Analyzing Computer Security: Threats, Privacy, Laws, and Facebook Use

Verified

Added on 2022/08/12

AI Summary

This assignment provides a comprehensive overview of computer security, addressing critical areas such as data threats, privacy audits, and relevant legal frameworks. It begins by analyzing statistics related to data security spending, perceived vulnerabilities, and data breach experiences in organizations. The assignment defines passphrases and diceware, explaining their importance in enhancing security. It further explores privacy audits, highlighting key questions to be answered, and examines Facebook's privacy features and policies. Malware and botnets are defined, along with steps to regain control of a hacked account and methods to identify email or social network account breaches. The assignment also identifies four federal laws governing consumer data security, including the FTC Act, FCRA, and FTC Disposal Rule. It differentiates between sectoral and decentralized privacy laws in the US, outlines the 10 Fair Information Principles, and compares data protection in Europe and the United States. Finally, the assignment identifies the four types of information determined by a Data Flow Audit and concludes with seven data privacy best practices to enhance overall security.

0Running head: COMPUTER SECURITY
COMPUTER SECURITY
Name of the Student:
Name of the University:
Author’s Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1COMPUTER SECURITY
Question 1:-
Per cent of organizations are increasing their data security spending to offset threats- 54%.
Per cent of organizations feel vulnerable to data threats- 68%.
Per cent of organizations have experienced a data breach- 60%
What do you conclude from these statistics- A very upsetting statistic is that only a section of
industries has a separate security department. An amount that must inevitably rise as attacks
become more targeted and sophisticated. Without the proper security structure, this
vulnerabilities percentage must be enhancing in future.
Question 2:-
What is a passphrase- It is a words sequence or other text applied to regulate access to a
program, computer system, or data. A passphrase is related to a keyword in usage but is usually
lengthier for added safety.
Give an example of a four-word passphrase- “all killer no filler”.
What is dice ware- It is a technique for making passwords, passphrases, and other cryptographic
variables applying standard dice as a hardware arbitrary number originator (Nielsen, Vedel &
Jensen, 2014). The Dice ware method delivers an accessible technology to make strong
passphrase that is easy to recall.
How does it work- The user rolls a die five times and write down every number. Then the user
discovers the subsequent five-digit number in the Dice ware dictionary, which covers a totalled
list of short expressions.

2COMPUTER SECURITY
Question 3:-
What is a privacy audit- It is an assessment tool that expresses at an administration's privacy
safety policies and actions, definitely in light of currently applicable regulations or regulatory
requirements.
What is the critical question to be answered in a privacy audit?
Following questions are to be answered in a privacy audit.
a) What evidence is affecting intra-departmentally or intra-personally within your business?
b) What data is moving from your business to third parties?
c) What information is your business getting from third parties?
d) What applicable information is affecting across national/state limitations?
Question 4:-
What specific features of Facebook Privacy Basics help you to maintain privacy while using
or maintaining your Facebook account?
There are some concepts user have to realize to achieve the degree of confidentiality they want
on Facebook like information category and the person who shared with Information. The
Facebook privacy policy guide indicates some basic rules and regulation, which can be helpful
for Facebook users (Schwartz & Peifer, 2017). The Facebook authority also does a legitimately
good job of clarifying how to evidence the user share openly may be used. Finally, the Facebook
privacy policy also demonstrate password protection idea, which can be helpful to avoid user's
password hacking.

3COMPUTER SECURITY
What did the Facebook Privacy Basics video say?
Facebook privacy basic video describes some practical idea which can be helpful to protect the
user's Facebook security. If any user is watching this video, then they quickly understand what
should do?
Question 5:-
What are malware and botnets?
Malware is any software deliberately designed to cause harm to a computer or server network. A
wide variety of categories of malware exist, counting worms, computer viruses, ransomware,
Trojan horses etc.
A botnet is an amount of Internet-connected devices, every of which is running more than a few
bots (Shen et al., 2018). It can be applied to perform spread Dos attack, steal information, send
junk, and permits the attacker to contact the device and its connection.
If your account has been hacked, what are ways to regain control?
There are some steps to regain control,
 Step back
 Arrange
 Delegate
 Put difficulties to rest
 locate those big patterns
 Build-in time for physically
 Categorize must from wants

