ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Size: px
Start display at page:

Download "ITSC Training Courses Student IT Competence Programme SIIS1 Information Security"

Transcription

1 ITSC Training Courses Student IT Competence Programme SI Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1

2 Course Outline What you should know from this lecture Fundamental Concepts Issues in Daily Computer and Internet Usage Public Key Infrastructure, SSL, and Digital Certificates Software Demo Policies and Practices Plus Class Activities! SI1-2

3 Services ( ) Services: what does information security () provide? Authentication 確 認 Confidentiality 保 密 Integrity 完 整 Non-repudiation 不 可 否 認 Availability 可 用 性 SI1-3

4 Services Authentication refers to the validation of the identity of an entity, before it is being authorized to access further information and services Confidentiality refers to the protection of information from being disclosed to unauthorized parties Integrity refers to the protection of information from being altered by unauthorized parties Non-repudiation refers to the prevention of message senders or digital signature signers to deny having sent or signed the corresponding digital message Availability refers to the assurance that information is available to authorized parties when requested SI1-4

5 Threats to Hackers Hackers are those who attack computer systems and networks for unauthorized accesses Some of them do so for malicious purposes such as stealing or corrupting data Some of them are just for fun Some of them hack with the goal of strengthening the security of systems and networks SI1-5

6 Threats to Backdoors Backdoors are mechanisms that originally established by system administrators and software manufacturers for convenience or business purposes Allow one to bypass normal authentication and gain access to computer systems Backdoor accesses remain hidden from casual inspection. One may not even know their existence on the computer However, hackers always have their ways to find them out and uses backdoor as a springboard to hack SI1-6

7 Threats to Loopholes loopholes are bugs in software that can be exploited for security attacks Even popular software such as Microsoft Windows cannot totally eliminate loopholes Sometimes, backdoors which are originally benign in nature are exploited by hackers to launch intrusions, and they eventually become security loopholes SI1-7

8 Measures To defense against various security threats, we should Install protection software such as anti-virus programs and personal firewalls Perform regular software updates to block the security loopholes Software manufacturers announce security bugs and release security patches from time to time Pay attention to newly available patches and perform software updates often E.g. Microsoft Central Practice Computer Safety! (Introduce in the rest of this course) SI1-8

9 Issues in Daily Computer and Internet Usage Let s have a brief introduction of Computer Viruses Worms Trojans Spyware Network for Computer Users Spam Adware Phishing SI1-9

10 Computer Viruses Computer viruses are executable codes that hide inside a program and then infect other programs Computer viruses damage our computers in many different ways, such as Deleting files Erasing programs, and Prompting annoying messages They can also replicate themselves without user intervention SI1-10

11 Computer Viruses Symptoms of computer virus infection include (but not limited to) Display of unusual messages or images Reduction of available memory Appearance of unknown programs or files Corrupted files Malfunction of programs and files SI1-11

12 How Computer Viruses Work? First, the virus hides inside a program or file and remains inactive until the infected program is run Once the infected program or file is executed, the virus is run as well It then infects other programs on the computer hard disk by duplicating itself The computer is then inflected SI1-12

13 How Computer Viruses Work? How we get the infected files? We can receive files and programs that are infected by computer viruses in many ways, including Internet downloads, and File transfer through instant messaging SI1-13

14 Trojans Is a special kind of computer virus The name Trojans come from the story of Trojan horse, in which the Greek solders hid inside a hollow wooden structure and thus sneaked through the city walls of Troy In computer security, a Trojan is a program that performs other than what it is expected E.g., a program claims to be a game but instead it creates backdoors for the hackers to gain unauthorized accesses to a computer Unlike general computer viruses, Trojans do not replicate themselves normally SI1-14

15 Worms Worms are another kind of computer viruses Spread directly from computer to computer without any action taken part by the computer users E.g., the Sasser worms that widespread in 2004 automatically scans computers on a network that have a particular Windows security loophole SI1-15

