Free Essay

Intro to Computer Security

In:

Submitted By hotrod01
Words 803
Pages 4
Name 4 Security Tips that the end user can implement. For this week`s task we have been asked to name four security tips that users can do themselves to help protect their computers. The four security tips that I have selected to discuss are; update Windows software, use strong passwords, run a virus scan on a schedule, and update virus definitions daily.

Describe the goal of each security tip. Windows update should be run to make sure that your computer has the latest patches. These updates are designed to close security holes that have been found in the operating system and hopefully will help guard your computer from getting infected or hacked. Strong passwords can be very helpful in slowing down or even defeating different attack methods of compromising the user`s computer. Users should think of passwords like a lock on their door, a strong password will make a strong lock. A hacker`s software toolkit will most likely include an offline dictionary, this automated program can quickly identify simple and commonly used passwords. Running a scheduled virus scan should be done by anyone who has a computer. If the user is running AVG for their anti-virus it is pretty easy to set up a scheduled scan. The user can just right click the AVG icon in the system tray, select the tools menu > advanced settings > schedules. From here the user can set the day and time for the schedule to run. It can be set to run a scan once a week or each day. This software scans for any viruses or malicious software that could be on the computer. Updating your anti-virus definitions daily will ensure that your computer is protected against viruses. Hackers are creating new threats every day; they are always looking for vulnerabilities in software so they can exploit them. These exploits can lead to identity theft, corruption and even loss of data. Most anti-virus software will try to combat these hackers and release updates to protect your computer.

Describe how each security tip is implemented. To run Windows updates is an easy process to setup. In Windows 7 the user can click the start button and type in Windows updates or they can go to control panel > system security > Windows update. In this window the user can select to install updates automatically (this is the Microsoft recommended setting) and the user can even select the time to install the updates so they do not interfere with the user during working hours. The company should have a policy in place requiring users to create strong passwords. This could be done be enabling password policies on a Windows 2008 server or via a third party software. Either software will let the user see the strength of their password and will not let them create a simple password. Also users should be taught through employee training on how to create a passphrase instead of just a simple password. The anti-virus software is installed on the user`s computer. Most companies will have this software installed and setup by the IT department. Users can go in to the software and verify that a scheduled scan is set to run at least once a week. Some companies will have this scan set to run every day and hopefully after hours so it does not affect the user’s productivity. Much like the Windows updates your anti-virus updates can also be set to automatically check the software vendor’s site and download any new anti-virus definitions. Some anti-virus companies even have hourly updating due to the amount of new threats that are being release on a daily basis.

Describe why each security tip is important. Running Windows updates is important to help protect your computer from security breaches. Microsoft releases these updates to close vulnerabilities in the software. If Microsoft has found these vulnerabilities then you can be sure that hackers have found them too and will use them to exploit your computer. Strong passwords are another effective way to help prevent your data from being compromised. Cybercrimes have been increasing over the past several years and users need to help protect themselves from hackers. Anti-virus software is very important for users and their computers. This software is essential in helping to protect your computer from getting infected with a malicious program that a hacker could use to gain access to data on your computer. Keeping your computer`s anti-virus definitions update is even more important in today`s world. Viruses can spread faster and further than they used to, they use more complex coding, and getting more sophisticated every day. There can be as many as several hundred new threats each day. So keeping your anti-virus up to date is critical in the protection of your computer.

