ANSWERS!!! 9

l1. Define the term, computer security risks, and briefly describe the types
of cybercrime perpetrators: hacker, cracker, script kiddie, corporate spy,
unethical employee, cyberextortionist, and cyberterrorist.

Computer security is a branch of computer technology known as Information Security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. 

Types of Cybercrime Perpetrators

• Hacker refers to a computer programmer who is able to create usable computer programs where none previously existed. 

• Cracker is a variation of hacker, with the analogy equal to a safe cracker. Some individuals use the term cracker in an attempt to differentiate from the honorable computer programmer definition of hacker.

• Script kiddy is an individual who executes computer scripts and programs written by others. Their motive is to hack a computer by using someone else’s software.
  
• Corporate Spy - have excellent computer and networking skills and are hired to break into a specific computer and steal its proprietary data and information.

• Unethical employee - break into their employers' computer for a variety of reasons. Some simply want to exploit security weakness.

• Cyberextortionist - is someone who uses e-mail as a vehicle for extortion. These perpetrator s send an organization a threatening e-mail message indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization s network - if they are not paid of a sum of money.

• Cyber-terrorist - a programmer who breaks into computer systems in order to steal or change or destroy information as a form of cyber-terrorism

2. Describe various types of Internet and network attacks (computer viruses,
worms, Trojan horses, rootkits, botnets, denial of service attacks, back
doors, and spoofing), and identify ways to safeguard against these attacks,
including firewalls, intrusion detection software, and honeypots.

Types of attack

Most attacks are actually performed by automated tools that such people release on the Internet.

• Virus

A virus attempts to install itself on a user's system and to spread directly to other files on that system with the aim that these infected files will be transferred to another machine. A virus relies on users to spread by sharing infected files either directly or via email. Once launched, a virus is completely independent of its creator.

• Worm

A worm is very similar to a virus. The key difference is that a worm attempts to propagate itself without any user involvement. It typically scans other computers for vulnerabilities which it is designed to exploit. When such a machine is identified, the worm will attack that machine, copying over its files and installing itself, so that the process can continue.

• Trojan

Trojans take their name from the trojan horse of Greek mythology.
Computer trojans work in the same way. A game, screen saver or cracked piece of commercial software is given to a victim. The software may appear to work as normal, but its real purpose is to deliver a payload, such as a virus or a root kit.

• Root Kit

A root kit is a piece of software that once installed on a victim's machine opens up a port to allow a hacker to communicate with it and take full control of the system. Root kits are also known as back doors. Some root kits give a hacker even more control of a machine than a victim may have themselves.

The Sub Seven root kit allows an attacker to turn off a victim's monitor, move the mouse and even turn on an installed web cam and watch the victim without their knowledge.

·         Botnets are exploited for various purposes and are controlled via protocols.

• A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users.

Safeguards:
1. Do not start a computer with removable media in the drives or ports.
2. Never open an e-mail attachment unless you are expecting the attachment and it is from a trusted source.
3. Disable macros in documents that are not from a trusted source.
4. Install an antivirus program and a personal firewall.
5. Stay informed about any new virus alert or virus hoax.
6. To defend against a botnet, a denial of service attack, improper use of a back door, and spoofing, users can install a firewall, install intrusion detection software, and set up a honeypot.

3. Discuss techniques to prevent unauthorized computer access and use.

Unauthorized access is the use of a computer or network without permission. Unauthorized use is the use of a computer or its data for unapproved or illegal activities. 
4. Identify safeguards against hardware theft and vandalism.

Hardware theft is the act of stealing computer equipment. Hardware vandalism is the act of defacing or destroying computer equipment. The best preventive measures against hardware theft and vandalism are common sense and a constant awareness of the risk.
5. Explain the ways software manufacturers protect against software piracy.

Software piracy is the unauthorized and illegal duplication of copyrighted software. To protect themselves from software piracy, manufacturers issue a license agreement and require product activation.


6. Discuss how encryption works, and explain why it is necessary.

Encryption is the process of converting readable data into unreadable characters to prevent unauthorized access. You treat encrypted data just like any other data. That is, you can store it or send it in an e - mail message. Encryption prevents information theft and unauthorized access by converting readable data into unreadable characters.


7. Discuss the types of devices available that protect computers from
system failure.


Safeguards Against System Failure
To protect against electrical power variations, use a surge protector. A surge protector uses special electrical components to provide a stable current flow to the computer and other electric equipment. For additional electrical protection, some users connect an uninterruptible power supply to the computer. An uninterruptible power supply (UPS)is a device that contains surge protection circuits and one or more batteries that can provide power during a loss of power.