16 What If I Get Infected?! In case we suspect a computer being infected by viruses We should disconnect the computer from the network immediately! Next, run antivirus program to scan the computer for viruses If the computer is infected, the antivirus program will report the found viruses and the corresponding infected files after the virus scanning Usually, antivirus programs try cleaning the found viruses In case the viruses cannot be cleaned, the infected files will be quarantined It is too late to install antivirus programs at time you suspect your computer having been infected by viruses Therefore, antivirus programs should always be installed at the very first beginning SI1-16

17 What If I Get Infected?! Class Activity One Download Virus?! Visit the Website for EICAR Test Virus (a testing virus sample): Click eicar.com What happens? SI1-17

18 What If I Get Infected?! Screen shot (when viruses are found) Has virus SI1-18

19 Software Software that safeguards security and privacy of information and computer systems In particular: Anti-virus programs defend against computer viruses Anti-spyware program defend against spyware and adware Personal firewalls defend against security threats in network connections Nowadays, popular antivirus software provide the above protections all-in-one SI1-19

20 Software Class Activity Two Using Software Go to the following page of the SITC Homepage Run the courseware of the following activities Add a New Scheduled Scan Task Protection from Hacker Set up Schedule for Updates SI1-20

21 Spyware and Adware Not being regarded as computer viruses Yet can be very annoying and dangerous Sometimes being referred to as malware Malware = software that has malicious purposes Computer users often install them unknowingly SI1-21

22 Spyware and Adware Spyware monitors computer users and collect their information E.g. a keyboard monitor spyware program can log every keystroke you type Adware s mission is to show advertisements Usually via pop-up windows or embedded in a webpage SI1-22

23 Spyware and Adware How do we get them? They install themselves onto a computer by exploiting Web browser security loopholes Sometimes come with the freeware that can be freely downloaded from the Web We may get them also when we click unknown hyperlinks out of curiosity We should take precautions similar to those dealing with computer viruses SI1-23

24 Network Internet connection is essential to almost every computer risk also increases SI1-24

25 Packet Sniffing (Not in Exam) Data being transmitted over the network can be read by computer software called Packet Analyzers Client computer Server (e.g. Gmail.com) SI1-25

26 SI1-26

27 Electronic Communication Viruses Are computer viruses that spread by means of s Can spread by duplicating and sending themselves to addresses in the address book of the application Usually exist in form of file attachments Sometimes may spoof sender addresses In March 1999, the Melissa virus forced a number of global companies, including Microsoft, to turn off their turn off their systems completely! SI1-27

28 Electronic Communication Spam Unsolicited junk s from unknown senders Can arrive in a huge volume and can be annoying Why it is bad? Spam occupies Internet and server resources Uses up disk quota Takes extra time from us to wade through a large number of spam s to locate the legitimate ones SI1-28

29 Electronic Communication Dealing with Spam (at Server Side) Most Internet Service Providers have installed Anti-spam programs in their servers E.g. the Anti-Spam and Anti-Virus (ASAV) gateway of ITSC s that are suspected to be spam are put to the quarantine server and are not directly delivered to users boxes SI1-29

30 Electronic Communication Dealing with Spam (at Client Side) Server side anti-spam measures cannot totally remove spam We should take client-side precautions e.g. Do not response to the spam Do not post you and your friends addresses on the Web Avoid including HTML links in your personal homepage Create filter rules in our own applications to filter out unwanted spam s SI1-30

31 Electronic Communication Phishing Is a technique to steal ones important personal information Is usually conducted by s Phishers pretend as organizations such as a bank, send s and ask the recipients to enter personal information, account numbers and passwords to a counterfeit website that looks like that of the real organization Beware! Legitimate organization do not seek clients information in such way SI1-31

32 WWW and PKI Public Key Infrastructure, or PKI in short, is an umbrella term for a set of security technologies based on public key cryptography, e.g.: Digital Certificates Digital Signature Public Key encryption PKI provides security to the World Wide Web as well as computer systems and networks SI1-32

33 Encryption with Public Key Cryptography Suppose Alice wants to send a message to Bob: Encrypt the message with Bob s public key Decrypt the message with Bob s private key Bob has a pair of key: private and public Public Key private Key Public key is known to the public, Private key is kept secret Public Key Private Key SI1-33

