ITGS Security
two characteristics commonly used by biometric systems.
Fingerprints and iris patterns
Explain how a digital signature provides increased security
A digital signature provides increased security because through a combination of public key encryption and digital signing, you know that the message was sent securely. It was sent securely if it was digitally signed by their private key. Also, to be safe, the receiver knows it is right because the Certificate Authority can verify their identity when issuing their digital certificate. Also, the message was encrypted with their public key and can only be decrypted with their private key. All of this is just from a digital signature so you know that it has increased the security.
Define the terms false positive and false negative
A false positive is when an unauthorized user is mistakenly allowed access because the system mistakes their data for that of an authorized user. A false negative is when a system fails to recognize an authorized user.
Explain how the process of biometric authentication works.
Before a biometric system can be used, it needs to collect data and it does this through biometric enrolment. This involves collecting biometric samples from users along with their identity. When the system takes a sample of, for example, a fingerprint, it analyses the fingerprint and looks for key features/measurements. It produces a biometric template containing these values. When the user tries to authenticate themselves, another biometric sample is taken and used to produce a biometric template. The new template is compared to the old one and if they match, the user is authenticated.
Explain one advantage and one disadvantage of a biometric system.
Biometrics have a clear advantage over passwords and security tokens because body parts cannot be lost, stolen, or forgotten. They are also unique for each user. One disadvantage is that they are never 100% accurate. Even images of the same person's fingerprints, eye, or face will vary due to lighting, environment, changes in the body, and even the time of day.
two ways a user can tell that a website is secure
One way that a user can tell if a website is secure is that it will show the https protocol at the start of the URL in the web browser. This means that the website is encrypted and secure. Another way to tell that it is secure is that there might be a small padlock icon on the website. That also means that it's secure and encrypted.
Distinguish between the terms spam and phishing
Spam refers to unwanted messages that are sent to many users at once. Phishing is the attempt to impersonate genuine organizations such as banks in order to fool the user into providing sensitive personal data such as account details, usernames, and passwords.
Explain the measures that could be taken to secure data on a laptop computer.
have a strong password: though it could be cracked, the better it is, the longer it will take the hacker to figure it out, make sure that a website is secure when using it, Make sure that it contains https and has the padlock icon, avoid illegal downloads of software: Illegally downloading software can cause viruses, Never open an email attachment that you were never expecting, don't click on a popup window which occurs while browsing, maintain a backup of your data in case your computer is infested with viruses or crashes, never give away personal data online even if you think that it is going to your bank.
SSL (Secure Socket Layer) is
is the standard encryption protocol used for secure web communication. A web page that is encrypted will show the https protocol at the start of the URL and most browsers will show the small padlock icon. This helps with security and prevents spam/phishing.
WPA(Wifi Protected Access)
keeps data safe as it is transmitted from computers with Wi-Fi cards.
Identity theft
stealing somebody's personal data in order to impersonate them. This affects security because people's money can be taken and the identity thieves often commit fraud.
Explain the process through which data is encrypted using a public key encryption.
textbook
Pharming (also called DNS Poisoning)
used by phishers to direct users to a fake web site when they enter the URL of a genuine site.
two characteristics of a strong password
uses upper-case and lower-case letters, numbers, and symbols, has more than eight characters
two ways a cracker might use to try and acquire a user's password
watching over a person's shoulder as they type in their password. Another way is that they might call a company's technical support department and impersonate a genuine user, pretending to have forgotten their password.