Question

Determine the security updates that apply to your computer. Compile a list of security updates for your computer and provide a summary of the vulnerabilities they prevent from being exploited. Provide a summary of the course of action you have taken to secure your computer. If your computer is up-to-date in terms of recommended patches and configuration changes, choose three of the optional enhancements that would apply to your operating system (OS) version and summarize why they would be beneficial.

Respond to the following after you have completed your analysis.

Answer the following questions:

• What are the biggest threats to a personal computer (PC)? Justify your answer. Have any of these threats been detected on your machine?
• Why is virus protection so important on a PC? How does spyware compare to viruses as a threat to your personal information? Explain your reasoning.
• What steps can be taken to make your PC more secure? Outline at least two steps. What areas of security do these steps address? Run the test again with any corrections to the system to resolve the identified problems and explain the steps you took to improve security on your system.
• What are the biggest threats to a PC and Mac? Are they significantly different? Explain your answer using examples.

Remember to include your analysis report from your PC as part of your discussion post!

Answer 1

Answer:--

What are the biggest threats to a personal computer (PC)? Justify your answer. Have any of these threats been detected on your machine?

Botnets

If you've never heard of a botnet, it's likely because they go largely undetected.

What they are:

A collection of software robots, or 'bots', that creates an army of infected computers (known as ‘zombies') that are remotely controlled by the originator. Yours may be one of them and you may not even know it.

What they can do:

• Send spam emails with viruses attached.
• Spread all types of malware.
• Can use your computer as part of a denial of service attack against other systems.

Learn more about protecting your computer.

Distributed denial-of-service (DDoS) attack

What it is:

A distributed denial-of-service (DDoS) attack — or DDoS attack — is when a malicious user gets a network of zombie computers to sabotage a specific website or server. The attack happens when the malicious user tells all the zombie computers to contact a specific website or server over and over again. That increase in the volume of traffic overloads the website or server causing it to be slow for legitimate users, sometimes to the point that the website or server shuts down completely.

It could be possible for malicious users to use your computer in one of these attacks. By taking advantage of security vulnerabilities or weaknesses, an attacker could take control of your computer. He or she could then force your computer to send huge amounts of data to a website or send spam to particular email addresses. The attacks are "distributed" because the attacker is using multiple computers, including yours, to launch the denial-of-service attacks.

What it can do:

The most common and obvious type of DDoS attack occurs when an attacker “floods” a network with useless information. When you type a URL into your browser, you are sending a request to that site's computer server to view the page. The server can only process a certain number of requests at once. If an attacker overloads the server with requests, it can't process yours. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying access to legitimate users.

What you can do:

There are steps you can take to reduce the likelihood that an attacker will use your computer to attack other computers:

• Install and maintain anti-virus software.
• Install a firewall, and configure it to restrict traffic coming into and leaving your computer.
• Follow good security practices when it comes to maintaining your contact or email lists. Applying email filters may help you manage unwanted emails, by automatically processing incoming messages based on certain criteria that you set.
• Be cautious if you notice that your Internet connection is unusually slow or you can't access certain sites (and that your Internet connection is not down).
• Avoid opening email attachments, especially if they are from people you don't know.

If you believe you are a victim of a DDoS attack, contact your Internet Service Provider, as they will be able to help mitigate.

Hacking

Hacking is a term used to describe actions taken by someone to gain unauthorized access to a computer. The availability of information online on the tools, techniques, and malware makes it easier for even non-technical people to undertake malicious activities.

What it is:

The process by which cyber criminals gain access to your computer.

What it can do:

• Find weaknesses (or pre-existing bugs) in your security settings and exploit them in order to access your information.
• Install a Trojan horse, providing a back door for hackers to enter and search for your information.

Learn more about protecting your computer.

Malware

Malware is one of the more common ways to infiltrate or damage your computer.

What it is:

Malicious software that infects your computer, such as computer viruses, worms, Trojan horses, spyware, and adware.

What it can do:

• Intimidate you with scareware, which is usually a pop-up message that tells you your computer has a security problem or other false information.
• Reformat the hard drive of your computer causing you to lose all your information.
• Alter or delete files.
• Steal sensitive information.
• Send emails on your behalf.
• Take control of your computer and all the software running on it.

Learn more about protecting your computer.

Pharming

Pharming is a common type of online fraud.

What it is:

A means to point you to a malicious and illegitimate website by redirecting the legitimate URL. Even if the URL is entered correctly, it can still be redirected to a fake website.

What it can do:

• Convince you that the site is real and legitimate by spoofing or looking almost identical to the actual site down to the smallest details. You may enter your personal information and unknowingly give it to someone with malicious intent.

Why is virus protection so important on a PC? How does spyware compare to viruses as a threat to your personal information? Explain your reasoning.

