1. a rescue disk or emergency disk,
1. What Are the Various Types of Security Risks that Can Threaten
A computer security risk is any event or action that could cause a loss of or damage to computer
hardware, software data, information, or processing capability. Computer security risks include
computer viruses, unauthorized access and use, hardware theft, software theft, information theft, and
system failure. Safeguards are protective measures that can be taken to minimize or prevent the
consequences of computer security risks. A computer virus is a potentially damaging computer
program designed to affect or infect a computer negatively by altering the way it works.
Unauthorized access is the use of a computer or network without permission; unauthorized use is
the use of a computer or its data for unapproved or possibly illegal activities. An individual who tries
to access a computer or network illegally is called a cracker or a hacker. Hardware theft,
software theft, and information theft present difficult security challenges. The most common form
of software theft is software piracy, which is the unauthorized and illegal duplication of copyrighted
software. A system failure is the prolonged malfunction of a computer.
2. How Does a Computer Virus Work and What Steps Can
Individuals Take to Prevent Viruses?
A virus spreads when users share the host program to which the virus is attached. A virus can
replace the boot program with an infected version (boot sector virus), attach itself to a file (file
virus), hide within a legitimate program (Trojan horse virus), or use an application’s macro
language to hide virus code (macro virus). The virus is activated when a certain action takes place
(a logic bomb) or at a specific time (a time bomb). Viruses can be prevented by installing an
antivirus program, write-protecting a rescue disk or emergency disk, never starting a computer
with a disk in drive A, scanning floppy disks for viruses, checking downloaded programs, and
regularly backing up files.
3. How Can a Computer Be Safeguarded?
An antivirus program protects a computer against viruses by identifying and removing any
computer viruses found in memory. Access controls prevent unauthorized access and use by
defining who can access a computer, when they can access it, and what actions they can take.
Physical access controls and common sense can minimize hardware theft. A software license
addresses software piracy by specifying conditions for software use. Encryption reduces
information theft by converting readable data into unreadable characters. Surge protectors and
uninterruptable power supplies guard against system failure by controlling power irregularities.
4. Why Is Computer Backup Important and How Is It Accomplished?
A backup is a duplicate of a file, program, or disk that can be used if the original is lost, damaged,
or destroyed. In case of system failure or the discovery of corrupted files, the backup can be used to
restore the files by copying the backed up files to their original location. Backup procedures
specify a regular plan of copying and storing important data and program files. Organizations can
accomplish a backup using one of, or combinations of, three methods: a full backup, which
duplicates all files; a differential backup, which duplicates only files changed since the last full
backup; or an incremental backup, which duplicates only files changed since the last full or
5. What Are the Components of a Disaster Recovery Plan?
A disaster recovery plan is a written plan describing the steps an organization would take to
restore computer operations in the event of a disaster. A disaster recovery plan has four major
components. An emergency plan specifies the steps to be taken immediately after a disaster
strikes. A backup plan details how an organization will use backup files and equipment to resume
information processing. A recovery plan stipulates the actions to be taken to restore full information
processing operations. A test plan contains information for simulating different levels of disasters
and recording an organization’s ability to recover.
6. What Are Issues Relating to Information Privacy?
Information privacy refers to the right of individuals and organizations to deny or restrict the
collection and use of information about them. Information privacy issues include unauthorized
collection and use of information and employee monitoring. Unauthorized collection and use of
information involves the compilation of data about an individual from a variety of sources. The data is
combined to create an electronic profile that, without an individual’s permission, may be sold to other
organizations. Employee monitoring involves the use of computers to observe, record, and review
an individual’s use of a computer, including communications, keyboard activity, and Internet sites
7. What Are Ethical Issues with Respect to the Information Age?
Computer ethics are the moral guidelines that govern the use of computers and information
systems. Unauthorized use of computer systems, software theft, and information privacy are
frequently discussed ethical issues. Other important ethical issues are the responsibility for
information accuracy and codes of conduct that help determine whether a specific computer
action is ethical or unethical.
8. What Are Internet-Related Security and Privacy Issues?
Information transmitted over networks has a higher degree of security risk than information kept on
an organization’s premises. On a vast network such as the Internet, the risk is even greater. To
provide secure data transmission, many Web browsers use Internet encryption methods such as
Secure Socket Layers and digital signatures. The most discussed ethical issue concerning the
Internet is the availability of objectionable material.