You are on page 1of 27

Computing and IT in the Workplace

CT006-1

Security Issues

Learning Outcomes
At the end of this section, YOU should be able to:

To explain and describe the security risks arises in the use of IT at work

To describe measures that can be taken to counteract the threats

Computing and IT in the Workplace

Chapter 5

Topics we will cover

Types of Computer Security Risks

Computer viruses, Worms and Trojan Horses

System Failure

Backups

Internet Security Risks

Computing and IT in the Workplace

Chapter 5

Computer Security Risks


What is a computer security risk?

Action that causes loss of or damage to computer


system

Computing and IT in the Workplace

Chapter 5

Computer Viruses, Worms and Trojan Horses


What are viruses, worms, and Trojan horses?
Virus is a
potentially
damaging
computer
program

Worm copies
itself repeatedly,
using up
resources
and possibly
shutting down
computer or
network

Trojan horse hides


within
or looks like
legitimate
program until
triggered
Does not
replicate
itself on
other
computers

Can spread
and
damage
files

Computing and IT in the Workplace

Chapter 5

Payload
(destructive
event) that is
delivered when
you open file, run
infected program,
or boot computer
with infected disk
in disk drive

Computer Viruses, Worms and Trojan Horses


How can a virus spread through an e-mail message?
Step 1. Unscrupulous

Step 2. They use

programmers create a virus


program. They hide the
virus in a Word document
and attach the Word
document to an e-mail
message.

the Internet to send


the e-mail message
to thousands of
users around the
world.

Step 3b. Other users do not


Step 3a. Some

users open the


attachment and
their computers
become infected
with the virus.
Computing and IT in the Workplace

recognize the name of the


sender of the e-mail message.
These users do not open the
e-mail message. Instead they
delete the e-mail message.
These users computers are not
infected with the virus.
Chapter 5

Computer Viruses, Worms and Trojan Horses


How can you protect your system from a macro virus?

Set macro security level in applications that allow


you to write macros

At medium security
level, warning displays
that document
contains macro

Macros are
instructions saved in
an application, such
as word processing
or spreadsheet
program

Computing and IT in the Workplace

Chapter 5

Computer Viruses, Worms and Trojan Horses


What is an antivirus program?

Identifies and removes


computer viruses
Most also protect
against worms and
Trojan horses

Computing and IT in the Workplace

Chapter 5

Computer Viruses, Worms and Trojan Horses


What is a virus signature?

Specific pattern of virus code

Also called virus definition

Antivirus programs
look for virus
signatures

Computing and IT in the Workplace

Chapter 5

Computer Viruses, Worms and Trojan Horses


How does an antivirus program inoculate a program
file?
Records
information
aboutprogramsuch
asfilesizeand
creation
Uses
date
Attempts
information
toremove
todetectif
anydetected
virustampers
virus
withfile
Quarantines
infected
filesthatit
Keeps file
cannot
in separate
remove
area of hard disk
Computing and IT in the Workplace

Chapter 5

10

Computer Viruses, Worms and Trojan Horses


What is a recovery disk?
Removable disk that contains uninfected
copy of key operating system commands
that enables computer to restart

Also called rescue disk

Once computer restarts, antivirus program


can attempt to repair damaged files

Computing and IT in the Workplace

Chapter 5

11

Computer Viruses, Worms and Trojan Horses


What are some tips for preventing virus, worm, and
Trojan horse infections?
Set the macro security
in programs so you
can enable or disable
macros

If the antivirus
program flags an
e-mail attachment
as infected, delete
the attachment
immediately

Computing and IT in the Workplace

Install an antivirus
program on all of
your computers

Check all
downloaded
programs for
viruses, worms,
or Trojan horses

Chapter 5

Never open an
e-mail attachment
unless you are
expecting it and
it is from a
trusted source

Install a personal
firewall program

12

System Failure
What is a system failure?
Prolonged malfunction
of computer

Can cause loss of hardware,


software, or data

Caused by aging hardware,


natural disasters, or electrical
power disturbances
Noiseunwanted
electrical signal

Overvoltage or
power surge
significant increase
in electrical power

Undervoltagedrop
in electrical supply

Computing and IT in the Workplace

Chapter 5

13

System Failure
What is a surge protector?