8. Explain the options available for backing up computer resources.

Data loss caused by a system failure or hardware/software/information theft, computer users should back up files regularly. A backup is a duplicate of a file, program, or disk that can be used if the original is lost, damaged, or destroyed. Thus, to backup a file means to a make a copy of it.
9. Identify risks and safeguards associated with wireless communications.

• A wireless access point (WAP) should be configured so that it does not broadest a network name. The WAP also can be programmed so that only certain devices can access it
•  Wi-Fi Protected Access (WPA) is a security standard that improves on older security standards by authenticating network users and providing more advanced encryption techniques.
•  An 802.11i  network, sometimes called WPA2, the most recent network security standard, conforms to the government's security standards and uses more sophisticated encryption techniques than WPA.

 10. Discuss ways to prevent health-related disorders and injuries due to
computer use.

• A repetitive strain injury (RSI) is an injury or disorder of the muscles, nerves, tendons, ligaments, and joints. Computer-related RSI's include tendonitis and carpal tunnel syndrome. 
• Tendonitis is inflammation of a tendon due to some repeated motion or stress on that tendon.
• Carpal Tunnel Syndrome (CTS) is inflammation of the nerve that connects the forearm to the palm of the wrist. 
• Computer vision syndrome (CVS), you have CVS if you have sore, tired, burning, itching, or dry eyes; blurred or double vision; distance blurred vision after prolonged staring at a display device; headache or sore neck; difficulty shifting focus between a display device and documents; difficulty focusing on the screen image; color fringes or after-image when you look away from the display device; and increased sensitivity to light.

1. Take frequent breaks during the computer session to exercise your hands and arms.
2. To prevent injury due to typing, place a wrist rest between the keyboard and the edge of your desk.
3. To prevent injury while using a mouse, place the mouse at least six inches from the edge of the desk. In this position, your wrist is flat on the desk.
4. Finally, minimize the number of times you switch between the mouse and the keyboard, and avoid using the heel of your hand as a pivot point while typing or using the mouse.

11. Recognize issues related to information accuracy, intellectual property
rights, codes of conduct, and green computing.


Computer ethics govern the use of computers and information systems. Issues in computer ethics include the responsibility for information accuracy and the intellectual property rights to which creators are entitled for their works.

12. Discuss issues surrounding information privacy, including electronic
profiles, cookies, spyware and adware, spam, phishing, privacy laws, social
engineering, employee monitoring, and content filtering.

Information privacy is the right of individuals and companies to deny or restrict the collection and use of information about them. Issues surrounding information privacy include the following.

• An electronic profile combines data about an individual's Web use with data from public sources, which then is sold.
• A cookie is a file that a Web server stores on a computer to collect data about the user.
• Spyware is a program placed on a computer that secretly collects information about the user.
• Adware is a program that displays an online advertisement in a banner or pop-up window.
• Spam is an unsolicited e-mail message or newsgroup posting sent to many recipients or newsgroups at once.
• Phishing is a scam in which a perpetrator attempts to obtain personal or financial information.
• Information privacy laws cover the protection of information on private individuals from intentional or unintentional disclosure or misuse.
• Social engineering is the art of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques.
• Employee monitoring refers to any method of tracking what an employee does while at work.
• Content filtering is the most commonly used group of methods to filter spam.

QUIZ!!! 9

Quiz 9 - Computer Security and Safety, Ethics, and Privacy

1. Define the term, computer security risks, and briefly describe the types
of cybercrime perpetrators: hacker, cracker, script kiddie, corporate spy,
unethical employee, cyberextortionist, and cyberterrorist.

2. Describe various types of Internet and network attacks (computer viruses,
worms, Trojan horses, rootkits, botnets, denial of service attacks, back
doors, and spoofing), and identify ways to safeguard against these attacks,
including firewalls, intrusion detection software, and honeypots.

3. Discuss techniques to prevent unauthorized computer access and use

4. Identify safeguards against hardware theft and vandalism

5. Explain the ways software manufacturers protect against software piracy.

6. Discuss how encryption works, and explain why it is necessary

7. Discuss the types of devices available that protect computers from
system failure

8. Explain the options available for backing up computer resources.

9. Identify risks and safeguards associated with wireless communications.

10. Discuss ways to prevent health-related disorders and injuries due to
computer use.

11. Recognize issues related to information accuracy, intellectual property
rights, codes of conduct, and green computing.

