Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Security

No description
by

Andrea Santana Santana

on 3 June 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Security

Network Security
Getting familiar with malicious actions
It is important to have access to vast content on the internet such as important information, services and entertainment. But the main problem is that you leave yourself vulnerable to some trouble makers that are waiting to harm you and your computer. Such as viruses, spyware and hackers.
How does a person know if his/her computer is infected?
The problem of viruses, spyware, adware and hackers is that they silently operate for a relatively long period of time in your computer without you knowing. The common symptoms of a virus infection are that your computer works slower than normal, stops responding, crashes and restarts frequently or fails to run normally.

The most common things that change after a computer is hacked:
New programs installed;
Computer passwords have changed;
Increased network activity;
Unknown programs wanting access;
Security programs uninstalled;
The computer starts doing things by itself.
Importance of security and data integrity
Data security deals in keeping data safe. If the data is recovered, stolen, copied or damaged from these computer system then it can lead to serious problems.
Data may get:

Lost or damaged during a system crash.
Corrupted as a result of faulty disk, disk drives or power failure.
Lost by accidentally deleting or overwriting files.
Lost or become corrupted by computer viruses.
Hacked by unauthorized users and deleted or redact.
Destroyed by employees wishing to betray the company in order makes money or as the act of revenge.
How to keep your data safe from accidental damage, human errors and corruption?
Measures that can be taken:

Making regular backups of files.
protecting your computer against viruses by running an anti-virus.
Use a password protected computer.
Safe storage or important files stored on removable disks.
Allowing authorized staff into certain computer areas.
Always logging off or turning terminals off when not in use and if possible locking them by means of physical locks.
Avoiding accidental deletion of files.
Using data encryption techniques.

Computer viruses, spyware and adware
Computer viruses are software programs designed to access your computer without you consent.

Adware are software designed for advertising and changing your computer's configuration.

Spyware is a software designed to collect personal information such as websites you visit.

In this group it also enters "HACKERS", a hacker is someone who attempts to break into computer system.
How hectic could they be?
Viruses can be intentionally destructive. Adware is mainly annoying but spyware can be downright dangerous if it manages to get hold of important information.
Accidental damage
Accidental damage refers to the damage caused unintentionally, like when you delete data while the person is unaware of its consequences. Also damage of data by removing important files without intent. To prevent these damages, a well-organized backup is required.
The main factors are:

Medium-

such as Magnetic tapes, CD-RW, external storage devices and zip drive.
Location-

where the medium should be stored.
Type of backup-

full(all data, program and its features) or partial (the sensitive data changing everyday).
Timings-

at what time should the data be backed up?
Testing-

backups needs to be examined.
Examples of suitable backups
A good example of suitable backups for students are :

Take a copy on to a USB on a regular basis;
Keep an extra copy on a safe place;
Test the backup to ensure that both copies work at school and at home.
<--- Adware
<--- Viruses
Firewall
A internet firewall is a computer program or hardware appliance designed to prevent unauthorized access to private computers or networks. Firewalls screen out viruses, malware and hackers that try to access your computer over the Internet.



A firewall enforces a set of rules governing the flow of the data to and form the outside. Firewalls that are used to protect home computers are usually based on a packet filtering such as, Data packets (small units of information) are admitted or rejected according to the way these rules are configured.
Firewall's logic
Firewalls use 3 types of filtering mechanisms:
Packet filtering or packet purity
Data flow consists of packets of information and firewalls that analyze these packets to take out unwanted packets.

Proxy
Firewalls assume the role of a recipient and it sends it to the node that has requested the information.

Inspection
Firewalls instead of sifting through all the information in the packets, mark key features in all outgoing and request and check for the same matching characteristics in the inflow to decide if it is relevant information.
Firewall rules
They can be customized as your needs, requirements and security levels. You can create or disable firewall filter rules based on conditions such as:

IP Addresses

Blocking off a certain IP address or a range of IP addresses.

Domain names
Only allow certain specific domain names to access your systems or allow only to some specified types of domain names.

