CH6

avatar
Created by
Shaurya Tyagi

Cards (22)

  • Data Privacy
    The privacy of personal information, or other information stored on a computer, that should not be accessed by unauthorized parties
  • Data Protection Law
    Laws which govern how data should be kept private and secure
  • Data Protection Law Guide
    • Data must be fairly and lawfully processed
    • Data can only be processed for the stated purpose
    • Data must be adequate, relevant, and not excessive
    • Data must be accurate
    • Data must not be kept longer than necessary
    • Data must be processed in accordance with the data subject's right
    • Data must be kept secure
    • Data must not be transferred to another country unless that country also has adequate protection
  • Data Security
    Methods taken to prevent unauthorized access to data and to recover data if lost or corrupted
  • User Accounts
    • Used to authenticate a user (prove the user is who they claim to be)
    • Used on both standalone and networked computers
    • Consist of: Username and password
    • User account control access rights
    • Involves level of access
  • Passwords
    • Restrict access to data or systems
    • Hard to crack and changed frequently to retain security
    • Run anti-spyware to make sure password is not being relayed to whoever is spying
    • Regularly change passwords and make it hard to crack
    • At least one capital
    • At least one numerical
    • At least one symbol
  • Digital Signatures
    A way of identifying the sender of
  • Firewalls
    • Software/hardware that sits between a computer and external network that monitors and filters all incoming and outgoing activities
    • Examine traffic between user's computer and public network
    • Checking whether incoming/outgoing data meets a given set of criteria
    • Prevent access to undesirable sites
    • Cannot protect individuals using their own modems to by-pass the firewall
    • Prevent stand-alone computers from disabling the firewall
  • Antivirus Software
    • Constantly check for virus attack
    • Check software /files before they are run or loaded on computer
    • Compare possible viruses against a database of known viruses
  • AntiSpyware Software
    Detects and removes spyware programs installed illegally on a user's computer system
  • Encryption
    • The use of encryption keys to make data meaningless without the correct decryption key
    • Cannot stop hacker from deleting files, but stop from using the data
  • Biometrics
    • Use of unique human characteristics to identify a user
    • Fingerprint scans, retina scans
  • Hacking
    • Malicious Hacking: Illegal access to a computer system without the user's permission or knowledge
    • Ethical Hacking: Authorized by companies to check their security measures and how robust their computer systems are to resist hacking attacks
  • Malware
    • Viruses: Program or code that can replicate and/or copy themselves with the intention of deleting/corrupting files or causing the computer to malfunction
    • Spyware: Gather information by monitoring key presses and sending them back to the person who sent the software
  • Phishing
    Legitimate looking emails designed to trick a recipient into giving their personal data to the sender of the email
  • Pharming
    • Redirecting a user to a fake website in order to illegally obtain personal data about the user
    • Redirecting can be done using DNS Cache Poisoning
  • Data Integrity
    The accuracy, completeness and consistency of data
  • Validation
    Method used to ensure entered data is reasonable and meets certain input criteria
  • Verification
    Method used to ensure data is correct by using double entry or visual checks
  • Verification during Data Entry
    • Double Entry: Data is entered twice, using 2 different people, and then compared either after data entry or during the data entry process
    • Visual Check: Entered data is compared with the original document
    • Check Digits: An additional digit added to a number, often used in barcodes, ISBNs, and VINs
    • Modulo-11: Method to calculate a check digit based on modulus division by 11
  • Verification During Data Transfer
    • Checksum: Method to check if data has been changed or corrupted following data transmission
    • Parity Check: Check whether data has been changed or corrupted following transmission from one device or medium to another
  • Automatic Repeat Request (ARQ)
    • Uses acknowledgement (a message sent to the receiver indicating that data has been received correctly) and timeout (the time interval allowed to elapse before an acknowledgement is received)
    • When the receiving device detects an error in a data transmission, it asks for the data packet to be re-sent
    • If no error is detected, a positive acknowledgement is sent to the sender
    • The sending device will resend the data package if it receives a request to resend the data or timeout occurred
    • Whole process is continuous until data packet received is correct or until the ARW timeout is reached