12. Discuss issues surrounding information privacy, including electronic
profiles, cookies, spyware and adware, spam, phishing, privacy laws, social
engineering, employee monitoring, and content filtering.

ANSWERS!!! 8

1. Define the term, database, and explain how a database interacts with data and information.

A database is an organized collection of data for one or more purposes, usually in digital form. The data are typically organized to model relevant aspects of reality, in a way that supports processes requiring this information. A database interacts with data it provides the means to effectively describe specific data structures needed to model an application.

2. Describe file maintenance techniques (adding records, modifying records, deleting records) and validation techniques.

file maintenance technique- refers to the procedures that keep data current. File maintenance procedures include adding records to correct inaccurate data or to update old data with new data, and deleting records when they no longer are needed.

Validation is the process of comparing data with a set of rules or values to find out if the data is correct.

3. Discuss the terms character, field, record, and file.

Character - Eight bits grouped together in a unit form a byte, and each byte represents a single character, which can be a number, letter, space, punctuation mark, or other symbol.

Field - is a combination of one or more related characters and is the smallest unit of data a user accesses.
Record - is a group of related fields.
File - is a collection of related records stored on a storage medium.
4. Discuss the functions common to most database management systems:
data dictionary, file retrieval and maintenance, data security, and backup
and recovery. 
A data dictionary contains data about cache file in the database and cache field within those files.

A DBMS offers several methods to retrieve and maintain data, such as query languages, query by example, forms, and report generators.

Backup - is the copy of the database. A log is a listing of activities that change the contents of the database. 

Recovery Utility - uses the logs and/or backups to restore the database.
5. Differentiate between a file processing approach and the database
approach.

File processing approach - each department or area within an organization has its own set of data files. Two major weaknesses of file processing systems are redundant data and isolated data.

Database approach- many programs and users share the data in a database. The database approach reduces data redundancy, improves data integrity, shares data, permits easier access, and reduces development time.

6. Describe characteristics of relational, object-oriented, and
multidimensional databases.

Relational database- stores data in tables that consists of rows and columns. Each row has a primary key and each column has a unique name.

Object-oriented database (OODB) - stores data in objects; often use an object query language to manipulate and retrieve data.

Multidimensional database-stores data in dimensions; allows users to access and analyze any view of the database data and no standard query language exists.

7. Explain how to access Web databases.

A Web database links to a form on a Web page. To access data in a Web database, you fill on the form or enter search text on a Web page. A Web database usually resides on a database server, which is a computer that store and provides access to a database.
8. Define the term, computer security risks, and briefly describe the types
of cybercrime perpetrators: hacker, cracker, script kiddie, corporate spy,
unethical employee, cyberextortionist, and cyberterrorist.

Computer security is a branch of computer technology known as Information Security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. 

Types of Cybercrime Perpetrators

Hacker refers to a computer programmer who is able to create usable computer programs where none previously existed. 

Cracker is a variation of hacker, with the analogy equal to a safe cracker. Some individuals use the term cracker in an attempt to differentiate from the honorable computer programmer definition of hacker.

Script kiddy is an individual who executes computer scripts and programs written by others. Their motive is to hack a computer by using someone else’s software.
Corporate Spy - have excellent computer and networking skills and are hired to break into a specific computer and steal its proprietary data and information.

Unethical employee - break into their employers' computer for a variety of reasons. Some simply want to exploit security weakness.

Cyberextortionist - is someone who uses e-mail as a vehicle for extortion. These perpetrator s send an organization a threatening e-mail message indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization s network - if they are not paid of a sum of money.

Cyber-terrorist - a programmer who breaks into computer systems in order to steal or change or destroy information as a form of cyber-terrorism

 9. Identify database design guidelines and discuss the responsibilities of
database analysts and administrators.

Database Analysts and Database Administrators are responsible for managing and coordinating all database activities.
Database Analysts (DA) - focuses on the meaning and usage of data. The DA decides on the placement of fields, defines the relationships among data, and identifies user's access privilege.
Database Administrators (DBA) requires a more technical inside view of the data. The DBA creates and maintains the data dictionary, manages data security, monitors database performance, and checks backup and recovery procedures. 

10. Discuss techniques to prevent unauthorized computer access and use

Operating system and software patches and updates

There is no such thing as perfect software, often a software program may have several issues and could potentially have security vulnerabilities that can leave your computer open to attacks that compromise your computer and your data.

