Skill Developments

Instructor:
Hamza Naveed
Email ID: [email protected]
 Course Introduction

This course is intended to make students understand the effect

of computer and its applications in daily life and in their field.
Basically, this subject is related to the introduction of
information technology, understanding computer systems and
concepts, e-commerce, security and privacy controls over
internet, MS Office, databases and importance of information
systems in business and e-banking etc.
Objectives Overview

Define the term, Describe various

Discuss techniques
computer security types of Internet and
to prevent
risks, and briefly network attacks, and
unauthorized
describe the types of identify ways to
computer access and
cybercrime safeguard against
use
perpetrators these attacks

Explain the ways

Discuss how
Identify safeguards software
encryption works,
against hardware manufacturers
and explain why it is
theft and vandalism protect against
necessary
software piracy

3
Objectives Overview

Discuss the types of Identify risks and

Explain the options
devices available safeguards
available for backing
that protect associated with
up computer
computers from wireless
resources
system failure communications

Recognize issues
Discuss ways to related to
prevent health- information Discuss issues
related disorders and accuracy, intellectual surrounding
injuries due to property rights, information privacy
computer use codes of conduct,
and green computing

4
 Computer Security Risks
• A computer security risk is any event or action that could
cause a loss of or damage to computer hardware, software,
data, information, or processing capability
• A cybercrime is an online or Internet-based illegal act

Script Corporate
Hackers Crackers
Kiddies Spies

Cyber
Unethical Cyber
extortioni
Employees terrorists
sts
5
Computer Security Risks

6
 Internet and Network Attacks
• Information transmitted over networks has a higher degree of
security risk than information kept on an organization’s
premises
• An online security service is a Web site that evaluates your
computer to check for Internet and e-mail vulnerabilities

7
Internet and Network Attacks
Computer Trojan
Worm Rootkit
Virus Horse
• Affects a • Copies • A malicious • Program
computer itself program that hides
negatively repeatedly, that hides in a
by altering using up within or computer
the way the resources looks like a and allows
computer and legitimate someone
works possibly program from a
shutting remote
down the location to
computer take full
or network control
8
 Internet and Network Attacks
• An infected computer has one or more of the following
symptoms:
Operating Screen displays
Available Music or
system runs Files become unusual
memory is less unusual sound
much slower corrupted message or
than expected plays randomly
than usual image

Unknown
Existing Programs or programs or System Operating
programs and files do not files properties system does
files disappear work properly mysteriously change not start up
appear

Operating
system shuts
down
unexpectedly
9
Internet and Network Attacks

10
Internet and Network Attacks

11
 Internet and Network Attacks
• Users can take several
precautions to protect their
home and work computers
and mobile devices from
these malicious infections

12
 Internet and Network Attacks
• A botnet is a group of compromised computers connected to a network
• A compromised computer is known as a zombie
• A denial of service attack (DoS attack) disrupts computer access to
Internet services
• Distributed DoS (DDoS)
• A back door is a program or set of instructions in a program that allow
users to bypass security controls
• Spoofing is a technique intruders use to make their network or Internet
transmission appear legitimate

13
 Internet and Network Attacks
• A firewall is hardware and/or software that protects a
network’s resources from intrusion

14
Internet and Network Attacks
Intrusion detection software
• Analyzes all network traffic
• Assesses system vulnerabilities
• Identifies any unauthorized intrusions
• Notifies network administrators of suspicious
behavior patterns or system breaches

Honeypot
• Vulnerable computer that is set up to entice an
intruder to break into it
15
Unauthorized Access and Use
Unauthori
zed use is
Unauthori
the use of
zed
a
access is
computer
the use of
or its data
a
for
computer
unapprove
or network
d or
without
possibly
permission
illegal
activities

16
 Unauthorized Access and Use
• Organizations take several
measures to help prevent
unauthorized access and
use
• Acceptable use policy
• Disable file and printer
sharing
• Firewalls
• Intrusion detection software

17
 Unauthorized Access and Use
• Access controls define who can access a computer, when they
can access it, and what actions they can take
• Two-phase processes called identification and authentication
• User name
• Password
• Passphrase
• CAPTCHA

18
 Unauthorized Access and Use
• A possessed object is any item
that you must carry to gain
access to a computer or
computer facility
• Often are used in combination with
a personal identification
number (PIN)
• A biometric device
authenticates a person’s
identity by translating a
personal characteristic into a
digital code that is compared
with a digital code in a
computer
19
 Unauthorized Access and Use
• Digital forensics is the discovery, collection, and analysis of
evidence found on computers and networks
• Many areas use digital forensics

Law Criminal Military Insurance

enforcement prosecutors intelligence agencies

Information
security
departments
20
Hardware Theft and Vandalism

Hardware
Hardware theft vandalism is the
is the act of act of defacing or
stealing computer destroying
equipment computer
equipment

21
 Hardware Theft and Vandalism
• To help reduce the of chances of theft, companies and schools
use a variety of security measures

Physical access Cables to lock

Alarm systems
controls equipment

Passwords,
Real time location
possessed objects,
system
and biometrics

22
 Software Theft
• Software theft occurs when someone:

Steals Intentionally
software erases
media programs

Illegally
Illegally registers
copies a and/or
program activates a
program
23
 Software Theft
• A single-user license agreement typically contains the
following conditions:
Permitted to
• Install the software on one computer
• Make one copy of the software
• Remove the software from your computer before giving it away
or selling it
Not permitted to
• Install the software on a network
• Give copies to friends or colleagues while continuing to use the
software
• Export the software
• Rent or lease the software
24
 Software Theft
• Copying, loaning,
borrowing, renting, or
distributing software can
be a violation of copyright
law
• Some software requires
product activation to
function fully

