QuIz 9

 Computer Security and Safety, Ethics, and Privacy

1. Define the term, computer security risks, and briefly describe the types
of cybercrime perpetrators: hacker, cracker, script kiddie, corporate spy,
unethical employee, cyberextortionist, and cyberterrorist. 

Computer security is a branch of computer technology known as Information Security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. 

Cybercrime Perpetrators

Hacker refers to a computer programmer who is able to create usable computer programs where none previously existed. 

Cracker is a variation of hacker , with the analogy equal to a safe cracker. Some individuals use the term cracker in an attempt to differentiate from the honorable computer programmer definition of hacker.

Script kiddy is an individual who executes computer scripts and programs written by others. Their motive is to hack a computer by using someone else’s software. Examples include password decryption programs and automated access utilities. 


Corporate Spy - have excellent computer and networking skills and are hired to break into a specific computer and steal its proprietary data and information.

Unethical employee - break into their employers' computer for a variety of reasons. Some simply want to exploit security weakness.

Cyberextortionist - is someone who uses e-mail as a vehicle for extortion. These perpetrator s send an organization a threatening e-mail message indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization s network - if they are not paid of a sum of money.

Cyber-terrorist - a programmer who breaks into computer systems in order to steal or change or destroy information as a form of cyber-terrorism

2. Describe various types of Internet and network attacks (computer viruses,
worms, Trojan horses, rootkits, botnets, denial of service attacks, back
doors, and spoofing), and identify ways to safeguard against these attacks,
including firewalls, intrusion detection software, and honeypots. 


A computer virus is a potentially damaging program that affects, or infects, a computer negatively by altering the way the computer works without the user's knowledge or permission. 
A worm is a program that copies itself repeatedly, using up resources and possibly shutting down the computer or network.
A Trojan horse is a program that hides within or looks like a legitimate program. 
A root kit is a program that hides in a computer and allows someone from a remote location to take full control of the computer. 
To take precautions against this malware:
1. Do not start a computer with removable media in the drives or ports. 
2. Never open an e-mail attachment unless you are expecting the attachment and it is from a trusted source.
3. Disable macros in documents that are not from a trusted source. 
4. Install an antivirus program and a personal firewall. 
5. Stay informed about any new virus alert or virus hoax. 
6. To defend against a botnet, a denial of service attack, improper use of a back door, and spoofing, users can install a firewall, install intrusion detection software, and set up a honeypot.


3. Discuss techniques to prevent unauthorized computer access and use


Unauthorized access is the use of a computer or network without permission. Unauthorized use is the use of a computer or its data for unapproved or illegal activities. Organizations can take measures such as implementing a written acceptable use policy (AUP), a firewall, intrusion detection software, an access control, and an audit trail. Access controls include a user name and password or passphrase, a CAPTCHA, a possessed object, and a biometric device.

4. Identify safeguards against hardware theft and vandalism 

Hardware theft is the act of stealing computer equipment. Hardware vandalism is the act of defacing or destroying computer equipment. The best preventive measures against hardware theft and vandalism are common sense and a constant awareness of the risk. Physical devices and practical security measures, such as locked doors and windows, can help protect equipment. Passwords, possessed objects, and biometrics can reduce the risk of theft or render a computer useless if it is stolen.

5. Explain the ways software manufacturers protect against software piracy. 

Software piracy is the unauthorized and illegal duplication of copyrighted software. To protect themselves from software piracy, manufacturers issue a license agreement and require product activation.

6. Discuss how encryption works, and explain why it is necessary 

Encryption prevents information theft and unauthorized access by converting readable data into unreadable characters. To read the data, a recipient must decrypt, or decipher, it into a readable form. An encryption algorithm, or cypher, converts readable plaintext into unreadable cipher text. Encryption is used to protect information on the Internet and networks.

7. Discuss the types of devices available that protect computers from
system failure
A system failure is the prolonged malfunction of a computer. A common cause of system failure is an electrical power variation such as noise, an undervoltage, or an overvoltage. A surge protector, also called a surge suppressor, uses special electrical components to smooth out minor noise, provide a stable current flow, and keep an overvoltage from reaching the computer and other electronic equipment. An uninterruptible power supply (UPS) contains surge protection circuits and one or more batteries that can provide power during a temporary loss of power.

