Issues and Impact

Question 1

What are some environmental issues associated with the use of digital devices

Answer 1

• Energy consumption
  -> Big company servers need a lot of energy to maintain.
  -> This can release CO2 as air pollution.
• Manufacture
  -> Takes a lot more energy than running and replacing.
• Replacement cycle
  -> Upgrades in capability fuel consumeristic ideology, driving short replacement cycles.
  -> People should keep using devices for longer, through donation, refurbishment, etc.
• Disposal
  -> Takes up space in landfills
  -> Increases potential for leakages and fires in landfill
  -> Valuable metals and plastics can be recycled

Question 2

What are some ethical and legal issues associated with the collection and use of personal data

Answer 2

• Privacy
• Ownership
• Consent
• Misuse
• Data protection

Data can often be used to discriminate against certain groups/individuals.
Fake news and cyberbullying feed off shared data.

Question 3

What are some ethical and legal issues about AI, machine learning and robotics

Answer 3

• Accountability
• Safety
• Algorithmic bias
• Legal liability

Question 4

What are some threats posed to digital systems by malware

Answer 4

Loss of important data / Fraud

Question 5

What are some methods of intellectual property protection for computer systems/software

Answer 5

Protecting IP means that the original work is not stolen or copied by other parties.

• Copyright - Creative works
• Patents - Inventions
• Trademarks - Brand
• Licensing - Only certain people can access content

Question 6

What are some methods of protecting digital systems and data

Answer 6

• Anti malware
• Encryption
• Acceptable use policies
• Backup
• Recovery procedures

Question 7

Viruses

Question 8

Worms

Answer 8

A piece of code which can self-replicate and typically has a detrimental effect, e.g., corrupting the system or destroying data.

Question 9

Trojans

Answer 9

A program that appears harmless, but is, in fact, malicious

Question 10

Ransomware

Answer 10

A form of malware which encrypts a victim’s files. The attacker then demands a ransom from the victim to restore access to the data upon payment

Question 11

Keyloggers

Answer 11

Software that obtains covert information about another computer’s activities by silently monitoring and recording their keystrokes.

Question 12

Social engineering

Question 13

How can sensitive data be protected?

Answer 13

Encryption
Access control
Physical security
Authentication
Backup and Recovery

Question 14

Encryption

Answer 14

the process of converting data into an illegible, scarabled format so it cannot be understood by unauthorsised parties.

Question 15

Access control

Answer 15

Users have different levels of access to systems (like read/write/delete permissions on file management)

Question 16

Physical Security

Answer 16

Common measures include fire detection and suppression systems, CCTV, locks, biometrics, and ensuring that the hardware is in a safe location.

Question 17

Authentication

Answer 17

The process of checking the identity of an individual attempting to gain access to a network

Question 18

Multi-factor authentication

Answer 18

Multi-factor authentication requires you to give:

• Something you know, e.g. ID, pin, password
• Something you have, e.g. keyfob, USB
• Something you are, e.g. retina scan, fingerprint, biometrics

Question 19

Machine learning

Answer 19

The ablity of an algorithm/program to process data and derive new meaning from it.

Question 20

AI

Answer 20

the ability of a digital device to mimic the functions of the human mind and adapt to a new situation.

Question 21

Algorithmic bias

Answer 21

Behaviours in computer algorithms and programs that create unfair outcomes.

Question 22

Benefits of AI

Answer 22

• Can label X rays as cancerous or non cancerous and design treatment
• Speech recognition
• Predictive analytics of fraud
• Space exploration and autonomous robots
• Manufacturing due to automation

Question 23

Drawbacks of AI

Answer 23

• Algorithmic bias producing unwanted outcomes
• Automation changing workforce requirements
• Human reliance of algorithmic outcomes without questioning the reliability or accuracy of the algorithms

Question 24

Digital footprint

Answer 24

A trail of places that you have visited on the internet, e.g. the activities you have taken part in.

Question 25

Active data collection

Answer 25

Information that you choose to release by sharing information online using websites or social media.

Question 26

Passive data collection

Answer 26

Web browsing activity and information stored via cookies

Question 27

Cookies

Answer 27

A small text file created when you access a website.

Question 28

Identity theft

Answer 28

Stealing someone’s personal information or possessions with the intent of using your identity.

Question 29

Identity fraud

Answer 29

Using someone else’s identity for financial gain.

Question 30

Data misuse

Answer 30

Data that has been collected legitimately, not stolen, but which has been misused.

Question 31

Consent for data use must be:

Answer 31

• Specific
• Informed
• Able to be revoked or denied

Question 32

Information must be used:

Answer 32

• Fairly, lawfully, transparently
• Specified purposes
• Adequate, relevant
• Limited to only what is necessary
• Accurate and kept up to date
• Kept for no longer than necessary
• Handled in a way that ensures appropriate security, including protection against unlawful access

Question 33

Rights of data subject:

Answer 33

• [The right to] Be informed
• Access
• Rectification
• Erasure
• Restrict processing -
• Data portability
• Object
• In relation to automated decision making and profiling

Question 34

Static heuristic

Answer 34

Decompile and look for source code, and compare against heuristic database of existing, known viruses.

Question 35

Dynamic heuristic

Answer 35

Lets the program run in a controlled situation (sandbox) while antivirus observes actions. Strange actions e.g. deleting files and duplicating, is blocked, quarantined, considered a virus.

Question 36

Acceptable Use Policy

Answer 36

A collection of rules and procedures that employees are required to follow in order to protect their organisation’s systems and networks.

Question 37

Pretexting

Answer 37

Creating and using an invented scenario to engage a targeted victim to increase the chance they will divulge information/perform actions that would not usually occur.

Question 38

Phishing

Answer 38

Sending emails purporting to be from reputable companies to incite people to reveal personal information. Often has links that resemble the real webpage, but if checked carefully, the web address is not your usual. Provides hacker with personal information.

Question 39

Baiting

Answer 39

The promise of cash or goods that people with malicious intent use to entice victims e.g. offering free music or movie downloads to trick users into revealing their login credentials.

Question 40

Quid pro quo

Answer 40

Quid pro quo

Very similar to baiting, except the benefit is usually in the form of a service as opposed to cash or goods. QPP means “something for something”. Provides a benefit in exchange for information.