34 Digital Signature with PKI With PKI, suppose Alice wants to sign on the message to Bob so that Bob can be assured it is really from Alice: Sign the message with Alice s private key Verify the signature with Alice s public key Public Key For security reason, encryption and signature should use different key pairs Private Key SI1-34

35 Digital Certificate and SSL Public keys are published in WWW by means of digital certificates A digital certificate is an electronic file containing information about the certificate holder and is authorized by the Certificate Authority (CA) Main components on a Digital Certificate Certificate holder s Certificate holder s public key Certificate Authority s digital signature Expiry date SI1-35

36 Digital Certificate and SSL SSL is the abbreviation of Secure Socket Layer Is a communication protocol for providing authentication and confidentiality to Internet traffic Digital certificate is required for communication over SSL When we connect to a Website over SSL We can see a small lock at the lower right hand corner The URL begins with HTTPS instead of HTTP SI1-36

37 (SSL and no SSL) Packets captured during Gmail login SSL-protected (URL begins with HTTPS) No encryption (in early Gmail) SSL Encrypted packet contents This is a secret message and is confidential! SI1-37

38 Policies and Practices security depends much on the safe practices of the computer users Computer users are often regarded as the weakest link in information security Organizations with a large number of computer users often define the Acceptable Use Policy (AUP) AUP is a set of rules that governs the use of organization computers, networks, and the Internet by members within an organization The Chinese University of Hong Kong also has its own AUP for staff and students SI1-38

39 Policies and Practices Practices for Safe Computing Install and always enable anti-virus and anti-spyware programs. Scan all newly downloaded files and attachments before you open or install them Check out and install Windows updates regularly Always enable personal firewalls Set strong and non-trivial passwords, and change the password from time to time Backup files and data regularly Do not share local files or directories by file sharing Disconnect from the Internet and wireless connections when not in use Keep your desktop and laptop computers physically safe SI1-39

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details: Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for

More information

Computer Security and Privacy

Computer Security and Privacy Computer Security and Privacy 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Guidelines for Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures

More information

Spyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc.

Spyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc. Spyware Michael Glenn Technology Management Michael.Glenn@Qwest.com Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References

More information

When you listen to the news, you hear about many different forms of computer infection(s). The most common are:

When you listen to the news, you hear about many different forms of computer infection(s). The most common are: Access to information and entertainment, credit and financial services, products from every corner of the world even to your work is greater than ever. Thanks to the Internet, you can conduct your banking,

More information

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 Understanding Information Security Information Security Information security refers to safeguarding information from misuse and theft,

More information

Don t Fall Victim to Cybercrime:

Don t Fall Victim to Cybercrime: Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

COMPUTER-INTERNET SECURITY. How am I vulnerable?

COMPUTER-INTERNET SECURITY. How am I vulnerable? COMPUTER-INTERNET SECURITY How am I vulnerable? 1 COMPUTER-INTERNET SECURITY Virus Worm Trojan Spyware Adware Messenger Service 2 VIRUS A computer virus is a small program written to alter the way a computer

More information

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

PROTECT YOUR COMPUTER AND YOUR PRIVACY! PROTECT YOUR COMPUTER AND YOUR PRIVACY! Fraud comes in many shapes simple: the loss of both money protecting your computer and Take action and get peace of and sizes, but the outcome is and time. That

More information

How to stay safe online

How to stay safe online How to stay safe online Everyone knows about computer viruses...or at least they think they do. Nearly 30 years ago, the first computer virus was written and since then, millions of viruses and other malware

More information

BE SAFE ONLINE: Lesson Plan

BE SAFE ONLINE: Lesson Plan BE SAFE ONLINE: Lesson Plan Overview Danger lurks online. Web access, social media, computers, tablets and smart phones expose users to the possibility of fraud and identity theft. Learn the steps to take

More information

Infocomm Sec rity is incomplete without U Be aware,

Infocomm Sec rity is incomplete without U Be aware, Infocomm Sec rity is incomplete without U Be aware, responsible secure! HACKER Smack that What you can do with these five online security measures... ANTI-VIRUS SCAMS UPDATE FIREWALL PASSWORD [ 2 ] FASTEN