Passwords

Make sure a password has been set on computer. Default passwords such as password, root, admin or no password will allow easy access to your computer or your Internet account.

1. Change passwords often.
2. Create a BIOS password.
3. When creating a password, add numbers or other characters to the password to make it more difficult to guess.
4. Do not use sticky notes around your computer to write down passwords. Instead use a password manager.

Get a hardware or software firewall

We highly recommend all computer users have a firewall solution. There are two ways a firewall can protect your computer and network.

Trojans, viruses, spyware, and other malware

Software Trojans, viruses, spyware, and other malware can not only damage or destroy your computer data Internet or even log all your keystrokes to capture sensitive data such as passwords and credit card information. But is also capable of monitoring your computer to learn more about your viewing habits on the

To help protect your computer from these threats we suggest installing a virus protection program as well as a spyware protection program.

Know how to handle e-mails

• Today, e-mail is one of the most popular features on the Internet. Being able to identify threats sent through e-mail can help keep your computer and your personal information safe.

Alternative browser

Before the release of Microsoft Windows XP SP2 and Internet Explorer 7.0, Microsoft Internet Explorer was notorious for security and spyware related issues. Below are a listing of recommend sites to try: 
Gibson Research Corporation - The Gibson Research Corporation, or GRC, is a great location to learn about network security as well as well as test your computer or network for vulnerabilities. 

Hacker Wacker - Another great site with computer security related information, help, and programs to help test your computer and network.

QUIZ 8!!!

1. Define the term, database, and explain how a database interacts with data
and information.

2. Describe file maintenance techniques (adding records, modifying records,
deleting records) and validation techniques.

3. Discuss the terms character, field, record, and file

4. Discuss the functions common to most database management systems:
data dictionary, file retrieval and maintenance, data security, and backup
and recovery.

5. Differentiate between a file processing approach and the database
approach.

6. Describe characteristics of relational, object-oriented, and
multidimensional databases.

7. Explain how to access Web databases.

8. Define the term, computer security risks, and briefly describe the types
of cybercrime perpetrators: hacker, cracker, script kiddie, corporate spy,
unethical employee, cyberextortionist, and cyberterrorist.

9. Identify database design guidelines and discuss the responsibilities of
database analysts and administrators.

10. Discuss techniques to prevent unauthorized computer access and use.

Answers 6

1. Define system software and identify the two types of system software.

• System software is computer software designed to operate the computer hardware and to provide a platform for running application software.

The types of system software are: The computer BIOS and device firmware, which provide basic functionality to operate and control the hardware connected to or built into the computer.

2. Briefly describe various server operating systems: Windows Server, UNIX,Linux, Solaris, and NetWare.

• Windows Server is a brand name for a group of server operating systems released by Microsoft Corporation.
• UNIX operating systems are widely used in servers, workstations, and mobile devices.
• Linux refers to the family of Unix-like computer operating systems using the Linux kernel. Linux can be installed on a wide variety of computer hardware, ranging from mobile phones, tablet computers, routers and video game consoles, to desktop computers, mainframes and supercomputers.
• Solaris is a UNIX operating system originally developed by Sun Microsystems. Solaris supports SPARC-based and x86-based workstations and servers from Sun and other vendors.
• NetWare is a network operating system developed by Novell, Inc. It initially used cooperative multitasking to run various services on a personal computer, with network protocols based on the archetypal Xerox Network Systems stack.

3. Summarize the features of several embedded operating systems: Windows Embedded CE, Windows Mobile, Palm OS, iPhone OS, BlackBerry, Google Android, Embedded Linux, and Symbian OS.

1. Windows CE (now officially known as Windows Embedded Compact and previously also known as Windows Embedded CE) is a distinct operating system rather than a trimmed-down version of desktop Windows. Windows CE is optimized for devices that have minimal storage—a Windows CE kernel may run in under a megabyte of memory.

2.      Windows Mobile for Pocket PC has these standard features:

• Today screen shows the current date, owner information, upcoming appointments, e-mail messages, and tasks.

·        The taskbar shows the current time and the audio volume.

·        Office mobile, a suite of Mobile versions of Microsoft office application, including outlook mobile.

3. Palm OS is designed for ease of use with a touchscreen-based graphical user interface.

·        Simple, single-tasking environment to allow launching of full screen applications  with a basic, common GUI set

·        Monochrome or color screens with resolutions up to 480x320 pixel

4. iOS (known as iPhone OS before June 2010) is apple's mobile operating system.

