Data Security

The way we buy products using credit cards has changed in recent years. Originally the magnetic stripe on the back of the card was used with a signature. Then chip and PIN methods were used, and more recently contactless methods have been introduced. Discuss the effectiveness of using these different methods to improve security when paying for goods

magnetic stripe: -increased security as signature is needed -user needs to be present in order for it to be used -it can be stolen -magnetic stripe can be damaged by magnetic fields -card can be damaged due to overuse chip and PIN methods: -increased security as both card and PIN is needed -shoulder surfing may occur -card can be damaged due to overuse -security risk as chip contains personal information contactless methods: -prevents shoulder surfing -only allows a small amount of money to be transferred -if stolen, user can make purchases without a PIN -security risk as card contains personal information

Compare and contrast smishing and phishing

-both require the user to enter data -both involve the internet -both use communication devices to collect personal data -both involve the loss of privacy -smishing is when fake SMS messages are sent from an unknown number -the messages contain a link leading the user to an unknown website -smishing messages are easy to spot -phishing is when fake emails are sent to a computer containing a link to an unknown website

List four other principles of a typical data protection act

-data needs to be fairly and lawfully processed -data should be adequate -data should be kept secure -data should not be kept for longer than necessary -data should only be processed for stated purpose

Examples of netiquette

-dont cyberbully others as this could upset other students -keeping privacy to not reveal any personal information -use good grammar and correct spelling to give a good impression -dont use capital letters as this may seem as shouting -respect other's privacy so that embarrassing details wouldn't be exposed -check the email addresses before sending an email so that the email wouldn't be sent to a stranger

Describe the methods which can be used to help prevent phishing

-dont open or download files from unknown emails -dont click on unknown emails with links -if its too good to be true, it may be the case -check the time the unknown email was sent -if it was sent at an abnormal time, its phishing -report any suspicious activity -dont reply to emails that ask fro your personal data -do extensive research before opening the email

A computer virus has been downloaded from an infected file. Describe three effects this could have on a computer

-the hard disk would get too crowded -files could be deleted -the computer would slow down -the anti-virus may stop working -the computer could hang -softwares may not be working properly

Describe what is meant by encryption

-the scrambling of data -makes data not understandable -system uses encryption key to encrypt the data -system uses encryption to decrypt the data -sensitive data is protected

Describe measures that customers could use to reduce fraud when using a debit card online

-use a strong password -the password they use should be different to their other accounts -disable cookies -dont buy from suspicious websites -report any phishing attempts -use an up to date anti virus software to prevent phishing

A legal document is sent as a file attachment. Explain the steps that need to be taken to ensure that if a virus is attached to the file, it cannot infect the computer

-use an up to date anti-virus software -the software would scan the document -the email would not be opened until viruses are removed

There have been a number of incidents where laptop computers containing highly sensitive data have been left on trains. Manufacturers are now developing new ways of protecting laptop computers and their data. Discuss the effectiveness of different methods which could be used to protect the data

1. Passwords and encryption -strong passwords can be used to protect data -the passwords however are hard to remember and can be forgotten, making the data inaccessible -passwords need to be remembered 2. Using the cloud -the data can be protected with a password -if your device is stolen, the data is still not lost 3. Biometrics -biometric data is unique -its difficult to fake biometrics -user needs to be present when accessing data 4. Physical security -involves the use of a dongle to access data, so only the person with the dongle is able to access the data -however if the dongle is lost, accessing the data would be very difficult

Give four actions that would breach copyright legislation

1. making a copy and giving it away without permission 2. making a copy and selling it without permission 3. making a copy and lending it without permission 4. renting the original copy without permission 5. modifying the original code