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4COMPUTER SECURITY
How might you know that your email or social network account has been hacked?
If the user unexpectedly gets several messages from their contact saying they have
received junk messages from user address — not user name, user real email address — there is a
chance the user email id has been hacked.
Question 6:-
Name four federal laws that govern consumer data security.
The four federal laws are “The Privacy Act”, “Computer Fraud and Abuse Act”, “Children's
Online Privacy Protection Act” and “Federal Trade Commission Act”.
What does the FTC Act prohibit?
a. avoid unfair approaches of competition and imbalanced or deceptive performances or
practices in or disturbing commerce;
b. seek financial redress and other liberation for conduct harmful to consumers;
c. recommend rules describing with specificity acts or applies that are unfair or misleading,
and creating requirements calculated to prevent such actions or practices;
d. collect and compile evidence and conduct inquiries relating to the business, industry,
practices, and administration of entities engaged in business;
e. Make reports and governmental references to Congress and the community.
What is the FCRA?
The “Fair Credit Reporting Act” is a federal regulation that regulates the group of
customers' credit evidence and access to their credit reports. It was accepted in 1970 to state the

5COMPUTER SECURITY
objectivity, precision, and privacy of the individual evidence controlled in the files of the credit
reporting assistances.
What is the FTC Disposal Rule?
This rule needs certain people who have customer report evidence for a business purpose to
correctly place it by taking practical actions to protect it from illegal access.
Question 7:-
US Privacy law is both sectoral and decentralized. What do those terms mean in the
context of privacy?
There is no public privacy rule throughout the United States. It is the state administrations in the
United States which elect the privacy rule for standard user and business authority (Cornell &
Limber, 2015). The US controls privacy with a sectoral tactic, with rules that are focused only to
exact businesses.
What are the 10 Fair Information Principles?
The ten fair Information Principles are –
o Accountability
o Identifying the Purpose
o Consent
o Limiting Collection
o Limiting Use, Disclosure and Retention
o Accuracy
o Safeguards

6COMPUTER SECURITY
o Openness
o Individual Access
o Challenging Compliance
Question 8:-
How does the protection of personal data in Europe differ from the protection of personal
data in the United States?
US businesses wanting to handover sensitive information to Europe and vice versa must be self-
authenticated under the Confidentiality Shield. Though, while the EU-US Secrecy Shield is
meant to confirm that businesses keep high data defence standards, it is a contract, not a
guideline.
Which system places a higher priority on privacy?
ISO/IEC 27001 Certification system contains a rigorous audit of Vyond’s data safety
management structures and controls. It is presented only to those businesses that can meet the
ordinary as arbitrated by an autonomous, recognized team of accountants. The ISO/IEC 27001
standard confirms that Vyond has the necessary data security controls in place to keep client
documents.
Question 9:-
What four types of information does a Data Flow Audit determine?
The four types of information are Planning, Execution, Reporting and closure, which can be
determined in data flow audit.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7COMPUTER SECURITY
Question 10:-
Identify the seven data privacy best practices?
o Use the Modern Anti-Virus Software
o Keep user Software and OS Up to Date
o Manage Actual Documents with Maintenance
o Use a Complex Password for every user Accounts
o Identify the Symbols of Phishing Attacks
o Encrypt Sensitive Documents
o Repeatedly regulate Online Accounts.

8COMPUTER SECURITY
References:-
Cornell, D., & Limber, S. P. (2015). Law and policy on the concept of bullying at school.
American Psychologist, 70(4), 333.
Nielsen, G., Vedel, M., & Jensen, C. D. (2014, July). Improving usability of passphrase
authentication. In 2014 Twelfth Annual International Conference on Privacy, Security
and Trust (pp. 189-198). IEEE.
Schwartz, P. M., & Peifer, K. N. (2017). Transatlantic Data Privacy Law. Geo. LJ, 106, 115.
Shen, J., Choo, K. K. R., & Zeng, Q. (2018, September). Multi-item Passphrases: A Self-
adaptive Approach Against Offline Guessing Attacks. In International Conference on
Digital Forensics and Cyber Crime (pp. 204-221). Springer, Cham.