Académique Documents
Professionnel Documents
Culture Documents
Cookie: small files that your browser receives when you visit websites. Cookies enable you
to access websites without having to sign in every time and speed up processing of some
sites. Trade-off: comprise of sensitivesecurity data.
CCleaner: free, open source product that securely removes data including browsing history,
temp files and cookies. Security is substantially improved, but PC is more difficult to use.
Risk management:
Pro-active balance the trade-off between risk and cost – varies between industry e.g.
financial institutions are obvious threats so they must invest heavily into security
safeguards
To make trade-off decisions:
o Create inventory of data and hardware to protect and then evaluate
safeguards relative to the probability of each potential threat
o Understand categories and frequencies of threat
o Decide how much risk to take i.e. which security safeguards to implement
Types of authentication:
What you know – Username and password
What you have – Smartcard: contains microchip that is loaded with identifying data.
Requires PIN to be entered to be authenticated
What you are – Biometric Authentication: fingerprints, facial features and retinal
scans to authenticate users.
Encryption
Encryption: transforming clear text into coded, unintelligible text for secure storage or
communication.
Secure Sockets Layer (SSL)/Transport Layer Security (TLS): a protocol that uses a
combination of public key encryption and symmetric encryption.
Public key encryption: a version of asymmetric encryption used on the Internet where each
site has a public key for encoding messages and a private key for decoding them.
Asymmetric encryption: two keys are used; one to encode and one to decode the message.
Symmetric encryption: same key is used to encode and decode.
Malware protection
Malware: category of software that includes viruses, spyware and adware.
Types of malware:
Virus: computer program that replicates itself
Trojan horse: viruses that masquerade as useful programs or files
Worm: a virus that self-propagates using the Internet. Spreads so quickly that they
overload and crash a network
Spyware: programs installed on a user’s PC without their knowledge or permission.
Resides in the background and observes the user’s actions and keystrokes, monitors
computer activity and reports user’s activities to sponsoring organisations
Adware: similar to spyware, except it doesn’t perform malicious acts. However, it
does watch user activity and produce pop-up ads. Can also change default window
or modify search results
Ransomware: malicious software that blocks access to a system or data until money
is paid to the attacker.
Malware safeguards:
1. Install antivirus and antispyware programs on the computer
2. Set up antimalware programs to scan computer frequently
3. Update malware definitions – patterns that exist in malware code
4. Open email attachments only from known sources
5. Promptly install software updates from legit sources
6. Browse only reputable sites
Data safeguards:
Define data policies
Data rights and responsibilities
Rights enforced by user accounts authenticated by passwords
Data encryption
Backup and recovery procedures
Physical security