Similar Documents

Premium Essay

Intro to Computer Security

...CSS150 – Introduction to Information Security Phase 5 Individual Project Kenneth A. Crawford Dr. Shawn P. Murray June 23, 2013 Table of Contents Phase 1 Discussion Board 2 3 Phase 1 Individual Project 5 Phase 2 Discussion Board 8 Richmond Investments: Remote Access Policy 8 Phase 2 Individual Project 11 Richmond Investments: LAN-to-WAN, Internet, and Web Surfing Acceptable Use Policy 11 Phase 3 Discussion Board: Blaster Worm 17 Phase 3 Individual Project 19 Phase 4 Individual Project: 4 Methods to Keeping Systems Secure 22 1. Keep all software up to date: 22 2. Surf the web cautiously: 22 3. Be cautious with e-mail: 22 4. Anti-Virus Software: 23 Phase 5 Individual Project: 4 Methods to Keeping Systems Secure 24 1. Firewalls: 24 2. System Backups: 24 3. Passwords: 25 4. File Sharing: 26 References 27 Phase 1 Discussion Board 2 The “Internal Use Only” (IUO) data classification includes all data and information not intended for public access. The best way to describe this classification is all company and client information that we do not want to see in a newspaper or on the internet. Some examples of this are: Client lists, Client account numbers, Human Resource files, Payroll files, E-Mails, and many others. This data classification affects all seven IT domains. The first and most important IT domain that the IUO affects is the “User Domain”. The users have to be taught general security and proper use of the systems they...

Words: 5085 - Pages: 21

Free Essay

Intro to Computer Security

...The History of wool begins long ago, when primitive man for the first time clothed himself in the woolly skins, of the sheep he killed for food. The sheep could be milked (and still is, in many parts of the world).However man soon understood that to kill the sheep for its meat alone was a waste of food and material. Man had realized when the sheep shed its fur the material could be spun and knitted into cloth. Then he became a shepherd with the help of his friend the dog- probably the only animal to be domesticated before the sheep- he soon developed a system for making clothing from the sheep. Man had found a heavy-duty fabric that would offer him protection from heat, cold, wind, and rain. A flexible cloth that could keep him cool in the heat of the day, also warm in the cold of the night. Man had realized that there is no other cloth that could match wool, there was no other material, natural or man-made, has all its potentials. But man learned he can improve wool by selective breeding of sheep and by combining the wool fabrics with such qualities as shrink resistance, mothproofing, shower-proofing and stain-proofing. Science and technology have kept wool in the lead of fabrics, adjusting to modern-day needs without damaging its virtues. Wool is a very big part of Britain's history, more so than any other product ever manufactured in these islands. It was knitted into cloth here in the Bronze Age which began about 1900 BC. Elsewhere in the world, primitive man had domesticated...

Words: 671 - Pages: 3

Premium Essay

Intro to Computer Security Chap 2 Review Questions

...Linda Fernandez Chap 2 Review Questions 1. Why is information security a management problem? What can management do that technology cannot? Both management and IT management are responsible for the protection necessary to secure information. They are the ones who make the decisions regarding the appropriate security system and what level of security will work for the system. 2. Why is data the most important asset an organization possesses? What other assets in the organization require protection? Data is important because it keeps a record of all changes and activity. Without data, the company or organization may fail because they have no records, and therefore be of no good use. 3. Which management groups are responsible for implementing information security to protect the organizations’ ability to function? General Management and IT Management are responsible because it has to be set up for that specific system. If one part fails, then they are the ones to fix it and make it usable 4. Has the implementation of networking technology created more or less risk for businesses that use information technology? Why? Networking has caused more risk for businesses using information technology because it made it much easier for attackers to breach the security systems. They are even more of a target with the internet connection. 5. What is information extortion? Describe how such an attack can cause losses, using an example not found in the text. ...

Words: 1293 - Pages: 6

Free Essay

Swear as Mechanism to Pain

...Chapter 2 OPERATING SYSTEM CONCEPTS SYS-ED/ Computer Education Techniques, Inc. Solaris System Administration: Introduction Operating System Concepts Objectives You will learn: • Operating system components. • Solaris usage of processes. • File management and file systems. • Use of the Solaris Management Console. SYS-ED/COMPUTER EDUCATION TECHNIQUES, INC. (Solaris – System Admin: Intro - 6.5) Ch 2: Page i Solaris System Administration: Introduction 1 Operating System Concepts Operating System: Definition An operating system is the set of programs that controls a computer. The core of the operating system is the kernel. The kernel is a control program that functions in privileged state that allows all hardware instructions to be executed. It reacts to interrupts from external devices and to service requests and traps from processes. The kernel creates and terminates processes and responds to requests for service. Operating systems are resource managers. The main resource is computer hardware in the form of processors, storage, input/output devices, communication devices, and data. Operating system functions include: • Implementing the user interface. • Sharing hardware among users. • Allowing users to share data among themselves. • Preventing users from interfering with one another. • Scheduling resources among users. • Facilitating input/output. • Recovering from errors...

