Computer security and ethics

Question 1

What is hacking, what are its effects, and how can it be prevented?

Answer 1

Hacking is the act of gaining illegal access to information on the computer. It can be obtained through hacking into a computer system, or into someone’s account.

Effects include corruption of data, identity theft, theft of other private information, etc.

Firewalls, strong passwords, and anti-hacking software can be used as a method of prevention.

Question 2

What are viruses, what are its effects, and how can it be prevented?

Answer 2

They are programs that can replicate themselves in order to corrupt or delete files, or causes the computer to malfunction.

It can cause applications and the computer system as a whole to crash. It can cause corruption of files, theft of information, and render hardware useless.

Installing anti-virus software, and taking care when dealing with the internet.

Question 3

What is phishing, what are its effects, and how can it be prevented?

Answer 3

Practice of sending out emails, seemingly from reputable companies, in order to trick users into giving their personal information away.

It can lead to misuse of private information, as well as to transferring virus or other dangerous software into the victim’s computer.

Use a filter for emails; be cautious

Question 4

What is pharming, what are its effects, and how can it be prevented?

Answer 4

Practice of sending Internet users to a bogus website, as a result of malicious code installed in their computers, that mimics a reputable one, in order to obtain private information from them.

It can lead to misuse of private information, as well as to transferring virus or other dangerous software into the victim’s computer.

Anti-spyware software

Question 5

What is wardriving, what are its effects, and how can it be prevented?

Answer 5

Locating and using illegally wireless internet connection.

Theft of personal information, using up someone’s internet connection

WEP encryption, strong passwords for wifi networks , firewalls

Question 6

What is key-logging software, what are its effects, and how can it be prevented?

Answer 6

Software that gathers information about a person by monitoring the presses on the user’s keyboard

Theft of personal information, the computer system may be ruined

Anti-spyware software, Taking caution, Do not type important passwords

Question 7

What is a firewall?

Answer 7

It is a software/hardware that blocks unauthorized access to the user’s information and files via the internet.

Question 8

What are the things a firewall can do?

Answer 8

1. Checking incoming and outgoing data against a set of filters. If the data does not meet the criteria, the user is given a warning.
2. Keeps a list of all undesirable IP addresses.
3. Prevents hackers and viruses into the user’s computer
4. If the software or hardware of the user’s computer is trying to access an external source, the user is given a signal, so that they can choose whether to permit or not.

Question 9

What are the things a firewall cannot do?

Answer 9

1. It cannot prevent users from using their own modems to bypass the firewall.
2. It cannot control use of accounts and passwords.
3. There is nothing it can do if users disable the firewall.

Question 10

What is a proxy server and what are its functions?

Answer 10

It is an intermediary through which internet requests are processed.

It can act as a firewall.
It can keep the user’s IP address a secret.
They speed up users access to websites through using caches.
They filter internet traffic.

Question 11

What is SSL?

Answer 11

It is a security protocol that makes sure that all information transferred between a web browser and server is encrypted, and therefore safe.

Question 12

How does SSL work?

Answer 12

1. User types a URL since they want access to a website.
2. The web browser connects with the website and requests that it identifies itself.
3. The web server responds by sending an SSL certificate to the browser.
4. If the browser can authenticate the certificate, it sends a message to the server to let communication begin.
5. The server acknowledges the message and the two-way encrypted data transfer begins.

Question 13

What is TLS?

Answer 13

TLS is a predecessor of the SSL system, it provides better security.

Question 14

How does TLS work?

Answer 14

It makes sure that during an exchange or data transfer, there is no hacking.

Question 15

What are the layers that TLS is made of, and what are the functions of each?

Answer 15

1. Record protocol - It is responsible for securing data and verifying integrity and origin.
2. Handshake protocol - Establishes a secure session by authenticating the web server.

Question 16

What are the differences between SSL and TLS?

Answer 16

1. TLS can be extended by adding new authentication methods.
2. TLS makes use of Session Caching, improving the overall performance.

Question 17

What is session caching?

Answer 17

The TLS uses connection data from an existing session to carry out its function. This greatly reduces time taken.

Question 18

What is encryption?

Answer 18

Encryption is converting data into a code so that unauthorized access is prevented.

Question 19

What is symmetric encryption?

What is the problem with this type of encryption?

Answer 19

It is a form of encryption where only a single encryption key is used for encrypting data.

The main problem with this type of encryption is the key distribution problem - the sender has to send the key to the receiver, but that involves security threat, which can be avoided by using an algorithm to generate an encryption key.

Question 20

What is asymmetric encryption?

What is the problem with this type of encryption?

Answer 20

It is a form of encryption where a pair of keys, one a public key and the other a private key, to encrypt and decrypt data.

There is a possibility of interception of keys, which makes the encryption process less secure. To overcome this problem, hashing algorithms are used so that the keys are impossible to break into.

Question 21

What is authentication? What are the different ways it is done?

Answer 21

Authentication is used for verifying that data comes from a trusted source. It can be done through passwords, digital signatures, and biometrics.

1. Passwords - Usernames and passwords are requested by sites in order for users to gain access to them.
2. Digital signatures - Digital codes that are attached to an electronically transferred document to verify tis content’s and source.
3. Biometrics - Fingerprint scans, retina scans, face and dice recognition

Fingerprints - Compares the patterns of ridges and valleys

Retina scans - Infrared scans the unique pattern of blood vessels in retina.

Question 22

What is denial of service attack?
What are its effects?
How can a user get security against this attack?

Answer 22

It is an attempt at preventing users from gaining access to a network, such as the internet. When the access to websites is slow or not possible at all, or when large amounts of mails are being sent, it can be a sign that there is a potential DoS.

The hackers can gain access to users’ emails and bank accounts, which is a major security threat.

Use of an updated anti-virus software.
Firewall
Email filters

Question 23

How do banks protect their customers from security threats?

Answer 23

When users are logging into a banking website:

1. Users are given a long unique code that they are asked to provide when they open the website. This code is encrypted for safety purposes.
2. They may be asked to input 3 random digits from their PIN and/or password.
3. Some systems use hand held devices, into which cards are inserted and PIN is given. The device generates an 8 digit code which much be the same as that received by the bank.
4. Questions about the users are asked, and after that they are taken to the website.