Not having anti virus on a computer is like inviting a criminal into the home or having an uninvited guest! They then cause havoc or steal from the owner. Today's internet has provided many ways for virus attacks and there are thousands of threats. To be safe from these it is vital to police the computer and have it protected at all times. The Importance of Antivirus Software cannot be underestimated.

What's The Difference Between Spyware And Viruses?

The average Internet user has difficulty distinguishing viruses from spyware. The differences are indeed subtle. Both are malicious software (malware): uninvited, intrusive, and potentially destructive. Both have the capacity to capture and destroy information, ruin performance, and disrupt business. Viruses and spyware programs are delivered via web visits and downloads, as well as email attachments. Both can attack systems through many vectors.

A Virus Seeks to Spread

One way to distinguish a virus from spyware is by its behavior. A virus seeks to infect a computer; to replicate; and ultimately, to infect as many computers as possible, as quickly as possible.

When you accidentally install a virus onto your computer, the malicious code that is "the virus" tries to find ways to use your computer to infect other computers. For example, an email-delivered virus (a worm) may search your computer's file system for your Outlook address book, and send infected email messages to contacts it finds in the address book. Before you dismiss your own address book as a modest success, consider what a jackpot email addresses like [email protected] or [email protected] are for a virus.

Increasingly, a virus will not rely on email alone for propagation, but will try many attack vectors. These blended threats employ file sharing, telnet, FTP, IMs, or any services and programs on your computer that communicate with other computers.

Spyware seeks to embed

Viruses seek to spread, but spyware tries to stay put, a behavior we typically associate with a parasites. Parasites need a host to feed upon: nematodes notwithstanding, parasites don't need or try to propagate. In the world of espionage, spyware is closest to a mole. A mole will avoid any activity that might blow his cover; similarly, a spyware applications is often content to hide on your system. Spyware disguises itself as a legitimate application or secretly resides as one more data link library or registry setting Joe Average User knows nothing about, so that it can collect information about you, your messaging and browsing behavior, your online preferences.

Spyware may have a heavier "footprint" on your computer than a virus: spyware will embed itself deeply into critical components of your operating system and bloat your memory with its monitoring and collection processing executables. So where virus activities are overt and sufficiently extensive in their impact to attract attention quickly, spyware activities are typically covert and their infestations are often long lasting.

What steps can be taken to make your PC more secure? Outline at least two steps. What areas of security do these steps address? Run the test again with any corrections to the system to resolve the identified problems and explain the steps you took to improve security on your system.:-

Whether you use your computer primarily for work tasks or personal use or both, it’s highly likely you want to keep it and its contents safe and secure. When it comes to computer security, a broad range of threats should be considered, including malicious attacks by hackers and people physically stealing your computer and the information it houses.

Thankfully, there are steps you can take to mitigate the risk of having your computer compromised. The measures you go to to keep your information safe will depend on several factors. For example, if you have particularly sensitive information stored, then you might be willing to invest more time and resources protecting it. Similarly, if you think there’s a particularly high risk of someone wanting to hack into your system or steal your computer, you may want to go to extra lengths.

For the average user, taking several basic measures should be sufficient enough secure your computer and its contents. In this post, we’ll outline eight easy steps you might want to consider. While they’re all fairly straightforward to implement, some take a bit more time than others or involve paid options. As such, you might need to weigh up which solutions are necessary in your situation. Let’s jump in!

1. Keep up with system and software security updates

While software and security updates can often seem like an annoyance, it really is important to stay on top of them. Aside from adding extra features, they often cover security holes. This means the provider of the operating system (OS) or software has found vulnerabilities which give hackers the opportunity to compromise the program or even your entire computer.

Typically if an update is available for your OS, you’ll get a notification. You can often opt to update immediately or set it to run at a later time. While it can be inconvenient to stop what you’re doing for half an hour for an update to take place, it’s often best to just get it done out of the way.

It’s not just your OS that should be kept up-to-date. All software that you run on your computer could potentially have flaws. When updates are available, you might see a popup when you open the software.

Even though they are usually a good thing, it’s prudent to be wary of updates. Sometimes software companies will offer pre-release versions to try. These may be unstable and should be used at your own risk. Even with stable release versions, you may want to wait a day or two in case there are any obvious bugs. Just remember to go back to it when you’re ready.

Another thing to watch out for is a fake update. These might be used by hackers to persuade you to click a link or enter credentials. You can avoid falling prey to these by doing a little research into the latest updates from the software company. Simply search for the latest version to see if the alert you received makes sense. Alternatively, you can plug the popup text in a search engine to find out if it’s a known scam.

2. Have your wits about you

It should go without saying, being suspicious is one of the best things you can do to keep your computer secure. Admittedly, with hacker techniques becoming increasingly sophisticated, it can be difficult to tell when you’re under attack. All it takes is one email open or link click and your computer could be compromised.

