Chapter 11 Computer Security And Risks

Question 1

What is meant by computer security?

Answer 1

The protection of computing systems and data from unauthorized access, change & destructions

Question 2

What are the different types of computer crime?

Answer 2

1) Cybercrime: Any crime using computers or networks

2) Cyberstalking: repeatedly harm or harass people on the internet

3) Cyber bullying: targeting children and young adults online involving humiliation, rumors, lies, or threats

4) Intellectual property theft: (software piracy, file sharing of copyrighted songs, illegal duplication, plagiarism)

Question 3

What is meant by spoofing?

Answer 3

Trick that target to extract secret information
E.g. Making a phone call and posing as an internet technician, to extract sensitive data (passwords)

Question 4

What is meant by shoulder surfing?

Answer 4

Is a type of social engineering technique used to obtain information by looking over the victim’s shoulder.
E.g. Passwords and other confidential data

Question 5

What is meant by phishing?

Answer 5

Is the act of attempting to acquire sensitive information by masquerading as a trust worthy entity in an electronic communication, Sending an email posing as a bank representative and asking to fill a fake bank web form.

Adults sites asking users to reveal credit card numbers to prove age

Question 6

What is meant by identity theft?

Answer 6

The extraction of personal information to commit a crime in another persons identity

You can protect yourself by:

• Use separate credit card for online use
• Use secure websites (https://)
• Don’t disclose personal info on phone
• Handle email with care
• Copy your cards to get replacement in case stolen
• Report Identity theft promptly

Question 7

What is a software sabotage?

Answer 7

Malicious software:

Malware used to disrupt computer operation, gather sensitive information, or gain access to private computer systems via:

1) Viruses
2) Worms
3) Trojan horses
4) Spyware
5) Ransomware

Question 8

What is a virus?

Answer 8

Malware that are attached to a file/program and spread when files are exchanged via email attachments or flash drives, When the program is opened/executed it:

1) Damages the Operating system
2) Destroys or steals data
3) Display annoying pop-up messages

• It maybe OS specific but newer types are cross-platform.
  Macro viruses: attach themselves to documents containing macros, which are a set of commands to automate repetitive tasks, like MS Office files, Melissa virus (1999)

Question 9

What is meant by worms?

Answer 9

• Independent programs
• Capable of reproducing themselves
• Causes memory freeze
• Spreads through the internet

Famous example is the code Red (2001) which attacked the internet running Microsoft servers

Question 10

What is meant by Trojan horse?

Answer 10

Disguise themselves as useful programs or apps, but has hidden destructive program (viruses)

• Often posted in shareware
• Names sound like games or utilities
• Act as a backdoor allowing the attacker to control your PC to delete/change/share data
  E.g. time bomb – triggered by a date or time-related event

Question 11

What is meant by ransomware?

Answer 11

Malware that locks your computer and encrypts data in your hard drive, Demanding you to pay a ransom to unblock the files again getting hacked often by opening an infected email attachment or malicious link

Attackers usually ask you to pay the ransom using digital currencies, such as Bitcoin because it is untraceable

Question 12

Who are the hackers? And what are the types of hackers?

Answer 12

Hackers are people who break into computer systems or networks, controlling computers or steal personal information to commit identity theft, type of hackers are:

1) Black-Hat hackers

Criminals develop new techniques to penetrate systems to gain illegal access or destroy information

2) White-Hat hackers

Security experts developing new techniques to protect us.
For non-malicious reasons such as to expose/test the system weaknesses.

Question 13

What is a zombie computers?

Answer 13

Internet connected computers that have been hijacked using viruses to perform malicious acts without the knowledge of the owners

Question 14

What is meant by botnets?

Answer 14

Group of software programs called bots that Run automatically on zombie computers to perform malicious acts without knowledge of the owners

Question 15

What is meant by distributed denial of service (DDoS)?

Answer 15

• Bombards servers and web sites with traffic that shuts them down, using thousands of zombie computers (botnets)
• Authorized users cannot use their computer

Question 16

What is meant by security biometrics?

Answer 16

The identification of human by their unique traits, signature, voice print, finger print, retinal scan

Question 17

What is a password?

Answer 17

Most common tool used to restrict access to computers

Effective Passwords:
- Not real words
- Changed frequently

Rules for creating a password:
- More than 8 characters
- don’t use a guessable password

Question 18

What is meant by access privileges?

Answer 18

A access control software:

• Doesn’t need to teat all users identically
• One of the accounts must be a admin (permits to install additional software, changes system settings)

Question 19

What is meant by a firewall?

Answer 19

• Protects us from hackers
• filters information between a private systems and the rest of the internet

It can be:
- software program
-Hardware device
- or both

Question 20

What is meant by encryption?

Answer 20

The scrambling of transmitted messages to secure them using a secret code Calle a key

Decryption is the reverse process to retrieve the original data

Question 21

What is meant by Left-Shift & Right-Shift encryption?

Answer 21

Left key: replaces every letter with the 5th letter before it
Right key: replaces every letter with the 5th key after it

Question 22

How to protect and prevent yourself from being hacked?

Answer 22

Via Anti-Virus softwares:

• Protects the computer from harm
• Detects viruses and deletes them
• Monitors the system

Question 23

What is meant by a audit control software?

Answer 23

Monitoring an e-card in users computer transactions, to trace and identify suspicious computer activity

Question 24

What are the different precautions you can do to be safe?

Answer 24

1) Uninterrupted power supply (UPS), protects data loss due to power failure

2) surge protector, shields electronic equipments from dangerous power spikes

Question 25

What is a backup and its forms?

Answer 25

• Used to replace originals
• Best data recovery insurance is Regular Backups

Backup storage:
- Online in the cloud – remote storage
- Off-site – hard drives or flash drives stored in remote locations
- Backup drive in laptops, external hard drives, network storage

Types of backups:
Incremental: only new files or modified files, Happens more or less continuously e.g. Hourly, Daily
Bootable: Entire system backup Makes a complete duplicate of a disk in case of a crashe.g. Weekly or after installing new software

Question 26

How can you preform safe computing?

Answer 26

• If it’s important, back it up
• If it’s sensitive, lock it up
• If you’re sending sensitive information, consider encryption
• Beware of email bearing gifts
• Share with care
• Handle shareware and freeware with care
• Don’t pirate software
• Disinfect regularly
• Take your passwords seriously

Question 27

Security VS privacy

Answer 27

Security measures prevent crime but they can also threaten privacy like:

Smart badges:
- Broadcast identification codes
A badge-location database stores data about the location of the badge (or person)
Instead of paging the entire hospital, an operator could route the call.
- Smart phones have proximity recognition technology

Question 28

Examples of Computers at war

Answer 28

1) Smart weapons
2) autonomous systems
3) cyber warfare (By attacking computer networks the enemy can damage Telecommunications, Power grids, Water and gas supplies)