Protocols
Firewall can decide which of the systems can allow or it can have access to common protocols such as IP, SMTP, FTP, UDP, ICMP, Telnet or SNMP.

Ports
Blocking ports of servers that are connected to the internet, this will help to maintain the kind of data flow you want to see.


Biometric password
Biometric passwords use hand writing, hand geometry, voice prints, iris structure and vein structure.

Instead of using something you have like a key or something you know like a password, biometrics use your body to identify you.

Biometrics can use
physical characteristics
, such as, your face, fingerprints, etc... They also can use
behavioral characteristics
like your voice, handwriting, etc... For this reasons, many people consider them safer.
Biometric steps
Enrollment
Biometric records basic information about you, like your name or and identification number.
Storage
Most systems don't store the complete image or recording. They analyze your trait and translate it into a code or graph.
Comparison

The next time when you use the system, it compares the trait you present to the information file. Then it will accept or reject hat you are who you claim to be.
Handwriting
Biometric systems don't just look at how you shape each letter; they analyze the act of writing. They examine the pressure you use and the speed and rhythm with which you write. They also record the sequence in which you form letters, like whether you add dots and crosses as you go or after you finish the word.
Unlike the simple shapes of the letters, these traits are very difficult to forge. Even if someone else got a copy of your signature and traced it, the system probably wouldn't accept the forgery.
Hand and finger geometry
Most businesses and schools, rather than high-security facilities, typically use hand and finger geometry readers to authenticate users, not to identify them.

Systems that use hand and finger geometry use a digital camera and light.

Since hands and fingers are less distinctive than finger prints or irises, people are less likely to feel that the system invades their privacy.
However, many people's hands change over time due to injury, changes in weight or arthritis.
Voice prints
To enroll in a voice print system, you either say the exact words or phrases that it requires. or you give an extended sample of your speech so that the computer can identify you no matter which words you say.

The data used in a voice print is a sound spectrogram. This is a graph that shows a sound's frequency on the vertical axis and time on the horizontal axis.
Spectrograms also uses colors or shade of grey to represent the acoustical qualities of sound.
Iris scanning
Is a CCD digital camera that uses both visible and near-infrared light to take a clear, high contrast picture of a person's iris.
The camera focuses automatically or you use a mirror or audible feedback from the system.

When the camera takes a picture, the computer locates:
The center of the pupil

The edge of the pupil

The edge of the iris

The eyelids and the eyelashes

Use of secure locket layer (SSL)
The secure socket layers, encrypt data transmitted via a Web site. If the lock is closed, this means that the data transmitted over the web site is secure, generally by
SSL
. This allows the transmission and collection of private data transmitted over the Web, without worrying about a hacker accessing it.
SSL
uses symmetric and asymmetric encryption algorithms. Symmetric algorithms uses the same key to encrypt and decrypt data. Asymmetric algorithms use a pair of keys. Data encrypted using one key can only be decrypted using the other.
When server authentication is requested,
SSL
uses the following process:

To request a secure page, the client uses
HTTPS
The server sends the client its public key and certificate.
The client checks that the certificate was trusted certificate authority, and that the certificate is related to the contacted site.
The client uses the public key to encrypt a random symmetric encryption key and send it to the server.
The server decrypts the symmetric encryption key using its private key and uses the symmetric key to decrypt the

URL
and
HTTP

data.
The server sends back the requested
HTML

document and
HTTP

data that are encrypted with the symmetric key.
The client decrypts the
HTTP
data and the

HTML
document using the symmetric key and displays the information.
Encryption
Is the translation of data into a secret code. Is the most effective way to achieve
data security
. To read and encrypt data you must have access to a secret key or password that enables you to
decrypt
it.
Unencrypted data is called
plain text
;
encrypted data is referred as

