Chap 5 Flashcards
Netiquette
includes the code of acceptable behaviors
users should follow while on the Internet; that is, it is the conduct expected of individuals while online.
set of legal and moral guidelines that
govern the use of technology, including computers,
mobile devices, information systems, and databases
Digital ethics
Cyberbullying
a form of bullying that involves digital
devices and platforms such as social media sites, online forums, messaging apps, and email.
one state that has attempted to define and
enact punishment for cyberbullying. Missouri statute
defines cyberbullying as bullying “through the
transmission of a communication, including but not limited to, a message, text, sound, or image by means of an electronic device.”
Missouri
Distracted driving
driving a vehicle while
focusing on other activities, typically involving an
electronic device such as a cell phone.
a document that lists guidelines and repercussions
of using the Internet and other digital company resources, including network storage and email servers
distributed in part to reduce an organization’s
liability and to clarify what is and is not a fireable offense
AUP or Acceptable Use Policies (AUPs)
How to discourage plagarism
To help discourage plagiarism of other people’s work,
teachers often require students to submit papers using a service, such as Turnitin, that automatically checks for plagiarized passages; Turnitin can also help students check for uncited passages and more before submitting
Your green computing efforts should include:
- Purchasing and using products with an ENERGY STAR label
- Shutting down your computers and devices overnight or when not in use.
- Donating computer equipment
- Using paperless communication
- Recycling paper, toner and ink cartridges, computers, mobile devices, and printers
- Telecommuting and using videoconferencing for meetings
risk
any possibility that something might occur resulting
in an injury or a loss
digital security risk
any event or action that could cause
a loss of or damage to a computer or mobile device
hardware, software, data, information, or processing
capability
Types of digital security risks
threats to our information, physical health, mental health, and the environment.
Any illegal act involving the use of a computer or related devices
computer crime
an online or Internet-based illegal act
cybercrime
Software used by cybercriminals
crimeware
the practice of protection against digital
threats, including unauthorized or illegal access to data.
Cybersecurity
discovery, collection, and analysis of evidence found on computers and networks.
Digital forensics, or cyber forensics
knowledge of the law, technical experience with many types of hardware and software products, superior communication skills, familiarity with corporate structures and policies, a willingness to learn and update skills, and a knack for problem-solving
A digital forensics examiner
attackers who are strongly motivated by
principles or beliefs
Hacktivists
a part of the web that is accessed using
specialized software, where users and website operators can remain anonymous while performing illegal actions
dark web
more general and common term used to
describe individuals who launch attacks against other
users and their computers
Threat actor
a period of time during which an
individual refrains from using technology
digital detox
malicious software, consists of
programs that act without a user’s knowledge and
deliberately alter the operations of computers and mobile devices
Malware
A program that displays an online advertisement in a banner, pop-up window, or pop under window on webpages, email messages, or other Internet services
Adware
A program that hides in a computer or mobile device and allows someone from a remote
location to take full control of the computer or device
Rootkit
A program placed on a computer or mobile device without the user’s knowledge that
secretly collects information about the user and then communicates the information it
collects to some outside source while the user is online
Spyware
A program that hides within or looks like a legitimate program. Unlike a virus or worm, a
trojan horse does not replicate itself to other computers or devices
Trojan horse
A potentially damaging program that affects, or infects, a computer or mobile device
negatively by altering the way the computer or device works without the user’s knowledge or permission
Virus
A program that copies itself repeatedly, for example in memory or on a network, using up
resources and possibly shutting down the computer, device, or network
Worm
a program that performs a repetitive task on a network
bot
a group of compromised computers or mobile devices
connected to a network
botnet
disrupts computer access to an Internet service (usually on a server- overload the server with network traffic)
A denial of service attack (DoS attack)
Spoofing
a technique intruders use
to make their network or Internet
transmission appear legitimate to a
victim’s computer or network.
common types of spoofing
IP and address spoofing
occurs when an
intruder computer tricks a
network into believing its IP
address is associated with a
trusted source.
IP spoofing
occurs when the sender’s email address or
other components of an email header are altered
Address spoofing
a program or set of instructions in a program
that allows users to bypass security controls when
accessing a program, computer, or network
-rookit can also be a back door
Back Doors
the process of ensuring that the person
requesting access to a computer or other resources is
authentic and not an imposter
Authentication
A username
—a user ID
(identification), log-on
name, or sign-in name—is
a unique combination of
characters, numbers, or
alphabets that identifies
one specific use
password
a secret combination of letters,
numbers, and/or characters
that only the user should
know
uses the
unique characteristics of your
face, hands, or eyes to
authenticate you
Biometric security
Examples of Biometric
Fingerprint reader
Gesture Swipe
Passcode
Hand geometry system
Iris recognition
Voice verification
Signature Verification
Two-Factor Authentication
multiple types of authentication.
a program
developed at Carnegie Mellon
University that displays an
image containing a series of
distorted characters to identify
and enter to verify that user
input is from humans
CAPTCHA
the process of scrambling information in such a way
that it cannot be read unless the user possesses the key to unlock it so
that it is returned to a readable format (decryption).
Encryption
an electronic, encrypted, and secure stamp of
authentication on a document issued by a CA organization.
digital signature
Cookies, scripting, plug-ins, pop-ups, and clear browsing data
Browser Security
Protecting Your Online Profile
Several general defenses can be used for any social networking site.
* First and foremost, you should be cautious about what information you post.
* Second, you should be cautious regarding who can view your information.
* Finally, you should pay close attention to information about new or updated
security settings
Privacy Laws
Information collected and stored about individuals should be limited.
* Once collected, provisions should be made to protect the data.
* Personal information should be released outside the organization collecting
the data only when the person has agreed to its disclosure.
