5 c it w security issues

Computing and IT in the WorkplaceCT006-1

Security Issues

CT024 PDT Introduction 2

Learning Outcomes

At the end of this section, YOU should be able to:

• To explain and describe the security risks arises in the use of IT at work

• To describe measures that can be taken to counteract the threats


Topics we will cover

• Types of Computer Security Risks• Computer viruses, Worms and Trojan Horses• System Failure• Backups• Internet Security Risks


Computer Security Risks

• What is a computer security risk? Action that causes loss of or damage to

computer system


Computer Viruses, Worms and Trojan Horses

VirusVirus is a potentially damaging computer program

WormWorm copies itself

repeatedly, using up resources

and possibly shutting

down computer

or network

Trojan horse Trojan horse hides within or looks like

legitimate program

until triggered

PayloadPayload (destructive event) that is

delivered when

you open file, run infected program, or

boot computer with infected

disk in disk drive

Can spread and damage

files

Does not replicate

itself on other computers


How can a virus spread through an e-mail message?

Step 1. Unscrupulous programmers create a virus program. They hide the virus in a Word document and attach the Word document to an e-mail message.

Step 2. They use the Internet to send the e-mail message to thousands of users around the world.

Step 3b. Users who do not recognize the name of the sender of the e-mail message do not open the e-mail message. Instead they delete the e-mail message. These users’ computers are not infected with the virus.

Step 3a. Some users open the attachment and their computers become infected with the virus.



• How can you protect your system from a macro virus? Set macro security level in applications that allow

you to write macros At medium security

level, warning displays that document contains macro Macros are

instructions saved in an application, such as word processing or spreadsheet program



• What is an antivirus program?

Identifies and removes computer viruses

Most also protect against worms and Trojan horses



• What is a virus signature? Specific pattern of virus code

Also called virus definition Antivirus programs

look for virus signatures



Keeps file in separate area of hard disk

•How does an antivirus program inoculate a program file?

Records Records information information

about program such about program such as file size and as file size and

creation creation datedate Attempts Attempts

to remove to remove any detected any detected

virusvirus

Uses Uses information information to detect if to detect if

virus tampers virus tampers with filewith file

QuarantinesQuarantines infected infected

files that it files that it cannot cannot removeremove



• What is a recovery disk?

Removable disk that contains uninfected copy of key operating system commands

that enables computer to restart Also called rescue disk

Once computer restarts, antivirus program can attempt to repair damaged files



•What are some tips for preventing virus, worm, and Trojan horse infections?

1.Install a personalfirewall program

2. Scan all removable media

If the antivirus program flags an

e-mail attachment as infected, delete

the attachment immediately

1. Never start a computer with a removable media.2. Set the macro security in programs so you can

enable or disable macros

Never open an e-mail attachment

unless you are expecting it and

it is from a trusted source

1. Install an antivirus program on all of your

computers2. Set the macro security to

enable or disable macros

Check all downloaded

programs for viruses, worms, or Trojan horses



Undervoltage—drop in electrical supply

System Failure

• What is a system failure?

Overvoltage or power surge—

significant increase in electrical power

Noise—unwanted electrical signal

Caused by aging hardware, Caused by aging hardware, natural disasters, or electrical natural disasters, or electrical

power disturbancespower disturbances

Can cause loss of hardware, Can cause loss of hardware, software, or datasoftware, or data

Prolonged malfunction Prolonged malfunction of computerof computer


System Failure

• What is a surge protector? Protects computer and equipment

from electrical power disturbances

Uninterruptible power supply (UPS) is surge protector that provides power during power loss


Internet Security RisksWhat is a Denial of Service attack (DoS)?

p. 587

Computer Emergency Response Team Coordination

Center (CERT/CC) assists with DDoS attacks

Hacker uses unsuspecting computer, called zombie, to send

an influx of confusing data messages to execute attack on

other systems

Distributed DoS (DDoS) attack is more devastating, extensive in

which multiple computers attack multiple networks. Websites that have been affected: Yahoo! eBay,

Amazon.com, CNN.com

Also called DoS attackAn assault to disrupt computer access to the Internet e.g. Web

or email


Internet Security Risks

Secure siteSecure site is Web site that uses encryption to secure

data

• How do Web browsers provide secure data transmission?

Digital certificateDigital certificate is notice that guarantees Web site is

legitimate

Many Web browsers

use encryption



• What is a Certificate Authority (CA)?

Authorized person or company that issues and verifies digital certificates

Users apply for digital certificate from CA

Has info such as user’s name, the issuing CA’s name/signature, serial no of the certificate

Digital certificate is encrypted


Internet Security Risks• What is Secure Sockets Layer (SSL)? Provides encryption of all data that passes between

client and Internet server Web addresses beginning with

“https” indicate secure connections TLS – Transport Layer Security, a

successor to SSL Provides encryption and requires

the client to have a digital cert. Prevents illegal tampering of data



Digital signature is encrypted

code attached to e-mail message

to verify identity of sender

Freeware for personal, non-commercial use

• What are methods for securing e-mail messages?

Pretty Good Privacy (PGP)

is popular e-mail encryption program

CT024 PDT Introduction

Secure HTTP (S-HTTP)

• Allows users to choose an encryption scheme for data transfer between client & Internet server

• Client & server must have digital certs• S-HTTP is more difficult to use than TLS but more

secure. Typical use: Online Banking• VPN – Mobile users can connect to their company

networks through VPN• VPN provides a secure connection as if the user has

a private line

20


Backing Up – The Ultimate Safeguard• What is a backup?

Duplicate of file, program, or disk

Full backupFull backupall files in computer

Selective Selective backupbackup

select which files

to back up

Three-generation backupThree-generation backuppreserves

three copies of important filesThe grandparent is the oldest copy, the parent is the second oldest and the child is the most

recent copy

In case of system failure or corrupted files, restore files by copying to original location


Backup Procedures and Security

• What are the four types of backups?


• What is a backup procedure? Regular plan of copying and

storing data and program files Can use combination of

full backups and differential or incremental backups

Differential backups - backs up only files that changed since the last full back up

Incremental - backs up the changed data, but only backs up the data that has changed since the last backup



Backup Procedures and Security• What is a disaster recovery plan? Written plan for restoring computer operations in

event of disaster

Recovery planactions to be taken

to restore full information processing operations

Test plansimulates various levels of

disasters and records ability

to recover

Emergency plansteps to be taken

immediately after disaster

Backup planhow backup files

and equipment would be used to resume information

processing



• What is a computer security plan? Summarizes in writing all safeguards in place to

protect company’s information International Computer Security Association

(ICSA) provides assistance with computer security plans

CT024 PDT Introduction

Other Terms• Botnet – group of compromised computers

attached to a network e.g. Internet used to attack other networks for nefarious reasons

• Bot – a program that performs repetitive tasks on the network. Cybercriminals install malicious bots on unprotected computers to create a zombie army and uses a botnet to send spam via email, virus, malware, DoS

• Zombie - a compromised computer whose owner is unaware the computer is remotely controlled by another illegal user

• Back Door – bypass security control 26


Review Questions

What would be the various mode to backup the system?

Explain the techniques to secure the internet risks.


Q & A

Question and Answer Session


Topic and Structure of next session

What we will cover next

Topic and Structure of next session

Enterprise Computing

5 c it w security issues

Documents