User Awareness in addition to Practices The internet allows an attacker to attack from anyw
Chang, Jen, Features Editor has reference to this Academic Journal, PHwiki organized this Journal User Awareness in addition to Practices The internet allows an attacker to attack from anywhere on the planet. Risks caused by poor security knowledge in addition to practice: Identity Theft Monetary Theft Legal Ramifications ( as long as yourself in addition to companies) Termination if company policies are not followed According to www.SANS.org , the top vulnerabilities available as long as a cyber criminal are: Web Browser IM Clients Web Applications Excessive User Rights Security: We must protect our computers in addition to data in the same way that we secure the doors to our homes. Safety: We must behave in ways that protect us against risks in addition to threats that come with technology.
This Particular University is Related to this Particular Journal
Cracker: Computer-savvy programmer creates attack software Script Kiddies: Unsophisticated computer users who know how to execute programs Hacker Bulletin Board SQL Injection Buffer overflow Password Crackers Password Dictionaries Successful attacks! Crazyman broke into CoolCat penetrated Criminals: Create & sell bots -> spam Sell credit card numbers, System Administrators Some scripts are useful to protect networks Malware package=$1K-2K 1 M Email addresses = $8 10,000 PCs = $1000 Virus Worm Trojan Horse / Logic Bomb Social Engineering Rootkits Botnets / Zombies
A virus attaches itself to a program, file, or disk When the program is executed, the virus activates in addition to replicates itself The virus may be benign or malignant but executes its payload at some point (often upon contact) Viruses result in crashing of computers in addition to loss of data. In order to recover/prevent virus/attacks: Avoid potentially unreliable websites/emails System Restore Re-install operating system Anti-virus (i.e. Avira, AVG, Norton) Independent program which replicates itself in addition to sends copies from computer to computer across network connections. Upon arrival the worm may be activated to replicate. Logic Bomb: Malware logic executes upon certain conditions. Program is often used as long as legitimate reasons. Software which malfunctions if maintenance fee is not paid Employee triggers a database erase when he is fired. Trojan Horse: Masquerades as beneficial program while quietly destroying data or damaging your system. Download a game: Might be fun but has hidden part that emails your password file without you knowing.
Social engineering manipulates people into per as long as ming actions or divulging confidential in as long as mation. Similar to a confidence trick or simple fraud, the term applies to the use of deception to gain in as long as mation, commit fraud, or access computer systems. Phone Call: This is John, the System Admin. What is your password Email: ABC Bank has noticed a problem with your account In Person: What ethnicity are you Your mothers maiden name in addition to have some software patches I have come to repair your machine Phishing: a trustworthy entity asks via e-mail as long as sensitive in as long as mation such as SSN, credit card numbers, login IDs or passwords. The link provided in the e-mail leads to a fake webpage which collects important in as long as mation in addition to submits it to the owner. The fake web page looks like the real thing Extracts account in as long as mation
A botnet is a large number of compromised computers that are used to create in addition to send spam or viruses or flood a network with messages as a denial of service attack. The compromised computers are called zombies An attacker pretends to be your final destination on the network. If a person tries to connect to a specific WLAN access point or web server, an attacker can mislead him to his computer, pretending to be that access point or server. Upon penetrating a computer, a hacker installs a collection of programs, called a rootkit. May enable: Easy access as long as the hacker ( in addition to others) Keystroke logger Eliminates evidence of break-in Modifies the operating system Backdoor entry Keystroke Logger Hidden user
Restricted data includes: Social Security Number Drivers license or state ID Financial account number (credit/debit) in addition to access code/password DNA profile (Statute 939.74) Biometric data In US, HIPAA protects: Health status, treatment, or payment Symptoms: Antivirus software detects a problem Pop-ups suddenly appear (may sell security software) Disk space disappears Files or transactions appear that should not be there System slows down to a crawl Unusual messages, sounds, or displays on your monitor Stolen laptop (1 in 10 stolen in laptop lifetime) Your mouse moves by itself Your computer shuts down in addition to powers off by itself Often not recognized
Spyware symptoms: Change to your browser homepage/start page Ending up on a strange site when conducting a search System-based firewall is turned off automatically Lots of network activity while not particularly active Excessive pop-up windows New icons, programs, favorites which you did not add Frequent firewall alerts about unknown programs trying to access the Internet Bad/slow system per as long as mance Defense in depth uses multiple layers of defense to address technical, personnel in addition to operational issues.
Anti-virus software detects malware in addition to can destroy it be as long as e any damage is done Install in addition to maintain anti-virus in addition to anti-spyware software Be sure to keep anti-virus software updated Many free in addition to pay options exist A firewall acts as a wall between your computer/private network in addition to the internet. Hackers may use the internet to find, use, in addition to install applications on your computer. A firewall prevents hacker connections from entering your computer. Filters packets that enter or leave your computer Microsoft regularly issues patches or updates to solve security problems in their software. If these are not applied, it leaves your computer vulnerable to hackers. The Windows Update feature built into Windows can be set up to automatically download in addition to install updates. Avoid logging in as administrator
Merry Christmas Bad Password Good Password Merry Xmas mErcHr2yOu MerryChrisToYou MerChr2You MerryJul MaryJul MaryJul ,stuzc,sd Jq46Sjqw (Keypad shift Right . Up) (Abbreviate) (Lengthen) (convert vowels to numeric) M5rryXm1s MXemrays (Intertwine Letters) GladJesBirth (Synonym) Never use admin or root or administrator as a login as long as the admin A good password is: private: it is used in addition to known by one person only secret: it does not appear in clear text in any file or program or on a piece of paper pinned to the terminal easily remembered: so there is no need to write it down at least 8 characters, complex: a mixture of at least 3 of the following: upper case letters, lower case letters, digits in addition to punctuation not guessable by any program in a reasonable time, as long as instance less than one week. changed regularly: a good change policy is every 3 months Beware that someone may see you typing it. If you accidentally type your password instead of your login name, it may appear in system log files
Do not open email attachments unless you are expecting the email with the attachment in addition to you trust the sender. Do not click on links in emails unless you are absolutely sure of their validity. Only visit in addition to /or download software from web pages you trust. Always use secure browser to do online activities. Frequently delete temp files, cookies, history, saved passwords etc. https:// Symbol showing enhanced security
Additional Slides to insert How is in as long as mation security confidentiality to be h in addition to led Show table of how in as long as mation confidentiality is categorized in addition to treated. Is there specific legal actions all employees should be concerned with Physical security how are the rooms laid out in addition to how is security h in addition to led H in addition to ling in as long as mation at home on home computer any special restrictions On fraud slide, specify contact if fraud is suspected. These are best practices involving In as long as mation Security. Most of these practices are from the National Institute of St in addition to ards in addition to Technology. Use these practices at home in addition to at work to keep safe in addition to secure. Employers have policies in addition to procedures regarding secure practices. Be sure to underst in addition to them in addition to adhere to them. It will protect you, your employer in addition to your customers.
Chang, Jen Features Editor
Chang, Jen is from United States and they belong to Rangefinder and they are from Culver City, United States got related to this Particular Journal. and Chang, Jen deal with the subjects like Fine Art and Commercial Photography
Journal Ratings by Marinello Schools of Beauty-Lawrence
This Particular Journal got reviewed and rated by Marinello Schools of Beauty-Lawrence and short form of this particular Institution is KS and gave this Journal an Excellent Rating.