Words: 2421 - Pages: 10

Premium Essay

Cmgt 244 Entire Course

...244 Week #1 DQ 5 CMGT 244 Week #1 DQ 6 WEEK 2 CMGT 244 Week #2 DQ 1 CMGT 244 Week #2 DQ 2 CMGT 244 Week #2 DQ 3 CMGT 244 Week #2 DQ 4 CMGT 244 Week #2 DQ 5 WEEK 3 CMGT 244 Week #3 DQ 1 CMGT 244 Week #3 DQ 2 CMGT 244 Week #3 DQ 3 CMGT 244 Week #3 DQ 4 CMGT 244 Week #3 DQ 5 WEEK 4 CMGT 244 Week #4 DQ 1 CMGT 244 Week #4 DQ 2 CMGT 244 Week #4 DQ 3 CMGT 244 Week #4 DQ 4 WEEK 5 CMGT 244 Week #5 DQ 1 CMGT 244 Week #5 DQ 2 CMGT 244 Week #5 DQ 3 CMGT 244 Week #5 DQ 4 CMGT 244 Week 1 DQs CMGT 244 Week 2 DQs CMGT 244 Week 2 Assignment CMGT 244 Week 3 DQs CMGT 244 Week 3 Assignment Establishing a Secure Computer Room CMGT 244 Week 4 DQs CMGT 244 Week 4 Assignment Intro to OSI Model CMGT 244 Week 5 DQs CMGT 244 Week 5 Final Project Information Security Policy for the Bloom Design Group Paper CMGT 244 Week 5 Information Security Policy for the Bloom Design Group Presentation PPT A++ graded !! CMGT 244 ENTIRE COURSE http://www.homeworkproviders.com/shop/cmgt-244-entire-course/ CMGT 244 ENTIRE COURSE Product Description CMGT 244 Week #1 DQ 1 CMGT 244 Week #1 DQ 2 CMGT 244 Week #1 DQ 3 CMGT 244 Week #1 DQ 4 CMGT 244 Week #1 DQ 5 CMGT 244 Week #1 DQ 6 WEEK 2 CMGT 244 Week #2 DQ 1 CMGT 244 Week #2 DQ 2 CMGT 244 Week #2 DQ 3 CMGT 244 Week #2 DQ 4 CMGT 244 Week #2 DQ 5 WEEK 3 CMGT 244 Week #3 DQ 1 CMGT 244 Week #3 DQ 2 CMGT 244 Week #3 DQ 3 CMGT 244 Week #3 DQ 4 CMGT 244 Week #3 DQ 5 WEEK 4 CMGT 244 Week #4 DQ 1 CMGT 244...

