基于新信息技术的计算机英语（第二版）课件 Unit 7 Information Security

Section1SituationalDialogue

Section2ReadingMaterial

Section3ExtendedReadingSection1SituationalDialogueComputerHackersTom:Hey,Mike.You'vebeensurfingtheNetforquiteawhile.Whatonearthareyousearchingfor?Mike:It'ssomethingrelativetohackers.Ioftenhearpeopletalkingaboutthem,butIdon'tknowmuchaboutthem.Tom:Well,roughlyspeaking,ahackerisacomputerbuff.Mike:Youmeanaguyenthusiasticandknowledgeableaboutthecomputer?Tom:Youcansaythat.Mike:Butwhyarepeoplealwayshavingsuchanegativeattitudetowardsthem?Tom:Theymusthavemixedhackerswithcrackers.Mike:Whatiscrackersthen?Tom:Thereisanothergroupofpeoplewholoudlycallthemselveshackers,buttheyaren't.Theybreakintocomputersandbreakthephonesystem.Realhackerscallthesepeoplecrackers,andwantnothingtodowiththem.Mike:Sotheyaretwototallydifferentconcepts.Tom:Well,therealhackersmostlythinkcrackersarelazy,irresponsibleandnotverybright,andfeelthatbeingabletobreaksecuritydoesmakeyouahackeranymorethanbeingabletostartcarswithoutkeysmakesyouanautomotiveengineer.Unfortunately,manyjournalistsandwritershavebeenfooledintousingthewordhackertodescribecrackers.Thisirritatesrealhackerstonoend.Mike:Isee.Thenthebasicdifferenceis,hackersbuildthings,crackersbreakthem.Tom:Yougotit.Mike:Thanksalot.Tom:Youarewelcome.Section2ReadingMaterialComputerVirusesAcomputervirusisacomputerprogramthatcanreplicateitselfandspreadfromonecomputertoanother.Theterm"virus"isalsocommonly,buterroneouslyused,torefertoothertypesofmalware,includingbutnotlimitedtoadwareandspywareprogramsthatdonothaveareproductiveability.Virusescanincreasetheirchancesofspreadingtoothercomputersbyinfectingfilesonanetworkfilesystemorafilesystemthatisaccessedbyothercomputers.Asstatedabove,theterm"computervirus"issometimesusedasacatch-allphrasetoincludealltypesofmalware,eventhosethatdonothavetheabilitytoreplicatethemselves.Malwareincludescomputerviruses,computerworms,Trojanhorses,mostrootkits,spyware,dishonestadwareandothermaliciousorunwantedsoftware,includingtrueviruses.VirusesaresometimesconfusedwithwormsandTrojanhorses,whicharetechnicallydifferent.Awormcanexploitsecurityvulnerabilitiestospreaditselfautomaticallytoothercomputersthroughnetworks,whileaTrojanhorseisaprogramthatappearsharmlessbuthidesmaliciousfunctions.WormsandTrojanhorses,likeviruses,mayharmacomputersystem'sdataorperformance.Somevirusesandothermalwarehavesymptomsnoticeabletothecomputeruser,butmanyaresurreptitiousorsimplydonothingtocallattentiontothemselves.Somevirusesdonothingbeyondreproducingthemselves.Anexampleofaviruswhichisnotamalware,butisputativelybenevolentisFredCohen'scompressionvirus.However,antivirusprofessionalsdonotaccepttheconceptofbenevolentviruses,asanydesiredfunctioncanbeimplementedwithoutinvolvingavirus.Anyviruswillbydefinitionmakeunauthorisedchangestoacomputer,whichisundesirableevenifnodamageisdoneorintended.TheCreeperviruswasfirstdetectedonARPANET,theforerunneroftheInternet,intheearly1970s.Creeperwasanexperimentalself-replicatingprogramwrittenbyBobThomasatBBNTechnologiesin1971.CreeperusedtheARPANETtoinfectDECPDP-10computersrunningtheTENEXoperatingsystem.CreepergainedaccessviatheARPANETandcopieditselftotheremotesystemwherethemessage,"I'mthecreeper,catchmeifyoucan!"wasdisplayed.TheReaperprogramwascreatedtodeleteCreeper.Aprogramcalled"ElkCloner"wasthefirstpersonalcomputervirustoappear"inthewild"－thatis,outsidethesinglecomputerorlabwhereitwascreated.Writtenin1981byRichardSkrenta,itattacheditselftotheAppleDOS3.3operatingsystemandspreadviafloppydisk.Thisvirus,createdasapracticaljokewhenSkrentawasstillinhighschool,wasinjectedinagameonafloppydisk.Onits50thusetheElkClonerviruswouldbeactivated,infectingthepersonalcomputeranddisplayingashortpoembeginning"ElkCloner:Theprogramwithapersonality."ThefirstIBMPCvirusinthewildwasabootsectorvirusdubbed(c)Brain,createdin1986bytheFarooqAlviBrothersinLahore,Pakistan,reportedlytodeterpiracyofthesoftwaretheyhadwritten.Beforecomputernetworksbecamewidespread,mostvirusesspreadonremovablemedia,particularlyfloppydisks.Intheearlydaysofthepersonalcomputer,manyusersregularlyexchangedinformationandprogramsonfloppies.Somevirusesspreadbyinfectingprogramsstoredonthesedisks,whileothersinstalledthemselvesintothediskbootsector,ensuringthattheywouldberunwhentheuserbootedthecomputerfromthedisk,usuallyinadvertently.Personalcomputersoftheerawouldattempttobootfirstfromafloppyifonehadbeenleftinthedrive.Untilfloppydisksfelloutofuse,thiswasthemostsuccessfulinfectionstrategyandbootsectorviruseswerethemostcommoninthewildformanyyears.Traditionalcomputervirusesemergedinthe1980s,drivenbythespreadofpersonalcomputersandtheresultantincreaseinBBS,modemuse,andsoftwaresharing.Bulletinboard-drivensoftwaresharingcontributeddirectlytothespreadofTrojanhorseprograms,andviruseswerewrittentoinfectpopularlytradedsoftware.SharewareandbootlegsoftwarewereequallycommonvectorsforvirusesonBBSs.Macroviruseshavebecomecommonsincethemid-1990s.MostofthesevirusesarewritteninthescriptinglanguagesforMicrosoftprogramssuchasWordandExcelandspreadthroughoutMicrosoftOfficebyinfectingdocumentsandspreadsheets.SinceWordandExcelwerealsoavailableforMacOS,mostcouldalsospreadtoMacintoshcomputers.Althoughmostofthesevirusesdidnothavetheabilitytosendinfectedemailmessages,thosevirusesdidtakeadvantageoftheMicrosoftOutlookCOMinterface.TheWaystoProtectInformationSecurityInformationsecurityistheprocessofprotectingtheavailability,privacy,andintegrityofdata.Whilethetermoftendescribesthemeasuresandmethodsofincreasingcomputersecurity，italsoreferstotheprotectionofanytypeofimportantdata,suchaspersonaldiariesortheclassifiedplotdetailsofanupcomingbook.Nosecuritysystemisfoolproof,buttakingbasicandpracticalstepstoprotectdataiscriticalforgoodinformationsecurity.PasswordprotectionUsingpasswordsisoneofthemostbasicmethodsofimprovinginformationsecurity.Thismeasurereducesthenumberofpeoplewhohaveeasyaccesstotheinformation,sinceonlythosewithapprovedcodescanreachit.Unfortunately，passwordsarenotfoolproof，andhackingprogramscanrunthroughmillionsofpossiblecodesinjustseconds.Passwordscanalsobebreachedthroughcarelessness，suchasbyleavingapubliccomputerloggedintoanaccountorusingasimplecode，like"password"or"1234".AntivirusandmalwareprotectionOnewaythathackersgainaccesstosecureinformationisthroughmalware，whichincludescomputerviruses,spyware,worms,andotherprograms.Thesepiecesofcodeareinstalledoncomputerstostealinformation,limitusability,recorduseractions,ordestroydata.Usingstrongantivirussoftwareisoneofthebestwaysofimprovinginformationsecurity.Antivirusprogramsscanthesystemtocheckforanyknownmalicioussoftware，andmostprogramswillwarntheuserifheorsheisonawebpagethatcontainsapotentialvirus.Mostprogramswillalsoperformascanoftheentiresystemoncommand，identifyinganddestroyinganyharmfulobjects.FirewallsAfirewallhelpsmaintaincomputerinformationsecuritybypreventingunauthorizedaccesstoanetwork.Thereareseveralwaystodothis，includingbylimitingthetypesofdataallowedinandoutofthenetwork,re-routingnetworkinformationthroughaproxyservertohidetherealaddressofthecomputer,orbymonitoringthecharacteristicsofthedatatodetermineifit'strustworthy.Inessence,firewallsfiltertheinformationthatpassesthroughthem,onlyallowingauthorizedcontentin.Specificwebsites,protocols(likeFileTransferProtocolorFTP),andevenwordscanbeblockedfromcomingin，ascanoutsideaccesstocomputerswithinthefirewall.LegalliabilityBusinessesandindustriescanalsomaintaininformationsecuritybyusingprivacylaws.WorkersatacompanythathandlesecuredatamayberequiredtosignNon-DisclosureAgreements(NDAs),whichforbidthemfromrevealingordiscussinganyclassifiedtopics.Ifanemployeeattemptstogiveorsellsecretstoacompetitororotherunapprovedsource,thecompanycanusetheNDAsasgroundsforlegalproceedings.Theuseofliabilitylawscanhelpcompaniespreservetheirtrademarks,internalprocesses,andresearchwithsomedegreeofreliability.TrainingandcommonsenseOneofthegreatestdangerstocomputerdatasecurityishumanerrororignorance.Thoseresponsibleforusingorrunningacomputernetworkmustbecarefullytrainedinordertoavoidaccidentallyopeningthesystemtohackers.Intheworkplace,creatingatrainingprogramthatincludesinformationonexistingsecuritymeasuresaswellaspermittedandprohibitedcomputerusagecanreducebreachesininternalsecurity.Familymembersonahomenetworkshouldbetaughtaboutrunningvirusscans,identifyingpotentialInternetthreats，andprotectingpersonalinformationonline.Section3ExtendedReadingWhatDoesaDataSecurityManagerDo?Thedatasecuritymanagerisresponsiblefortheoversightofbusinessapplicationswheresensitivedataarestoredortransmitted.Hisjobistoprotectthepersonalinformationofbothemployeesandcustomersbyimplementingandmaintainingnecessaryinternalsecurityfunctions.Thisindividualactsasaconsultantonallbusinessprocessesthatrequiresecurityfeatures.Thisjobcallsforthedocumentationofsecuritypoliciesandprocedurestomakesuretheymeetindustrystandards.Thedatasecuritymanagerprovidestrainingtoemployeesonhowtoproperlyusesecurityfunctionstoprotecttheirprivatedata.Hemakessurethatspecialsecurityclearanceisgiventothecorrectindividualsandthattheappropriateprivilegeshavebeengranted.Thispersonfacilitatesinternalmeetingstopromotegoodsecuritypracticesandtoofferupdatesonsecurityenhancements.Thedatasecuritymanageristaskedwithperformingassessmentsonsecurityriskstothecompany.Heauditsallsecurityfunctionsandproducesreportsofferingsuggestionsorcomments.Thisemployeeisinfrequentcontactwithhigher-levelmanagersinthecompany.Asnewthreatsemerge,thispersonisconstantlyofferingnewsolutionsandrecommendationsfornecessarytweakstothesecuritysystems.Thisindividualistypicallythepersontotailorspecificsecuritypoliciesforthecompanyandensurethattheyarecarriedout.Departmentsinstallingnewdatasystemsareusuallyrequiredtocontactthedatasecuritymanagerwiththeirplanonmaintainingsecuritywithinthenewsystem.Thesecuritymanagerwillconsultwiththedepartmentontheinstallationandimplementationofthenewsystemsothatdataremainssecured.Heisalsoresponsibleforpreparingthecompanyforasignificantsecuritybreachbyestablishingproceduresandguidelinesforhandlingsuchasituation.Thepositionofdatasecuritymanageroftenrequiressomeoneknowledgeableinbothelectronicandphysicalsecurityfunctions.Hemustunderstandhowtosecureinternalnetworksfromhackersandviruses.Designingandmanaginganeffectivesystemoffirewallsisanessentialtaskforthisemployee.Makingsureallpertinentdataareencryptedacrossthenetworkandismadeavailableonlytoauthorizedpersonsisanotherimportantjobofthesecuritymanager.Inaddition,hemustbeabletoinstall,manage,andmaintainphysicalsecuritymeasures,suchaskeycardandfingerprintauthorizationssystems.Thedatasecuritymanagerkeepsdailyinventoryofnewsecuritythreatstointernalnetworksanddatasystems.Hecheckstoensurethatsoftwareisupdatedandpatchedtofixallsecurityholes.Thisindividualmusthavetheabilitytoestablishworkingrelationshipswithallemployeesandanswerinternalsecurityquestions.Thesafetyandsecurityoftheentireorganizationisinthehandsofthisindividual.HowtoCreateaSecureandStableWindowsSystemAsecureandstablesystemisessentialtoeverycomputeruser.Howcanwepossesssuchasystem?Thefollowingwillteachhowtobuildyourownsecuritysystems.TrytoinstalltheoperatingsysteminEnglishversion.Ifyoujustwanttoimprovethesecurityofyouroperatingsystem,IrecommendthatyouinstalltheoriginalWindows'Englishversion.Becausewhenanewvulnerabilityisdiscovered,thepatchesinEnglishversionusuallyactthefirst,whileotherversionscomeafteraspan.Andthisspacingintervalmaydecidetheresultofthesystem.UndouselesscomponentsWhenWindowssystemisinstalled,itwillpromptustoinstallsomecomponents.Ingeneral,thecomponentsareunnecessaryyoucouldignorethem.Forordinaryusers,thereisnoneedtoinstallWindows2000/XP'sInternetInformationServices(IIS),sothattheycannaturallyavoidsomeexternalattacksthroughIISbyPRINTER,IDQ,IDAorWEBDEV.SelectsecurefileformatFortheWindows2000/XPusers,NTFSfileformatmaybetheirbestchoice.Becausenomatterfromthespeedoffileretrievalortheaccesscontrolofsystemresources,NTFSissignificantlybetterthantheFATsystem.WecanrightclickonthediskpartitionthatusestheNTFSformatandselect"Properties"onpop-upmenu.Thenwewillseethespare"quota"and"security"onthediskinNTFSformat.Throughthetwotabstheuserscandetailedlysettheaccessrighttothelogicdisk.Havesystemservicescustom-madeWindows2000/XPsystemwillprovideuserswithmanyservicesafteranormalstartwhileallofwhicharenotneededbymostusers.Obviously,extraservicescanonlyincreasetheloadandinstabilityofsystem.Onthedesktop,wecanright-click"MyComputer?Management",andthenintheleftsideoftheinterfacewindowthathasopened,select"ServicesandApplications?Services",wherewecanturnoftheunnecessaryservicestoimprovesystem'sstability,securityandspeedupsystem.ItisemphasizedthatservicessuchasRemoteRegistryServiceandTelnetmustbestopped:Double-clicktherelevantproject,andsetthemto"Manual"or"No"intheopenwindow.CreateaPerfectPassword:TenEasyStepstoStaySecureIfyou'reoneofthemillionsofpeoplewhosepasswordtotheironlineaccountsis"password",don'tfeelbad－you'renotalone.RememberingasinglePIN,password,orsecretphrasecansometimesbebothersome－letalonepasswordsforthedozensofaccountsanddevicesmanypeoplehavenowadays.Online-securityexpertsrecommendlong,strongpasswordsforareason－identityandinformationtheftarerampant,andhackershavemanytoolsattheirdisposalthatallowthemtocracksimplepasswordslike"123456"and"abcdefg".Inordertoprotectyouridentityandonlineinformation,atougherpasswordisamust.Butthere'snoneedtomemorizehexadecimalstringsofrandomcharacters;thereareseveraleasywaystocreate－andremember－strong,safepasswords.GoforlengthThebestpasswordsareatleastsevencharacterslong,andhopefullyaslongasfourteencharacters.Theshorterapasswordis,theeasieritistocrack.FindsomethingrandomInsteadofusingawordasyourpassword,useafavoritequote,lyric,orphrase(containingatleasttenwords),andusethefirstletterofeachwordasyourpassword.Ifyou'regoingtoSanFrancisco,besuretowearsomeflowersinyourhairbecomes"iygtsfbstwsfiyh".Althoughthesequenceismemorableandmakessensetoyou,itseemsrandomtoanyoneelse.Anotherwaytofindarandompasswordistouseanonlinepassword-generatorservice,suchasStrongPasswordG,andthencreateamnemonicdevicetohelpyourememberit.Whentheservicesuppliesarandomsequencelike"Jni8e8r,"rememberitbyteachingyourselfthephrase"Jeffreynormallyinspiredeighty-eightrainbows."MisspeldeliberatelyThisdoesn'tmeanusingcommonmisspellingsofregularwords;rather,deviseacreativemisspellingofawordyoucanrememberandthatcanmakeyourpasswordsafer.Forexample,"Paris"canbecome"Pearisse".AddsomecomplexityGoodpasswordscontainsymbols,punctuations,deliberatemisspellings,andablendoflowercaseandcapitalletters.Turnasimplepasswordlike"catlover"intoamoresecureversionlike"c@LUVr"!AddnumbersPasswordswithnumbersarehardertocrack,butdon'tuseeasy-to-guessnumbers,suchasthecurrentyearoryourbirthday.Chooseseeminglyrandomnumbers(thathavesignificancetoyou)andplacetheminthemiddleofthetextformaximumsecurity,orsubstitutenumbersformultipleletters.Aneasypasswordlike"basketball"canbecome"8a5k3tba1l".MixitupTheverybestpasswordsuseablendofallthesetechniques,sobesuretoemployatleasttwoorthreetocreatethemostpowerfulprotection.Ifyouhaveafavoritephrasethatyou'vedistilledtoanacronym,addsomecapitallettersorpunctuation.Addlengthtoashortpasswordwithnumbers,andaddcomplexitytoadeliberatemisspellingwithcharactersorsymbols.Usingavarietyofpassword-enhancingtricksensuresabetterresult.CheckitoutUseapasswordcheckertomakesurethatyourpasswordisasstrongasitcanbe.Ifyourpasswordisratedweakormedium,youmaywanttoaddmorenumbers,symbols,orothercharactersto