UNIT 9 Flashcards
(33 cards)
the protection of computer systems and information from harm, theft, and
unauthorized use. Computer hardware is typically protected by the same means used to protect
other valuable or sensitive equipment, namely, serial numbers, doors and locks, and alarms. The
protection of information and system access, on the other hand, is achieved through other tactics,
some of them quite complex.
Computer security
deals with the protection of computer systems
and information from harm, theft, and unauthorized use.
Computer security
is the practice of defending computers, servers, mobile devices, electronic systems,
networks, and data from malicious attacks. It’s also known as information technology security or
electronic information security.
Cyber security
CYBER SECURITY
is the practice of securing a computer network from intruders, whether
targeted attackers or opportunistic malware.
Network security
CYBER SECURITY
focuses on keeping software and devices free of threats. A
compromised application could provide access to the data its designed to protect. Successful security begins in the design stage, well before a program or device is deployed.
Application security
CYBER SECURITY
protects the integrity and privacy of data, both in storage and in
transit
Information security
CYBER SECURITY
includes the processes and decisions for handling and protecting data
assets. The permissions users have when accessing a network and the procedures that
determine how and where data may be stored or shared all fall under this umbrella.
Operational security
CYBER SECURITY
_____ and business continuity define how an organization responds to a cybersecurity incident or any other event that causes the loss of operations or data. Disaster
recovery policies dictate how the organization restores its operations and information to
return to the same operating capacity as before the event. Business continuity is the plan
the organization falls back on while trying to operate without certain resources.
Disaster recovery
CYBER SECURITY
addresses the most unpredictable cyber-security factor: people.
Anyone can accidentally introduce a virus to an otherwise secure system by failing to follow
good security practices. Teaching users to delete suspicious email attachments, not plug in
unidentified USB drives, and various other important lessons is vital for the security of any
organization
End-user education
CIA THREE MAIN PRINCIPLES
is ensuring that information is available only to the intended audience – An
organization obtains or creates a piece of sensitive data that will be used in the course of
its business operations. Because the data is sensitive, that data should only be able to be
seen by the people in the organization that need to see it in order to do their jobs. It should
be protected from access by unauthorized individuals.
Confidentiality
CIA THREE MAIN PRINCIPLES
is protecting information from being modified by unauthorized parties – Integrity
involves maintaining the accuracy, consistency and trustworthiness of data. Data must not
be changed whilst at rest or in transit by unauthorized individuals (which would demonstrate a breach of confidentiality). Integrity of data is commonly ensured by
implementing security measures such as file permissions and access control models.
Version controls can also be utilized to avoid changes to data made accidentally by
authorized individuals
Integrity
CIA THREE MAIN PRINCIPLES
is protecting information from being modified by unauthorized parties – When
the individual that needs that piece of data to perform a job duty is ready to utilize it, it
must be readily accessible (i.e. online) in a timely and reliable manner so the job task can
be completed on time and the company can continue its processing. Availability means
that authorized individuals are able to access their data whenever they want.
Availability
Good Security Practices for Individuals
Software may include bugs as discussed in the previous modules. To limit the
vulnerabilities, make sure that the instructions for install of a software is followed, the
acquisition of the software is legitimate. Anti-virus and anti-malware should also be
installed and kept up to date.
Install anti-virus and anti-malware software
Good Security Practices for Individuals
Reusing passwords or having the same password for multiple accounts, websites, and
other systems will become more vulnerable. Do not save passwords on websites and
devices that are unsecure. Remember to change your passwords on a schedule to keep
them fresh
Use a strong password
Good Security Practices for Individuals
Yes, the business centers and cybercafes that offer the use of a computer system is
convenient, but not secure. Since anyone can use them for anything, they have probably
been exposed to viruses, worms, trojans, keyloggers, and other nasty malware. Should you
use them at all? When using a public area computer, be sure to completely log off when
you are finished using it.
Log off public computers
Good Security Practices for Individuals
Some events may be inevitable like hardware failure and virus infection, so be sure to save
every now and then. Also back up important information that is important to you. Make
sure to verify if the files you’ve saved can be easily restored.
Save and Back up
Good Security Practices for Individuals
Facebook, Twitter, Google+, YouTube, Pinterest, LinkedIn and other social networks have
become an integral part of our online lives. Social networks are a great way to stay
connected with others, but you should be wary about how much personal information you
post. Learn how to use the privacy and security settings to protect yourself, keep personal
information personal, know and manage your friends, know what to do if you encounter a
problem.
Limit social network information
Good Security Practices for Individuals
Avoid peer-to-peer (P2P) networks and remove any file-sharing clients already installed on
your system. Since most P2P applications have worldwide sharing turned on by default
during installation, you run the risk of downloading viruses or other malware to your
computer, and having your personal and/or confidential information inadvertently shared
across the Internet, which could lead to identity theft.
Download files legally
Good Security Practices for Individuals
Do not divulge personal information online if you’re not sure about the sender or the
website. A common fraud, called “phishing”, sends messages that appear to be from a
bank, shop or auction, giving a link to a fake website and asking you to follow that link and
confirm your account details.
Keep personal information safe
Good Security Practices for Individuals
Whenever you leave our devices unattended, make sure that your device/s are locked.
Lock your computer
Good Security Practices for Individuals
Avoid visiting unknown websites or downloading software from untrusted sources. These
sites often host malware that will automatically install (often silently) and compromise
your computer. If attachments or links in the email are unexpected or suspicious for any
reason, don’t click on it, just visit the actual sender website.
Do not click on suspicious links or pop-up notifications
Good Security Practices for Individuals
Turn on automatic updating or make sure that all applications are also up to date.
Keep applications up to date
Definition of terms
is a network security device that monitors incoming and outgoing
network traffic and decides whether to allow or block specific traffic based on a defined
set of security rules.
Firewall
Definition of terms
is a person who breaks into a computer system. The reasons for hacking
can be many: installing malware, stealing or destroying data, disrupting service, and more.
Hacking can also be done for ethical reasons, such as trying to find software vulnerabilities
so they can be fixed.
Hacker/s
