SECURITY II Flashcards
What are zombies and botnets?
remotely controlled infected computers used for malicious purposes. A collection of zombie computers is known as a botnet. Botnets harness the combined power of many zombies for malicious activities like password cracking or sending junk e-mail.
What is data manipulation?
Finding entry into someone’s computer network and leaving a prankster’s message may seem like fun, which is why hackers do it. It is still against the law.
What is identity theft?
Identity theft is the illegal
assumption of someone’s identity for the
purposes of economic gain. It is one of the
fastest-growing crimes in the country and
can financially devastate its victim.
What are internet scams?
A scam is a deceptive
operation designed to trick individuals into
providing personal information or spending their
time and money for little or no return.
What is phishing?
Phishing attempts to trick Internet users
into thinking a fake but official-looking website or
e-mail is legitimate.
What is social engineering?
process of manipulating people
to perform some action that will lead unauthorized users
to break into a computer or network. This process is
usually non-technical and relies heavily on human
interaction and often involves tricking people to divulge
confidential information e.g. passwords
What are the ways social engineering may be used?
– To gather information that may be confidential or
valuable.
– To gather information to commit an act of fraud.
– To facilitate unauthorized access to a computer
system or network that may reveal confidential data.
Give examples of measures to protect computer security
• Restricting access:
through biometric scanning devices and
passwords (dictionary attacks use thousands of words to attempt to gain access); security suites, firewalls, and password managers.
• Password managers help you create strong
passwords.
• Security suites provide a collection of utility
programs designed to protect your privacy
and security while you are on the web.
• Encrypting data: involves coding information
to make it unreadable except to those who
have the encryption key. Hypertext transfer
protocol secure (https) requires browsers and
websites to encrypt all messages. Virtual
private networks (VPNs) encrypt connections
between company networks and remote
users. WPA2 (Wi-Fi Protected Access) is the
most widely used wireless network
encryption for home wireless networks.
• Anticipating disasters Companies (and
individuals) should prepare themselves for disasters. It involves
physical security, data security, and
disaster recovery plans.
• Preventing data loss involves protecting
data by screening job applicants, guarding
passwords, and auditing and backing up
data.
What are computer ethics?
Computer ethics are guidelines for the
morally acceptable use of computers in our
society.
What is copyright?
a legal concept that gives content
creators the right to control use and distribution of
their work.
What is software piracy?
unauthorized copying
and/or distribution of software
What is digital rights management (DRM)
To prevent copyright violations, corporations often
use digital rights management (DRM). DRM
encompasses various technologies that control
access to electronic media and files. Typically, DRM
is used to control the number of devices that can
access a given file and limit the kinds of devices
that can access a file.
What is End User License Agreement (EULA)
terms and
conditions are presented in a legal document called an
End User License Agreement (EULA), the end user
being you
What is the difference between propriety software and open- source software
Proprietary software is software you can use
but do not own. The vendor retains
ownership; you simply have the right to use
one or more copies of the software after
purchasing it and agreeing to the EULA.
• Open-source software is software that is not
only free to use, but also whose source code
is accessible to users to modify and
redistribute.
What is shareware?
• Shareware is software that is distributed free on a
trial basis with the understanding that the user
may need or want to pay for it later
• Some software developers offer a shareware
version of their program with a built-in expiration
date (after 30 days, the user can no longer get
access to the program)
• Other shareware (sometimes called liteware) is
offered with certain capabilities disabled as an
enticement to buy the complete version of the
program
