable sources that contain a URL or telephone number. They are asked to open the website or call the number and are asked to give personal data that is then stolen and misused.
89
Vishing
Recipients receive legitimate-sounding voicemails from seemingly trustable sources that trick the user into calling a telephone number where they are asked to give personal data that is stolen and misused.
90
Recipients receive legitimate-sounding voicemails from seemingly trustable sources that trick the user into calling a telephone number where they are asked to give personal data that is stolen and misused.
A malicious code is installed on a user’s computer which redirects them to a fake website where data is stolen.
* Identity theft, fraud and misuse of gained personal data
* Use anti-spyware to identify and remove any pharming codes
* Look for clues that you are being redirected to a fake website- Check for padlock symbol or HTTPS
91
Spyware and key-logging software
Software that monitors the key presses on a user’s keyboard and sends compiled data back to the person who sent the software.
* Data typed in is stolen (passwords, etc)
* Software can change the user’s default browser settings and read cookie data
* Use and regularly update anti-spyware software
* Enter passwords with pointing device and use dropdown options
* Use OTPs
92
Viruses
A program code or software that replicates itself with the intention of deleting or corrupting files on a computer to cause malfunction.
* Fills up hard drive with data and computer crashes
* Can delete/ corrupt files
* Can corrupt OS files and make the comp run slowly and crash
* Use anti-virus software and update it.
* Don’t use software or open emails from unknown sources
93
Spam
Junk emails that a recipient on a mailing list/ group receive. Spam clogs up bandwidth and this leads to denial of services. It floods the network with useless traffic. It can be linked to phishing or virus attacks.
* Use an ISP that can filter out spam email
* Junk email filter
* Block images in HTML massages that spammers use as web beacons
* Untick already selected check boxes for email lists
* Don’t sign up to mailing lists
* Unsubscribe from mailing lists
94
What is a web beacon?
A graphic image in a website/ webserver that can be used to verify email addresses when the image is opened.
95
What is a moderated forum?
An online discussion forum in which all posts are checked by an administrator before they are allowed to be posted. An administrator can filter inappropriate and irrelevant posts and prevent spam.
96
Cookies
Small files/ code that is stored on the user’s computer
Stores small lookup table with values
Webserver reads this table and customizes web pages
97
List ways of additional security of data online.
Firewalls
Authentication
Encryption
Security protocols
98
What is a firewall?
Hardware or software that sits between a user’s computer and an external network (like the internet).
99
What is the data protection act? When was it set up?
The data protection act was set up in 1998 and is a set of rules for people or organisations that store data must follow.
100
What is the purpose of the data protection act?
Its purpose is to protect the privacy of the individual so that information cannot be given or sold to businesses without the individual’s consent. It gives the individual right to check the data.
101
What are the 8 principles of the act? (1-2)
Data must be obtained and kept within the law. The data controller must be registered with the data commissioner and must ask the data subject for permission for the data to be used.
The data controller must only use the data for the purpose he has permission for.
102
What are the 8 principles of the act? (3-5)
The data must be relevant and not excessive; the data controller must not collect more than is necessary.
The data must be accurate and kept up to date
The data should not be kept for longer than necessary.
103
What are the 8 principles of the act? (6-8)
The data subject must be allowed to look at the data and it must be kept in accordance to his rights
The data must be kept securely so that only those who are allowed to access it do so
Data can only be used within the European Union unless another country has similar data protection laws to the EU’s
104
What is a loyalty card?
A loyalty card is a card that customers sign up for to collect deals and promotions from being a repeat customer e.g. Tesco clubcard
105
Who uses loyalty cards?
The customer uses the loyalty card by showing it with each purchase and therefore gets discounts. The store uses the information to send specific promotions and deals to those depending on their spending e.g. constant nappy purchases suggests they have a child
106
How can you store data securely?
You can by using….
Passwords
Firewalls
Screen savers
Encryption
Virus Protection
107
What is a data controller?
A data controller is the person who holds the information about others
108
What is a data subject?
A data subject is the person who’s information is being collected and used by the controller
109
What is a firewall?
A firewall is a software function that allows or denies people access who is attempting to access the system based on a set of rules.
110
What is the purpose of a firewall?
The purpose is to prevent or delay access to the internal network of a computer. The software checks data and IP (internet provider) addresses and can prevent access by viruses, malware (harmful software) and the wrong sort of downloads/ uploads.
111
What is a secure password?
A secure password uses a range of characters and numbers and punctuation e.g. Hj8-olX. This lowers the risk of infiltration. Specific data can be set passwords to be seen or altered.
112
What is a screen saver?
A screen saver is a type of computer programme that prevents damage to computer monitors by blanking the screen. On their own, screen savers don’t make data secure, they need a password to. But it stops people seeing private files.
113
What is encryption?
Means putting data into a secret code. Sensitive data can be put in code to prevent theft. You would need to purchase specialist software that uses an algorithm which is a set of rules to decrypt the information
114
What is virus protection?
a program that prevents you from getting virus, and destroys the ones you have on your system
115
Threats from data protection could be…
Hackers
Viruses
Hardware Breakdown
Human Error
116
Actions that can help to secure data include the following…
Every authorised user should have a password]
Use biometrics
Use different levels of security
Set the access rights to files
Encrypt the data
A firewall
Use antivirus software
Backup data regularly
117
What does the DPA do?
It limits the data held by individual organisations to only that which they need. It stops them holding excessive quantities of data on individuals that they don’t need.
118
Describe personal data.
Any data which relates to a living, identifiable individual.
119
Describe data. (DPA)
Anything that is held which can be said to be part of a record. This covers both manual and computer data. If you store data on people, such as their health or educational records, whether it is on paper or on a computer, it is data.
120
Describe processing. (DPA)
Obtaining, recording or holding the information or data. It also covers any operation performed on it.
121
Obtaining, recording or holding the information or data. It also covers any operation performed on it.
Operations include organising, changing retrieving it or using it in some way. This also includes disclosing it or destroying it.