More information

ViRobot Desktop 5.5. User s Guide

ViRobot Desktop 5.5. User s Guide ViRobot Desktop 5.5 User s Guide ViRobot Desktop 5.5 User s Guide Copyright Notice Copyright 2007 by HAURI Inc. All rights reserved worldwide. No part of this publication or software may be reproduced,

More information

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange The responsibility of safeguarding your personal information starts with you. Your information is critical and it must be protected from unauthorised disclosure, modification or destruction. Here we are

More information

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft) 1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks Security+ Guide to Network Security Fundamentals, Third Edition Chapter 2 Systems Threats and Risks Objectives Describe the different types of software-based attacks List types of hardware attacks Define

More information

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Lee Zelyck Network Administrator Regina Public Library Malware, Spyware, Trojans

More information

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Lab Exercises Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Review Questions 1) In class, we made the distinction between a front-door attack and

More information

WEB SECURITY. Oriana Kondakciu 0054118 Software Engineering 4C03 Project

WEB SECURITY. Oriana Kondakciu 0054118 Software Engineering 4C03 Project WEB SECURITY Oriana Kondakciu 0054118 Software Engineering 4C03 Project The Internet is a collection of networks, in which the web servers construct autonomous systems. The data routing infrastructure

More information

Guideline for Prevention of Spyware and other Potentially Unwanted Software

Guideline for Prevention of Spyware and other Potentially Unwanted Software Guideline for Prevention of Spyware and other Potentially Unwanted Software Introduction Most users are aware of the impact of virus/worm and therefore they have taken measures to protect their computers,

More information

Is your data secure?

Is your data secure? You re not as safe as you think Think for a moment: Where do you keep information about your congregants or donors? In an Excel file on someone s desktop computer? An Access database housed on your laptop?

More information

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003 Lectures 9 Advanced Operating Systems Fundamental Security Computer Systems Administration TE2003 Lecture overview At the end of lecture 9 students can identify, describe and discuss: Main factors while

More information

PC Security and Maintenance

PC Security and Maintenance PC Security and Maintenance by IMRAN GHANI PC Maintenance and Security-Forecast. Major sources of danger. Important steps to protect your PC. PC Security Tools. PC Maintenance Tools. Tips. PC Security-

More information

Malware, Spyware, Adware, Viruses. Gracie White, Scott Black Information Technology Services

Malware, Spyware, Adware, Viruses. Gracie White, Scott Black Information Technology Services Malware, Spyware, Adware, Viruses Gracie White, Scott Black Information Technology Services The average computer user should be aware of potential threats to their computer every time they connect to the

More information

FBLA Cyber Security aligned with Common Core 6.14. FBLA: Cyber Security RST.9-10.4 RST.11-12.4 RST.9-10.4 RST.11-12.4 WHST.9-10.4 WHST.11-12.

FBLA Cyber Security aligned with Common Core 6.14. FBLA: Cyber Security RST.9-10.4 RST.11-12.4 RST.9-10.4 RST.11-12.4 WHST.9-10.4 WHST.11-12. Competency: Defend and Attack (virus, spam, spyware, Trojans, hijackers, worms) 1. Identify basic security risks and issues to computer hardware, software, and data. 2. Define the various virus types and

More information

Chapter 11 Manage Computing Securely, Safely and Ethically. Discovering Computers 2012. Your Interactive Guide to the Digital World

Chapter 11 Manage Computing Securely, Safely and Ethically. Discovering Computers 2012. Your Interactive Guide to the Digital World Chapter 11 Manage Computing Securely, Safely and Ethically Discovering Computers 2012 Your Interactive Guide to the Digital World Objectives Overview Define the term, computer security risks, and briefly

More information

Network Security. Demo: Web browser

Network Security. Demo: Web browser Network Security Demo: Web browser Email Messages An email message can be instantly forwarded around the globe, even if accidentally. Do not write anything in a message that you will later regret! Read

More information

Introduction to Computer Security Table of Contents

Introduction to Computer Security Table of Contents Introduction to Computer Security Table of Contents Introduction... 2 1 - Viruses... 3 Virus Scanners... 3 2 - Spyware... 7 Spyware Scanners... 8 3 - Firewalls... 10 Windows Firewall... 10 4 - References...

