click below
click below
Normal Size Small Size show me how
CIW~Exam
Lesson 8 Protecting yourself Online
Term | Definition |
---|---|
• SPAM | avoiding o Avoid adding yourself to unwanted mailing lists o Conduct online transactions through secure Web sites o Do not assume that only the intended recipient will read your messages o Be selective when posting information to newsgroups |
• Cookie types: | o persistent o session o first-party o third-party o You can control when and from whom cookies are accepted by specifying the level of privacy you want to maintain o You can view the file content of cookies to see information about the Web site |
• You can configure your browser’s security settings to accept, reject or prompt before accepting: | o ActiveX controls o JavaScript |
• Authentication | – the process of verifying the identity of a user who logs on to a system, or the integrity of transmitted data |
Anonymous logon | – no user name or password are required, and authentication is handled transparently by the browser and server |
Basic authentication | – a user name and password are required, and that information is sent as plain text |
Symmetric (private-key) encryption | – The same key is used to encrypt and decrypt messages |
Asymmetric (public-key) encryption | – Two keys are used to encrypt and decrypt messages: a public key and a private key |
Hash (one-way) encryption | – Uses hashes to verify the integrity of transmitted messages |
Digital certificates | – you must have the proper digital certificate to gain access User names and passwords – used to log on to private and public networks, including the Internet |
Digital signatures | – electronic signatures that verify the identity of the message sender |
Non-repudiation | – digital signatures prove that a transaction or transmission took place; neither the sender nor the receiver can later deny the action |
• Encryption | – the process of converting data into an unreadable form of text |
• Decryption | the process of converting the encrypted data back to its original form |
• Key | a mathematical algorithm |
• Secure Sockets Layer (SSL) | – a protocol for secure exchanges |
• Various protocols in the TCP/IP suite can be made secure by running them over SSL/TLS, including: | o HTTPS o S/FTP o IMAPS o POP3S |
o Virus | – damages computers and networks, often alters files to damage or destroy data |
o Worm | – resides in active memory and replicates itself until an entire disk is full |
o Trojan | – appears to be harmless (such as a computer game) but produces harmful results o Illicit server – installs hidden services on systems |
Client code | – allows remote access to a computer by an attacker |
Server code | – infects destination computer and enables the attacker to control it |
• Corporate IT departments are often the first line of defense against viruses o Common ways to contract viruses: | Receive infected disc/drive from colleague or friend Download infected file Download illicit server attachment |
• Common ways to protect against viruses: | o Do not open e-mail or attachments from unknown senders o Configure browser and e-mail security to highest levels o Use anti-virus software o Keep anti-virus software current o Stay informed about the latest virus threats o Make backup copies o |
• If you receive an attachment you do not recognize: | o Do not open the attachment o Contact the sender to determine whether the attachment is legitimate o If you cannot contact the sender, delete the attachment from the message o Delete the attachment from the Deleted Items folder |
• If you suspect a virus attack: | o Use anti-virus software to remove the virus o If you cannot launch anti-virus software, reboot from a known clean system disk, then launch the anti-virus software o Remove virus from all disks, files and programs o If damage is too extensive, refo |
• Spyware | – an application secretly placed on a user’s system to covertly gather information and relay it to outside parties, usually for advertising purposes |
o Cookies are not spyware because: | The user is aware of their presence The user has the option to disable outside access to cookie information Use spyware detection applications to detect and eliminate spyware |
• Update | – a software upgrade that permanently fixes known bugs and improves software performance |
• Patch | – a temporary bug fix |
• Virus update | – files of virus signature profiles you use to keep your anti-virus software current |
• Typosquatting | – registering a domain name similar to a high-volume site hoping to receive traffic from users seeking the high-volume site who mistakenly enter an incorrect URL in the browser |
• Firewall | – a collection of hardware, software and corporate policies that prevents unauthorized access to or from private networks |
o Use firewalls to: | Prevent unauthorized Internet users from accessing private networks Retain control of proprietary information Prevent unauthorized export of proprietary information Firewalls may prevent access to external e-mail providers or external server |
• Licensing | o To license copyright-protected material, you must obtain permission from the author |
• Trademarks | o To register a trademark, you must contact the appropriate agency in your home country |