Computer Security and Privacy

Published on January 2017 | Categories: Documents | Downloads: 55 | Comments: 0 | Views: 590
of 112
Download PDF   Embed   Report

Comments

Content

Official Microsoft E-Learning Course
Print Version

2698BE Computer Security and Privacy

MICROSOFT LICENSE TERMS MICROSOFT DIGITAL LITERACY CURRICULUM COURSES
These license terms are an agreement between Microsoft Corporation and you. Please read them. They apply to the Licensed Content named above, which includes the media on which you received it, if any. The terms also apply to any Microsoft • • • • updates, supplements, Internet-based services, and support services

for this Licensed Content, unless other terms accompany those items. If so, those terms apply. BY USING THE LICENSED CONTENT, YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THEM, DO NOT USE THE LICENSED CONTENT. If you comply with these license terms, you have the rights below.
1. DEFINITIONS.

a. b.

“Administrator(s)” means an administrator of an Authorized Learning Center. “Authorized Learning Center(s)” means non-profit (or similarly situated) community technology learning centers (“CTLC(s)”), community centers, or such other entities or venues as Microsoft may designate as authorized for Use of the Microsoft “Digital Literacy Curriculum”. “Authorized Training Session(s)” means those non-commercial training sessions using the Course materials conducted at or by Authorized Learning Centers for training persons in (a) basic computer and information technology skills and/or (b) the use of Microsoft technology, products, or services. Each Authorized Training Session shall provide training on the subject matter of one (1) or more Course(s) or portions thereof. “Course” means one of the courses offered under the Microsoft Digital Literacy Curriculum, each of which provides training on a particular technology subject matter and consists of a learning component and an assessment. “Curriculum” means any materials included in the “Digital Literacy Curriculum”. The Curriculum consists of five Courses, each of which provides training on a particular technology subject matter. “Device(s)” means a single computer, device, workstation, terminal, or other digital electronic or analog device at an Authorized Learning Center. “Document(s)” means the printed or electronic documentation such as assessments, manuals, workbooks, datasheets, and FAQs that may be included in the Licensed Content. “Instructor(s)” means any person who is duly engaged by an Authorized Learning Center to teach or instruct Students in an Authorized Training Session.

c.

d. e. f. g. h.

Course: Computer Security and Privacy

2
© 2007 Microsoft Corporation, All rights reserved.

i. j.

“Instructor Content” means the Licensed Content accompanying these license terms and/or on the Web site that are for use by Instructors and Students, as applicable, solely during an Authorized Training Session. “Licensed Content” means the learning materials for a particular Course that accompany these license terms. The Licensed Content may include, but is not limited to, the following elements: (i) Instructor Content, (ii) Student Course materials, (iii) media elements, (iv) documents, and (v) software. There are different and separate components of the Licensed Content for each Course. “Self-Paced Training” means a Student program of self-training, at a Student’s own pace, without an Instructor, (a) on the subject matter of the Course(s) for the Authorized Training Session for which they are enrolled, using Devices at Authorized Learning Centers, or (b) for the online training sessions using a Course via the Web site and/or a Course that he/she has downloaded from the Web site and/or installed from a CD Using their own personal devices. “Student(s)” means a student duly enrolled for an Authorized Training Session at the location of your Authorized Learning Center or a student accessing the Licensed Content from the Web site for purposes of Self-Paced Training. “Student Content” means the learning materials accompanying these license terms that are for use by Students and Instructors during an Authorized Training Session. Student Content may include courseware files for a Course. “Use” means the non-commercial use of the Licensed Content by a) Students solely to conduct Self-Paced Training and b) Instructors solely to conduct educational classes, labs, or related programs designed to train other Instructors and/or Students in the use of the technology, products, or services related to the subject matter of the Licensed Content and/or concepts related to such technology, products, or services. “Use” under these License Terms shall not include the use of the Licensed Content for general business or commercial purposes. “You” means Authorized Learning Center(s), Administrator(s), Instructor(s), and/or Student(s), as applicable.

k.

l.

m.

n.

o.

p. “Web site” means the Microsoft Web site which hosts the Licensed Content.
2. OVERVIEW.

a. b.

Licensed Content. The Licensed Content includes software, Instructor Content, Student Content, and associated media. License Model. The Licensed Content is licensed on a per copy per Authorized Learning Center location basis, per copy per Instructor basis, and/or on a per Student basis (if a Student accesses and Uses or downloads the Licensed Content from the Web site).

3.

INSTALLATION AND USE RIGHTS. a. Authorized Learning Centers, Administrators, and Instructors. For each Authorized Training Session, you may:

i.

either install individual copies of the relevant Licensed Content on classroom Devices only for use by Students enrolled in and the Instructor delivering the Authorized Training Session, provided that the number of copies in use does not exceed the number of Students enrolled in and the Instructor delivering the Authorized Training Session, OR

ii. install one copy of the relevant Licensed Content on a network server only for access by classroom Devices
and only for use by Students enrolled in and the Instructor delivering the Authorized Training Session, provided that the number of Devices accessing the Licensed Content on such server does not exceed the number of Students enrolled in and the Instructor delivering the Authorized Training Session.

Course: Computer Security and Privacy

3
© 2007 Microsoft Corporation, All rights reserved.

iii. and allow the Students enrolled in and the Instructor delivering the Authorized Training Session to use the
Licensed Content that you install in accordance with (ii) or (ii) above during such Authorized Training Session in accordance with these license terms. For Students’ Self-Paced Training, you may either

i.

install individual copies of the Licensed Content of each Course on classroom Devices to be Used by the Students for Self-Paced Training, provided that the number of copies in Use does not exceed the number of duly enrolled Students for the subject matter of the Course; OR Devices accessing such Licensed Content on such server does not exceed the number of Students enrolled for the subject matter of the Course, and provided further that such Authorized Learning Center provides a monitor in the classrooms in which the Licensed Content is installed during such times as the Authorized Learning Center allows Students to participate in Self-Paced Training.

ii. install one copy of the Licensed Content of each Course on a network server, provided that the number of

b.

Instructors: Instructors may:

i.

Use the Licensed Content that you install or that is installed by an Authorized Learning Center or Administrator on a classroom Device to deliver an Authorized Training Session;

ii. and also Use a copy of the Licensed Content as follows: A.
Licensed Device. The licensed device is the device on which you Use the Licensed Content. You may install and Use one copy of the Licensed Content on the licensed device solely for your own personal training Use and for preparation of an Authorized Training Session. Portable Device. You may install another copy on a portable device solely for your own personal training Use and for preparation of an Authorized Training Session.

B.

c.

Students: Students may:

i. Web Site Use. You may access and use one copy of the Licensed Content via the Web site only for your
personal training and reference use.

ii. and also Use a copy of the Licensed Content as follows: A.
Licensed Device. The licensed device is the device on which you Use the Licensed Content. You may download, install and Use, only for your personal training and reference use, one copy of the Licensed Content on the licensed device. Portable Device. You may install another copy on a portable device for Use by the single primary user of the licensed device, only for such primary user’s personal training and reference use.

B.

Separation of Components. The components of the Licensed Content are licensed as a single unit. You may not separate the components and install them on different devices. Third Party Programs. The Licensed Content may contain third party programs. These license terms will apply to the use of those third party programs, unless other terms accompany those programs. 4. ADDITIONAL LICENSING REQUIREMENTS AND/OR USE RIGHTS.

a. b.

Media Elements and Templates. Instructors and Students may Use images, clip art, animations, sounds, music, shapes, video clips and templates provided with the Licensed Content solely in an Authorized Training Session. Use and Reproduction of Documents.

i.

Authorized Learning Centers, Administrators, and Instructors.

Course: Computer Security and Privacy

4
© 2007 Microsoft Corporation, All rights reserved.

Provided you comply with the terms of this agreement, you may print and/or reproduce a print version of (i) any Documents, or portions thereof, and/or (ii) the Course materials, or portions thereof, including reproduce a print version of the Course materials in their entirety. If you choose to reproduce the Document and/or Course materials, you agree that: A. B. C. Such Documents or Course materials will be solely for Use in Authorized Training Sessions. The Documents and/or Course materials will not be republished or posted on any network computer (except as expressly allowed in Section 3.3(a) above) or broadcast in any media. Copies of the Documents, or portions thereof, will only be distributed to Students and Instructors for the subject matter of the Course for which Student is enrolled or for which Instructor is providing training, respectively. Print versions of Course materials in their entirety, or portions thereof, will only be distributed to Instructors for the subject matter of the Course for which Instructor is providing training and/or to Students for the subject matter of the Course for which the Student is enrolled. Any reproduction will include either the Course materials’ and/or Document’s original copyright notice or if no such copyright notice appears on the Document, a copyright notice to Microsoft’s benefit substantially in the format provided below.

D.

E.

ii.

Students. Provided you comply with the terms of this agreement, you may print and copy any Documents, or portions thereof, or the Course materials, or portions thereof. If you choose to reproduce the Document and/or Course materials, you agree that: A. B. C. You will use such printed Documents and/or portions of Course materials only in conjunction with your personal training use. You will not republish, post, broadcast, or transmit the Documents or Course materials to others or on a network. You will include on each copy the Course materials’ and/or Document’s original copyright and trademark notices or a notice reading substantially as follows:

Form of Notice: “© 2007. Reprinted with permission by Microsoft Corporation. All rights reserved. Permission is granted to reproduce materials contained herein on the condition that such material be reproduced solely for use in conjunction with the Microsoft Digital Literacy Curriculum; and be provided to students and instructors as set forth in the Microsoft Corporation License Terms accompanying this Course. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the US and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners.”

c.

Use of Instructor Content and Modifications to Licensed Content. For each Authorized Training Session, Authorized Learning Centers may allow Instructors to customize the Instructor Content, and Instructors and/or Administrators to customize the Student Content. Only Instructors may customize and reproduce, in accordance with this agreement, those portions of the Licensed Content that are logically associated with instruction of such Authorized Training Session. If you elect to exercise the foregoing rights, you will ensure that each Instructor or Administrator making such modifications agrees: (a) that any of these customizations or modifications will only be used for providing the relevant Authorized Training Session and (b) to comply with all other terms and conditions of this agreement. For the Courses that are used in an Authorized Training Session, i. Instructors may do the following:

customize or modify the Instructor Content (“modified version”) included with the Courses and use it to teach the Training Sessions that relate to that content and the subject matter of the Course. ii. Instructors and Administrators may do the following:

Course: Computer Security and Privacy

5
© 2007 Microsoft Corporation, All rights reserved.

1.

make modified versions of those portions of the Student Content provided in Microsoft Word format provided that the modified versions: 1. will be used only for Instructor’s personal training or for providing an Authorized Training Session, are clearly identified as being modified and not state or imply that Microsoft authored or endorsed them, are not obscene, scandalous, or otherwise offensive, will be technically and grammatically accurate, the rights to modified versions are not transferred or assigned to any third party (other than as expressly allowed for Instructors in item 4.c.ii.B(3) below) without the express written permission of Microsoft, may only be distributed to Students enrolled in an Authorized Training Session, or to other Instructors who a. provide training on the subject matter of the Course that is the subject matter of the modified version and are duly engaged as Instructors at the Authorized Learning Center.

2. 3. 4. 5.

6.

b.
2.

reproduce, use, and distribute print versions of the modified versions, or portions thereof; however such print versions may only be: 1. 2. 3. used in an Authorized Training Session, given to Students enrolled in and participating in the Authorized Training Session that is the subject matter of the Course, given to other Instructors who teach the same Course at the Authorized Learning Center.