More information

Chapter 11 Computers and Society, Security, Privacy, and Ethics

Chapter 11 Computers and Society, Security, Privacy, and Ethics Objectives Computers and Society, Security, Privacy, and Ethics Describe the the types of of computer security risks Identify ways to to safeguard against computer viruses, worms, and and Trojan horses

More information

Malware & Botnets. Botnets

Malware & Botnets. Botnets - 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online

More information

INSTANT MESSAGING SECURITY

INSTANT MESSAGING SECURITY INSTANT MESSAGING SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part

More information

Computer Security Maintenance Information and Self-Check Activities

Computer Security Maintenance Information and Self-Check Activities Computer Security Maintenance Information and Self-Check Activities Overview Unlike what many people think, computers are not designed to be maintenance free. Just like cars they need routine maintenance.

More information

Cyber Security Awareness

Cyber Security Awareness Cyber Security Awareness User IDs and Passwords Home Computer Protection Protecting your Information Firewalls Malicious Code Protection Mobile Computing Security Wireless Security Patching Possible Symptoms

More information

Statistical Analysis of Internet Security Threats. Daniel G. James

Statistical Analysis of Internet Security Threats. Daniel G. James Statistical Analysis of Internet Security Threats Daniel G. James ABSTRACT The purpose of this paper is to analyze the statistics surrounding the most common security threats faced by Internet users. There

More information

Guidelines for E-mail Account Management and Effective E-mail Usage

Guidelines for E-mail Account Management and Effective E-mail Usage Guidelines for E-mail Account Management and Effective E-mail Usage October 2014 Version 1.0 Department of Electronics and Information Technology Ministry of Communications and Information Technology Government

More information

What are Viruses, Trojans, Worms & Spyware:

What are Viruses, Trojans, Worms & Spyware: What are Viruses, Trojans, Worms & Spyware: There are many different types of computer viruses circulating in the cyber world, including regular Computer Viruses, Worms, Trojans, and Spyware. Each is different

More information

Countermeasures against Spyware

Countermeasures against Spyware (2) Countermeasures against Spyware Are you sure your computer is not infected with Spyware? Information-technology Promotion Agency IT Security Center http://www.ipa.go.jp/security/ 1. What is a Spyware?

More information

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/ DB1 Phishing attacks, usually implemented through HTML enabled e-mails, are becoming more common and more sophisticated. As a network manager, how would you go about protecting your users from a phishing

More information

Top tips for improved network security

Top tips for improved network security Top tips for improved network security Network security is beleaguered by malware, spam and security breaches. Some criminal, some malicious, some just annoying but all impeding the smooth running of a

More information

ANTIVIRUS AND SECURITY SOFTWARE

ANTIVIRUS AND SECURITY SOFTWARE Toshiba Security Support ANTIVIRUS AND SECURITY SOFTWARE d ANTIVIRUS AND SECURITY SOFTWARE The purpose of this document is to help users make the most of the security software that comes preloaded on Toshiba

More information

Computers and Society: Security and Privacy

Computers and Society: Security and Privacy 1 Chapter 12 Computers and Society: Security and Privacy 2 Chapter 12 Objectives 3 Computer Security: Risks and Safeguards What is a computer security risk? 4 Computer Security: Risks and Safeguards 1

More information

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0 BCS IT User Syllabus IT for Users Level 2 Version 1.0 June 2009 ITS2.1 System Performance ITS2.1.1 Unwanted messages ITS2.1.2 Malicious ITS2.1.1.1 ITS2.1.1.2 ITS2.1.2.1 ITS2.1.2.2 ITS2.1.2.3 ITS2.1.2.4

More information

Spyware: Securing gateway and endpoint against data theft

Spyware: Securing gateway and endpoint against data theft Spyware: Securing gateway and endpoint against data theft The explosion in spyware has presented businesses with increasing concerns about security issues, from data theft and network damage to reputation

More information

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS $ ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS Boston Private Bank & Trust Company takes great care to safeguard the security of your Online Banking transactions. In addition to our robust security

