WAP v.s WEP: WAP is more secure, all information is encrypted but a hacker can get your information easily from WEP because there is a constant IP address unique to your computer. WAP constantly changes your IP address, making it difficult to hack and steal your information.
If your wireless is not encrypted/protected, YOU are not protected legally. You have left yourself open to an attack on purpose.
Hackers v. Crackers
Hackers – Want to get monetary value from your data
Crackers – Want to crack codes
Spoofing – when you go on somebody’s link and realize that the name on the link is very different. Opens to identify, etc. always hover over links to verify that they match. HTTPS – secure sites. If the site is secure it will be https Sniffer – monitors information on your router, even on compass. (wired, not wireless).
DoS – attack your website so nobody can get on. (*Take your exam early, DoS can happen the day of because of so many attempts to log on at the same time to the same server, etc.) Botnets – your computer being used to attack another computer without your knowledge. #1 Hacker in the world – United States. We are way ahead of the rest of the world (the government is anyway, “national security”).
Number 1 security threat – internal/employees. They have knowledge and don’t have to research who is who. (social engineering – sniffing out information through casual conversation, etc. I am IT and I need your password).
Certified hackers – the ones that are trained to hack but normally follow procedure. Hired by companies to see whether they are secure or not. Paid good amount of money. Ex. Guy walks into the company, receptionist gives him a badge and he says I have to check my flight, can I check something on your computer? She stands to the side and goes around her desk due to social politeness, he puts in flash drive and takes data within five minutes.
Patches – Don’t wait. The patches have a purpose, to fix loopholes that have been found in the software thus far. Legal/Regulatory Requirements – You have to be in compliance and have a back-up.
Electronic evidence – when the police comes into your home they have to have a search warrant, UNLESS you let them in. The minute you allow them in, if they see something they can take it, i.e. your computer. Your computer is exactly like any other type of property. There are specific reasons for search warrants, i.e. bogus checks, computer, etc. Your data in your hard drive can be retrieved in up to 7 layers (FBI) when you delete a file not everything is overridden by other data. Defragmentation does not delete data.
You have to secure your work, to make it difficult don’t do any crime online – it can be captured. When you use a word document they can see the license number of your software. How liable are software companies – (I Agree) = the company is no longer liable. Never download software unless you know the author/company. Freeware – Why would somebody give something to you for free? Hardware controls – IF your physical computer is stolen, all your data is gone. Computer OPS control – be careful of what you do on your computer (download your patches), the websites you visit are implementing spyware/malware/cookies on your computer. Data security controls – encrypted data, even your files on your computer – how do you protect them? Have you backed them up? Administrative – remove guest accounts, give everybody their own accts with passwords, guest is an open door to a hacker
Disaster recovery plans: suppose your hard drive crashes, what will you lose? How will you recreate your data? Reinstall your software/apps? RECOVERY DISKS Business Continuity Plan – in case of disaster, what is your back up plan? You must be able to pick up operating within 3 business days (small...