* The individual should know that the data is being collected and have the
opportunity to determine the accuracy of the data.
Software theft
occurs when someone:
– Steals software media
– Intentionally erases programs
– Illegally registers and/or activates a program
– Illegally copies a program
Information theft
occurs when someone steals
personal or confidential information
Encryption
a process of converting data that is
readable by humans into encoded characters to
prevent unauthorized access
a notice that guarantees a user
or a website is legitimate
digital certificate
secure site
A website that uses encryption techniques to secure its
data
Hardware theft
act of stealing digital equipment
Hardware vandalism
defacing or destroying digital equipment
Hardware Theft and Vandalism Safeguards
– Physical access controls (i.e., locked doors and windows)
– Alarm system
– Physical security devices (i.e., cables and locks)
– Devices-tracking app
Hardware Failure Safeguards
– Surge protector
– Uninterruptible power supply (UPS)
– Duplicate components or duplicate computers
– Fault-tolerant computer
backup
a duplicate of a file, program, or media
that can be used if the original is lost, damaged, or
destroyed
Categories of backups
– Full
– Differential
– Incremental
– Selective
– Continuous data protection
– Cloud
Technology ethics
the moral guidelines that
govern the use of computers, mobile devices,
information systems, and related technologies
code of conduct
written guideline that helps
determine whether a specification is
ethical/unethical or allowed/not allowed
Sample IT Code of Conduct
- Technology may not be used to harm other people.
- Employees may not meddle in others’ files
- Employees may use technology only for purpose in
which they have been authorized. - Technology may not be used to steal.
- Technology may not be used to bear false witness.
the movement to ensure that all users,
regardless of economic or geographic constraints, have
access to the devices, data, and infrastructure required to receive high-speed, accurate, reliable information
Digital inclusion
Some barriers to digital inclusion include:
- Geographic areas that lack the infrastructure
necessary to provide reliable Internet access - Government restrictions or censorship
- Affordable devices or connections
- Lack of education
- Lack of understanding of the value of technology
Information privacy
refers to the right of individuals
and companies to deny or restrict the collection, use,
and dissemination of information about them
How to Safeguard Personal Information
- Fill in only necessary information on rebate,
warranty, and registration forms. - Do not preprint your phone number or Social
Security number on personal checks. - Have an unlisted or unpublished phone number.
- If you have Caller ID, nd out how to block your
number from displaying on the receiver’s system. - Do not write your phone number on charge or
credit receipts. - Ask merchants not to write credit card numbers,
phone numbers, Social Security numbers, and
driver’s license numbers on the back of your
personal checks. - Purchase goods with cash, rather than credit or
checks. - Avoid shopping club and buyer cards
- View or download a copy of the information
associated with your Google, Facebook, Microsoft,
or other online accounts you access frequently.
Disable search history, location history, and usage
information sent to these websites.
10.Inform merchants that you do not want them to
distribute your personal information.
11.Request, in writing, to be removed from mailing
lists
12.Obtain your credit report once a year from each of
the three major credit reporting agencies (Equifax,
Experian, and TransUnion) and correct any errors.
13.Request a free copy of your medical records once
a year from the Medical Information Bureau. - Limit the amount of information you provide to
websites. Fill in only required information. - Install a cookie manager to filter cookies.
- Clear your browsing history when you are finished
browsing
How to Safeguard Personal Information
- Fill in only necessary information on rebate,
warranty, and registration forms. - Do not preprint your phone number or Social
Security number on personal checks. - Have an unlisted or unpublished phone number.
- If you have Caller ID, nd out how to block your
number from displaying on the receiver’s system. - Do not write your phone number on charge or
credit receipts. - Ask merchants not to write credit card numbers,
phone numbers, Social Security numbers, and
driver’s license numbers on the back of your
personal checks. - Purchase goods with cash, rather than credit or
checks. - Avoid shopping club and buyer cards
- View or download a copy of the information
associated with your Google, Facebook, Microsoft,
or other online accounts you access frequently.
Disable search history, location history, and usage
information sent to these websites.
10.Inform merchants that you do not want them to
distribute your personal information.
11.Request, in writing, to be removed from mailing
lists
12.Obtain your credit report once a year from each of
the three major credit reporting agencies (Equifax,
Experian, and TransUnion) and correct any errors.
13.Request a free copy of your medical records once
a year from the Medical Information Bureau. - Limit the amount of information you provide to
websites. Fill in only required information. - Install a cookie manager to filter cookies.
- Clear your browsing history when you are finished
browsing - Set up a free email account. Use this email
address for merchant forms. - Turn off le and printer sharing on your Internet
connection. - Install a personal firewall.
- Sign up for email filtering through your ISP or use
an anti-spam program. - Do not reply to spam for any reason.
- Surf the web anonymously using private browsing
Information about you can be stored in a database
when you:
– Fill out a printed or online form
– Create a profile on an online social network
– Register a product warranty
a small text file that a web server stores on
your computer
cookie
Websites use cookies for a variety of purposes:
– Allow for personalization
– Store user names and/or passwords
– Assist with online shopping
– Track how often users visit a site
– Target advertisements
Phishing
a scam in which a perpetrator sends an
official looking message that attempts to obtain your
personal and/or financial information
an object that can be tapped or
clicked on a website contains a malicious program
clickjacking
defined as gaining unauthorized
access to or obtaining confidential information by
taking advantage of the trusting human nature of some
victims and the naivety of others
Social engineering
the process of restricting access to certain material
Content filtering
restricts access to specified websites
Web filtering software
Employee monitoring
involves the use of computers,
mobile devices, or cameras to observe, record, and
review an employee’s use of a technology, including
communications such as email messages, keyboard
activity (used to measure productivity), and websites
visited
