Activity #3: Questions

1. What is the purpose of authentication?

- Its purpose is to identify who is using the system, though it does not
control what you can do inside that system once you are identified.
2. What is the difference between a strong and weak password?
- You especially want to avoid weak passwords that are formed from
common phrases, your name, important dates in your life, or other
things that someone might try based on their knowledge of you. A
strong password normally includes a mixture of uppercase and
lowercase letters, numbers, and other special symbols. A strong
password should be hard for someone to guess, but may still include
sequences that are easy for you to remember.
3. What is multifactor authentication? How does this improve security?
- This type of authentication requires multiple steps to unlock protected
devices or services. As you add more steps to the authentication
procedure, it becomes harder for someone to hack all of the steps to
break into an account or device.
4. What are three common types of identity that might be required in
multifactor authentication?
- PIN Numbers - These 4, 5, or 6-digit numbers should keep secret so they
are only known to you.
- Biometrics - Your fingerprint, retina (eye) pattern and facial features
are unique to you.
- Pattern-drawing - You can create a secret pattern drawn between a grid
of dots (often used to unlock smartphones).
5. What is the purpose of authorization? What are some example user
roles and how might their access differ?
- Authorization rules control who is allowed to do things. The
administrator might have access to all files but a guest might only be
able to access certain files.
6. What is the purpose of accounting? What sorts of activity might be
tracked in a system?
 - Systems will often keep track of what authenticated users do within
the system. These historical records provide an accounting (or audit log)
of your activity. Audit logs are also used to answer questions about who
authorized changes in a system.
7. How does symmetric encryption work? Do both sender and receiver
need to share a secret key in advance?
- Using the same shared, secret key to both encrypt and decrypt data is
called symmetric encryption (or private-key cryptography)
8. How does asymmetric encryption work? Do both sender and receiver
need to share a secret key in advance? What keys are used to encrypt
and decrypt data?
- Asymmetric encryption, or public-key cryptography, actually uses two
different keys, each representing and owned by the receiver of the data
(typically, a web, file, or email server). One key is public, meaning it can
be freely distributed to the general public. The other key is private and
is known only to the receiver of the information. The Secure Sockets
Layer (SSL / TLS) protocol used by web servers to secure your online
activities is based on public-key cryptography.
9. How is the identity of the server or receiver verified in public-key
encryption? What is the role of a certificate authority?
10.What are some ways that viruses or malware can infect a computer?
- These small programs attack your computer and may damage your
files, steal your private information, give complete control to someone
else, or display unwanted advertisements.
11.What is the main purpose of spyware, ransomware, and adware?
What other kinds of malware exist?

Virus Type Description

Spyware Spyware will try to spy on you!

Spyware programs may track your
Internet web browsing history,
record all of the keystrokes you
 make on your keyboard, steal
usernames and passwords as you
enter them into forms, and report
this personal data back to someone
else.

Ransomware Ransomware is designed to lock you

out of your computer and keep you
from accessing any of your files. The
hackers may then demand payment
from you to unlock your computer.

Adware Adware programs will display

unwanted advertisements on your
computer. Adware programs might
track your web browsing history and
display targeted advertisements
based on the things you visit. Or they
may simply display a large number
of unwanted ads for both legal and
illegal goods and services.

Others Malware programs can be written to

cause other kinds of damage or
frustration. Viruses may damage or
delete files on your computer,
corrupt your operating system, or
even reformat your entire hard
drive.

12.What is anti-virus software? Why is it important to keep anti-virus

software installed and updated?
- An anti-virus program will run constantly on your computer, scanning
the files for known virus infections. Anti-virus programs will also look
for suspicious behavior from programs that might signal a new,
unknown virus is at work.
13.What does anti-virus software do when it finds a suspicious file?
- Since new viruses are discovered all the time, you will want to keep
your anti-virus software up-to-date so it knows about the latest threats.