cipher text.
Getting friendly to Symmetric encryption
Is a type of encryption where the same key is used to encrypt the message and to decrypt the message.
This differs to asymmetric (public key) encryption, which uses one key to encrypt the message and another to decrypt the message.
A cryptographic system that uses two keys, a public key known to everyone and a private or secret key known only by the recipient of the message.
Denial of service attacks (DoS)
What is pharming scam?
Pharming is when you are redirected/scam version of a website which may look identical to the website you were trying to view. This is sometimes referred to as page-hijacking or page-jacking. In this scam, the legitimate URL you typed into your browser or te bookmarked link you followed automatically changes and redirects you to fake address, its very similar to the legitimate address.
The fake site will ask you to enter sensitive personal details such as:
Usernames
Passwords
Bank account and credit card numbes
Email addresses
If successful, a pharming scam will most likely lead to intity theft using the personal details you enter into the fake website.
Warning signs
Legitimate websites which ask you to enter sensitive personal details are commonly encrypted to protect your details. This is usually identified by the use of "https:" rather than "http:".

The pharming website will often have a striking resemblance to a legitimate site however the internet address will be slightly different, as may some elements of the visual appearance of the site.

The site may ask you for personal information which the original site didn't, for example an online banking website will usually as you to enter your username and password, however a pharming site may also request your bank account or credit card number.
Protecting yourself
Never provide your personal, credit card or account details online unless you have verified the website is authentic.

You can verify a website's authenticity by looking for "https:" at the beginning of the internet address.

If you know what the correct internet address should be, check the address of the site you are viewing matches and ensure it hasn't changed from what you entered or expected.

Check if the website has a digital certificate. If it has one it will appear as a padlock icon alongside the web address.

Keep your computer programs updated.

Remain cautions when downloading free software from the web as these often carry viruses or malware.

If you think you have provided your account details to a scammer, contact the organization you hold your account with immediately, such as you bank or email provider.
Phishing
Phishing refers to emails that trick people into giving out their personal and banking information; they can also be sent by SMS. These messages seem to come from legitimate businesses, normally banks or other financial institutions or telecommunications providers.
Phishing emails often look genuine and use what look to be genuine internet addresses, they often copy an institution's logo and message format, which is very easy to do.
Warning signs
You receive an email or SMS claiming to be from a financial institution or telecommunication provider. This message seem to be from your bank, service provider or a business you don't have an account with.

The email does not address you by your proper name.

The email might contain typing errors and grammatical mistakes.

The email might claim that your details are needed for a security and maintenance upgrade, to 'verify' your account or to protect you from a fraud threat.
Protecting yourself
Never send money or give credit card or online account details to anyone you do not know and trust.

Do not give out your personal, credit card or online account details over the phone unless you made the call and know that the phone number came from a trusted source.

Do not open suspicius or unsolicited emails(spam).

Do not click on any links in a spam email or open any files attached to them.

Never call a telephone number that your in a spam email or SMS.

Check th website address carefully.

Never enter your personal, credit card or online account information on a website if your are not certain it is genuine.

Never send your personal, credit car or online account details through an email.
A malicious hacker uses a DoS attack to make a computer resource (website, application, e-mail, etc...) stop responding to legitimate users. The malicious hacker does this by commanding a fleet of remotely-controlled computers to send a flood of of network traffic to the target.
Online banking
Most internet banking is automatically conducted over a relatively safe kind of Internet connection called Secure Socket Layers (SSL), a the banks themselves have high security which is rarely breached, but the weak link is your own personal computer, and it's a very weak link indeed.
Most personal computers are sho through with security holes. This is specially true of PC's running Windows. The big problem is that if a hacker breaches the security on your computer, they can access yo Internet bank account through it and pretend that they're you. The bank won't know the difference and you'll find it very difficult to persuade them that somebody else transferred all the money out of your account, even though the transaction was conducted on your computer using your tehone and your Internet connection.
Online shopping
Online shopping can be a convenient and fun activity, provided you take a few precautions to ensure that your information and money stay safe.
Don't shop at a site you're not comfortable- if you feel the site may not be secure, you're probably right.

Never click on links from spam emails to make purchases.

Check the web address to make sure you are on the correct site.

Check that the site is secure.

Use a credit card or an online payment service.

Do not use a public computer to shop online.

Only use a secure connection when you place your order.

Use strong passwords.
BY ANDREA ROJAS
Full transcript