More information

Cyber Security Awareness

Cyber Security Awareness Cyber Security Awareness William F. Pelgrin Chair Page 1 Introduction Information is a critical asset. Therefore, it must be protected from unauthorized modification, destruction and disclosure. This brochure

More information

Information Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore E-mail:bhu261@gmail.com Outline of Information Security Introduction Impact of information Need

More information

Network Incident Report

Network Incident Report To submit copies of this form via facsimile, please FAX to 202-406-9233. Network Incident Report United States Secret Service Financial Crimes Division Electronic Crimes Branch Telephone: 202-406-5850

More information

Contents. McAfee Internet Security 3

Contents. McAfee Internet Security 3 User Guide i Contents McAfee Internet Security 3 McAfee SecurityCenter... 5 SecurityCenter features... 6 Using SecurityCenter... 7 Fixing or ignoring protection problems... 16 Working with alerts... 21

More information

Internet threats: steps to security for your small business

Internet threats: steps to security for your small business Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

More information

Internet Security. For Home Users

Internet Security. For Home Users Internet Security For Home Users Basic Attacks Malware Social Engineering Password Guessing Physical Theft Improper Disposal Malware Malicious software Computer programs designed to break into and create

More information

Practical guide for secure Christmas shopping. Navid

Practical guide for secure Christmas shopping. Navid Practical guide for secure Christmas shopping Navid 1 CONTENTS 1. Introduction 3 2. Internet risks: Threats to secure transactions 3 3. What criteria should a secure e-commerce page meet?...4 4. What security

More information

Protect your personal data while engaging in IT related activities

Protect your personal data while engaging in IT related activities Protect your personal data while engaging in IT related activities Personal Data (Privacy) Ordinance Six Data Protection Principles Principle 1 purpose and manner of collection of personal data Collection

More information

E-Commerce Security and Fraud Protection CHAPTER 9

E-Commerce Security and Fraud Protection CHAPTER 9 E-Commerce Security and Fraud Protection CHAPTER 9 LEARNING OBJECTIVES 1. Understand the importance and scope of security of information systems for EC. 2. Describe the major concepts and terminology of

More information

Stopping zombies, botnets and other email- and web-borne threats

Stopping zombies, botnets and other email- and web-borne threats Stopping zombies, botnets and other email- and web-borne threats Hijacked computers, or zombies, hide inside networks where they send spam, steal company secrets, and enable other serious crimes. This

More information

High Speed Internet - User Guide. Welcome to. your world.

High Speed Internet - User Guide. Welcome to. your world. High Speed Internet - User Guide Welcome to your world. 1 Welcome to your world :) Thank you for choosing Cogeco High Speed Internet. Welcome to your new High Speed Internet service. When it comes to a

More information

Advice about online security

Advice about online security Advice about online security May 2013 Contents Report a suspicious email or website... 3 Security advice... 5 Genuine DWP contacts... 8 Recognising and reporting phishing and bogus emails... 9 How DWP

More information

Chapter 12 Objectives. Chapter 12 Computers and Society: Security and Privacy

Chapter 12 Objectives. Chapter 12 Computers and Society: Security and Privacy Chapter 12 Objectives Chapter 12 Computers and Society: and Privacy p. 12.2 Identify the various types of security risks that can threaten computers Recognize how a computer virus works and take the necessary

More information

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html

More information

Introduction to Computer Security

Introduction to Computer Security Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer Security is the protection of computing systems and the data that they store or access 3 Why is Computer Security

More information

Remote Deposit Quick Start Guide

Remote Deposit Quick Start Guide Treasury Management Fraud Prevention How to Protect Your Business Remote Deposit Quick Start Guide What s Inside We re committed to the safety of your company s financial information. We want to make you

More information

E-BUSINESS THREATS AND SOLUTIONS

E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-business has forever revolutionized the way business is done. Retail has now a long way from the days of physical transactions that were

More information

Section 12 MUST BE COMPLETED BY: 4/22

Section 12 MUST BE COMPLETED BY: 4/22 Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

The Key to Secure Online Financial Transactions

The Key to Secure Online Financial Transactions Transaction Security The Key to Secure Online Financial Transactions Transferring money, shopping, or paying debts online is no longer a novelty. These days, it s just one of many daily occurrences on