INTERNET-BASED SERVICES. Microsoft may provide Internet-based services with the Licensed Content. It may change or cancel them at any time. You may not use these services in any way that could harm them or impair anyone else’s use of them. You may not use the services to try to gain unauthorized access to any service, data, account or network by any means.

5.

SCOPE OF LICENSE. The Licensed Content is licensed, not sold. This agreement only gives you some rights to use the Licensed Content. Microsoft reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the Licensed Content only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the Licensed Content that only allow you to use it in certain ways. You may not • install more copies of the Licensed Content on classroom Devices than the number of Students and the Instructor in the Authorized Training Session; allow more classroom Devices to access the server than the number of Students enrolled in and the Instructor delivering the Authorized Training Session if the Licensed Content is installed on a network server; copy or reproduce the Licensed Content to any server or location for further reproduction or distribution; work around any technical limitations in the Licensed Content; reverse engineer, decompile or disassemble the Licensed Content, except and only to the extent that applicable law expressly permits, despite this limitation; make more copies of the Licensed Content than specified in this agreement or allowed by applicable law, despite this limitation;



• • •



Course: Computer Security and Privacy

6
© 2007 Microsoft Corporation, All rights reserved.



distribute more printed copies of the Licensed Content than specified in this agreement or allowed by applicable law, despite this limitation; make any modifications to the Licensed Content except as provided in this agreement; publish the Licensed Content for others to copy; transfer the Licensed Content, in whole or in part, to a third party; rent, lease or lend the Licensed Content; or use the Licensed Content for commercial hosting services or general business purposes.

• • • • •

7.

EXPORT RESTRICTIONS. The Licensed Content is subject to United States export laws and regulations. You must comply with all domestic and international export laws and regulations that apply to the Licensed Content. These laws include restrictions on destinations, end users and end use. For additional information, see www.microsoft.com/exporting. NOT FOR RESALE SOFTWARE/LICENSED CONTENT. You may not sell software or Licensed Content marked as “NFR” or “Not for Resale” and/or provided at no charge to you. UPGRADE. If the Licensed Content is marked as an upgrade version, you may use it only if you have a license to use the Licensed Content eligible for upgrade. If you upgrade, this Licensed Content takes the place of the earlier version, and this agreement takes the place of the agreement for that earlier version. You may not use the earlier version after you upgrade. Without prejudice to any other rights, Microsoft may terminate this agreement if you fail to comply with the terms and conditions of these license terms. Upon any termination of this agreement, you must destroy all copies of the Licensed Content and all of its component parts. Contact [email protected] for support services for the Licensed Content.

8. 9.

10. TERMINATION.

11. SUPPORT SERVICES. 12. ENTIRE AGREEMENT.
13. APPLICABLE LAW.

This agreement, and the terms for supplements, updates, Internet-based services and support services that you use, are the entire agreement for the Licensed Content and support services.

a.

United States. If you acquired the Licensed Content in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort. Outside the United States. If you acquired the Licensed Content in any other country, the laws of that country apply.

b.

14. LEGAL EFFECT.

This agreement describes certain legal rights. You may have other rights under the laws of your country. You may also have rights with respect to the party from whom you acquired the Licensed Content. This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so. The Licensed Content is licensed “as-is.” You bear the risk of using it. Microsoft gives no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this agreement cannot change. To the extent permitted under your local laws, Microsoft excludes the implied warranties of merchantability, fitness for a particular purpose and noninfringement.

15. DISCLAIMER OF WARRANTY.

Course: Computer Security and Privacy

7
© 2007 Microsoft Corporation, All rights reserved.

16. LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES.

YOU CAN RECOVER FROM MICROSOFT AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP TO U.S. $5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES.

This limitation applies to • anything related to the Licensed Content, software, services, content (including code) on third party Internet sites, or third party programs; and claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law. It also applies even if Microsoft knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages. Please note: As this Licensed Content is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French. Remarque : Ce le contenu sous licence étant distribué au Québec, Canada, certaines des clauses dans ce contrat sont fournies ci-dessous en français. EXONÉRATION DE GARANTIE. Le contenu sous licence visé par une licence est offert « tel quel ». Toute utilisation de ce contenu sous licence est à votre seule risque et péril. Microsoft n’accorde aucune autre garantie expresse. Vous pouvez bénéficier de droits additionnels en vertu du droit local sur la protection dues consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties implicites de qualité marchande, d’adéquation à un usage particulier et d’absence de contrefaçon sont exclues. LIMITATION DES DOMMAGES-INTÉRÊTS ET EXCLUSION DE RESPONSABILITÉ POUR LES DOMMAGES. Vous pouvez obtenir de Microsoft et de ses fournisseurs une indemnisation en cas de dommages directs uniquement à hauteur de 5,00 $ US. Vous ne pouvez prétendre à aucune indemnisation pour les autres dommages, y compris les dommages spéciaux, indirects ou accessoires et pertes de bénéfices. Cette limitation concerne: • tout ce qui est relié au le contenu sous licence, aux services ou au contenu (y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers ; et les réclamations au titre de violation de contrat ou de garantie, ou au titre de responsabilité stricte, de négligence ou d’une autre faute dans la limite autorisée par la loi en vigueur.





Elle s’applique également, même si Microsoft connaissait ou devrait connaître l’éventualité d’un tel dommage. Si votre pays n’autorise pas l’exclusion ou la limitation de responsabilité pour les dommages indirects, accessoires ou de quelque nature que ce soit, il se peut que la limitation ou l’exclusion ci-dessus ne s’appliquera pas à votre égard. EFFET JURIDIQUE. Le présent contrat décrit certains droits juridiques. Vous pourriez avoir d’autres droits prévus par les lois de votre pays. Le présent contrat ne modifie pas les droits que vous confèrent les lois de votre pays si celles-ci ne le permettent pas.

Course: Computer Security and Privacy

8
© 2007 Microsoft Corporation, All rights reserved.

Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.

The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links are provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.

© 2007 Microsoft Corporation. All rights reserved. Microsoft, Access, BitLocker, Encarta, Excel, Expression, Hotmail, Internet Explorer, MSN, PowerPoint, Silverlight, Windows, Windows Live, Windows Media, Windows Vista, Xbox, and Xbox360 are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All other trademarks are property of their respective owners.

Course: Computer Security and Privacy

9
© 2007 Microsoft Corporation, All rights reserved.

Table of Contents

Course Overview Course Information Module 1: Computer Security and Privacy Introduction to Computer Security and Privacy Protecting Your Computer Protecting Your Family from Security Threats Keeping Your Computer Secure and Updated Computer Ethics Module Summary Glossary

Course: Computer Security and Privacy

10
© 2007 Microsoft Corporation, All rights reserved.

Course Information
This course gives you an overview of computer privacy and security. You learn about the types of threats to your computer, and how to protect your computer from these threats. You also learn about the ethical challenges that the computer and the Internet present, along with the legal concerns of information exchange.
Course Details Description

Audience Description Prerequisites

This course is intended for anyone who wants to acquire digital literacy skills.

Students should have basic reading and comprehension skills at the level required to read a local newspaper. Students should have completed the first course on Computer Basics, or have equivalent computer skills.

Course Objectives

After completing this course, you will be able to: • • Explain the primary risks to both hardware and data from accident, device failure, the environment, human error, and malicious acts. Take steps to minimize such risks.

Course: Computer Security and Privacy

11
© 2007 Microsoft Corporation, All rights reserved.

Module 1
Computer Security and Privacy

Module Contents Introduction to Computer Security and Privacy Protecting Your Computer Protecting Your Family from Security Threats Keeping Your Computer Secure and Updated Computer Ethics Module Summary

Course: Computer Security and Privacy

12
© 2007 Microsoft Corporation, All rights reserved.

Module Introduction
Like any other electronic device, your computer is at risk from damages caused by accident or by intention. Some of these damages can be permanent. You can prevent your computer hardware, software, and the data stored on it from a number of damages by taking certain preventive measures. This module helps you to identify the various threats to your computer and the data stored on it. You will explore how to protect your computer from these threats by taking some preventive measures. Finally, the module explains the ethical and legal issues related to Internet usage.

Module Objectives
After completing this module, you will be able to: • • • • • Explain computer security and privacy and identify the types of computer threats. Identify the various methods for protecting your computer from threats. Explain the good working habits used to enhance computer security and privacy. Explain the settings and options that help keep your computer secure. Identify the basic ethical challenges that the computer and the Internet present to users.

You use computers in almost all spheres of your life. You use computers for various purposes such as storing data, performing calculations, playing games, listening to music, surfing the Internet, and communicating with others through e-mails and chats. However, your computer and the data stored on it are vulnerable to damage and destruction. Therefore, you need to safeguard your computer from threats in the form of physical damage due to natural disasters, human errors or accident, or malicious acts like unauthorized access by hackers or virus attacks. You can protect your computer from these threats by adopting various security measures, such as having proper security settings and updated security software in your computer. Your family members also need to be aware of the security measures to ensure better protection of your computer. It is also important to be aware of the rights associated with the information available through the Internet. The contents available in most Web sites are copyrighted materials, and their unauthorized use may lead to legal problems. This module identifies the various threats against your computer, the possible effects of these threats, and their remedies. The module explains the security measures that you can adopt to keep your computer secure and up-to-date. In addition, this module explains the ethical and legal issues that you should keep in mind while using the Internet.

Course: Computer Security and Privacy

13
© 2007 Microsoft Corporation, All rights reserved.

Lesson 1
Introduction to Computer Security and Privacy

Lesson Contents

What Is Computer Security and Privacy?

Natural Threats

Measures for Protection from Natural Threats

Threats from Human Actions

Measures for Protection Against Threats from Human Actions

Computer Threats and Measures for Protection

Self Test

Course: Computer Security and Privacy

14
© 2007 Microsoft Corporation, All rights reserved.

Lesson Introduction
You store your important documents, such as your tax papers, securely so that they are not damaged or lost. You also ensure that no one has access to them without your permission. If you use computers regularly, you may have a lot of information stored on the computer. This information may be in form of tax details, personal letters, or business correspondence. You need to ensure that this information is not viewed by other people without your permission. You also need to protect this information from getting damaged. In this lesson, you will explore the need for protecting your computer hardware, software, and electronic data from damage, loss, and theft. You will also learn about the various solutions and devices that you can use to protect the data on your computer.

Lesson Objectives
After completing this lesson, you will be able to: • • • • • Explain computer security and privacy. Identify natural threats to your computer. Identify measures to protect your computer against natural threats. Identify threats to your computer from human actions. Identify measures to protect your computer against threats from human actions.

Course: Computer Security and Privacy

15
© 2007 Microsoft Corporation, All rights reserved.

Topic:

What Is Computer Security and Privacy?

Any factor that can damage your computer or the data on it is a computer threat. Natural events such as earthquakes or hurricanes can cause widespread physical damage. It is possible that you or someone else accidentally deletes some important files causing the computer to malfunction. When your computer is connected to a network, the computer becomes even more vulnerable to computer threats. For example, another user may use the network to gain unauthorized access to your computer. There are various measures that you can use to reduce these threats and reduce the likelihood of loss due to damage. By following basic guidelines, you can minimize the risks of damage to your computer and ensure its security and privacy.
Computer Security

The computer hardware can be damaged due to human carelessness or natural causes. Also, the data and software on the computer need to be protected from accidental or intentional loss and tampering. Computer security deals with the measures that you can take to avoid such damage to the computer and its data.

Course: Computer Security and Privacy

16
© 2007 Microsoft Corporation, All rights reserved.