4. Explain the purpose of several utility programs: file manager, search utility, image viewer, uninstaller, disk cleanup, disk defragmenter, backup and
restore utilities, screen saver, personal firewall, antivirus programs, spyware and adware removers, Internet filters, file compression, media player, disc burning, and personal computer maintenance.

AnSWERS!!! 7

1. Discuss the components required for successful communications.

Computer communications describes a process in which two or more computers or devices transfer data, instructions, and information. Successful communications requires a sending device that initiates a transmission instruction, a communications device that connects the sending device to a communications channel, a communications channel on which the data travels, a communications device that connects the communications channel to a receiving device, and a receiving device that accepts the transmission of data, instructions, or information.

2. Identify various sending and receiving devices.

A sending device initiates the transmission of data, instructions, and information while a receiving device accepts the items transmitted.

All types of computers and mobile devices serve as sending and receiving devices in a communications system. This includes mainframe computers, servers, desktop computers, notebook computers, Tablet PCs, smart phones, portable media players, and GPS receivers.

3. Describe uses of computer communications.

Computer and Communications networks are key infrastructures of the information society with high socio-economic value as they contribute to the correct operations of many critical services (from healthcare to finance and transportation).

4. List advantages of using a network.

• Speed. Sharing and transferring files within Networks are very rapid. Thus saving time, while maintaining the integrity of the files.
• Cost. Individually licensed copies of many popular software programs can be costly. Networkable versions are available at considerable savings.
• Security. Sensitive files and programs on a network are passwords protected or designated as "copy inhibit," so that you do not have to worry about illegal copying of programs.
• Centralized Software Management. Software can be loaded on one computer (the file server) eliminating that need to spend time and energy installing updates and tracking files on independent computers throughout the building.
• Resource Sharing. Resource such as, printer, fax machines and modems can be shared.
• Electronic Mail. E-mail aids in personal and professional communication Electronic mail on a LAN can enable staff to communicate within the building having to leave their desk.
• Flexible Access. Access their files from computers throughout the firm.
• Workgroup Computing. Workgroup software (such as Microsoft BackOffice) allows many users to work on a document or project concurrently.

5. Differentiate among client/server, peer-to-peer, and P2P networks.

On a client/server network, one or more computers acts as a server, sometimes called a host computer, which controls access to network resources and provides a centralized storage area, while the other computers on the network are clients that rely on the server for resources.

6. Describe the various network communications standards.

 Network communication standards are certain rules and specifications framed by standard organizations for manufacturing network hardware and developing network software.

A network standard defines guidelines that specify the way computers access a medium, the type(s) of medium, the speeds on different types of networks, and the type of physical cable or wireless technology used.

7. Explain the purpose of communications software.

• Communications software helps users establish a connection to another computer or network; manages the transmission of data, instructions, and information; and provides an interface for users to communicate with one another.

8. Describe various types of lines for communications over the telephone network.

The telephone network uses dial-up lines or dedicated lines.

·         A dial-up line is a temporary connection that uses one or more analog telephone lines for communications.

·         A dedicated line is an always-on connection established between two communications devices.

9. Describe commonly used communications devices.

• A communications device is hardware capable of transmitting data between a sending device and a receiving device.

10. Discuss different ways to set up a home network.

·         With computers getting cheaper and cheaper these days, it is not uncommon for a household to have more than one PC

·         A home network connects multiple computers and devices in a home. An Ethernet Anetwork connects each computer to a hub with a physical cable.

11. Identify various physical and wireless transmission media.

Transmission media consist of materials or substances capable of carrying one or more signals.

• Physical transmission media use tangible materials to send communications signals. Twisted-pair cable consists of one or more twisted-pair wires bundled together. Coaxial cable consists of a single copper wire surrounded by at least three layers: an insulating material, a woven or braided metal, and a plastic outer coating. Fiber-optic cable consists of thin strands of glass or plastic that use light to transmit signals.
• Wireless transmission media send communications signals through the air or space. Infrared (IR) sends signals using infrared light waves.

QUIZ 7!!!

Communications and Networks

1. Discuss the components required for successful communications.

2. Identify various sending and receiving devices.

3. Describe uses of computer communications.

4. List advantages of using a network.

5. Differentiate among client/server, peer-to-peer, and P2P networks.

6. Describe the various network communications standards.

7. Explain the purpose of communications software.

8. Describe various types of lines for communications over the telephone network.

9. Describe commonly used communications devices.

10. Discuss different ways to set up a home network.

11. Identify various physical and wireless transmission media.