More information

WHITE PAPER. Understanding How File Size Affects Malware Detection

WHITE PAPER. Understanding How File Size Affects Malware Detection WHITE PAPER Understanding How File Size Affects Malware Detection FORTINET Understanding How File Size Affects Malware Detection PAGE 2 Summary Malware normally propagates to users and computers through

More information

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)

More information

Computer Security Literacy

Computer Security Literacy Computer Security Literacy Staying Safe in a Digital World Douglas Jacobson and Joseph Idziorek CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis

More information

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109 K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS v.109 1 The Exchange environment is an important entry point by which a threat or security risk can enter into a network. K7 Mail Security is a complete

More information

Corporate Account Takeover & Information Security Awareness

Corporate Account Takeover & Information Security Awareness Corporate Account Takeover & Information Security Awareness 1 The information contained in this presentation may contain privileged and confidential information. This presentation is for information purposes

More information

Securing your Online Data Transfer with SSL

Securing your Online Data Transfer with SSL Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4. What does

More information

Get Started Guide - PC Tools Internet Security

Get Started Guide - PC Tools Internet Security Get Started Guide - PC Tools Internet Security Table of Contents PC Tools Internet Security... 1 Getting Started with PC Tools Internet Security... 1 Installing... 1 Getting Started... 2 iii PC Tools

More information

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements I n t r o d u c t i o n The Payment Card Industry Data Security Standard (PCI DSS) was developed in 2004 by the PCI Security Standards

More information

Information Security. Louis Morgan, CISSP Information Security Officer

Information Security. Louis Morgan, CISSP Information Security Officer Information Security By Louis Morgan, CISSP Information Security Officer Why Bother with IT Security? Recent estimate - 900 million personal computers worldwide. Computer hackers are out there. How long

More information

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN) MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

More information

Introduction to Computing @ WSU

Introduction to Computing @ WSU Introduction to Computing @ WSU Table of Contents 1 - Information Technology (IT) Security... 2 Information to Remember... 2 2 - Malware... 2 Information to Remember... 3 3 - Firewalls... 3 Information

More information

F-Secure Internet Security 2012

F-Secure Internet Security 2012 F-Secure Internet Security 2012 F-Secure Internet Security 2012 TOC 3 Contents Chapter 1: Getting started...7 How to use automatic updates...8 Check the update status...8 Change the Internet connection

More information

Mifflinburg Bank & Trust. Corporate Account Takeover & Information Security Awareness

Mifflinburg Bank & Trust. Corporate Account Takeover & Information Security Awareness Mifflinburg Bank & Trust Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is

More information

Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application INDEX 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4.

More information

10 Quick Tips to Mobile Security

10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22

More information

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Understanding Digital Certificates and Secure Sockets Layer (SSL) Understanding Digital Certificates and Secure Sockets Layer (SSL) Author: Peter Robinson January 2001 Version 1.1 Copyright 2001-2003 Entrust. All rights reserved. Digital Certificates What are they?

More information

When visiting online banking's sign-on page, your browser establishes a secure session with our server.

When visiting online banking's sign-on page, your browser establishes a secure session with our server. The privacy of communications between you (your browser) and our servers is ensured via encryption. Encryption scrambles messages exchanged between your browser and our online banking server. How Encryption

More information

IRM NEWS CYBER SECURITY AWARENESS FIREWALLS THE GUARDIAN AT THE GATE FLORIDA ATLANTIC UNIVERSITY

IRM NEWS CYBER SECURITY AWARENESS FIREWALLS THE GUARDIAN AT THE GATE FLORIDA ATLANTIC UNIVERSITY FLORIDA ATLANTIC UNIVERSITY IRM NEWS JANUARY 2006 IRM NEWS INSIDE THIS ISSUE: CYBER SECURITY AWARENESS FIREWALLS 1 COMPUTER VIRUSES 2 POP-UPS AND POP- UP BLOCKER ALL ABOUT SPAM 3 YOUR AOL ACCOUNT AND FAU

More information

Ohio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide

Ohio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide Ohio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide Definitions Malware is term meaning malicious software. Malware is software designed to disrupt a computer system.