Make sure you have your wits about you and think twice about opening or clicking on anything that doesn’t look legit. Don’t rely on spam filters to always catch sketchy emails. Criminals are constantly trying to outsmart these settings and now and again they’ll get through.

3. Enable a firewall

A firewall acts as a barrier between your computer or network and the internet. It effectively closes the computer ports that prevent communication with your device. This protects your computer by stopping threats from entering the system and spreading between devices. It can also help prevent your data leaving your computer.

If your computer ports are open, anything coming into them could be processed. This is bad if it’s a malicious program sent by a hacker. While it’s possible to close ports manually, a firewall acts as a simple defence to close all ports. The firewall will open the ports only to trusted applications and external devices on an as needed basis.

If your operating system comes with a firewall (e.g. Windows XP onward), you can simply enable the built-in firewall. In Windows, this can be found by navigating to Control Panel>System and Security. You might choose to install an additional firewall as an extra layer of defense or if your OS doesn’t already have one. A couple of free options are Comodo and TinyWall. Antivirus software often comes with a built-in firewall too.

The firewalls discussed above are software firewalls. There is a second type known as a hardware firewall. While these can be purchased separately, they often come built into home routers. It could just be a simple case of checking if yours is turned on.

4. Adjust your browser settings

Most browsers have options that enable you to adjust the level of privacy and security while you browse. These can help lower the risk of malware infections reaching your computer and malicious hackers attacking your device. Some browsers even enable you to tell websites not to track your movements by blocking cookies.

However, many of the options are disabled by default, so you could unwittingly be exposing far more than you need to each time you browse. Thankfully, it should only take a few minutes to go into your browser settings and make the necessary adjustments. Chrome, Firefox, Safari, and Edge all provide detailed instructions to help. While using these browsers you can add an additional layer of protection by installing an anti-tracking browser extension like Disconnect or uBlock Origin.

On the topic of browsers, you should choose yours carefully. The ones mentioned above are generally considered safe. But since updates and patches occur all the time, you never know when a new hole could appear and how big it will be. If you want more privacy, you can consider steering away from traditional options and look at privacy-focused alternatives like Epic Privacy Browser, Comodo Dragon, or Tor Browser.

5. Install antivirus and anti spyware software

Any machine connected to the internet is inherently vulnerable to viruses and other threats, including malware, ransomware, and Trojan attacks. An antivirus software isn’t a completely foolproof option but it can definitely help. There are free options out there, but they’re limited, and besides, the paid programs won’t set you back a whole lot. Bitdefender, is a popular option that I recommend. For alternatives take a look at this data backed comparison of antivirus.

Spyware is a specific type of malware that is designed to secretly infect a computer. It then sits in the system, gathers information, and sends it to a third party. The information is typically of a sensitive nature, such as credentials or banking information. This can ultimately lead to identity theft, a multi-billion dollar industry.

In the spyware category, you have adware (often causing popups), Trojans (posing as a harmless software), and system monitors (such as keyloggers), all of which pose a pretty serious threat. Other forms of spyware like tracking cookies are typically harmless alebit annoying. Thankfully, many antivirus programs have anti spyware built in, but there are some dedicated solutions.

If spyware has found its way onto your computer, then it’s very possible you can remove it. There are a ton of options for spyware removal, including many free offerings and some paid single use tools.

6. Password protect your software and lock your device

Most web-connected software that you install on your system requires login credentials. The most important thing here is not to use the same password across all applications. This makes it far too easy for someone to hack into all of your accounts and possibly steal your identity.

If you’re having trouble remembering a whole bunch of passwords, then you could try a password manager. This will keep all of your passwords safe and you only have to remember one. A password can be combined with an email or SMS as part of a two-step verification (2SV) method for extra security. 2SV usually kicks in when you log into a website or app from a new or unrecognized device requiring you to verify your identity with a PIN code.

While many security steps relate to intangible threats, there is always the possibility that someone could get their hands on your actual computer. A simple line of defence here is to have a strong computer password to at least make it more difficult for them to enter.

Other forms of verification include biometric methods like a fingerprint or retina scan. Alternative physical verification methods might involve key cards and fobs, such as those offered by Yubico. Any of these can be combined with each other and/or a password as part of a two-step authentication (2FA) process.

If you’re concerned about someone actually walking away with your computer, another option is a physical lock. This is an ideal solution for laptops but can also be used on home or work computers. Kensington locks and other similar brands are small locks that insert into a special hole in the device. Some require a physical key while others work using a code. There are solutions for tablets, although these tend to be more cumbersome and more suitable for things like point-of-sale.

7. Encrypt your data

Whether your computer houses your life’s work or a load of files with sentimental value like photos and videos, it’s likely worth protecting that information. One way to ensure it doesn’t fall into the wrong hands is to encrypt your data. Encrypted data will require resources to decrypt it; this alone might be enough to deter a hacker from pursuing action.