Words: 522 - Pages: 3

Premium Essay

Cmgt 244 Entire Course

...4 CMGT 244 Week #1 DQ 5 CMGT 244 Week #1 DQ 6 WEEK 2 CMGT 244 Week #2 DQ 1 CMGT 244 Week #2 DQ 2 CMGT 244 Week #2 DQ 3 CMGT 244 Week #2 DQ 4 CMGT 244 Week #2 DQ 5 WEEK 3 CMGT 244 Week #3 DQ 1 CMGT 244 Week #3 DQ 2 CMGT 244 Week #3 DQ 3 CMGT 244 Week #3 DQ 4 CMGT 244 Week #3 DQ 5 WEEK 4 CMGT 244 Week #4 DQ 1 CMGT 244 Week #4 DQ 2 CMGT 244 Week #4 DQ 3 CMGT 244 Week #4 DQ 4 WEEK 5 CMGT 244 Week #5 DQ 1 CMGT 244 Week #5 DQ 2 CMGT 244 Week #5 DQ 3 CMGT 244 Week #5 DQ 4 CMGT 244 Week 1 DQs CMGT 244 Week 2 DQs CMGT 244 Week 2 Assignment CMGT 244 Week 3 DQs CMGT 244 Week 3 Assignment Establishing a Secure Computer Room CMGT 244 Week 4 DQs CMGT 244 Week 4 Assignment Intro to OSI Model CMGT 244 Week 5 DQs CMGT 244 Week 5 Final Project Information Security Policy for the Bloom Design Group Paper CMGT 244 Week 5 Information Security Policy for the Bloom Design Group Presentation PPT A++ graded !! CMGT 244 ENTIRE COURSE http://www.homeworkproviders.com/shop/cmgt-244-entire-course/ CMGT 244 ENTIRE COURSE Product Description CMGT 244 Week #1 DQ 1 CMGT 244 Week #1 DQ 2 CMGT 244 Week #1 DQ 3 CMGT 244 Week #1 DQ 4 CMGT 244 Week #1 DQ 5 CMGT 244 Week #1 DQ 6 WEEK 2 CMGT 244 Week #2 DQ 1 CMGT 244 Week #2 DQ 2 CMGT 244 Week #2 DQ 3 CMGT 244 Week #2 DQ 4 CMGT 244 Week #2 DQ 5 WEEK 3 CMGT 244 Week #3 DQ 1 CMGT 244 Week #3 DQ 2 CMGT 244 Week #3 DQ 3 CMGT 244 Week #3 DQ 4 CMGT 244 Week #3 DQ 5 WEEK 4 CMGT...

Words: 532 - Pages: 3

Premium Essay

It/244 Final

...Information Security Policy Gennie Diamond Axia College of University of Phoenix IT/244 – Intro to IT Security October 10, 2010 Executive Summary The goals of this information security policy will be to state the principles and guidelines for protecting the confidentiality, integrity, and availability of sensitive information and resources for XYZ Energy. This policy will set forth requirements for securing the network’s confidential information and data communications infrastructure, in addition to defining detailed policies in the areas of physical security, access control, and network security. Assumptions of the security plan defines physical security at each site for the environment around the network including entry control at each facility, the need and responsibilities of security staff, and issues around security in common areas. Information system security defines workplace protection and guidelines for storage, protection, and maintenance of hardware and network equipment. Access control policies address user enrollment and all network access privileges, along with identification and authentication process policies. Finally, network policies are defined for granting and managing network access while still protecting sensitive company data. Project constraints can include, but are not limited to, availability of resources needed to provide appropriate security for each defined security goal; time restraints for meeting these goals;...

Words: 1790 - Pages: 8

Premium Essay

Computer Network

...11-9-2013 The first point that I will address consist on the multiple dangers that computer networks are exposed, that are in majority done by perpetrators that get access to servers of Windows and Linux to explode their vulnerabilities.. The use of these codes or malware in the form of viruses, worms, time bombs or any peculiar name this individuals use to give to their destructive toys, are a major concern to the protection of confidential information. Data so sensitive that in their majority is composing of identity, credit, and property information so well collected and compiler that is plenty for the creation of a clone of a company or a person. These identity theft atrocities are not limit to the software and information appropriation; also the attacks diminish computer performance, affecting their velocity and cause computers to crash. The CIO should possess a compendium of way’s to defend his network, and a rapid decision capability to take decisions in a short time period. Furthermore, in general terms security; as we can define “ the act of provide a sense or protection against lost, attack or harm”, can use or integrate a complete protection plan. Depending on the resources of the company the integration of a security plan that can integrate “the five pillars of security IT security operation: policy and audit management, access management, infrastructure and hardware security and incident response.” The real world presents to us a different situation, when in like...