Protects computer and


equipment from electrical power
disturbances
Uninterruptible power supply
(UPS) is surge protector that
provides power during power
loss

Computing and IT in the Workplace

Chapter 5

14

Internet Security Risks


What is a denial of service attack?

Also called DoS attack

Hacker uses unsuspecting


computer, called zombie, to
execute attack on other systems

Distributed DoS (DDoS) attack


is more devastating DoS attack
in which multiple computers
attack multiple networks

Computer Emergency
Response Team Coordination
Center (CERT/CC) assists
with DDoS attacks

p. 587
Computing and IT in the Workplace

Chapter 5

15

Internet Security Risks

How do Web browsers provide secure data


transmission?

Many Web browsers


use encryption

Secure site
is Web site that uses
encryption to secure data
Digital certificate is notice that
guarantees Web site is legitimate

Computing and IT in the Workplace

Chapter 5

16

Internet Security Risks


What is a certificate authority (CA)?

Authorized person
or company that
issues and verifies
digital certificates
Users apply for
digital certificate
from CA

Computing and IT in the Workplace

Chapter 5

17

Internet Security Risks


What is Secure Sockets Layer (SSL)?

Provides encryption of all data that passes between


client and Internet server

Web addresses
beginning with
https indicate
secure
connections

Computing and IT in the Workplace

Chapter 5

18

Internet Security Risks


What are methods for securing e-mail messages?

Pretty Good
Privacy (PGP)
is popular
e-mail encryption
program

Digital signature
is encrypted
code attached to
e-mail message
to verify identity
of sender

Freeware for
personal, noncommercial use

Computing and IT in the Workplace

Chapter 5

19

Backing Up The Ultimate Safeguard


What is a backup?
Duplicate of file, program, or disk

Full
Fullbackup
backup
all
allfiles
filesinin
computer
computer

Selective
Selectivebackup
backup
select
selectwhich
whichfiles
files
totoback
backup
up

Three-generation
Three-generation
backup
backup
preserves
preserves
three
threecopies
copiesofof
important
importantfiles
files

In case of system failure or corrupted files,


restore files by copying to original location

Computing and IT in the Workplace

Chapter 5

20

Backup Procedures and Security


What are the four types of backups?

Computing and IT in the Workplace

Chapter 5

21

Backup Procedures and Security


What is a backup procedure?
Regular plan of
copying and
storing data and
program files
Can use
combination of
full backups and
differential or
incremental
backups
Computing and IT in the Workplace

Chapter 5

22

Backup Procedures and Security


What is a disaster recovery plan?
Written plan for restoring computer operations in
event of disaster
Emergency plan
steps to be taken
immediately
after disaster

Backup plan
how backup files
and equipment
would be used to
resume information
processing

Recovery plan
actions to be taken
to restore full
information
processing operations

Computing and IT in the Workplace

Chapter 5

Test plan
simulates various
levels of disasters
and records ability
to recover

23

Backup Procedures and Security


What is a computer security plan?
Summarizes in writing all safeguards in place to
protect companys information
International Computer Security Association
(ICSA) provides assistance with computer
security plans

Computing and IT in the Workplace

Chapter 5

24

Review Questions

What would be the various mode to backup the


system?
Explain the techniques to secure the internet
risks.

Computing and IT in the Workplace

Chapter 5

25

Question and Answer Session

Q&A
Computing and IT in the Workplace

Chapter 5

26

What we will cover next


Topic and Structure of next session
Enterprise Computing

Computing and IT in the Workplace

Chapter 5

27

You might also like