Computer Privacy

You store your personal files or documents on your computer and would not want anyone to read them. Computer privacy means that your data, such as personal files and email messages, is not accessible by anyone without your permission. Computer privacy deals with the measures that you can take to restrict access to your data. Computer privacy also includes being careful while giving out any personal information over the Internet. Any such information is likely to be misused to gain access to your personal accounts, such as your email and bank accounts.

Course: Computer Security and Privacy

17
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Natural Threats

Natural calamities such as earthquakes, floods, hurricanes, can damage your computer at any time. Natural calamities can cause fires, extreme temperatures, and lightning strikes that lead to major physical damage to the computers and loss of data. This illustration describes the various natural threats to computer security and privacy.

1.

Most of the components of a computer are designed to operate within a specific temperature range. In case of excessive heat or cold, some components may start to malfunction, and you may need to replace them. If your computer has been exposed to extreme temperatures, let it return to room temperature before you start it. Fire can damage your computer beyond repair. Even if the computer does not directly catch fire, the heat caused is enough to melt the delicate components inside the computer. Moreover, smoke can damage the CPU fan, which in turn can cause overheating of the CPU and damage it. Lightning that strikes with a huge amount of electrical charge can cause a surge. A surge or spike is a sudden increase in the supply voltage, which can permanently damage some components of your computer. For example, a sudden increase in voltage can destroy the motherboard of your computer.
Course: Computer Security and Privacy

2.

3.

18
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Measures for Protection from Natural Threats

Natural threats can cause considerable damage to your computer. The following table explains the measures that you can take to protect your data and computer from natural threats.
Measure Description

Back up data

Backing up data involves creating multiple copies of your data. Events like floods and earthquakes can strike without warning. Making a backup helps you recover your data in case of any data loss. To provide better recoverability, keep a copy of your important data in a physically separate location, such as in another building or city. Install your computer in a place where it is not likely to get damaged due to natural factors. For example, avoid installing computers in rooms that are exposed to excessive dust or moisture. Install devices such as an Uninterruptible Power Supply (UPS) that can provide battery backup in case of a power outage. A UPS prevents software damage caused by abrupt shutting down of your computer. A UPS also provides surge protection and line-conditioning features, which help protect your computer against spikes and surges on the power line. You can also install separate surge protectors and line conditioners. However, in case of a strong surge, caused by events such as a major storm, you should turn off the computer and unplug it from the power to avoid damage. Insulate the computers from fire by housing them in fire retardant surroundings. In addition, you can install adequate fire safety equipment and procedures for quick damage control. You should maintain an optimum temperature and humidity level to ensure the smooth functioning of your computer. You can do this by installing devices such as air conditioners and humidity controllers.

Install computers in secure locations

Install protective electrical devices

Insulate computers from fire

Maintain appropriate temperature and humidity

Course: Computer Security and Privacy

19
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Threats from Human Actions

A type of threat to your computer is malicious human sources. A discontented employee in your office can deliberately try to tamper with or destroy the data on your computer. A hacker is a person who tries to illegally access your computer when you connect it to the Internet. After accessing your computer, a hacker can steal or damage the data stored on the computer. In addition to malicious human threats, human errors such as accidental deletion of data and physical damage are also a threat to your computer. The following table describes various threats from malicious human sources and human errors to your computer.
Threat Description

Theft

Anyone can steal your computer or its components, if they have access to it. With the popularity of portable computers, such as laptops, physical theft of computers has become very common. You can also become a victim of virtual theft, when your computer is connected to the Internet. One example of virtual theft is identity theft, in which a hacker can steal your personal information to assume your identity. Using this false identity, the hacker can gain access to your finances or perform an illegal activity. Another example of virtual theft is software piracy, which is theft of a computer design or program. It can also mean unauthorized distribution and use of a computer program and confidential documents.

Viruses, worms, and Trojan horses

Viruses are computer programs that can damage the data or software on your computer or steal the information stored on your computer. These viruses can reach your computer, without your knowledge, through the Internet or through storage devices, such as floppy disks and CD-ROMs. Worms are viruses that replicate themselves once they attack a computer, making it difficult to remove them. A Trojan horse is also a kind of virus disguised as useful software, such as a game or a utility. Once a Trojan horse reaches your computer, it starts acting like a virus causing damage to the computer’s data. Spyware are programs that get installed on your computer without your knowledge. They can secretly send out information about your Web browsing habits or other personal details to another computer through the network. While using the Internet, you might come across some attractive offers through e-mail messages or chat room communication. You should be very careful before accepting any such offers because these offers can be part of well-planned scams that can cause you a financial loss. Online predators are individuals who lure anybody online, into inappropriate and unethical relationships. You or your family members can become targets of online predators. Online predators develop contact with their targets by using e-mail or chat room communication. Many times, damage to a computer is due to unintentional human errors. Accidental
Course: Computer Security and Privacy

Spyware

Internet scams

Online predators

Accidental

20
© 2007 Microsoft Corporation, All rights reserved.

deletion of data

deletion of an important file can disrupt the integrity of data or prevent other files or programs from working. For example, you may accidentally delete an important file, causing the computer to malfunction. Computer components, being delicate, run the risk of getting damaged due to carelessness. For example, if you accidentally drop your laptop computer, this might result in damage to the hardware components, such as motherboard or CD-ROM. As a result you lose the data stored on the computer. In addition, physical damage to data due to spilling of food and beverages on storage devices or peripherals can affect your computer.

Accidental damage to hardware

Course: Computer Security and Privacy

21
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Measures for Protection Against Threats from Human Actions

You can take some simple measures to minimize the risks associated with malicious human threats and human errors. The following table describes measures to protect your computer from malicious human sources and human errors.
Solution Description

Store data safely

Keep your data in safe and secure locations that have limited access to others. This minimizes the possibility of theft or tampering of the data. The BitLocker feature of Windows Vista helps you encrypt data at the drive-level. When you encrypt data by using this feature, unauthorized users cannot access the data by removing the hard drive and attaching it to another computer. Antivirus and antispyware software programs have the ability to check for viruses and spyware present in the computer’s memory and also prevent new ones from entering. You must regularly update antivirus and antispyware software so that they are able to recognize new viruses and spyware. Most antivirus and antispyware software offer the automatic updates feature that automatically installs the updated version of the software on your computer. Built-in features in e-mail software, such as Windows Mail, allow you to block junk e-mail messages and provide features to check for viruses and worms. Windows Vista includes Windows Defender, a built-in antispyware program, which provides real-time protection.

Encrypt data

Install antivirus and antispyware programs

Install firewall

Installing a firewall is another effective step that you can take to protect against malicious threats. A firewall enables you to filter the Internet traffic before it reaches your computer or a private network. It provides additional protection against threats such as hackers and viruses. A firewall also helps to ensure computer privacy by restricting external access to your computer by any unauthorized user. Windows Firewall that is available with Windows Vista blocks unwanted access to your computer. Regularly back up important computer data. Creating multiple copies of data provides protection against loss of data due to accidental erasure or destruction of data. Keep the computer in an area that is dust-free, free from vibration, and out of the way of possible impact. The table or shelf housing the computer should be steady and stable to keep the computer from falling, even if the computer is bumped. Keep the computer away from any magnetic substance, water, or static discharge. For example, do not put the computer on the floor or on a rug. Avoid eating and drinking near the keyboard and use a keyboard cover to protect against any spillage.
Course: Computer Security and Privacy

Back up data

Keep computer in safe environment

22
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Computer Threats and Measures for Protection

Sort the measures for protection against various types of threats into their associated categories by writing the statement number in its corresponding option box. Statement 1 2 3 4 5 6 7 8 9 10 Surge protection and line conditioning Data encryption Insulation Stable shelf Sufficient distance from magnetic substances Antivirus Air conditioners and humidity controllers Spyware protection Keyboard cover Firewall

Option 1 Natural Threats

Option 2 Malicious Human Threats

Option 3 Human Errors

Note: The correct answers are shown on the next page.

Course: Computer Security and Privacy

23
© 2007 Microsoft Corporation, All rights reserved.

Option 1 Natural Threats

Option 2 Malicious Human Threats

Option 3 Human Errors

7, 3, 1

10, 8, 6, 2

9, 5, 4

Course: Computer Security and Privacy

24
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Self Test for Lesson: Introduction to Computer Security and Privacy

Question 1 Which one of the following statements best describes computer privacy? Select the one best answer. Securing a computer from fires and earthquakes. Protecting a computer from a power surge. Preventing your friend from viewing your computer data without your permission. Preventing important computer files from getting accidentally deleted. Question 2 Which of the following security measures can you adopt to help protect your computer and its data against natural threats? Select all answers that apply. Surge protection. Antivirus software. Firewall. Humidity control.

Note: The correct answers are shown on the next page.

Course: Computer Security and Privacy

25
© 2007 Microsoft Corporation, All rights reserved.

Answer 1 Which one of the following statements best describes computer privacy? Select the one best answer. Securing a computer from fires and earthquakes. Protecting a computer from a power surge. Preventing your friend from viewing your computer data without your permission. Preventing important computer files from getting accidentally deleted. Answer 2 Which of the following security measures can you adopt to help protect your computer and its data against natural threats? Select all answers that apply. Surge protection. Antivirus software. Firewall. Humidity control.

Course: Computer Security and Privacy

26
© 2007 Microsoft Corporation, All rights reserved.

Lesson 2
Protecting Your Computer

Lesson Contents

Guidelines for Protecting Your Computer

Best Practices for Securing Online and Network Transactions

Measures for Securing E-Mail and Instant Messaging

Measures for Protecting Your Computer

Self Test

Course: Computer Security and Privacy

27
© 2007 Microsoft Corporation, All rights reserved.

Lesson Introduction
You need to provide your identification to access your bank locker or your safe deposit box. This identification is to ensure that no one else is able to access your items. Similarly, you can implement various security measures to minimize the threat to your computer and the data on it. This lesson introduces you to some common best practices that will help you to protect your operating system, software, and data on your computer.

Lesson Objectives
After completing this lesson, you will be able to: • • • Identify guidelines for protecting your computer. Identify best practices for securing online and network transactions. Identify measures for securing e-mail and instant messaging transactions.

Course: Computer Security and Privacy

28
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Guidelines for Protecting Your Computer

Imagine that you have saved a confidential project report on your computer. You have been working for weeks to prepare this report and now you want to share the project report with your supervisor. You have a single copy of this report on your computer and it is important to secure the report from being tampered with or deleted. However, another employee uses your computer in your absence and deletes the project report from your computer. To avoid such situations, you can take measures to secure the data on your computer. The following table explains the actions that you can take to safeguard the operating environment and data on your computer.
Guideline Description

Implement user identification

An effective way to minimize the risk to your operating environment and data is to keep unauthorized individuals from accessing your computer. One way to achieve this is by setting up accounts for authorized users of the computer, on the basis of which each user gets an appropriate level of access. For example, in Windows Vista, you can set up user accounts for each member of your family or other users. You can decide to give yourself more privileges, or in the case of a child’s account, you can restrict the account’s capabilities.

Set username and password

You can also increase security and limit unauthorized access to your computer by setting up a username and password. In most offices, each employee has a unique username and password. The employees must provide the correct username and password to access their computers. You can set up users and passwords in Windows Vista.

Keep password secure

Your password acts like a key to your computer. Anyone who knows your password can access your computer and tamper with data. You must keep your password secure. Be careful while typing your password to prevent anyone else from seeing it. Do not share your password with others. Do not write the password and leave it on your computer or desk. If you think that the password has been compromised, change it immediately, before anyone else is able to misuse it.
Course: Computer Security and Privacy

29
© 2007 Microsoft Corporation, All rights reserved.