Words: 591 - Pages: 3

Premium Essay

It250 Chapter 1 - Intro to Databases

...Databases Chapter 1 – Intro Lab 1.2 1. Nouns: doctors, patients, drugs, side effects. 2. Major Topics: doctor Records, patient medical records, side effects / symptoms, and screening records. Lab 1.3 1. Major Topics: faculty, software, and computers. 2. Draft statement of work that includes scope, objectives, and preliminary timeline: a. Scope – A database with the ability to track faculty and staff computers and software. b. Objectives – Faculty software, version, license agreement, record of computers with software, location of computer, user access to computer, software install / uninstall timestamps, status of the computer. i. Additional: ability to track software requests and software availability. c. Timeline ii. Gathering data – gather records of the school computers and its staff, a list of software purchased and in use, interview and questionnaire information understand the faculty needs. Time: 1.5 weeks. iii. Analyzing data – Understanding the data to create data model. Know the needs of the faculty members and type of software / computers in use to determine business rules. Time: 2 weeks. iv. Normalization – Data modeling; entities and relationships normalized. Time: 2 weeks. v. Building the physical database – Create RDBMS database. Time: 4 days. vi. Testing and security – Testing using sample data. Create user permission for different levels of faculty, block out...

Words: 369 - Pages: 2

Premium Essay

Physical Security Policy

...Associate Level Material Appendix E Physical Security Policy Student Name: xxxxxxxxxxx University of Phoenix IT/244 Intro to IT Security Instructor’s Name: xxxxxxxxx Date: 4.14.13 Physical Security Policy 1 Security of the building facilities 1 Physical entry controls Like we have in our company, everyone must have an ID Swipe card (smart Card), they must swipe the card coming into and going out of the building. These Smart card readers are at every door externally and internally. This is a big help in also identifying who is in the building and at what times. If there is any issue. This is for employees, for non-employees you need to write your name down and only then will you get a visitor’s pass to enter the building. You return you pass when you leave the building. We also have an alarm system at every external door way this includes the windows too. We do not have a fence but do have a security car that travels around the building all thru the night, as well as sensor lights and camera inside and out. 2 Security offices, rooms and facilities We have a few places that are locked down with keypad entrée’s one is the accounting room and the other is the network room. In the network...

Words: 728 - Pages: 3

Premium Essay

Xbrl

...accounting + auditing Intro to XBRL Patricia Francis xbrL Is resHApING tHe FINANcIAL reportING LANDscApe WorLDWIDe, AND LooKs set to Do tHe sAme IN mALAYsIA oNce FuLLY ImpLemeNteD bY LocAL reGuLAtors AND busINesses. Are You xbrL reADY? The objectives of SSM’s SDP II are: • To enhance delivery and improve accuracy of information; • To achieve a standardised and consistent mode of reporting with enhanced analytical capabilities; • To promote data usability and exchange flow with external stakeholders. According to Nor Azimah, SSM also promotes the adoption of XBRL as a nationwide format to be used by key agencies such as the Inland Revenue Board (LHDN), Securities Commission (SC) and Bursa Malaysia and the building of extension taxonomies by the mentioned agencies. The said adoption will provide SSM, other regulators and businesses with detailed data which can be aggregated and made available to stakeholders in the form of industry analysis for industrial benchmarking. The move to XBRL-based reporting is also in line with plans to transform Malaysia into a digital country by 2020, as XBRL reports form part of the digital reporting chain. At the recent Digital Malaysia Press Conference held on 5 July 2012 by the Ministry of Science, Technology and Innovation (MOSTI) along with Multimedia Development Corporation (MDeC), Datuk Badlisham Ghazali, CEO of MDeC told the media that Digital Malaysia will help drive automation and technology adoption to ensure productivity and...

Words: 2550 - Pages: 11

Free Essay

Security Monitoring

...Introduction [Writing suggestion: Avoid using "intro" or "introduction" if this is a subtitle. At the beginning of the essay, the following could be nothing else] One of the biggest concerns in today’s society relates to security in internal IT and e-commerce applications. Security is handled by passing and transactions between client browser and Internet server entering a secure site. The client browser is passed a public key by which transactions between client, and the web is encrypted. The process of monitoring security plays a vital function in any organization’s computer use both internally and externally. Security Organization Within a secure organization the business structure can cover a system of financial control, such as payroll, human resources, inventory, and general ledger vary the variety of agencies of the organization may be enhanced. Vulnerabilities in organizations will diminish, staff may be eliminated and so will duplications of work within departments, monetary information can stay secure, and most customer service may be better. Internal IT Internal IT is a beneficial service such as, compliance with federal and state laws, add valve to an organization’s internal control. Safeguarding the organization assets, and risk management just to name a few, mainly deals with computer applications monitors and manages employee’s activities, for instance it more of a help desk, side services, or a desk-side service infrastructure and application support...