8. Explain the options available for backing up computer resources. 

A backup is a duplicate of a file, program, or disk that can be used to restore the file if the original is lost, damaged, or destroyed. Users can opt for a full backup or a selective backup. Some users implement a three-generation backup policy that preserves three copies of important files: the grandparent, the parent, and the child. Others use RAID or continuous backup. Most operating systems and backup devices include a backup program.

9. Identify risks and safeguards associated with wireless communications. 

Wireless access poses additional security risks. Intruders connect to other wireless networks to gain free Internet access or an organization's confidential data. Some individuals intercept and monitor communications as they transmit. Others connect to a network through an unsecured wireless access point (WAP), sometimes using the techniques of war driving or war flying. Some safeguards include firewalls, reconfiguring the WAP, and ensuring equipment uses a wireless security standard, such as Wi-Fi Protected Access (WPA) and 802.11i.

10. Discuss ways to prevent health-related disorders and injuries due to
computer use.
A computer-related repetitive strain injury (RSI) can include tendonitis and carpal tunnel syndrome (CTS). Another health-related condition is eyestrain associated with computer vision syndrome (CVS). To prevent health-related disorders, take frequent breaks, use precautionary exercises and techniques, and use ergonomics when planning the workplace. Computer addiction occurs when the computer consumes someone's entire social life.

11. Recognize issues related to information accuracy, intellectual property
rights, codes of conduct, and green computing. 


Computer ethics govern the use of computers and information systems. Issues in computer ethics include the responsibility for information accuracy and the intellectual property rights to which creators are entitled for their works. An IT (information technology) code of conduct helps determine whether a specific computer action is ethical or unethical. Green computing reduces the electricity and environmental waste while using a computer.

12. Discuss issues surrounding information privacy, including electronic
profiles, cookies, spyware and adware, spam, phishing, privacy laws, social
engineering, employee monitoring, and content filtering.

Information privacy is the right of individuals and companies to deny or restrict the collection and use of information about them. Issues surrounding information privacy include the following. 
An electronic profile combines data about an individual's Web use with data from public sources, which then is sold. 
A cookie is a file that a Web server stores on a computer to collect data about the user. 
Spyware is a program placed on a computer that secretly collects information about the user.
Adware is a program that displays an online advertisement in a banner or pop-up window. 
Spam is an unsolicited e-mail message or newsgroup posting sent to many recipients or newsgroups at once. 
Phishing is a scam in which a perpetrator attempts to obtain personal or financial information. 
The concern about privacy has led to the enactment of many federal and state laws regarding the disclosure of data. As related to the use of computers, social engineering is defined as gaining unauthorized access or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others. Employee monitoring uses computers to observe, record, and review an employee's computer use. Content filtering restricts access to certain materials on the Web. 

QuIz8

quiz8

1. Define the term, database, and explain how a database interacts with data
and information.     A database is an organized collection of data for one or more purposes, usually in digital form.
     InformationDatabase>Collection of data organized in a manner that allows access, retrieval, and use of that data
     Data>Collection of unprocessed items
           •Text
           •Numbers
           •Images
           •Audio
           •Video
    Information•Processed data
                     •Organized
                     •Meaningful
                     •Useful


2. Describe file maintenance techniques (adding records, modifying records,deleting records) and validation techniques.     - File Maintenance  refers to the procedures that keep data current.
     - Adding Records users add new records to a file when they obtain new data Disc
     - Modifying Records users modify a record to correct inaccurate data or update old data
     - Deleting Records When a record no longer is needed, a user deletes it from a file
     - Validation Techniques compares data with a set of rules or values to find out if the data is correct  

3. Discuss the terms character, field, record, and file     - Characters numbers, letters, space, punctuation marks, or other symbols
     - Field is a combination of one or more related characters
     - Record is a group of related fields
     - File is a collection of related records


4. Discuss the functions common to most database management systems:
data dictionary, file retrieval and maintenance, data security, and backup
and recovery.
     Data dictionary contains data about each file in a database and each field within the files.

    Backup - is the copy of the database.A log is a listing of activities that change the contents of the database. 