Lock computer

When you leave your computer on and unattended, someone can tamper with your computer software or data. You can prevent this by temporarily locking your computer while you are away. When a computer is locked, it immediately hides the content of the screen and does not allow any operation until the computer is unlocked with the correct username and password combination. The exact steps to lock your computer depend on the operating system you are using. For example, in Windows Vista, you can lock your computer by pressing CTRL+ALT+DEL, and then clicking the Lock this computer button. Note that this feature of locking the computers is not available in all operating systems.

Install and update protective software

You need to continuously guard your computer against threats such as viruses and spyware. At times, the damage due to a virus is considerable and you may lose important data or need to reinstall the operating system and other software. You can protect your computer from viruses and spyware by installing antivirus and antispyware software. These protective software programs help you detect and remove viruses and spyware present in your computer. They also prevent new ones from infecting your computer. It is a good practice to install a firewall, which filters out the content that reaches your computer. Installing a firewall also protects against hackers by restricting access by other online users. As newer threats keep appearing, software companies regularly create updates that you can install on your computer. These updates make additions to the installed software or operating system in your computer to make it less vulnerable to security threats. Ensure that you regularly update the antivirus software so that it can detect the newest viruses. Windows Vista includes Windows Firewall to protect your computer against unauthorized access. In addition, Windows Defender is a builtin antispyware program that protects against popups and other security threats.

Course: Computer Security and Privacy

30
© 2007 Microsoft Corporation, All rights reserved.

Encrypt data

Converting your data to an unreadable form to protect it from unauthorized access is called encryption. An authorized user can reconvert the encrypted data into a readable and usable form. This is called decryption. Various software products today include a way to encrypt data. In Windows Vista, encryption is transparent to the user who encrypts the file. That is, you do not have to manually decrypt the encrypted file before you can use it. You can open and change the file as you usually do.

Back up data

You can also help protect your files from loss or damage by making copies of important files and storing them on a different storage media, such as CDs, DVDs, or floppy disks. This process is known as backing up data. You should keep the backups in secure locations, so that you can use the backup data in case the original data is damaged or deleted.

Course: Computer Security and Privacy

31
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Best Practices for Securing Online and Network Transactions

Connecting your computer to the Internet introduces it to a world of information and entertainment. However, it also leaves your computer vulnerable to many online threats. For example, it becomes easier for viruses to transfer from an infected computer to your computer. You can reduce the risks to your computer from these online threats by using a combination of best practices such as creating strong passwords, encrypting data, and using antivirus software. The following table explains the various actions that you can take to secure online and network transactions.
Action Description

Use strong passwords

A strong password is a complex password, which cannot be guessed easily. The password should consist of a combination of uppercase and lowercase letters, numbers, and special characters such as ampersand and number sign, and should not contain complete words or names. A strong password is your primary defense against security and privacy threats. Strong passwords must be created for: • • • Local access to standalone computers Access to networks Access to Web sites that have sensitive information, such as personal or financial details Access to any valuable data Personal data stored on your computer

• •

Protect against hacking and spyware

While you are browsing the Internet, it is possible that a software program installed on your computer is transmitting your personal information to a hacker in another country. Such software programs are examples of spyware. These programs generally get installed on your computer without your knowledge and secretly transfers confidential data from your computer to the hackers. Sometimes, employers deliberately install spyware on the computers used by the employees to track the computing activities of the employees. Windows Vista includes a built-in antispyware program called Windows Defender, which helps prevent spyware from getting secretly installed on the computer. Make use of Internet service provider (ISP) support for
Course: Computer Security and Privacy

32
© 2007 Microsoft Corporation, All rights reserved.

online security. The support can be in the form of antivirus and anti-spyware software. Some ISPs even provide firewall protection, e-mail virus screening, and spam protection. Clear browsing history periodically The Web sites and Web pages that you visit while browsing the Internet are saved in your browser’s History. Also, while you browse the Internet, a number of files are stored in the temporary memory of your computer. This temporary memory is known as cache memory. The files stored in the cache memory record information about the Web pages you visit. However, some of these temporary Internet files may contain your personal information, such as your username and password, which can be accessed by hackers. To prevent hackers from accessing your personal information, regularly delete the contents present in the browser history and in the cache memory. While visiting a Web site, you may notice that it displays your name. This is made possible through the use of cookies. Cookies are small files that are created on your computer by previously visited Web sites to identify and track your preferences. Their purpose is to provide a more personal experience while visiting a Web site. However, cookies can also be a threat to computer privacy because they contain your personal information. For example, the cookies might contain your credit card details that you have used while shopping online. For these reasons, it is a good practice to periodically delete cookies to prevent your personal information from being misused. Avoid sharing personal information Some Web sites require you to fill out forms containing personal information such as your name, gender, and age. In case of e-commerce sites, you might even need to share your bank account details or credit card number. But, remember that hackers can access and misuse this information. Some companies may also use this information to send you unwanted commercial e-mail messages. Therefore, before you share any personal information on a Web site, ensure that it is a secured Web site and there is a specific need to provide the information.

Course: Computer Security and Privacy

33
© 2007 Microsoft Corporation, All rights reserved.

Perform online transactions only on secure sites

While shopping online, you usually need to provide sensitive information such as your bank account number or credit card details. Therefore, it is important to ensure that you carry out online transactions only on secure Web sites. A Web site is secure if its name has the prefix https. The prefix indicates that the Web site implements the Secure Sockets Layer (SSL) protocol. SSL is an Internet security protocol that ensures secure data communication by encrypting the information transmitted. The SSL protocol certifies that the Web site is genuine and ensures that the data you provide to the site is not misused. When you enter a secure Web site, most of the Web browsers display a message to confirm that you have entered a secure Web site. The locked padlock icon that appears in the Address bar helps you identify a secure Web site. You can also check the security certificate of a Web site before performing any online transaction on that site.

Configure security components by using Windows Security Center

Windows Security Center is a feature in Windows Vista, which provides you a convenient utility to check the status of essential security settings and track the antivirus software installed on your computer. You can open Security Center from Control Panel. The Security Center has four components: • Firewall. In Windows Vista, Windows Firewall is automatically activated. The firewall helps prevent malicious content, such as viruses and worms, from entering your computer. Automatic updating. This feature checks for relevant security-related updates available on the Microsoft Update Web site. Enabling this feature ensures that your computer remains updated and protected against the newest security threats on the Internet. Malware protection. Spyware and other potentially unwanted software can install itself on your computer without appropriately obtaining your consent. Windows Defender provides real-time protection against such software while you are connected to the Internet. Other security settings. Other security settings include Internet settings and User Account Control settings. Using Internet options, you can set the security level to medium, mediumhigh, or high. Internet Explorer 7 has higher security levels than its previous versions. User Account Control prevents unauthorized changes to your computer by asking for the
Course: Computer Security and Privacy







34
© 2007 Microsoft Corporation, All rights reserved.

password before making changes.

Disable active content

Active content refers to small programs that get installed on your computer while you are browsing the Internet. Their basic function is to provide you with an interactive Internet experience through videos and toolbars. However, in some cases, these programs can be used to damage the data stored on your computer or install malicious software without your consent. By using your browser settings, you can disable active content to prevent the installation of such programs.

Course: Computer Security and Privacy

35
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Measures for Securing E-Mail and Instant Messaging

E-mail and Instant Messaging (IM) are widely used for business and personal communication. However, hackers, online predators, and the people who create worms and viruses use e-mail and IM for malicious purposes. For example, these people can send e-mail attachments containing harmful software. These people can also use e-mail to solicit sensitive information or to lure you into fake offers. It is therefore important for you to take certain measures to ensure e-mail and IM security. To ensure e-mail security, avoid opening e-mail with attachments, do not respond to junk mail, do not respond to unsolicited commercial mail, and protect yourself from phishing. To ensure IM security, chat with known people only and do not open attachments received over IM. The following table explains the actions to ensure e-mail and IM security. The following table contains the transcript of an online animation.
Be cautious when opening e-mail messages with attachments

You can send e-mail attachments to share files with your friends. You might receive a photograph or a music file as an attachment in an e-mail message. However, you need to be cautious while opening any mail containing an attachment because it is the most common pathway for the spread of viruses.

Course: Computer Security and Privacy

36
© 2007 Microsoft Corporation, All rights reserved.

The following table contains the transcript of an online animation.
Do not respond to unsolicited commercial mail

You may receive a number of unwanted e-mail messages from unknown senders including individuals and companies that are advertising their products or services. These messages may also be in the form of online surveys that require you to fill up personal information. These unsolicited messages are known as junk mail or spam. Junk mail can often include content that is harmful for your computer. In addition, junk mail is often used for stealing identities, and you might accidentally share sensitive information while responding to such messages. Therefore, you should avoid replying to junk mail. You should also delete junk mail whenever you receive it. E-mail programs, such as Windows Mail, include a junk mail folder to which the junk mail may be directed and later deleted. The following table contains the transcript of an online animation.
Protect yourself from phishing

Course: Computer Security and Privacy

37
© 2007 Microsoft Corporation, All rights reserved.

Phishing is a common activity used to extract personal information from computer users and then use the information for malicious purposes. For example, someone sends e-mail messages to you, pretending to be from a bank or any other trustworthy organization, and asks for sensitive information, such as credit card number or password. This information is either sold further or used to cause financial loss to you. Therefore, you must verify the authenticity of such e-mail messages before responding with any personal information. Such e-mail messages are used by various phishing Web sites on the Internet to collect your personal information. Internet Explorer 7 includes the Microsoft Phishing Filter feature that runs in the background while you browse the Internet and helps detect phishing Web sites. The following table contains the transcript of an online animation.
Limit chat activity to people whom you know

You should limit your chat activity only to the people whom you know. Developing communication with new and unknown individuals makes you more vulnerable to threats such as online predators and scams. The following table contains the transcript of an online animation.
Avoid opening instant messenger attachments

Course: Computer Security and Privacy

38
© 2007 Microsoft Corporation, All rights reserved.

Instant messaging is a common pathway for malicious attachments. You must avoid opening any attachments that you receive in an instant message, unless you are absolutely sure about its origin. An instant messaging attachment might contain a virus or spyware, which can harm your computer.

Course: Computer Security and Privacy

39
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Measures for Protecting Your Computer

Sort the measures to protect your computer into their associated categories by writing the statement number in its corresponding option box. Statement 1 2 3 4 5 6 7 8 Clear browsing history periodically Back up data Avoid sharing personal information Install and update protective software Implement user identification Protect against hacking and spyware Keep password secure Disable active content

Option 1 Avoid Online Threats

Option 2 Protect Computer Data

Note: The correct answers are shown on the next page.

Course: Computer Security and Privacy

40
© 2007 Microsoft Corporation, All rights reserved.

Option 1 Avoid Online Threats

Option 2 Protect Computer Data

8, 6, 3, 1

7, 5, 4, 2

Course: Computer Security and Privacy

41
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Self Test for Lesson: Protecting Your Computer

Question 1 One of the most effective ways to protect the software and data in your computer is to restrict the use of your computer to a defined set of individuals. Which of the following methods can you use for this purpose? Select all answers that apply. Update your operating system. Set up user accounts. Install antivirus software. Keep passwords secure. Question 2 Various types of files are created on your computer while using the Internet. Some of these might present a threat to security, but are actually present for the benefit of the user. Which of the following are examples of such files? Select all answers that apply. Cookie. Virus. Active Content files. Worm. Question 3 Which of the following methods will you use to secure your e-mail and IM transactions? Select all answers that apply. Delete e-mail messages from unknown senders without opening them. Forward unsolicited e-mail messages to a friend for advice. Reply with personal information to an e-mail message if the sender is a bank employee. Avoid opening attachments received in instant messages.