Words: 663 - Pages: 3

Free Essay

Input Controls

...firm’s own information, but that of its customers, employees, and suppliers. In this paper I will be describing four types of input controls, in user interface design, and their primary functions. Input control includes the necessary measures to ensure that input data is correct, complete and secure (Rosenblatt & Shelly, 2012). Some examples of input controls are audit trails, encryption, password security, and data security, just to name a few. Input Controls To begin, audit trails record the source of data each data item, and when that data enters the system (Rosenblatt & Shelly, 2012). It is a series of records of computer events, about an operating system, an application, or user activities (Gopalakrishna, 2000). It is generated by an auditing system that monitors system activity (Gopalakrishna, 2000). Audit trails have many uses in the realm of computer security (Gopalakrishna, 2000). The uses include: 1. Individual Accountability: A users actions are monitored and tracked giving them accountability of their own actions. This deters users from evading security policies and even if they do evade them, they will definitely be held accountable (Gopalakrishna, 2000). 2. Reconstructing Events:  Audit trails can also be used to reconstruct events after a problem has occurred. (Gopalakrishna, 2000). The amount of damage that occurred with an incident can be assessed by reviewing audit trails of system activity to pinpoint how, when, and why the incident...

Words: 821 - Pages: 4

Free Essay

What's in a Name

...what you might not expect is the degree of error necessary to render a financing statement “seriously misleading” under revised Uniform Commercial Code §9-506, thereby rendering it ineffective. The new legal standard, coupled with strict search logic standards being adopted by filing offices are making it much easier to challenge the perfection of a security interest on the basis of minor errors in the debtor’s name. So… "What's in a name? Well, when trying to perfect a security interest under Revised Article 9, “that which we call a rose by any other name definitely does not smell as sweet." INTRO: [PMSI] In today’s economy, selling unsecured on open account may carry significant risk for vendors. However, taking a security interest in the merchandise sold may reduce or eliminate such risk. This type of security interest, called a purchase money security interest or "PMSI", is the most common and important secured transaction under article 9. To obtain a valid PMSI, the debtor must first execute a security agreement giving the vendor a security interest in described merchandise. Then, the vendor perfects the security interest by filing a financing statement with the filing office (generally the Secretary of State). The vendor who takes the proper steps to perfect its PMSI is entitled to the cash proceeds from the sale of its merchandise. [Strong Arm Powers] Section 544(a)(1) of the Bankruptcy Code gives the trustee in bankruptcy the status of a judicial lien...

Words: 1862 - Pages: 8

Free Essay

Computer Ethics

...Computer Ethics Angel L Rivera CIS106020VA016-1146-001 (Intro to Info Technology) Prof MERRITT, JENNIFER 8.7.2014 1-Describe two (2) potential computer ethics issues associated with holding computers hostage. A- Computer Crime: Attacks on Software through Back Doors or Trojan Horses- The intruder creates a malicious code just like they would to create other types of malware. The code is specifically designed to take control of your computer and then hijack all of your files. The files are then placed in an encrypted format so you no longer have access to them. B- Computer Crime: Attacks on People - Sabotage/Destruction of Data
-If you fail to pay, the intruder is capable of creating additional malicious code that will destroy the content of your PC a little bit at a time until you pay up. Another type of ransomware presents itself in the form of a Trojan, which scans all of your PC's directories and drives, and then automatically encrypts all of your files so you cannot access them. The Trojan places the finishing touch on the intrusion by leaving a ransom note. 2-Propose two (2) methods that computer users could use to prevent this type of attack. A- Your best defense is to not click on e-mail attachments from unknown sources and avoid clicking anything in a pop up window that you receive while browsing the Internet. B- Make sure your anti-malware software has the latest and greatest definition files so that it is prepared for the current batch...

Words: 512 - Pages: 3