    Recovery Utility - uses the logs and/or backups to restore the database.

5. Differentiate between a file processing approach and the database
approach.

     File processing approach each department or area within organization has its own set of files.

    Database approach- many programs and users share the data in a database. The database approach reduces data redundancy, improves data integrity, shares data, permits easier access, and reduces development time.A database, however, can be more complex than a file processing system, requiring special training and more computer memory, storage, and processing power. Data in a database also can be more vulnerable than data in file processing system.

     An object-oriented database (OODB) stores data in objects
•Object-oriented databases often use Object Query Language (OQL) to manipulate and retrieve data.    A relational database stores data in tables that consist of rows and columns
        –Each rowhas a primary key
        –Each columnhas a unique name
        •A relationshipis a link    A multidimensional database can store data in more than two dimensions of data
        –Can consolidate data much faster than a relational database


7. Explain how to access Web databases.

     Web database  database you can access through web by filing in a form in a web page.
     A Web database links to a form on a Web page. To access data in a Web database, you fill on the form or enter search text on a Web page. A Web database usually resides on a database server, which is a computer that store and provides access to a database.


8. Define the term, computer security risks, and briefly describe the types
of cybercrime perpetrators: hacker, cracker, script kiddie, corporate spy,
unethical employee, cyberextortionist, and cyberterrorist.

Computer security is a branch of computer technology known as Information Security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. 

     Hacker refers to a computer programmer who is able to create usable computer programs where none previously existed. 

     Cracker is a variation of hacker , with the analogy equal to a safe cracker. Some individuals use the term cracker in an attempt to differentiate from the honorable computer programmer definition of hacker.

     Script kiddy is an individual who executes computer scripts and programs written by others. Their motive is to hack a computer by using someone else’s software. Examples include password decryption programs and automated access utilities.

     Corporate Spy - have excellent computer and networking skills and are hired to break into a specific computer and steal its proprietary data and information.

     Unethical employee - break into their employers' computer for a variety of reasons. Some simply want to exploit security weakness.

     Cyberextortionist - is someone who uses e-mail as a vehicle for extortion. These perpetrator s send an organization a threatening e-mail message indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization s network - if they are not paid of a sum of money.

     Cyber-terrorist - a programmer who breaks into computer systems in order to steal or change or destroy information as a form of cyber-terrorism

9. Identify database design guidelines and discuss the responsibilities of
database analysts and administrators.

     Database Analysts and Database Administrators are responsible for managing and coordinating all database activities.

     Database Analysts (DA) - focuses on the meaning and usage of data. The DA decides on the placement of fields, defines the relationships among data, and identifies user's access privilege.

     Database Administrators (DBA) requires a more technical inside view of the data. The DBA creates and maintains the data dictionary, manages data security, monitors database performance, and checks backup and recovery procedures. 
10. Discuss techniques to prevent unauthorized computer access and use

 

     Operating system and software patches and updates

There is no such thing as perfect software, often a software program may have several issues and could potentially have security vulnerabilities that can leave your computer open to attacks that compromise your computer and your data.

     Software patches, updates, and drivers are made available, often for free, to consumers to help keep a software program and operating systems running properly and secure. If the program you're using does not have any method of checking for updates on its own it is up to you to verify the program is up-to-date. Often this can be done by visiting the web site of the developer who created the program. A listing of third-party companies and links to each of their pages can be found on our third-party support page.

QuIz7

1. Discuss the components required for successful communications.

      Computer communications describes a process in which two or more computers or devices transfer data, instructions, and information. Successful communications requires a sending device that initiates a transmission instruction, a communications device that connects the sending device to a communications channel, acommunications channel on which the data travels, a communications device that connects the communications channel to a receiving device, and a receiving device that accepts the transmission of data, instructions, or information.

2. Identify various sending and receiving devices.

      A sending device initiates the transmission of data, instructions, and information while a receiving device accepts the items transmitted.

      All types of computers and mobile devices serve as sending and receiving devices in a communications system. This includes mainframe computers, servers, desktop computers, notebook computers, Tablet PCs, smart phones, portable media players, and GPS receivers.