More information

Fraud Detection and Prevention. Timothy P. Minahan Vice President Government Banking TD Bank

Fraud Detection and Prevention. Timothy P. Minahan Vice President Government Banking TD Bank Fraud Detection and Prevention Timothy P. Minahan Vice President Government Banking TD Bank Prevention vs. Detection Prevention controls are designed to keep fraud from occurring Detection controls are

More information

Corporate Account Takeover & Information Security Awareness

Corporate Account Takeover & Information Security Awareness Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is for information purposes

More information

Security Goals Services

Security Goals Services 1 2 Lecture #8 2008 Freedom from danger, risk, etc.; safety. Something that secures or makes safe; protection; defense. Precautions taken to guard against crime, attack, sabotage, espionage, etc. An assurance;

More information

THE HOME LOAN SAVINGS BANK. Corporate Account Takeover & Information Security Awareness

THE HOME LOAN SAVINGS BANK. Corporate Account Takeover & Information Security Awareness THE HOME LOAN SAVINGS BANK Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is

More information

Network Security and the Small Business

Network Security and the Small Business Network Security and the Small Business Why network security is important for a small business Many small businesses think that they are less likely targets for security attacks as compared to large enterprises,

More information

The Benefits of SSL Content Inspection ABSTRACT

The Benefits of SSL Content Inspection ABSTRACT The Benefits of SSL Content Inspection ABSTRACT SSL encryption is the de-facto encryption technology for delivering secure Web browsing and the benefits it provides is driving the levels of SSL traffic

More information

Why is a strong password important?

Why is a strong password important? Internet Security Why is a strong password important? Identity theft motives: To gain access to resources For the challenge/fun Personal reasons Theft methods Brute forcing and other script hacking methods

More information

Computer Viruses: How to Avoid Infection

Computer Viruses: How to Avoid Infection Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you

More information

Quarterly Report: Symantec Intelligence Quarterly

Quarterly Report: Symantec Intelligence Quarterly Symantec Intelligence Quarterly: Best Practices and Methodologies Quarterly Report: Symantec Intelligence Quarterly Symantec Intelligence Quarterly: Best Practices and Methodologies Contents Symantec

More information

ESET SMART SECURITY 8

ESET SMART SECURITY 8 ESET SMART SECURITY 8 Microsoft Windows 8.1 / 8 / 7 / Vista / XP / Home Server 2003 / Home Server 2011 Quick Start Guide Click here to download the most recent version of this document ESET Smart Security

More information

TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS. Corporate Account Takeover & Information Security Awareness

TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS. Corporate Account Takeover & Information Security Awareness TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This

More information

E-COMMERCE and SECURITY - 1DL018

E-COMMERCE and SECURITY - 1DL018 1 E-COMMERCE and SECURITY - 1DL018 Spring 2009 An introductury course on e-commerce systems alt. http://www.it.uu.se/edu/course/homepage/ehandel/vt09/ Kjell Orsborn Uppsala Database Laboratory Department

More information

Threat Events: Software Attacks (cont.)

Threat Events: Software Attacks (cont.) ROOTKIT stealthy software with root/administrator privileges aims to modify the operation of the OS in order to facilitate a nonstandard or unauthorized functions unlike virus, rootkit s goal is not to

More information

Phishing Scams Security Update Best Practices for General User

Phishing Scams Security Update Best Practices for General User Phishing Scams Security Update Best Practices for General User hishing refers to the malicious attack Pmethod by attackers who imitate legitimate companies in sending emails in order to entice people to

More information

COSC 472 Network Security

COSC 472 Network Security COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html

More information

Basic Security Considerations for Email and Web Browsing

Basic Security Considerations for Email and Web Browsing Basic Security Considerations for Email and Web Browsing There has been a significant increase in spear phishing and other such social engineering attacks via email in the last quarter of 2015, with notable

More information

INTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org

INTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org INTERNET & COMPUTER SECURITY March 20, 2010 Scoville Library ccayne@biblio.org Internet: Computer Password strength Phishing Malware Email scams Identity Theft Viruses Windows updates Browser updates Backup

More information