Note: The correct answers are shown on the next page.

Course: Computer Security and Privacy

42
© 2007 Microsoft Corporation, All rights reserved.

Answer 1 One of the most effective ways to protect the software and data in your computer is to restrict the use of your computer to a defined set of individuals. Which of the following methods can you use for this purpose? Select all answers that apply. Update your operating system. Set up user accounts. Install antivirus software. Keep passwords secure. Answer 2 Various types of files are created on your computer while using the Internet. Some of these might present a threat to security, but are actually present for the benefit of the user. Which of the following are examples of such files? Select all answers that apply. Cookie. Virus. Active Content files. Worm. Answer 3 Which of the following methods will you use to secure your e-mail and IM transactions? Select all answers that apply. Delete e-mail messages from unknown senders without opening them. Forward unsolicited e-mail messages to a friend for advice. Reply with personal information to an e-mail message if the sender is a bank employee. Avoid opening attachments received in instant messages.

Course: Computer Security and Privacy

43
© 2007 Microsoft Corporation, All rights reserved.

Lesson 3
Protecting Your Family from Security Threats

Lesson Contents

Measures to Protect Your Privacy

Online Predators

Guidelines for Protection from Online Predators

Self Test

Course: Computer Security and Privacy

44
© 2007 Microsoft Corporation, All rights reserved.

Lesson Introduction
Computers are not only used at schools, colleges, and offices, but are also commonly used in homes. You use computers for various purposes such as to keep household accounts, exchange e-mail messages with family and friends, browse the Internet, and play games and music. Every member of your family can find some use for the computer. With increase in the use of computers at home and at work, it is important that you and your family understand the various threats associated with the use of computers and the Internet. In this lesson, you will learn about the various measures that can help protect your computer from these threats.

Lesson Objectives
After completing this lesson, you will be able to: • • • Identify measures that you can use to protect your privacy. Explain how online predators operate. Identify guidelines to protect your family from online predators.

Course: Computer Security and Privacy

45
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Measures to Protect Your Privacy

With the growing popularity of computers and the Internet, there are multiple ways in which your privacy is compromised. You and your family members need to prevent these threats to privacy. You can take the following simple measures to safeguard yourself and your family members against invasion of privacy. Shield Your Identity Avoid sharing your personal information with anyone, unless you know the person. This is the golden rule of protecting privacy. While exchanging e-mail messages or chatting through instant messenger, ensure that you do not reveal personal details about you or others known to you. Also, use strong passwords for access to your computer and e-mail connections.

Make Regular Backups of Your Computer and Important Data It is a good practice to back up all types of the important and sensitive data on your computer. Important data might be documents, databases, or contact information. You can use various storage media such as compact disc or another hard disk to back up your data. If you regularly back up the data stored on your computer, you can recover the data in case the original data is damaged or deleted. Also, it is advisable to store the backup data in a secure place and restrict access to it by using passwords and encryption.

Check Current Security of Your System Regularly Check the current security level of your computer regularly. Modern operating systems have built-in features that help you track the ability of your computer to safeguard against various threats to security and privacy. For example, Windows Security Center is a component in Windows Vista, which helps you to maintain firewall settings, set up schedules for software updates, and check the validity of the antivirus software installed on your computer.

Run Virus Scans Daily Each day when you access the Internet, there is a chance that your computer is infected by viruses. Therefore, it is important that you run a virus scan on your computer everyday. You also need to keep the antivirus software on your computer up-to-date to protect your computer from new viruses.

Use Antispyware Spyware programs can secretly enter your computer and transmit personal information about you and your family. Use antispyware software to keep a check upon these malicious programs, and keep the software up-to-date.

Course: Computer Security and Privacy

46
© 2007 Microsoft Corporation, All rights reserved.

Perform Online Transactions on Secure Web Sites with Reputable Vendors When you perform an online transaction, you need to provide your personal information, such as your credit card details or bank account details, to the Web site. This information, if disclosed to others, can be misused for financial fraud. Therefore, it is important that you carry out online transactions only on secure Web sites.

Report Abuse to the ISP Most reputable ISPs have a set of terms and conditions that does not allow its users to follow any unethical or illegal practices. You should report to the ISP whenever someone attempts to invade your online privacy by sending you spam or attempts to hack your computer. This allows the ISP to take action against such individuals.

Filter E-mail Messages from Unknown/Anonymous Senders You may receive a number of e-mail messages from individuals unknown to you. Such e-mail messages, referred to as spam or junk mail, can often be carriers of viruses or spyware. Hackers attempting to retrieve your personal information can also send you junk mail. Therefore, it is important to be careful while dealing with them. With e-mail software programs, you can create e-mail filters that help you block the junk mail. You must also ensure never to respond to junk mail because it can lead to an increase in unwanted messages and accidental sharing of personal information.

Encrypt Sensitive E-mail Messages, If Possible Using encryption is a simple and effective way to ensure that your e-mail communication remains confidential. Encryption is the process of encoding the e-mail message in such a manner that it appears unreadable to everyone except the intended reader. Most e-mail software, such as Windows Mail, provides this e-mail encryption feature.

Course: Computer Security and Privacy

47
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Online Predators

The Internet is a popular medium of communication for people all over the world. You can get acquainted with someone while actually knowing very little about the identity and intentions of the individual. This aspect of the Internet communication can be misused by people to lure young individuals into inappropriate or dangerous relationships. The people who engage in such activities are known as online predators. Online predators generally target children, especially adolescents. It is during adolescence that children gradually move out of parental control and look for new relationships. Online predators attempt to establish a relationship of trust and intimacy with these children. Online predators can also target adults with the objective of financial exploitation. Online predators trap their victims by developing contact through chat rooms, instant messaging, e-mail, or discussion boards. Among the various tools, chat rooms are the ones most commonly used by these predators. Online predators often assume a fake identity as a member of a specific chat room. For example, if the chat room belongs only to children, an online predator can easily assume the identity of a child in order to participate in that chat room.

Course: Computer Security and Privacy

48
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Guidelines for Protection from Online Predators

You and your family members can become the target of online predators. These predators may try to establish contact with you or your family members to exploit you financially. The predators may also try to involve you and your family members in inappropriate relationships. The following table lists some guidelines that you can follow to protect yourself and your family from online predators.
Guideline Description

Know the signs of predator behavior

Online predators have some predictable behaviors, which can help you identify them easily. Online predators tend to get intimate very quickly. They often express a great deal of interest and affection toward their targets. You need to ensure that you and your family members can detect such behavior to avoid contact with potential online predators. Online predators usually lure their targets with gifts or other tempting offers. You should be cautious about such gifts or offers. Also, educate your family members to be suspicious about gifts offered over the Internet. Educate your family members on appropriate chat room behavior to avoid being targeted by online predators. Tell them to use nonsuggestive and neutral screen names. The screen names must not give away their actual name, age, gender, or contact information because this information can be misused. Some Web sites try to extract information under the pretext of feedback or surveys. Tell your family not to reveal any personal information to these Web sites without your permission. Also, ensure that your family do not give out any personal details, such as name, last name, address, and phone number, in chat rooms and bulletin boards. Your family members must not share their username and password with anyone, including friends.

Be cautious of offers from strangers online

Educate your family on online safety measures

Guide children when they visit Web sites

As parents, restrict young children from visiting Web sites that are inappropriate for them, or those Web sites that bring them in contact with potential online predators. It is recommended that parents guide their young children when the children visit any Web site. As a parent, instruct your children to leave a Web site if it makes them uncomfortable or if the site contains any unpleasant content. Also, educate your children to leave a Web site that asks for excessive personal information.

Know the sites visited by children

It is important for parents to regularly check the type of Web sites their children visit. You can track the previously visited Web sites by viewing the browser history or by using software that help you track the online activity of a computer. You can enable your browser’s Content Advisor feature to control the type of Web sites that your family members can visit while browsing the Internet. By using this feature, you can restrict children from visiting Web sites that contain adult content.
Course: Computer Security and Privacy

Block access to inappropriate Web sites

49
© 2007 Microsoft Corporation, All rights reserved.

You can also install certain software programs that help you block specific Web sites. Monitor chat activities Specialized software can monitor chat activities and flag inappropriate information exchange on your computer. You can install these software to track the chat activities of your children.

Course: Computer Security and Privacy

50
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Self Test

Each pair of statements contains a true statement and a false statement. For each pair of statements, indicate which statement is true by placing a mark in the True column to the right. Statement 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 Replying to junk mail CAN cause you to reveal personal information. Replying to junk mail CANNOT cause you to reveal personal information. Online predators GET intimate very quickly. Online predators DO NOT GET intimate very quickly. SPYWARE software helps you keep a check on malicious programs. ANTISPYWARE software helps you keep a check on malicious programs. It is POSSIBLE to monitor chat activity. It is NOT POSSIBLE to monitor chat activity. Encryption COMPRESSES the e-mail message so that it appears unreadable. Encryption ENCODES the e-mail message so that it appears unreadable. Online predators DO NOT TARGET children. Online predators TARGET children. Children SHOULD be allowed to visit Web sites alone. Children SHOULD NOT be allowed to visit Web sites alone. Online predators DO NOT LURE their targets with gifts. Online predators LURE their targets with gifts. The screen name used for chatting SHOULD NOT be your real name. The screen name used for chatting SHOULD be your real name. True False

Course: Computer Security and Privacy

51
© 2007 Microsoft Corporation, All rights reserved.

Note: The correct answers are shown on the next page.

Course: Computer Security and Privacy

52
© 2007 Microsoft Corporation, All rights reserved.

Statement 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 Replying to junk mail CAN cause you to reveal personal information. Replying to junk mail CANNOT cause you to reveal personal information. Online predators GET intimate very quickly. Online predators DO NOT GET intimate very quickly. SPYWARE software helps you keep a check on malicious programs. ANTISPYWARE software helps you keep a check on malicious programs. It is POSSIBLE to monitor chat activity. It is NOT POSSIBLE to monitor chat activity. Encryption COMPRESSES the e-mail message so that it appears unreadable. Encryption ENCODES the e-mail message so that it appears unreadable. Online predators DO NOT TARGET children. Online predators TARGET children. Children SHOULD be allowed to visit Web sites alone. Children SHOULD NOT be allowed to visit Web sites alone. Online predators DO NOT LURE their targets with gifts. Online predators LURE their targets with gifts. The screen name used for chatting SHOULD NOT be your real name. The screen name used for chatting SHOULD be your real name.

True

False

Course: Computer Security and Privacy

53
© 2007 Microsoft Corporation, All rights reserved.

Lesson 4
Keeping Your Computer Secure and Updated

Lesson Contents

Configuring the Computer Security Settings

Keeping the Computer Up-to-Date

Self Test

Course: Computer Security and Privacy

54
© 2007 Microsoft Corporation, All rights reserved.

Lesson Introduction
When you connect your computer to the Internet, your computer software and data are accessible to the rest of the world. Connecting to the Internet increases the threat to your computer from viruses, spyware, and hackers. However, you can minimize these security threats by configuring the security settings on your computer and keeping security-related software up-to-date. In this lesson, you will learn how to maximize the security of your computer by configuring the security settings on your operating system. The lesson also explains how to configure your computer to automatically update its security software.

Lesson Objectives
After completing this lesson, you will be able to: • • Explain the different security settings on your computer. Identify the options for keeping your computer up-to-date.

