Card Set Information

2011-12-09 00:56:10

first part of slides for final
Show Answers:

  1. Privacy
    Individual’s ability to restrict or eliminate the collection, use, and sale of confidential personal information
  2. Anonymity
    • Means to communicate without disclosing one’s identity
    • More difficult with the use of computers and the Internet
  3. Technologies that jeopardize anonymity
    • Cookies
    • Global unique identifiers
    • Ubiquitous computing
    • Radio frequency identification
  4. Cookies
    • Small files written to your hard disk by Web sites visited
    • Examples include:
    • Track your browsing habits
    • Gather personal information without your consent
  5. Global unique identifer (GUID)
    Identification number produced by software or a piece of hardware
  6. Ubiquitous computing
    Interacting with multiple networked devices
  7. Active badge
    transmits infrared signals to create an electronic trail
  8. Radio frequency identification (RFID)
    • Uses radio waves to track a chip or tag
    • Used for inventory control in stores
    • May compromise anonymity and privacy if information stored on tags attached to U.S. passports
  9. Collection of Information Without Consent In the U.S.
    • Legislation currently in place includes:
    • Fair Credit Reporting Act
    • Health Insurance Portability and Privacy Act
    • Family Education Rights and Privacy Act
    • No comprehensive federal law governing the overall privacy rights of U.S. citizens
  10. SPAM
    Unsolicited messages sent in bulk over electronic mailing systems
  11. Protecting privacy online
    • Use products such as Anonymous Surfing or IronKey Secure USB flash.
    • Use free Web-based throwaway e-mail addresses in chat rooms and for mailing lists.
    • Tell children not give out personal information.
    • Complete forms only if you see a privacy statement.
    • Turn off cookies
  12. Web beacons
    Transparent graphic images placed on a Web site or in ane- ail—used to monitor Web or e-mail behavior
  13. Protecting privacy at home
    • Create logins and passwords for each person using the computer.
    • Do not save account numbers or passwords.
    • Close a secured account site when not using a computer.
    • Use strong passwords
  14. Protecting privacy at work
    • Refrain from making personal calls on a work phone
    • Avoid using company e-mail for personal purposes
    • Assume you are monitored
    • Be aware of shoulder surfing
    • Do not allow others to tailgate
  15. Cybercrimes
    • Crimes perpetrated through the Internet
    • Many Web sites educate users about cybercrime and cybercriminals
  16. Cyberlaw
    Area of law dedicated to computer crime
  17. Types of computer crime
    Identify theft, Dumpster diving, Phishing attacks, Spear phishing, Malware
  18. Identify theft
    criminal access to personal information in order to impersonate someone
  19. Dumpster diving
    disgruntled employees or thieves go through a company’s trash to find information they can steal
  20. Phishing attacks
    legitimate-looking e-mails or Web sites created in an attempt to obtain confidential data about a person
  21. Spear phishing
    (similar to phishing)—uses targeted fake e-mails and social engineering to trick recipients into providing personal information to enable identity theft
  22. Malware
    (short for malicious software)—programs that intentionally harm a computer system or allow individuals to gain access without permission
  23. Tips to protect yourself from malware
    • Know who you are dealing with
    • Keep your Web browser and operating system up to date
    • Back up important files
    • Protect children online
    • Use security software tools and keep them up to date
    • Use strong passwords
    • Learn what to do if something goes wrong
  24. Spyware
    • software that gathers private information and tracks web use,
    • Adware is one form of this it generates annoying pop-up and banner ads
    • Kyloggers is another type and it records keystrokes to provide cyber criminals with confidential data
  25. Computer virus
    code concealed inside a program that can harm or destroy files. Many spread to e-mail attachments,
  26. Payload
    refers to the dangerious actions a virus performs
  27. Macro viruses
    attach to data files and take advanrage of application macros
  28. Boot sector viruses
    execute each time you start the computer
  29. SPIM
    spam text message sent via a cell phone or instant messaging service
  30. Logic bomb
    hidden computer code tha tsits dormant on a system until triggered
  31. Time bomb
    virus program that remains dormant on a computer system until activated
  32. Worm
    similar to a virus but does not need action of a user to execute
  33. denial of service (DoS) attack
    assaults an internet server with so many request it can't function
  34. Distributed denial of service (DD0S)
    attack involves multiple comoputer systems
  35. botnet
    robot network
  36. bot
    connects individual computers to the controller usually a server under the control of the botnet controller
  37. syn flooding
    form of denial of service attack in which synchronization packets are repeatedly sent to every port on the server
  38. rootkit
    malicious program that is disguised as a useful program, it enables attacker to gain adminstrator level access allows attacker to have repeated and undetected access
  39. trojan horse
    normal looking program that includes concealed instructions to cause harm
  40. Hackers
    computer hobbyists attempting unauthorized access, generally subscribing to an unwritten code of conduct - Hacker ethic
  41. cybergangs
    groups of hackers working together to coordinate attacks
  42. IP spoofing
    sends a message with an IP address disguised as a message from a trusted source
  43. Honeypots
    computer baited with fake data and purposely left vulnerable to study how intruders operate to prapre stronger defenses
  44. crackers (black hats)
    attemptto enter higly secure computer systems to destroy data or steal information
  45. ethical hackers (white hats)
    use expertise to shore up computer system defenses
  46. Cyberstalkers
    • Use the Internet, social networking sites, and e-mail to harass or threaten
    • Most perpetrators are men
    • Most victims are college-age women
  47. Cyberbullying
    • Sending threatening messages via e-mail or text message
    • Usually involves minors
  48. Computer security risk
    • Any intentional or unintentional action resulting in damaging a computer system or its data
    • Increased by wireless LANs because transmissions occur over shared airwaves instead of dedicated lines
  49. Vacation hacking
    tricking travelers into using phony WiFi hot spots—evil twins
  50. Corporate espionage
    unauthorized access of corporate information usually to the benefit of a competitor
  51. Pod slurping
    using removiable storage media to create unauthorized copies of confidential data
  52. Trap doors
    security holes created by employees allowing entry to company systems after leaving the firm
  53. Information warfare
    use of information technologies to corrupt or destroy an enemy's information and industrial infrasture
  54. Uninterruptible power supply (UPS)
    provides additional power during outages or electrical current fluctuations
  55. Biometric authentication
    use of voice recognition, retinal scans, and fingerprint scans for authentication
  56. Firewalls
    hardware or software, to prevent unauthorized access
  57. Cryptography
    Study of transforming information into an encoded or scrambled format
  58. Encryption
    Coding or scrambling process that renders a message unreadable by anyone other than the intended recipient
  59. Plaintext
    Readable message that has not been encrypted
  60. Encryption key
    Formula that makes a plaintext message unreadable
  61. Ciphertext
    Coded message
  62. Symmetric key encryption
    Uses same key for both encryption and decryption
  63. Key interception
    Occurs when a symmetric key encryption is stolen, allowing others to decrypt messages encrypted with that encryption key
  64. Secure electronic transaction (SET)
    • Uses digital certificates
    • Enable parties engaged in Internet-mediated transactions to confirm each other’s identities
  65. Public key infrastructure (PKI)
    • Uniform set of encryption standards
    • No dominant standard
    • Public fear of a monopoly if a PKI is chosen
  66. Encryption and public security issues
    U.S. government continues search for ways to balance the public’s right to privacy and the government’s need to know
  67. E-discovery
    Obligation of parties to a lawsuit to exchange documents existing only in electronic form
  68. Computer forensics
    Legal evidence found in computers and digital storage media