9. Privacy and security Flashcards
What is data privacy?
Data privacy is about keeping data private rather than allowing it to be available in the public domain
What is Data integrity?
Data integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so.
What is Malware and what types of them are there?
Malware is the everyday name for malicious software. It is software that is introduced into a system for a harmful purpose.
Various types of malware-containing program codes are:
• virus: tries to replicate itself inside other executable code
• worm: runs independently and transfers itself to other network hosts
• logic bomb: stays inactive until some condition is met
• Trojan horse: replaces all or part of a previously useful program
• spyware: collects information and transmits it to another system
• bot: takes control of another computer and uses it to launch attacks.
What is Malware and what types of them are there?
Malware is the everyday name for malicious software. It is software that is introduced into a system for a harmful purpose.
Various types of malware-containing program codes are:
• virus: tries to replicate itself inside other executable code
• worm: runs independently and transfers itself to other network hosts
• logic bomb: stays inactive until some condition is met
• Trojan horse: replaces all or part of a previously useful program
• spyware: collects information and transmits it to another system
bot: takes control of another computer and uses it to launch attacks.
Classify malware in terms of the activity involved.
• phishing: sending an email or electronic message from an apparently legitimate source requesting confidential information
• pharming: setting up a bogus website which appears to be a legitimate site
• keylogger: recording keyboard usage by the legitimate user of the system.
Give examples of security measures for protecting computer systems
• Ideally a firewall will be a hardware device that acts like a security gate at an international airport. Nothing is allowed through without it being inspected.
• Digital signature
• Possibly special-purpose anti-spyware software might be installed. Another option is to install an intrusion detection system that will take as input an audit record of system use and look for examples that do not match expected system activity or install what is normally referred to as anti-virus software but which is usually aimed at combating any type of malware.
• The main security feature of a user account is the authentication of the user. The normal method is to associate a password with each account.
• The solution is to have an authorization policy which gives different access rights to different files for different individuals.
What is Data validation?
Data validation is the practice of checking that the data is in the right format, not out of range, the right type
What is Data verification?
Data verification is the means of getting the user to confirm that the data entered was what was intended
Give one example of data verification
One-bit parity check - the first digit of 8 bit code is either 1 or 0 depending whether it is odd or even.
What are the types of data validation?
• a presence check to ensure that an entry field is not left blank
• a format check, for example a date has to be dd/mm/yyyy
• a length check, for example with a telephone number
• a range check, for example the month in a date must not exceed 12
• a limit check, for example a maximum number of years for a person’s age
• a type check, for example only a numeric value for the month in a date
• an existence check, for example that a file exists with the filename referred to in the data entry.
• a check digit - ….