3. Describe uses of computer communications.

     Communications technologies include the Internet, Web, e-mail, instant messaging, chat rooms, newsgroups, blogs, wikis, RSS, VoIP, FTP, Web folders, video conferencing, and fax machine or computer fax/modem.  

     Users can send and receive wireless messages to and from smart phones, cell phones, handheld game consoles, and other personal mobile devices using text messaging, wireless instant messaging, picture messaging and video messaging.

     A wireless Internet access point lets people connect wirelessly to the Internet through a wireless Internet access point.

     A hot spot is a wireless network that provides Internet connections to mobile computers and devices.

     A cybercafé is a coffeehouse, restaurant, or other location that provides computers with Internet access.

     A global positioning system (GPS) analyzes signals sent by satellites to determine an earth-based receiver’s geographic location.

4. List advantages of using a network.

>Speed                                   >Cost                          >Security

>Centralized Software Management                               >Resource Sharing

>E-mail                                  >Work group computing 

5. Differentiate among client/server, peer-to-peer, and P2P networks.

       A client/server setup has servers, which are dedicated machines that perform specific functions in the network. A server can be used to manage a network's email (mail server), database (database server), files (file server), printers (print server), or access an anti-virus (security server). 

      A peer-to-peer network setup Simple network that connects fewer than 10 computers. Each computer, or peer, has equal capabilities. 

      P2P is an Internet peer-to-peer network Enables users to connect to each other’s hard disks and exchange files directly.

6. Describe the various network communications standards.

- Network standards defines:

•  Way devices access the medium
•  Speed on different types of networks
•  Types of network technology (cable / wireless)

- Protocols

•  Rules on how devices communicate with each other
•  Data format used
•  Coding Scheme
•  Error Handling
•  Sequencing techniques etc.
•  Hardware / Software Vendors try to meet these guidelines

- ANSI, IEEE

- Standardizing Organization

7. Explain the purpose of communications software.

     - is used to provide remote access to systems and is also    used to exchange messages in text, audio and video format for the purpose of communication. This software sends and receives data over telephone lines through modems. The communication software allows computers in different geographical regions to communicate with each other through terminal emulators, file transfer programs, chat and instant messaging programs.

8. Describe various types of lines for communications over the telephone network.

• PSTN - Worldwide telephone system that handles voice-oriented telephone calls.
• Dial-up line - Temporary connection using telephone line for communications.
• Dedicated line - Always on connection between two communication devices.  
• Five types of digital dedicated lines are ISDN line, DSL, FTTP, T-carrier line and ATM.

9. Describe commonly used communications devices.

- 

Dial-up modem

• A dial-up modem converts digital signals to analog signals and vice versa
• Usually in the form of an adapter card

- DSL Modem / ISDN Modem-Cable Modem

- Router

• Connects computers and transmits data to correct destination on network. 
• 
  

- Cable Modem

•  Sends and receives data over cable television (CATV) network
•  Much faster than dial-up modem or ISDN
•  Sometimes called a broadband modem

- Wireless Modem 

• Allows access to the Web wirelessly from a notebook computer, a smart phone, or other mobile device. 

- Hub or Switch 

Send and receive digital data from DSL(Digital Subscriber Line) / ISDN

QuIz6

1. Define system software and identify the two types of system software.

-  System software refers to the files and programs that make up your computer's operating system. 
      
          2 Types Of System Software
                    >Operating System

                >Utility Program
2. Briefly describe various server operating systems: Windows Server, UNIX,Linux, Solaris, and NetWare.

     Windows Server is a brand name for a group of server operating systems released by Microsoft Corporation. 

     Unix  is amultitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs. 

     Linux refers to the family of Unix-like computer operating systems using the Linux kernel. 
    
     Solaris is a Unix operating system originally developed by Sun Microsystems.

     NetWare is a network operating system developed by Novell, Inc.

3. Summarize the features of several embedded operating systems: Windows Embedded CE, Windows Mobile, Palm OS, iPhone OS, BlackBerry, Google Android, Embedded Linux, and Symbian OS.

    Microsoft Windows CEis an operating system developed  by Microsoft for embedded systems.