Course: Computer Security and Privacy

55
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Configuring the Computer Security Settings

Over the Internet, the biggest security threats to your computer come from hackers and viruses. Most of the time, these threats occur because the security settings on your computer are not set properly or the security software is either missing or obsolete. Security settings are configured on your computer when you install the operating system. However, you can modify these security settings according to your requirements. For example, in Windows Vista, you can view and modify the security settings by using the Windows Security Center. You can perform the following actions by using the Windows Security Center. • • • • Use the Internet security options to specify the privacy and security levels for the Web sites that you visit. Modify the firewall settings to help protect your computer from unauthorized access through the Internet. Configure your computer to automatically download and install updated security software to provide better protection from new viruses. Configure the malware protection settings to detect and remove unwanted malicious software from your computer.

In this demonstration, you will see how to configure security settings in Windows Vista by using the Windows Security Center. The following table contains the steps and transcript of an online demonstration. Step List

1 2 3 4 5

Configuring the Computer Security Settings To open Control Panel, click the Start button, and then click Control Panel. To open Windows Security Center, in Control Panel, click Security, and then click Security Center. To view the firewall settings of your computer, in the Windows Security Center window, in the left pane, click Windows Firewall. To view the options available for the firewall, in the right pane, click Change settings.
Course: Computer Security and Privacy

56
© 2007 Microsoft Corporation, All rights reserved.

6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

To confirm that you want to change the settings, in the User Account Control message box, click Continue. In the Windows Firewall Settings dialog box, observe the options on the General tab. To view the exceptions available for the firewall, click the Exceptions tab, and then scroll down in the list under the To enable an exception, select its check box label. To view the network connections that are protected by Windows Firewall, click the Advanced tab. In the Windows Firewall Settings dialog box, click Cancel, and then in the Windows Firewall window, click the Close button. To view the settings for automatic updates, in the Windows Security Center window, in the left pane, click Windows Update. In the Windows Update window, in the left panel, click Change settings. In the Change settings window, click Cancel, and then in the Windows Update window, click the Close button. To view Windows Defender, in the Windows Security Center window, in the left pane, click Windows Defender. To view the options available in Windows Defender, in the Windows Defender window, click Tools. On the Tools and Settings page, under Settings, click Options. To view the available options, scroll down in the Options page. In the Windows Defender window, click Cancel. To restore the Windows Security Center window, on the taskbar, to the right of the Control Panel\Security button, click the Windows Security Center button. To view the Internet options, in the Windows Security Center window, in the left pane, click Internet Options. To view the general settings, in the Internet Properties dialog box, click the General tab. To view the security settings of the Web browser, click the Security tab. To view the privacy settings for the Internet, click the Privacy tab. To view the content settings, click the Content tab. To view the settings for Internet connections, click the Connections tab. To view the program settings for the Internet, click the Programs tab. To view the advanced settings of the Web browser, click the Advanced tab. To close the Internet Properties dialog box, click OK.

Transcript

Course: Computer Security and Privacy

57
© 2007 Microsoft Corporation, All rights reserved.

You can use Control Panel to change settings for Windows Vista.

Course: Computer Security and Privacy

58
© 2007 Microsoft Corporation, All rights reserved.

Control Panel includes the Windows Security Center, which provides various options to help you monitor and enhance the security of your computer. Using the options, you can check the status of various security essentials, such as firewall settings, automatic updates, malware protection, and Internet security settings.

Course: Computer Security and Privacy

59
© 2007 Microsoft Corporation, All rights reserved.

Windows Firewall helps protect your computer against unauthorized access through a computer network or the Internet. The right pane of the Windows Security Center window displays whether Windows Firewall is ON or OFF. Unless you change the settings, Windows Firewall is always ON. Notice that the right pane of the Windows Firewall window displays the current settings such as network location and notification details.

Course: Computer Security and Privacy

60
© 2007 Microsoft Corporation, All rights reserved.

You can modify the settings according to your requirements. To change the settings, you must log on to the computer as the administrator. If you try to change any settings in Windows Vista, User Account Control prevents unauthorized modifications to the settings of your computer.

Course: Computer Security and Privacy

61
© 2007 Microsoft Corporation, All rights reserved.

User Account Control prompts you to specify the administrator password or asks for your permission before performing actions that can affect the performance of your computer or changing settings that affect other users.

Course: Computer Security and Privacy

62
© 2007 Microsoft Corporation, All rights reserved.

The General tab of the Windows Firewall Settings dialog box provides three settings for Windows Firewall. Because Windows Firewall is always ON, the first option is selected. If you want to prevent all attempts to connect to your computer, you can select the Block all incoming connections check box. The Off (not recommended) option helps you deactivate Windows Firewall. If you want to deactivate Windows Firewall, you must ensure that you use another firewall to keep your computer safe.

Course: Computer Security and Privacy

63
© 2007 Microsoft Corporation, All rights reserved.

Suppose that you have blocked all incoming connections to your computer. If you want to allow certain programs to send or receive information through the Windows Firewall, you can list these programs as exceptions. Each time you allow an exception for a program to communicate through Windows Firewall, you make your computer more vulnerable to attacks. Do not make exceptions for applications that you do not recognize.

Course: Computer Security and Privacy

64
© 2007 Microsoft Corporation, All rights reserved.

Your computer can be connected to or can be accessible through different networks. On the Advanced tab, you can specify the network connections that you want to protect by using Windows Firewall.

Course: Computer Security and Privacy

65
© 2007 Microsoft Corporation, All rights reserved.

Updates are additions to software that enhance the security and the performance of the computer. Windows Automatic updating installs security and other important updates whenever the updates become available.

Course: Computer Security and Privacy

66
© 2007 Microsoft Corporation, All rights reserved.

You can configure Automatic updating to check the Windows Update Web site for new updates, download the updates, or directly install the updates at the specified time without asking for your permission.

Course: Computer Security and Privacy

67
© 2007 Microsoft Corporation, All rights reserved.

Spyware is software that can display advertisements, collect information about you, or change settings on your computer without appropriately obtaining your consent. Windows Defender is an antispyware program that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software. If you use Windows Defender, you must ensure that its virus definitions are up-to-date. These definitions are files that contain information about potential software threats. Notice that in the Windows Defender window, the Status area displays the time and date of the last scan, the scan schedule, and the version of the virus definition that is currently in use by Windows Defender.

Course: Computer Security and Privacy

68
© 2007 Microsoft Corporation, All rights reserved.

Windows Defender performs a quick scan of the most likely places for harmful programs at fixed intervals. Windows Defender also alerts you when harmful programs attempt to run or install themselves on the computer.

Course: Computer Security and Privacy

69
© 2007 Microsoft Corporation, All rights reserved.

You can modify the various settings to control the functions of Windows Defender. On the Options page, you can select the frequency and the type of automatic scanning. Windows Defender detects spyware and potentially harmful software on your computer. The detected spyware and harmful software are assigned different alert levels.

Course: Computer Security and Privacy

70
© 2007 Microsoft Corporation, All rights reserved.

The alert levels define what action Windows Defender takes against the detected threats. You can configure a different action or response for each level of harmful software that automatic scanning detects. Windows Defender also provides real-time protection for your computer. The advanced options help you choose which types of files Windows Defender scans. You can also exclude files from automatic scanning.

Course: Computer Security and Privacy

71
© 2007 Microsoft Corporation, All rights reserved.

You can modify the Internet security settings in the Internet Properties dialog box by using the Internet Options link.

Course: Computer Security and Privacy

72
© 2007 Microsoft Corporation, All rights reserved.

You can specify the home page for your browser on the General tab. Internet Explorer 7 keeps a chronological list, or history, of Web sites that you have visited. You can modify the history settings to store the history of only a specific number of days. When you visit a Web page, a copy of the Web page, and the associated images and other files are stored on your computer. You can delete these files by clicking the Delete button. On this tab, you can also configure how the Web pages appear by selecting the font, color, and language settings. To apply these settings instead of the settings applied when the Web pages were created, you must click the Accessibility button and select the appropriate options. For example, if you set a font style by using the Font button, you must select the Ignore font size on Web pages option so that the Web pages appear the way you want them to.

Course: Computer Security and Privacy

73
© 2007 Microsoft Corporation, All rights reserved.

Internet Explorer categorizes all the Web sites on the World Wide Web into four zones: Internet, local intranet, trusted sites, and restricted sites. Each zone has a defined level of security that helps address different security risks that are associated with the sites in that zone. On the Security tab, you can select a particular zone and then select the security level for the selected zone.

Course: Computer Security and Privacy

74
© 2007 Microsoft Corporation, All rights reserved.

When you browse different types of Web sites such as online shopping sites, online educational sites, and other sites that require you to add your personal information, you might be vulnerable to identity thefts and frauds. Different Web sites create files called cookies on your computer that store information about you. The Privacy tab helps you select the privacy settings that define what type of cookies are saved on your computer. In addition, you can choose to prevent pop-up windows from opening while you browse the Internet.

Course: Computer Security and Privacy

75
© 2007 Microsoft Corporation, All rights reserved.

On the Content tab, you activate the Parental Controls feature to control the content that your children or other young audience view while browsing the Internet. For example, you can restrict children from visiting Web sites that have adult content. The Content Advisor feature blocks or allows specific Web sites based on the content rating for the site. Certificates are used to verify the identity of a person or device that is used in an online transaction such as shopping. Another feature of Internet Explorer 7 that facilitates browsing is AutoComplete. AutoComplete saves information that you type in the Address bar, forms, or passwords and provides the information when you start to type the same information when you visit the Web sites again. When you visit certain Web sites such as news sites and journals, you might come across the Feeds feature. Feeds contain frequently updated content that is published by a Web site. If you subscribe to a feed, Internet Explorer automatically checks for and downloads content that is new since you last visited the site.

Course: Computer Security and Privacy

76
© 2007 Microsoft Corporation, All rights reserved.

On the Connections tab, you can set up an Internet connection. You can also specify different settings such as local area network (LAN) settings, dial up settings, and virtual private network settings for your computer.

Course: Computer Security and Privacy

77
© 2007 Microsoft Corporation, All rights reserved.

You can use the Programs tab to specify the programs that Windows Vista uses for Internet services such as e-mail, newsgroups, calendar, and Internet calls. You can set the default Web browser. Web browsers use various add-ons such as toolbars and extensions that improve your experience on a Web site by facilitating viewing of interactive or multimedia content. You can activate and deactivate different add-ons that are already installed on your computer by clicking the Manage add-ons button.

Course: Computer Security and Privacy

78
© 2007 Microsoft Corporation, All rights reserved.

The Advanced tab contains features that you can use to fine tune your Web browser. For example, you can change the accessibility options of the Web browser to improve readability of Internet content and to enhance the user experience for people with disabilities. You can also personalize browsing options so that Web pages load faster.

