版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
Section1SituationalDialogue
Section2ReadingMaterial
Section3ExtendedReadingSection1SituationalDialogueComputerHackersTom:Hey,Mike.You'vebeensurfingtheNetforquiteawhile.Whatonearthareyousearchingfor?Mike:It'ssomethingrelativetohackers.Ioftenhearpeopletalkingaboutthem,butIdon'tknowmuchaboutthem.Tom:Well,roughlyspeaking,ahackerisacomputerbuff.Mike:Youmeanaguyenthusiasticandknowledgeableaboutthecomputer?Tom:Youcansaythat.Mike:Butwhyarepeoplealwayshavingsuchanegativeattitudetowardsthem?Tom:Theymusthavemixedhackerswithcrackers.Mike:Whatiscrackersthen?Tom:Thereisanothergroupofpeoplewholoudlycallthemselveshackers,buttheyaren't.Theybreakintocomputersandbreakthephonesystem.Realhackerscallthesepeoplecrackers,andwantnothingtodowiththem.Mike:Sotheyaretwototallydifferentconcepts.Tom:Well,therealhackersmostlythinkcrackersarelazy,irresponsibleandnotverybright,andfeelthatbeingabletobreaksecuritydoesmakeyouahackeranymorethanbeingabletostartcarswithoutkeysmakesyouanautomotiveengineer.Unfortunately,manyjournalistsandwritershavebeenfooledintousingthewordhackertodescribecrackers.Thisirritatesrealhackerstonoend.Mike:Isee.Thenthebasicdifferenceis,hackersbuildthings,crackersbreakthem.Tom:Yougotit.Mike:Thanksalot.Tom:Youarewelcome.Section2ReadingMaterialComputerVirusesAcomputervirusisacomputerprogramthatcanreplicateitselfandspreadfromonecomputertoanother.Theterm"virus"isalsocommonly,buterroneouslyused,torefertoothertypesofmalware,includingbutnotlimitedtoadwareandspywareprogramsthatdonothaveareproductiveability.Virusescanincreasetheirchancesofspreadingtoothercomputersbyinfectingfilesonanetworkfilesystemorafilesystemthatisaccessedbyothercomputers.Asstatedabove,theterm"computervirus"issometimesusedasacatch-allphrasetoincludealltypesofmalware,eventhosethatdonothavetheabilitytoreplicatethemselves.Malwareincludescomputerviruses,computerworms,Trojanhorses,mostrootkits,spyware,dishonestadwareandothermaliciousorunwantedsoftware,includingtrueviruses.VirusesaresometimesconfusedwithwormsandTrojanhorses,whicharetechnicallydifferent.Awormcanexploitsecurityvulnerabilitiestospreaditselfautomaticallytoothercomputersthroughnetworks,whileaTrojanhorseisaprogramthatappearsharmlessbuthidesmaliciousfunctions.WormsandTrojanhorses,likeviruses,mayharmacomputersystem'sdataorperformance.Somevirusesandothermalwarehavesymptomsnoticeabletothecomputeruser,butmanyaresurreptitiousorsimplydonothingtocallattentiontothemselves.Somevirusesdonothingbeyondreproducingthemselves.Anexampleofaviruswhichisnotamalware,butisputativelybenevolentisFredCohen'scompressionvirus.However,antivirusprofessionalsdonotaccepttheconceptofbenevolentviruses,asanydesiredfunctioncanbeimplementedwithoutinvolvingavirus.Anyviruswillbydefinitionmakeunauthorisedchangestoacomputer,whichisundesirableevenifnodamageisdoneorintended.TheCreeperviruswasfirstdetectedonARPANET,theforerunneroftheInternet,intheearly1970s.Creeperwasanexperimentalself-replicatingprogramwrittenbyBobThomasatBBNTechnologiesin1971.CreeperusedtheARPANETtoinfectDECPDP-10computersrunningtheTENEXoperatingsystem.CreepergainedaccessviatheARPANETandcopieditselftotheremotesystemwherethemessage,"I'mthecreeper,catchmeifyoucan!"wasdisplayed.TheReaperprogramwascreatedtodeleteCreeper.Aprogramcalled"ElkCloner"wasthefirstpersonalcomputervirustoappear"inthewild"-thatis,outsidethesinglecomputerorlabwhereitwascreated.Writtenin1981byRichardSkrenta,itattacheditselftotheAppleDOS3.3operatingsystemandspreadviafloppydisk.Thisvirus,createdasapracticaljokewhenSkrentawasstillinhighschool,wasinjectedinagameonafloppydisk.Onits50thusetheElkClonerviruswouldbeactivated,infectingthepersonalcomputeranddisplayingashortpoembeginning"ElkCloner:Theprogramwithapersonality."ThefirstIBMPCvirusinthewildwasabootsectorvirusdubbed(c)Brain,createdin1986bytheFarooqAlviBrothersinLahore,Pakistan,reportedlytodeterpiracyofthesoftwaretheyhadwritten.Beforecomputernetworksbecamewidespread,mostvirusesspreadonremovablemedia,particularlyfloppydisks.Intheearlydaysofthepersonalcomputer,manyusersregularlyexchangedinformationandprogramsonfloppies.Somevirusesspreadbyinfectingprogramsstoredonthesedisks,whileothersinstalledthemselvesintothediskbootsector,ensuringthattheywouldberunwhentheuserbootedthecomputerfromthedisk,usuallyinadvertently.Personalcomputersoftheerawouldattempttobootfirstfromafloppyifonehadbeenleftinthedrive.Untilfloppydisksfelloutofuse,thiswasthemostsuccessfulinfectionstrategyandbootsectorviruseswerethemostcommoninthewildformanyyears.Traditionalcomputervirusesemergedinthe1980s,drivenbythespreadofpersonalcomputersandtheresultantincreaseinBBS,modemuse,andsoftwaresharing.Bulletinboard-drivensoftwaresharingcontributeddirectlytothespreadofTrojanhorseprograms,andviruseswerewrittentoinfectpopularlytradedsoftware.SharewareandbootlegsoftwarewereequallycommonvectorsforvirusesonBBSs.Macroviruseshavebecomecommonsincethemid-1990s.MostofthesevirusesarewritteninthescriptinglanguagesforMicrosoftprogramssuchasWordandExcelandspreadthroughoutMicrosoftOfficebyinfectingdocumentsandspreadsheets.SinceWordandExcelwerealsoavailableforMacOS,mostcouldalsospreadtoMacintoshcomputers.Althoughmostofthesevirusesdidnothavetheabilitytosendinfectedemailmessages,thosevirusesdidtakeadvantageoftheMicrosoftOutlookCOMinterface.TheWaystoProtectInformationSecurityInformationsecurityistheprocessofprotectingtheavailability,privacy,andintegrityofdata.Whilethetermoftendescribesthemeasuresandmethodsofincreasingcomputersecurity,italsoreferstotheprotectionofanytypeofimportantdata,suchaspersonaldiariesortheclassifiedplotdetailsofanupcomingbook.Nosecuritysystemisfoolproof,buttakingbasicandpracticalstepstoprotectdataiscriticalforgoodinformationsecurity.PasswordprotectionUsingpasswordsisoneofthemostbasicmethodsofimprovinginformationsecurity.Thismeasurereducesthenumberofpeoplewhohaveeasyaccesstotheinformation,sinceonlythosewithapprovedcodescanreachit.Unfortunately,passwordsarenotfoolproof,andhackingprogramscanrunthroughmillionsofpossiblecodesinjustseconds.Passwordscanalsobebreachedthroughcarelessness,suchasbyleavingapubliccomputerloggedintoanaccountorusingasimplecode,like"password"or"1234".AntivirusandmalwareprotectionOnewaythathackersgainaccesstosecureinformationisthroughmalware,whichincludescomputerviruses,spyware,worms,andotherprograms.Thesepiecesofcodeareinstalledoncomputerstostealinformation,limitusability,recorduseractions,ordestroydata.Usingstrongantivirussoftwareisoneofthebestwaysofimprovinginformationsecurity.Antivirusprogramsscanthesystemtocheckforanyknownmalicioussoftware,andmostprogramswillwarntheuserifheorsheisonawebpagethatcontainsapotentialvirus.Mostprogramswillalsoperformascanoftheentiresystemoncommand,identifyinganddestroyinganyharmfulobjects.FirewallsAfirewallhelpsmaintaincomputerinformationsecuritybypreventingunauthorizedaccesstoanetwork.Thereareseveralwaystodothis,includingbylimitingthetypesofdataallowedinandoutofthenetwork,re-routingnetworkinformationthroughaproxyservertohidetherealaddressofthecomputer,orbymonitoringthecharacteristicsofthedatatodetermineifit'strustworthy.Inessence,firewallsfiltertheinformationthatpassesthroughthem,onlyallowingauthorizedcontentin.Specificwebsites,protocols(likeFileTransferProtocolorFTP),andevenwordscanbeblockedfromcomingin,ascanoutsideaccesstocomputerswithinthefirewall.LegalliabilityBusinessesandindustriescanalsomaintaininformationsecuritybyusingprivacylaws.WorkersatacompanythathandlesecuredatamayberequiredtosignNon-DisclosureAgreements(NDAs),whichforbidthemfromrevealingordiscussinganyclassifiedtopics.Ifanemployeeattemptstogiveorsellsecretstoacompetitororotherunapprovedsource,thecompanycanusetheNDAsasgroundsforlegalproceedings.Theuseofliabilitylawscanhelpcompaniespreservetheirtrademarks,internalprocesses,andresearchwithsomedegreeofreliability.TrainingandcommonsenseOneofthegreatestdangerstocomputerdatasecurityishumanerrororignorance.Thoseresponsibleforusingorrunningacomputernetworkmustbecarefullytrainedinordertoavoidaccidentallyopeningthesystemtohackers.Intheworkplace,creatingatrainingprogramthatincludesinformationonexistingsecuritymeasuresaswellaspermittedandprohibitedcomputerusagecanreducebreachesininternalsecurity.Familymembersonahomenetworkshouldbetaughtaboutrunningvirusscans,identifyingpotentialInternetthreats,andprotectingpersonalinformationonline.Section3ExtendedReadingWhatDoesaDataSecurityManagerDo?Thedatasecuritymanagerisresponsiblefortheoversightofbusinessapplicationswheresensitivedataarestoredortransmitted.Hisjobistoprotectthepersonalinformationofbothemployeesandcustomersbyimplementingandmaintainingnecessaryinternalsecurityfunctions.Thisindividualactsasaconsultantonallbusinessprocessesthatrequiresecurityfeatures.Thisjobcallsforthedocumentationofsecuritypoliciesandprocedurestomakesuretheymeetindustrystandards.Thedatasecuritymanagerprovidestrainingtoemployeesonhowtoproperlyusesecurityfunctionstoprotecttheirprivatedata.Hemakessurethatspecialsecurityclearanceisgiventothecorrectindividualsandthattheappropriateprivilegeshavebeengranted.Thispersonfacilitatesinternalmeetingstopromotegoodsecuritypracticesandtoofferupdatesonsecurityenhancements.Thedatasecuritymanageristaskedwithperformingassessmentsonsecurityriskstothecompany.Heauditsallsecurityfunctionsandproducesreportsofferingsuggestionsorcomments.Thisemployeeisinfrequentcontactwithhigher-levelmanagersinthecompany.Asnewthreatsemerge,thispersonisconstantlyofferingnewsolutionsandrecommendationsfornecessarytweakstothesecuritysystems.Thisindividualistypicallythepersontotailorspecificsecuritypoliciesforthecompanyandensurethattheyarecarriedout.Departmentsinstallingnewdatasystemsareusuallyrequiredtocontactthedatasecuritymanagerwiththeirplanonmaintainingsecuritywithinthenewsystem.Thesecuritymanagerwillconsultwiththedepartmentontheinstallationandimplementationofthenewsystemsothatdataremainssecured.Heisalsoresponsibleforpreparingthecompanyforasignificantsecuritybreachbyestablishingproceduresandguidelinesforhandlingsuchasituation.Thepositionofdatasecuritymanageroftenrequiressomeoneknowledgeableinbothelectronicandphysicalsecurityfunctions.Hemustunderstandhowtosecureinternalnetworksfromhackersandviruses.Designingandmanaginganeffectivesystemoffirewallsisanessentialtaskforthisemployee.Makingsureallpertinentdataareencryptedacrossthenetworkandismadeavailableonlytoauthorizedpersonsisanotherimportantjobofthesecuritymanager.Inaddition,hemustbeabletoinstall,manage,andmaintainphysicalsecuritymeasures,suchaskeycardandfingerprintauthorizationssystems.Thedatasecuritymanagerkeepsdailyinventoryofnewsecuritythreatstointernalnetworksanddatasystems.Hecheckstoensurethatsoftwareisupdatedandpatchedtofixallsecurityholes.Thisindividualmusthavetheabilitytoestablishworkingrelationshipswithallemployeesandanswerinternalsecurityquestions.Thesafetyandsecurityoftheentireorganizationisinthehandsofthisindividual.HowtoCreateaSecureandStableWindowsSystemAsecureandstablesystemisessentialtoeverycomputeruser.Howcanwepossesssuchasystem?Thefollowingwillteachhowtobuildyourownsecuritysystems.TrytoinstalltheoperatingsysteminEnglishversion.Ifyoujustwanttoimprovethesecurityofyouroperatingsystem,IrecommendthatyouinstalltheoriginalWindows'Englishversion.Becausewhenanewvulnerabilityisdiscovered,thepatchesinEnglishversionusuallyactthefirst,whileotherversionscomeafteraspan.Andthisspacingintervalmaydecidetheresultofthesystem.UndouselesscomponentsWhenWindowssystemisinstalled,itwillpromptustoinstallsomecomponents.Ingeneral,thecomponentsareunnecessaryyoucouldignorethem.Forordinaryusers,thereisnoneedtoinstallWindows2000/XP'sInternetInformationServices(IIS),sothattheycannaturallyavoidsomeexternalattacksthroughIISbyPRINTER,IDQ,IDAorWEBDEV.SelectsecurefileformatFortheWindows2000/XPusers,NTFSfileformatmaybetheirbestchoice.Becausenomatterfromthespeedoffileretrievalortheaccesscontrolofsystemresources,NTFSissignificantlybetterthantheFATsystem.WecanrightclickonthediskpartitionthatusestheNTFSformatandselect"Properties"onpop-upmenu.Thenwewillseethespare"quota"and"security"onthediskinNTFSformat.Throughthetwotabstheuserscandetailedlysettheaccessrighttothelogicdisk.Havesystemservicescustom-madeWindows2000/XPsystemwillprovideuserswithmanyservicesafteranormalstartwhileallofwhicharenotneededbymostusers.Obviously,extraservicescanonlyincreasetheloadandinstabilityofsystem.Onthedesktop,wecanright-click"MyComputer?Management",andthenintheleftsideoftheinterfacewindowthathasopened,select"ServicesandApplications?Services",wherewecanturnoftheunnecessaryservicestoimprovesystem'sstability,securityandspeedupsystem.ItisemphasizedthatservicessuchasRemoteRegistryServiceandTelnetmustbestopped:Double-clicktherelevantproject,andsetthemto"Manual"or"No"intheopenwindow.CreateaPerfectPassword:TenEasyStepstoStaySecureIfyou'reoneofthemillionsofpeoplewhosepasswordtotheironlineaccountsis"