Deck 11: Security and Ethics

When nonsynchronized processes access data records and modify some but not all of a record's fields,it is called "accidental incomplete modification of data."

The IEEE and the Association for Computing Machinery (ACM)issued a standard of ethics for the global computing community in 1977.

Partial network encryption,also called communications encryption,is the most extreme form of encryption.

A continuing series of security awareness and ethics communications to computer users is more effective than a single announcement.

A single computer without access to e-mail or the Internet is easy to protect and has a low risk of attack.

Some viruses are considered to be benign.

A firewall typically sits between a network and its individual computers.

A worm is a memory-resident program that copies itself from one system to the next without requiring the aid of an infected program file.

A gap in system security in always indicative of malicious activity.

A virus is defined as a small program written to alter the way a computer operates,without the permission or knowledge of the user.

A macro virus infects data files,such as word processing documents and spread sheets,though newer versions now infect other program files as well.

A master boot record virus infects both the boot record and program files,making them especially difficult to repair.

Wiretapping involves the capability of authorized users to search through storage,directories,or files for private information.

Spooling is a security threat that relies on cleartext transmission whereby the assailant falsifies the IP addresses of an Internet server by changing the address recorded in packets it sends over the Internet.

Intrusion detection is an example of a strategy for improving system survivability based on knowledge gained from intrusions.

One popular authentication tool is Kerberos,a network authentication protocol developed as part of the Athena Project at MIT.

In public/private key encryption,the private key is a pair of two prime numbers chosen by the person who wants to receive a private message.

Any vulnerability at the operating system level opens the entire system to attack.

If a password consists of ten characters,it would take a human about 4.5 years to guess the password if the human makes one try each second.