25
 Information Theft
• Information theft occurs when someone steals personal or
confidential information
• Encryption is a process of converting readable data into
unreadable characters to prevent unauthorized access

26
Information Theft

27
 Information Theft
• A digital signature is an encrypted code that a person, Web
site, or organization attaches to an electronic message to
verify the identity of the sender
• Often used to ensure that an impostor is not participating in an
Internet transaction
• Web browsers and Web sites use encryption techniques

28
 Information Theft
• Popular security techniques include
Transport
Digital Layer
Secure HTTP
Certificates Security
(TLS)

VPN

29
Information Theft

30
 System Failure
• A system failure is the prolonged malfunction of a computer
• A variety of factors can lead to system failure, including:
• Aging hardware
• Natural disasters
• Electrical power problems
• Noise, undervoltages, and overvoltages
• Errors in computer programs

31
 System Failure
• Two ways to protect from system failures caused by electrical
power variations include surge protectors and
uninterruptable power supplies (UPS)

32
 Backing Up – The Ultimate
Safeguard
• A backup is a duplicate of a file, program, or disk that can be
used if the original is lost, damaged, or destroyed
• To back up a file means to make a copy of it
• Offsite backups are stored in a location separate from the
computer site

Cloud
Storage

33
 Backing Up – The Ultimate
Safeguard
• Two categories of backups: • Three-generation backup
• Full backup policy
• Selective backup
Grandpare
nt

Parent

Child

34
 Wireless Security
• Wireless access poses additional security risks
• About 80 percent of wireless networks have no security protection
• War driving allows individuals to detect wireless networks while
driving a vehicle through the area

35
 Wireless Security
• In additional to using firewalls, some safeguards improve
security of wireless networks:
A wireless Configure a
access point WAP so that
Change the
should not only certain
default SSID
broadcast an devices can
SSID access it

Use WPA or
WPA2 security
standards
36
 Health Concerns of Computer Use
• The widespread use of
computers has led to
health concerns
• Repetitive strain injury
(RSI)
• Tendonitis
• Carpal tunnel syndrome (CTS)
• Computer vision
syndrome (CVS)

37
Health Concerns of Computer Use

38
 Health Concerns of Computer Use
• Ergonomics is an applied
science devoted to
incorporating comfort,
efficiency, and safety into
the design of items in the
workplace

39
 Health Concerns of Computer Use
• Computer addiction occurs when the computer consumes
someone’s entire social life
• Symptoms of users include:

Unable to
Craves Overjoyed
stop
computer when at the
computer
time computer
activity
Irritable
Neglects Problems at
when not at
family and work or
the
friends school
computer 40
 Ethics and Society
• Computer ethics are the
moral guidelines that
govern the use of
computers and information
systems
• Information accuracy is a
concern
• Not all information on the
Web is correct

41
Ethics and Society
Intellectual property rights are the
rights to which creators are entitled
for their work
• A copyright protects any tangible form of
expression
An IT code of conduct is a written
guideline that helps determine
whether a specific computer action is
ethical or unethical
42
Ethics and Society

43
 Ethics and Society
• Green computing involves reducing the electricity and
environmental waste while using a computer

44
 Ethics and Society
• Information privacy refers to the right of individuals and
companies to deny or restrict the collection and use of
information about them
• Huge databases store data online
• It is important to safeguard your information

45
Ethics and Society

46
 Ethics and Society
• When you fill out a form,
the merchant that receives
the form usually enters it
into a database
• Many companies today
allow people to specify
whether they want their
personal information
distributed

47
 Ethics and Society
• A cookie is a small text file that a Web server stores on your
computer
• Web sites use cookies for a variety of reasons:

Allow for Assist with

Store users’
personalizati online
passwords
on shopping

Track how Target

often users advertisemen
visit a site ts
48
Ethics and Society

49
 Ethics and Society
• Spam is an unsolicited e-
mail message or
newsgroup posting
• E-mail filtering blocks
e-mail messages from
designated sources
• Anti-spam programs
attempt to remove spam
before it reaches your
inbox

50
Ethics and Society
• Phishing is a scam in
which a perpetrator sends
an official looking e-mail
message that attempts to
obtain your personal and
financial information
• Pharming is a scam where
a perpetrator attempts to
obtain your personal and
financial information via
spoofing
51
 Ethics and Society
• The concern about privacy has led to the enactment of federal
and state laws regarding the storage and disclosure of personal
data
• See Figure 11-36 on page 589 for a listing of major U.S. government
laws concerning privacy
• The 1970 Fair Credit Reporting Act limits the rights of
others viewing a credit report to only those with a legitimate
business need

52
Ethics and Society

Social engineering is defined as gaining

unauthorized access or obtaining
confidential information by taking
advantage of trust and naivety
Employee monitoring involves the use of
computers to observe, record, and review
an employee’s use of a computer

53
 Ethics and Society
• Content filtering is the
process of restricting
access to certain material
on the Web
• Many businesses use
content filtering
• Internet Content Rating
Association (ICRA)
• Web filtering software
restricts access to specified
Web sites
54
Summary

Potential computer Wireless security risks

risks and safeguards and safeguards

Ethical issues
surrounding
information accuracy,
Computer-related
intellectual property
health issues and
rights, codes of
preventions
conduct, green
computing, and
information privacy
55