      Features Windows Mobile

• Today screen shows the current date, owner information, upcoming appointments, e-mail messages, and tasks. (Home screen in later WM6.5 builds)
• The taskbar shows the current time and the audio volume.
• Office Mobile, a suite of Mobile versions of Microsoft Office applications, including Outlook Mobile.
• Internet Explorer Mobile, an Internet browser developed by Microsoft for Pocket PC and Handheld PC that comes loaded by default with Windows Mobile and Windows CE for Handheld PC.
• Windows Media Player for Windows Mobile.
• Client for PPTP VPNs.
• Internet Connection Sharing (ICS), which in mobile phones allows the phone to make its Internet connection available to computers via USB and Bluetooth.
• File system similar to that of Windows 9x/Windows NT, with support for many of the same file types.
• Ability to multitask.

- Palm OS  is designed for ease of use with a touchscreen-based graphical user interface.

Features:

• Simple, single-tasking environment to allow launching of full screen applications with a basic, common GUI set
• Monochrome or color screens with resolutions up to 480x320 pixel
• Handwriting recognition input system called Graffiti 2
• HotSync technology for data synchronization with desktop computers
• Sound playback and record capabilities
• Simple security model: Device can be locked by password, arbitrary application records can be made private
• TCP/IP network access
• Serial port/USB, infrared, Bluetooth and Wi-Fi connections
• Expansion memory card support
• Defined standard data format for personal information management applications to store calendar, address, task and note entries, accessible by third-party applications.

- iPhone OS Features:

• Multitasking
• Fast App Switching
• Local Notification
• App Folders
• New App E-mail
• iBooks

- Blackberry Features:

• Multi-touch Interface
• Webkit Browser
• Home Screen
• Universal Search
• Context Sensitive Menus
• Social Tools

Google Android Features:

• Handset layouts
• Storage
• Connectivity
• Messaging
• Multiple language support
• Web browser
• Java support
• Media support
• Streaming media support
• Additional hardware support
• Multi-touch
• Bluetooth
• Video calling
• Multitasking
• Tethering
• Screen Capture

4. Explain the purpose of several utility programs: file manager, search utility, image viewer, uninstaller, disk cleanup, disk defragmenter, backup and restore utilities, screen saver,

quiz5

1.      1. Differentiate between storage devices and storage media.

A storage medium is the physical material on which a computer keeps data, instructions, and information. The number of bytes (characters) a storage medium can hold is its capacity. A storage device is the computer hardware that records and/or retrieves items to and from storage media. Writing is the process of transferring items from memory to a storage medium, and reading is the process of transferring these items from a storage medium into memory

       2. Identify the uses of tape, magnetic stripe cards, smart cards, microfilm and microfiche, and enterprise storage.

          Tape is a magnetically coated ribbon of plastic capable of storing large amounts of data and information at a low cost. A tape drive reads and writes data and information on tape. Business users utilize tape most often for long-term storage and backup. A magnetic stripe card is a credit card, entertainment card, bank card, or other similar card with a stripe that contains information identifying you and the card. A magnetic stripe card reader reads the information stored on the stripe. A smart card, which is similar in size to a credit or ATM card, stores data on a thin microprocessor embedded in the card. A smart card reader reads the information on the smart card and updates it if necessary. Microfilm is a 100- to 215-foot roll of film. Microfiche is a small sheet of film, usually about 4 X 6 inches. Microfilm and microfiche reduce the amount of paper firms must handle, are inexpensive, and have the longest life of any storage media. Enterprises use computers, servers, and networks to manage and store huge volumes of data and information. In an enterprise, some storage systems can provide more than 185 TB of storage, and optical disc servers hold hundreds of optical discs.

3. Describe the various types of flash memory storage: solid state drives, memory cards, USB flash drives, and ExpressCard modules.

Flash memory chips are a type of solid state media, which means they consist entirely of electronic components and contain no moving parts. A solid state drive (SSD)memory card is a removable flash memory device that you insert and remove from a slot in a computer, mobile device, or card reader/writer. Common memory cards include CompactFlash (CF), Secure Digital (SD), Secure Digital High Capacity (SDHC), microSD, microSDHC, xD Picture Card, Memory Stick, and Memory Stick Micro (M2). A USB flash drive, sometimes called a thumb drive, is a flash memory storage device that plugs in a port on a computer or mobile device. An ExpressCard module is a removable device that fits in an ExpressCard slot. ExpressCard modules can add memory, storage, communications, or other capabilities to a computer. typically uses flash memory to store data, instructions, and information.