password",don'tfeelbad-you'renotalone.RememberingasinglePIN,password,orsecretphrasecansometimesbebothersome-letalonepasswordsforthedozensofaccountsanddevicesmanypeoplehavenowadays.Online-securityexpertsrecommendlong,strongpasswordsforareason-identityandinformationtheftarerampant,andhackershavemanytoolsattheirdisposalthatallowthemtocracksimplepasswordslike"123456"and"abcdefg".Inordertoprotectyouridentityandonlineinformation,atougherpasswordisamust.Butthere'snoneedtomemorizehexadecimalstringsofrandomcharacters;thereareseveraleasywaystocreate-andremember-strong,safepasswords.GoforlengthThebestpasswordsareatleastsevencharacterslong,andhopefullyaslongasfourteencharacters.Theshorterapasswordis,theeasieritistocrack.FindsomethingrandomInsteadofusingawordasyourpassword,useafavoritequote,lyric,orphrase(containingatleasttenwords),andusethefirstletterofeachwordasyourpassword.Ifyou'regoingtoSanFrancisco,besuretowearsomeflowersinyourhairbecomes"iygtsfbstwsfiyh".Althoughthesequenceismemorableandmakessensetoyou,itseemsrandomtoanyoneelse.Anotherwaytofindarandompasswordistouseanonlinepassword-generatorservice,suchasStrongPasswordG,andthencreateamnemonicdevicetohelpyourememberit.Whentheservicesuppliesarandomsequencelike"Jni8e8r,"rememberitbyteachingyourselfthephrase"Jeffreynormallyinspiredeighty-eightrainbows."MisspeldeliberatelyThisdoesn'tmeanusingcommonmisspellingsofregularwords;rather,deviseacreativemisspellingofawordyoucanrememberandthatcanmakeyourpasswordsafer.Forexample,"Paris"canbecome"Pearisse".AddsomecomplexityGoodpasswordscontainsymbols,punctuations,deliberatemisspellings,andablendoflowercaseandcapitalletters.Turnasimplepasswordlike"catlover"intoamoresecureversionlike"c@LUVr"!AddnumbersPasswordswithnumbersarehardertocrack,butdon'tuseeasy-to-guessnumbers,suchasthecurrentyearoryourbirthday.Chooseseeminglyrandomnumbers(thathavesignificancetoyou)andplacetheminthemiddleofthetextformaximumsecurity,orsubstitutenumbersformultipleletters.Aneasypasswordlike"basketball"canbecome"8a5k3tba1l".MixitupTheverybestpasswordsuseablendofallthesetechniques,sobesuretoemployatleasttwoorthreetocreatethemostpowerfulprotection.Ifyouhaveafavoritephrasethatyou'vedistilledtoanacronym,addsomecapitallettersorpunctuation.Addlengthtoashortpasswordwithnumbers,andaddcomplexitytoadeliberatemisspellingwithcharactersorsymbols.Usingavarietyofpassword-enhancingtricksensuresabetterresult.CheckitoutUseapasswordcheckertomakesurethatyourpasswordisasstrongasitcanbe.Ifyourpasswordisratedweakormedium,youmaywanttoaddmorenumbers,symbols,orothercharactersto
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 2026国盛证券股份有限公司分支机构社会招聘7人备考题库及答案详解(易错题)
- 2026湖北鄂州市梁子湖区招聘公益性岗位工作人员1人备考题库附答案详解(研优卷)
- 农村自建房安全文明施工方案
- 2026湖南娄底市涟源市工贸职业中等专业学校选调教师10人备考题库有完整答案详解
- 2026陕西西安新城华清医院招聘32人备考题库及答案详解(基础+提升)
- 土地储备项目大门施工方案
- 铝渣冷却筛分处理方案
- 2026重庆水务环境集团所属重庆市西部水资源开发有限公司招聘6人备考题库附答案详解(综合卷)
- 适老化别墅建筑设计方案
- 2026年鼻贴膜行业分析报告及未来发展趋势报告
- 2025年赤峰市翁牛特旗招聘社区工作者考试试题【答案】
- 2025建筑起重信号司索工考试题库(+答案)
- T/CECS 10104-2020建筑外墙外保温装饰一体板
- 北京三帆中学2025届八下物理期末考试模拟试题含解析
- 2025年天津市河西区中考一模数学试题(一) (原卷版+解析版)
- 高压电缆故障抢修施工方案
- DBJ33T 1271-2022 建筑施工高处作业吊篮安全技术规程
- 老年肌少症的护理
- 硅酸钙板轻钢龙骨隔墙施工方案
- 眼球破裂护理查房
- 黑客文化与网络安全智慧树知到期末考试答案章节答案2024年中国石油大学(华东)
评论
0/150
提交评论