Course: Computer Security and Privacy

79
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Keeping the Computer Up-to-Date

You may be aware that new medicines are continuously invented to counter new diseases. Similarly, the computer industry keeps updating the versions of antivirus software and similar products to counter new viruses, worms, and spyware. You need to keep your computer up-to-date with updated versions of security software to ensure better protection of your computer. The Microsoft Update Web site provides you with security updates that are necessary to protect your computer’s operating system. You can download these security updates from this Web site and install them on your computer. If you find it difficult to keep track of the security software that you need to update, you can automate this updating process by configuring your computer. In this demonstration, you will see various options in Windows Update that you can use to keep your computer up-to-date. The following table contains the steps and transcript of an online demonstration. Step List

1 2 3 4 5 6 7 8 9

Keeping the Computer Up-to-Date To open Windows Update, click the Start button, click All Programs, and then click Windows Update. Notice the links that are displayed in the left pane of the Windows Update window. To automatically download and install security updates on your computer, in the Windows Update window, in the left pane, click Check for updates. To view the list of available updates, in the right pane, in the Download and install updates for your computer area, click View available updates. To view the options available for Windows Update, in the Windows Update window, in the left pane, click Change settings. To automatically download and install security updates at a predefined time and frequency, ensure that the Install updates automatically (recommended) option is selected. To receive an alert after security updates are automatically downloaded, click Download updates but let me choose whether to install them. To receive an alert when security updates are available, click Check for updates but let me choose
Course: Computer Security and Privacy

80
© 2007 Microsoft Corporation, All rights reserved.

whether to download and install them. 10 11 12 13 To disable automatic updating, click Never check for updates (not recommended). To include recommended updates, ensure that the Include recommended updates when downloading, installing, or notifying me about updates check box is selected. To close the Change settings window, click OK. In the User Account Control message box, click Continue.

Transcript

Windows Update is an extension of Windows Vista that helps you keep your computer up-to-date. Microsoft releases important updates such as security updates that help protect your computer against viruses and security threats on the Microsoft Update Web site. In addition, Microsoft releases critical updates including upgrades to applications and tools that can improve the performance of your computer.
Course: Computer Security and Privacy

81
© 2007 Microsoft Corporation, All rights reserved.

Windows Update checks your computer and offers you a list of updates that are applicable to the applications and hardware of your computer.

When you access Windows Update from the Start menu, a window opens that displays the status of Automatic updating. This window also provides a brief update history of your computer. Observe that the Windows Update window also displays the current setting of Windows Vista for Windows Update.

Course: Computer Security and Privacy

82
© 2007 Microsoft Corporation, All rights reserved.

If you configure Automatic updating to automatically install updates, Windows Update automatically downloads and installs security updates from the Microsoft Update Web site. This download process occurs in the background and does not interrupt your work. However, to successfully complete the installation of some updates, you might need to restart your computer. For such updates, Windows Vista displays a restart message. To manually check the Windows Update Web site for new updates, you must click the Check for updates link in the left pane.

Course: Computer Security and Privacy

83
© 2007 Microsoft Corporation, All rights reserved.

Notice that Windows Update displays the number of updates that are available on the Web site. You can install all the updates by clicking the Install updates button. You can also review the list and then select the updates that you want to install on your computer.

Course: Computer Security and Privacy

84
© 2007 Microsoft Corporation, All rights reserved.

Windows Update provides you various options to choose how it downloads and installs the security updates. To view the list of options available, click the Change settings link in the left pane.

Course: Computer Security and Privacy

85
© 2007 Microsoft Corporation, All rights reserved.

When you select the first option, Windows Update automatically downloads and installs the updates. You can select a specific day and time for Windows Update to download and install the updates. Your computer should be connected to the Internet at the specified time for Windows Update to download the updates.

Course: Computer Security and Privacy

86
© 2007 Microsoft Corporation, All rights reserved.

If you select the second option, Windows Update automatically downloads the updates from the Web site but does not install the updates on your computer. After downloading the updates, Windows Update generates an alert to inform you that the updates are available for installation on your computer. You can install the desired updates at your convenience.

Course: Computer Security and Privacy

87
© 2007 Microsoft Corporation, All rights reserved.

If you select the third option, your computer does not download and install security updates automatically. Windows Update only checks if new updates are available on the Web site. If an update is available, Windows Update generates an alert about the available updates. This alert describes the purpose and benefits of the updates. You can review and approve the updates and then download and install the updates at your convenience.

Course: Computer Security and Privacy

88
© 2007 Microsoft Corporation, All rights reserved.

Using the fourth option, you can deactivate Automatic updating. If you deactivate Automatic updating, Windows Update does not check for, download, or install any updates. Therefore, you do not receive any alert when updates are available. If you choose this option, your computer will not be updated with the latest security updates and may be vulnerable to security threats.

Course: Computer Security and Privacy

89
© 2007 Microsoft Corporation, All rights reserved.

In addition to the important updates, you can set Windows Update to automatically install recommended updates to improve reliability and security of your computer. These recommended updates can solve noncritical problems and enhance your computing experience.

Course: Computer Security and Privacy

90
© 2007 Microsoft Corporation, All rights reserved.

After configuring the settings in the Change settings window, you must save the modified settings.

Course: Computer Security and Privacy

91
© 2007 Microsoft Corporation, All rights reserved.

If your computer has additional security software, such as antivirus and antispyware installed on it, you must also regularly update the software.

Course: Computer Security and Privacy

92
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Self Test for Lesson: Keeping Your Computer Secure and Updated

Sort the security settings into their associated categories by writing the statement number in its corresponding option box. Statement 1 2 3 4 5 6 7 8 Select the type of files to scan Block incoming connections to your computer Download recommended updates Activates automatic download Receive an alert for download Set the default actions to take against threats Select files to exclude from scanning Make an exception for a program

Option 1 Malware Protection

Option 2 Windows Firewall

Option 3 Automatic Updates

Note: The correct answers are shown on the next page.

Course: Computer Security and Privacy

93
© 2007 Microsoft Corporation, All rights reserved.

Option 1 Malware Protection

Option 2 Windows Firewall

Option 3 Automatic Updates

7, 6, 1

8, 2

5, 4, 3

Course: Computer Security and Privacy

94
© 2007 Microsoft Corporation, All rights reserved.

Lesson 5
Computer Ethics

Lesson Contents

What Is Intellectual Property?

Copyright Violation and Prevention

Legal Concerns with Information Exchange

Self Test

Course: Computer Security and Privacy

95
© 2007 Microsoft Corporation, All rights reserved.

Lesson Introduction
On the Internet, you can find a wide range of information that includes news, articles, pictures, songs, movies, and software. Searching the Internet is often the fastest and easiest way to gather information, at any time. For example, you can use the Internet to search for information for your school assignments, or ideas to include in an office presentation. You can also download songs and movies from various Web sites. You do not have to pay money to download information from most of the Web sites. But, these free downloads may not actually be free. The information in a Web site is legally owned by the author who created it or by the Web site which published it. Therefore, you may need the permission of the author or the owner of the Web site to use the contents. You need to be aware of the rights or permissions you have on the contents available in a Web site before downloading them. This lesson explains the meaning of intellectual property in the field of computing, and how unauthorized use of intellectual property can lead to copyright violation. In this lesson, you will also learn about the various legal concerns associated with information exchange.

Lesson Objectives

Course: Computer Security and Privacy

96
© 2007 Microsoft Corporation, All rights reserved.

After completing this lesson, you will be able to: • • • Explain Intellectual Property and copyright as they apply to computing. Identify the various acts of copyright violation and measures to prevent those acts. Identify the legal concerns that are associated with information exchange.

Course: Computer Security and Privacy

97
© 2007 Microsoft Corporation, All rights reserved.

Topic:

What Is Intellectual Property?

Bob Kelly works for a newspaper agency. He needs to write an article about computer technology. Bob copies some information from a Web site and uses it in his article. However, he does not mention the source from where he copied the information. After the article is published, Bob faces legal charges for violating copyright laws. This is because he used an intellectual property without the owner’s permission. Any information available on the Internet is an intellectual property, which is legally owned by the person who created it. For example, when you publish an article on a Web site, the article is your intellectual property. As the owner of an intellectual property, you have the exclusive rights to control the use of the material to: • • • Copy, reproduce, or distribute the property. Share or sell the rights to the property. Give away the rights to the property for free.

Note:

The actual rights to an intellectual property can vary based on the permission the owner gives.

You do not have the right to use intellectual property without the permission of its owner. There are laws to protect the rights of a person to an intellectual property. These laws are called copyright laws. Violation of these laws may lead to legal problems.

Course: Computer Security and Privacy

98
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Copyright Violation and Prevention

When you use copyrighted intellectual property without the owner’s consent, it leads to copyright violation. When you copy someone’s work and use it as if it is your own work, without mentioning the source, it is known as plagiarism. Suppose you create an exact copy of a graphic displayed on a Web site. You then post this graphic to another Web site as your own creation, but do not mention about the Web site from where you copied it. This results in plagiarism. In many countries, paraphrasing an existing work and passing it off as an original work is also considered as plagiarism. The following table explains some of the common misuses of copyrighted material that you need to be aware of and avoid.
Copyright Misuse

Description

Copying music

There are many Web sites that allow you to download and share songs. However, some of these Web sites may not have the legal authority to offer the songs for free download. When you download songs from these Web sites, it is misuse of copyrighted music. You misuse copyrighted music when you take any of the following actions: • You download copyrighted music from a Web site without the owner’s permission or without paying a copyright fee. You download copyrighted music from a Web site and create CDs or DVDs containing the downloaded music. You create copies of copyrighted CDs or DVDs and share the copies with others. You share copyrighted songs on the Internet through Web sites that facilitate sharing of songs.



• •

Using software without license

Be aware of the following situations to avoid software piracy: • When you download copyrighted software from a Web site without the owner’s permission or without paying a fee, it results in software piracy. When you buy a legal copy of software, create copies of the software, and distribute the copies to others, it also results in software piracy. Some computer vendors install unlicensed copies of software on the computers that they sell. They do this to save on the license fees. However, purchasing computers with unlicensed software results in software piracy. Therefore, while purchasing a
Course: Computer Security and Privacy





99
© 2007 Microsoft Corporation, All rights reserved.

computer, ensure that you have the license documents for the software preinstalled on the computer or sold with the computer.

Copying logo

A logo is a copyrighted material that is used as an identifier by its copyright owner. It is illegal to copy or use a logo without the owner’s permission. For example, using the Microsoft logo on your business card without obtaining permission from Microsoft is a copyright violation. Sometimes, a person may have the permission to use a logo, but there may be limitations to this usage. For example, a person may have the permission to use the Microsoft logo only when making business dealings on behalf of Microsoft. Now, if the person uses the Microsoft logo to make business dealings for personal gains, then it is a misuse of the copyrighted logo.

More Information

A Web site may allow you to download copyrighted information. However, when you download such information, you may face legal charges for it. Usually, the information available in a Web site is officially copyrighted, and carries a copyright notice or copyright symbol. However, the absence of a copyright notice or symbol with any information does not mean that the information is not copyrighted. According to the U.K. copyright law, as soon as a person transforms an idea or concept into a physical form, the work automatically becomes a copyrighted material of the person. Similarly, according to the U.S. copyright law, a copyright owner holds exclusive rights over the copyrighted material, even without official registration of the copyright. Any form of copyright violation is a punishable offense. The copyright owner can take legal actions against the person violating the copyright laws, or can demand huge amount of money for it. Therefore, be aware of the international and local copyright laws before downloading information from a Web site. Legal Uses of Copyrighted Material

The following table explains a few legal uses of copyrighted material.
Legal Use Description

Using copyrighted material for educational purposes If you use small portions of copyrighted materials for educational purposes and mention the source, it is fair usage of the copyrighted material. For example, you can use small portions of contents from a book along with a mention about this book in your school or college assignment. Similarly, if you are writing a book review, you can quote extracts from the book. Sharing links instead of downloaded material
Course: Computer Security and Privacy

100
© 2007 Microsoft Corporation, All rights reserved.