There are a plethora of tools out there to help you encrypt things like online traffic and accounts, communication, and files stored on your computer. For full disk encryption, some popular tools are VeraCrypt and BitLocker. You can find separate tools to help you encrypt your mobile device, with various apps available for both Android and iOS.

8. Use a VPN

A Virtual Private Network (VPN) is an excellent way to step up your security, especially when browsing online. While using a VPN, all of your internet traffic is encrypted and tunneled through an intermediary server in a separate location. This masks your IP, replacing it with a different one, so that your ISP can no longer monitor your activity.

What’s more, you can typically choose the server location based on your needs, such as getting the fastest speeds or unblocking geo-locked content. Additionally, a VPN can help you browse securely while using open wifi networks and access censored material (e.g. Facebook in China).

When it comes to choosing a provider, there are some okay free offerings out there, but monthly rates for paid services can be pretty low, even as little at $3 per month. The free ones are typically limited in features but can be good for getting a feel for what’s available. Some paid options have free trial periods for the full service and most offer generous money-back guarantee periods.

No matter what you store on your computer, it’s simply prudent to protect its content from criminals and snoopers. Although nothing is ever completely secure, following the steps above will provide most people with ample protection and safeguard their data.

What are the biggest threats to a PC and Mac? Are they significantly different? Explain your answer using examples.:-

Businesses of all sizes are increasingly reliant on technology, yet technology inherently carries numerous vulnerabilities along with its advantages. If you don’t take the proper precautions against computer problems, the well-being of your small business can evaporate in a heartbeat.

Read on to learn about the top 5 threats to your computer, and what you can do to protect yourself.

1) Hard drive failure

The biggest threat to your computer, whether it’s a Mac or PC, is hard drive failure. Hard drives are failing at an alarming rate—a Squaretrade study from 2009 found that 31 percent of laptops fail within three years of purchase, and as we ask hard drives to store more and more data, the potential for loss increases.

Solution: Automated computer hardware monitoring. Your servers, laptops, and desktops should be registered with a service that can alert you at the first signs of possible failure. For the Mac, take a look at our IvanExpert Mac Wellness service; for the PC there are many available options, so talk to your IT company about what they offer or recommend. In addition, set up at least two fully automated backups for each computer—one onsite, and one in the cloud.

2) Passwords

Having weak passwords—whether on your computer itself, for your email, or for online accounts—can compromise your system and your data. Remember, once your email is accessible to a hacker, he can usually gain control of other accounts and passwords fairly easily. The recent story of Mat Honan, who had his entire computer and iPhone erased by someone who managed to get his iCloud password, is a sobering example.

Solution: Improve your passwords. Make sure each password has at least 10 characters, with lowercase letters, uppercase letters, numbers, and symbols if you can. And don’t even think of using the same password for different logins. Use a password management system to keep track of all of them (our favorite is 1Password for both PC and Mac; a web-based alternative that lets employees share passwords is Passpack).

3) Websites

Your computer can be invaded by unknown software or individuals if you visit a web site created for that purpose, including a familiar website which has itself been attacked by hackers. Just visiting a webpage or clicking on a link on that page can be the trigger.

Solution: Consider adding a security appliance to your business IT infrastructure. Hardware such as those made by SonicWALL and Cisco provide a barrier between the outside world of the internet and your office network. For small offices, or for laptops belonging to employees who travel, install antivirus software, and make sure it checks for updates automatically.

4) Email

Viruses and malware have attacked via email for years, and they still pose a major threat. Absentmindedly clicking on the wrong attachment can install programs that slow your system to a crawl, log your keystrokes to capture your passwords, or send out spam through your email account.

Solution: Choose an email host for your business that has top-quality email screening for spam, viruses, and malware. If you don’t have a security appliance (see #3), install and run antivirus software on every computer, and don’t forget to make sure it automatically checks for updates.

5) Theft

As more people carry laptops while traveling around the globe, the number of laptop thefts has increased. Your computer is vulnerable in the hotel, the coffee shop, the checkroom at the restaurant, the rental car, and the back of a taxi. In addition to the pain of the loss of the computer itself and all your data, think about how much proprietary company information could fall into the wrong hands.

Solution: All company laptops should require a username and password to log in, and make sure the login is required after waking from sleep and after lack of activity—not just on startup. Consider signing up for remote wipe capability (on Mac, it’s free using Find My Mac; for PC or Mac check out Absolute Computrace, Absolute LoJack for Laptops, or Prey). You may want to encrypt the company files on your computer, but be warned that all your data is unrecoverable if your encryption key is lost. And did we mention the importance of multiple backups?

Although we never think computer problems will hit, they do happen if we aren’t prepared. It takes just a few minutes to protect your computer against major problems that can have long-lasting impact.