4. Differentiate among various types of optical discs: CDs, archive discs and Picture CDs, DVDs, and Blu-ray Discs.

A CD-ROM, or compact disc read-only memory, is a type of optical disc that uses laser technology to store items. Users can read the contents of standard CD-ROMs but cannot erase or modify their contents. A CD-R (compact disc-recordable) is a multisession disc on which users can record their own items, such as text, graphics, and audio. Each part of a CD-R can be written on only one time, and the disc's contents cannot be erased. A CD-RW (compact disc-rewritable) is an erasable disc that can be written on multiple times. An archive disc stores photos from an online photo center in the jpg file format. A Picture CD is a single-session CD-ROM that stores digital versions of film using the jpg format at a lower resolution than an archive disc. A DVD-ROM (digital versatile disc-read-only memory or digital video disc-read-only memory) is a high capacity optical disc that you can read but not write on or erase. A newer, more expensive DVD format is Blu-ray Disc-ROM (BD-ROM), with higher capacity and better quality than standard DVDs. Many types of recordable and rewritable DVD formats are available. DVD-R and DVD+R are DVD-recordable formats. BD-R is a high-capacity DVD-recordable format. DVD-RW, DVD+RW, and DVD+RAM are rewritable DVD formats that allow users to erase and record multiple times. BD-RE is a high-capacity rewritable DVD format.

5. Summarize the characteristics of ink-jet printers, photo printers, laser printers, multifunction peripherals, thermal printers, mobile printers, label and postage printers, and plotters and large-format printers.

     An ink-jet printer forms characters and graphics by spraying tiny drops of liquid ink onto a piece of paper.

     –

     –

     A

     A multifunction peripheral (MFP) is a single device that prints, scans, copies, and in some cases, faxes.

          –

     A thermal printer generates images by pushing electrically heated pins against the heat-sensitive paper pictures.

     A mobile printer is a small, lightweight, battery-powered printer that allows a mobile user to print from a notebook computer, smart phone, or other mobile device.

A   A label printer is a postage printer prints postage stamps.

 

     A

     A Plotters

     A

Large-format printers create photo-realistic quality color prints on a larger scale.are used to produce high-quality drawings.Postage Printer also can be printed on other types of printers.Sometimes called an all-in-one device photo printer produces color photo-lab-quality.Printers with a higher dpi (dots per inch) produce a higher quality output Color or black-and-white

Quiz 3

1. Describe the four categories of output.

    Answer

Monitors

Flat-screen monitors are more energy efficient than cathode ray-tube monitors. There are two major categories of monitors:

·        -Cathode ray-tube or CRT

·        -Liquid crystal display also known as flat-screen or LCD.

Both measure screen size diagonally and connect to the computer via USB port or a conventional printer cord. The flat-screen monitor uses less power and causes less eye strain.

Speakers and Headphones

Headphones are used to turn your computer into a telephone, stereo, or video game. Part of the sound card system that produces multimedia, speakers and headphones produce audio output. The range of audio equipment available to the average computer user is tailored to Messenger users, gamers, movie and video enthusiasts, and musicians. Most headphones also include a microphone for input as well.

Printers

Modern printers are advanced enough to publish detailed graphic arts and photos. Printers are used to make hard copies of computer output. There are three different kinds of printers.

·      -Dot matrix is the oldest and since it is slow and rather noisy compared to laser and ink-jet printers it is no longer widely used.

·       -Laser printers are the most expensive, but are fast and quiet

·       -Ink jet printers are inexpensive to buy, but the paper and toner consumption makes up for the cheap retail price.

Disks and External Drives

Portable memory sticks may have rendered CDs obsolete as output devices. CDs (which include rewritable CDs, DVDs), floppy disks and external hard drives are used as storage devices for data output. Data can be text, video, audio or graphics files. External memory drives are often portable depending on the size. Both disk drives and CDs can also be used as input devices.

"The things that will destroy us are: politics without principle; pleasure without conscience; wealth without work; knowledge without character; business without morality; science without humanity; and worship without sacrifice."