Instead of copying contents from Web sites and using it in your own work, you can provide references or links to the contents. For example, you may want to mention about the contents of a specific Web site in your article. Instead of copying the contents from the Web site, just provide the link to this Web site in your article. In this way, you can completely avoid plagiarism of the copyrighted content. Using copyrighted material with the copyright owner's permission You can use copyrighted materials in your own work by obtaining permission from the copyright owner. In most cases, you need written permission to use a copyrighted material. Remember that the copyright owner has the discretion to: • • • • Grant or not grant permission for using the copyrighted material. Grant rights to a part of the copyrighted material or to the entire material. Charge a fee for granting permission to use the copyrighted material. Set the terms for using the copyrighted material. For example, you may have the permission to download and share copyrighted software, but may not have the permission to use the software for making profits.

If the copyright of a material has expired, or the idea or process used in the copyrighted material is very well-known, you can use the material or the idea without obtaining permission.

Course: Computer Security and Privacy

101
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Legal Concerns with Information Exchange

With the extensive use of the Internet, there is potential for you to get involved in illegal and unethical activities, such as gambling and defamation. You need to be aware and cautious of these illegal and unethical issues. Also, remember that these issues vary from country to country, and even within parts of a country. The following table explains some unethical and illegal uses of information exchange.
Illegal Activity Description

Defaming someone’s reputation

When you communicate with others by using e-mail, chat, or online public forums, be careful not to make any statements that may result in defamation of someone. Defamation means making false statements about a person that can negatively affect the person’s reputation. For example, suppose you post a message on an online forum falsely stating that your neighbor, who is a celebrity, owns illegal property. This can be considered as defamation because you are spreading false information that may harm your neighbor’s credibility.
Note:

A false statement can be considered defamatory, even if it is not derogatory. Sometimes, even true statements can be considered as defamatory if the statements harm someone’s reputation.

Libel and slander are two forms of defamation. Libel means written defamation which has been published, whereas slander means verbal defamation. The legal system of most countries considers both libel and slander as punishable offenses. You may face criminal or civil penalties according to the legal system of your country. The punishment may range from monetary penalty to severe punishment like jail terms. Sometimes, the severity of the offense depends on the situation. For example, in some countries, any insult to the President is a criminal offense. However, in some other countries, public officials have less protection than the average citizen. Therefore, be aware of the local laws before making any defamatory statements. Visiting inappropriate Web sites Some Web sites offer services that carry out activities that are restricted by the legal system of your state or country. It is possible to access these sites over the Internet because there are no boundaries and policing over the Internet. For example, you can access a gambling site even if the law of your country bans gambling. But, this may cause legal troubles for you. You also need to be aware that the legal system is different in different states and countries. For example, the products that you can legally buy or sell in one country may be an illegal purchase or sale in another country. So, though a Web site may not restrict you from buying an item that is illegal in your country, you may face legal charges for buying the item.

Course: Computer Security and Privacy

102
© 2007 Microsoft Corporation, All rights reserved.

Topic:

Self Test

Each pair of statements contains a true statement and a false statement. For each pair of statements, indicate which statement is true by placing a mark in the True column to the right. Statement 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 Unauthorized use of intellectual property is LEGAL. Unauthorized use of intellectual property is ILLEGAL. A painting IS legally owned by its painter. A painting IS NOT legally owned by its painter. The author of a book CANNOT control the use of the book. The author of a book CAN control the use of the book. A copyright owner CAN sell the copyrights. A copyright owner CANNOT sell the copyrights. Copyright violation CANNOT lead to legal problems. Copyright violation CAN lead to legal problems. Sharing a copyrighted song IS NOT copyright violation. Sharing a copyrighted song IS copyright violation. Libel is VERBAL defamation. Libel is WRITTEN defamation. Slander is WRITTEN defamation. Slander is VERBAL defamation. Online gambling CAN cause legal problems. Online gambling CANNOT cause legal problems. True False

Course: Computer Security and Privacy

103
© 2007 Microsoft Corporation, All rights reserved.

Note: The correct answers are shown on the next page.

Course: Computer Security and Privacy

104
© 2007 Microsoft Corporation, All rights reserved.

Statement 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 Unauthorized use of intellectual property is LEGAL. Unauthorized use of intellectual property is ILLEGAL. A painting IS legally owned by its painter. A painting IS NOT legally owned by its painter. The author of a book CANNOT control the use of the book. The author of a book CAN control the use of the book. A copyright owner CAN sell the copyrights. A copyright owner CANNOT sell the copyrights. Copyright violation CANNOT lead to legal problems. Copyright violation CAN lead to legal problems. Sharing a copyrighted song IS NOT copyright violation. Sharing a copyrighted song IS copyright violation. Libel is VERBAL defamation. Libel is WRITTEN defamation. Slander is WRITTEN defamation. Slander is VERBAL defamation. Online gambling CAN cause legal problems. Online gambling CANNOT cause legal problems.

True

False

Course: Computer Security and Privacy

105
© 2007 Microsoft Corporation, All rights reserved.

Module Summary

Lessons

Introduction to Computer Security and Privacy

Your computer needs protection from various security and privacy threats. The threats can be in the form of: • • • Natural disasters Human errors or accidents Malicious acts like theft, unauthorized access by computer hackers, or virus attacks

Both standalone computers and computers on a network face these threats. You need to take some security measures to protect your computer’s hardware, software, and data. Protecting Your Computer You need to protect your computer and the data stored on it from various security and privacy threats. Take the following measures to protect the operating system, software, and data on your computer: • • • • • • • Implement user identification. Set username and password. Keep passwords secure. Use lock combination. Encrypt data to prevent unauthorized access. Back up data in another storage device. Update system and vulnerable software.

The computers connected to a network or to the Internet require some more security measures than standalone computers. For computers connected to a network, some good practices are: • • • • • Use updated security software. Protect your computer against hacking and spyware. Clear history and cache periodically. Delete cookies periodically. Perform online transactions only on secure sites.
Course: Computer Security and Privacy

106
© 2007 Microsoft Corporation, All rights reserved.

• • • •

Never give out your personal history to a Web site. Enable and configure security components in the Windows Security Center. Disable active content. Use security help from your ISPs.

E-mail attachments can be carriers of viruses or worms. Some security measures that you should follow while using e-mail or chat are: • • • • • • Use updated security software. Avoid opening e-mail messages that have attachments. Delete junk e-mail messages or spam messages. Delete unsolicited commercial e-mail messages. Protect yourself from phishing. Limit chat activity to the people you know.

Protecting Your Family from Security Threats

To protect the privacy of your computer, you can take some safety measures, such as: • • • • • • • • Shield your identity. Regularly check your computer’s security status. Run virus scans daily. Use antispyware software. Perform online transactions on secure Web sites with reputable vendors. Report abuse to ISP. Eliminate or reduce spam. Encrypt sensitive e-mail to prevent unauthorized access.

Course: Computer Security and Privacy

107
© 2007 Microsoft Corporation, All rights reserved.

Keeping Your Computer Secure and Updated

Proper security settings on your computer can prevent and detect unauthorized access of your computer through the Internet. The Windows Security Center provides the following security settings: • • • • Internet Options Windows Firewall Automatic Updates Malware Protection

For better security of your computer, check the security settings and modify them if required. The measures that you can take to keep your computer up-to-date are: • Keep your computer updated by downloading necessary security updates from the Microsoft Update Web site. Configure Automatic Updates to enable your computer automatically download and install security updates.



Computer Ethics

The owner of an intellectual property has the exclusive rights to use the property. The copyright laws protect the rights toward intellectual properties. Copyright violation can be in the form of the following: • • • Plagiarism Software piracy Unauthorized download of copyrighted material from Web sites

There are some legal ways to use copyrighted materials. To legally use copyrighted material: • • • Make limited use of copyrighted material for educational purposes and mention the source. Provide references or links to a copyrighted material, instead of copying it. Seek and gather permission to use the material from the copyright owner.

The Internet provides you with the facility to get involved in illegal and unethical activities, such as defaming someone, gambling, or buying items that are illegal to
Course: Computer Security and Privacy

108
© 2007 Microsoft Corporation, All rights reserved.

buy or sell in your country. Therefore, be aware of local and international laws before indulging in any such activity.

Course: Computer Security and Privacy

109
© 2007 Microsoft Corporation, All rights reserved.

Glossary

Active Content Small program that gets installed on a computer while browsing the Internet. The basic function of active content is to provide an interactive Internet experience through videos and toolbars. Sometimes, active content is used to gain unauthorized access to a computer, and then damage the data stored on it or install malicious software on it. Back Up To make a duplicate copy of a program, a disk, or data. The duplicate copy is called a backup. Cache Memory Temporary memory on your computer that is sometimes used to store local copies of files opened when you browse the Internet. Computer Privacy Keeping a user’s data, including personal files and e-mail messages, such that the data is not accessible by anyone without appropriate permission. Computer Security The protection of a computer system and its data from accidental or intentional loss and tampering. Cookie A small file on a computer that is created when a user visits a Web site. A Web site uses cookies to identify users who visit the site, and also track the preferences of the users. Copyright A method of protecting the rights of an originator of a creative work, such as text, piece of music, painting, or computer program, through law. Decryption The process of reconverting the encrypted data into a readable and usable form. Encryption The process of converting data into an unreadable and unusable form. Encryption is done to prevent unauthorized access of data, especially during data transmission over the Internet.
Course: Computer Security and Privacy

110
© 2007 Microsoft Corporation, All rights reserved.

Firewall A filter that blocks unreliable information from the Internet before it reaches your computer or a private network. It provides additional protection against threats such as hackers and viruses. A firewall also helps to ensure computer privacy by restricting external access by any unauthorized user. Hacker A person who uses computer expertise to gain unauthorized access to a computer, and then misuses or tampers the programs and data stored on the computer. Intellectual Property Any information available on the Internet is an intellectual property, which is legally owned by the person who created it. The owner of an intellectual property has the exclusive rights to control the use of this information. Internet Service Provider (ISP) A company that provides Internet connectivity to individuals, businesses, and organizations. Libel Written defamation that has been published. Libel is a punishable offense. Online Predator An individual who develops contact with Internet users, through chat rooms, online forums, or e-mail, to exploit them financially or involve them in dangerous relationships. Password A unique string of characters that a user types in as an identification code. It is a security measure used to restrict access to computer systems and sensitive files. Phishing The act of extracting personal information, such as passwords and credit card details, from computer users and then use the information for malicious purposes. Plagiarism The act of copying someone’s work and using it as if it is your own work, without mentioning the source. Power surge A sudden increase in line voltage, which may lead to the damage of electronic devices, such as computers. Secure Sockets Layer (SSL)
Course: Computer Security and Privacy

111
© 2007 Microsoft Corporation, All rights reserved.

An Internet security protocol that ensures secure data communication by encrypting the information transmitted. The SSL protocol certifies that a Web site is genuine and ensures that the data provided to the site is not misused. Slander Verbal defamation. Slander is a punishable offense. Software Piracy Unauthorized copying of copyrighted software without obtaining the license or permission of its copyright owner is software piracy. Spam An irrelevant and unsolicited e-mail message sent by an unknown sender. A spam is sent to distribute a message to many recipients at one time. Spyware A computer program that is installed on your computer without your knowledge. Spyware can secretly send out information about your Web browsing habits or other personal details to another computer through the network. Trojan Horse A destructive computer program disguised as a game, utility, or software. When run, a Trojan horse does something harmful to the computer system while appearing to do something useful. Username The name by which a user is identified to a computer system or network. To access a computer protected by username and password, a user needs to enter the correct combination of username and password. Virus A computer program that is designed to cause malfunctioning of a computer or damage the data stored on the computer. Worm A computer program that propagates itself across computers, usually by creating copies of itself in each computer's memory. A worm might duplicate itself in one computer so often that it causes the computer to crash.

Course: Computer Security and Privacy

112
© 2007 Microsoft Corporation, All rights reserved.

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close