Define what a virus isA virus is a software program that can enter a compu

1.  
2. Define what a virus is
3.  
4. A virus is a software program that can enter a computer and reproduce itself to cause devastating effects on the machine. This means that it can spread from computer to computer and usually causes destruction and harm to files and the computer itself. Viruses can be obtained through downloading untrusted files from unsecure websites or opening fake emails. This means users should take extra care when using the internet to ensure their computer doesn’t get a virus as this can cause their computer to break. People use anti-virus softwares to protect their computer however these are usually not free. Despite them not being free, they are very helpful and allow them to protect their computer 24/7. An example of antivirus software is Norton and Windows offers a free anti-virus with their operating system.
5.  
6. Example 1.
7.  
8. An example of a virus is a “worm”, this type of virus is normally spread automatically with human intervention. It can accidentally be sent via email to anybody on your contact list, and replicate thousands of times to thousands of contacts, making it very dangerous. This type of virus is spread through email attachments and corrupted files. Worms can cause computers to crash, losing data and information however its primary function is to infect other computers whilst remaning active on other active systems which are infected. A good anti-virus program can protect a user’s computer, but is not enough to protect it entirely.
9.  
10. Example 2.
11.  
12. A trojan horse virus will appear to be useful and innocent software but is the complete opposite once installed. Users are tricked by this into downloading what they thing is a legitimate computer porgram however they are very difficult to permanently remove once installed. The virus is spread through social engineering tactics to trick the user to download a file or open an email attachment. Once it is transferred to a user’s computer, the malicious code can execute the destructive task it has been coded to carry out. As a result of this, the user may notice unusual activity or setting changes on the computer. The attacker will be able to take control of your computer, whilst recording keyboard activity and much more dangerous activities.
13.  
14. Example 3.
15.  
16. Spyware is software that enables a user to spy on another user’s computer activity, they secretly record this activity for malicious purposes. It is aimed to usually capture passwords, bank acocount details and personal data. Users may never notice they have spyware on their computers, however there are such programs as anti-spyware software tools. However there are some legitimate uses for spyware, for example a boss may have spyware on employee’s computers to monitor staff. Spyware can get onto someone’s computer through downloadable programs from untrusted websites without being seen.
17.  
18.  
19.  
20. HACKING
21. Define
22.  
23. Hacking is where an unauthorised user gains access to a network, device or server and then modifies the system by making changes of copying/removing the data with a malicious intent. There are different types of hackers, however the two main ones are known as “black-hat” hackers - these hackers always have malicious intent and try to cause damage. The other type is “white-hat” hackers, these claim to hack without any damaging intentions and just ‘test’ systems to find flaws and test their security and later report it.
24.  
25. People can hack in many ways. A main way is through installing malicious software on a innocent person’s device or a network/server, such as spyware or malware. Many hackers do this to gain access to personal information and bank details. They can use this information for identity fraud or for monitary gain. People can also hack through phishing. This is where they send emails or create fake websites pretending to be a legitimate company asking for a user’s details. Many people tend to fall for this as it looks real.
26.  
27. Some hackers attack websites for political reasons. For example, the White House website has been attacked multiple times and McDonalds are popular targets. A few years ago, at Christmas time, a hacking team decided to hack the Xbox, Playstation and many game servers therefore people who bought the consoles and games for Christmas couldn’t play for days. This frustrated many players and the company lost a lot of money because of this.
28. HACKER TYPES & DAMAGE DESCRIPTION
29. A black hat hacker is a person which attempts to find and exploit computer security vulnerabilities for personal gain or financial gain. They can inflict major damage on individuals or large organisations by stealing personal and financial information, compromising the security of major systems, and altering the function and shutting down websites and network. Black hat hackers can range from amateurs who are teenagers that spread computer viruses to networks, or criminals which steal credit card numbers for monetary gain. Black hat hackers activities include planting spyware to steal data and launching attacks to disable website access.
30.  
31. White hat hackers are computer security specialists which breaks into protected systems and network to test and assess their security. They use their skills to improve security by exposing vulnerabilities in a network before malicious black hat hackers can detect the vulnerability and exploit it. If a white hat hacker has been employed by an organisation, they are legally allowed to perform any attack on a network they wish to attempt to find exploits. They are seen as hackers who use their skills to benefit society. They can also do this for a financial reward after they have found an exploit or a job with the organisation.
32.  
33. A grey hat hacker is someone who may violate ethical standards or principles, but without the malcious intent that black hat hackers have. Gray hat hackers may engage in activities that are less than completely above board, but are often for the common good. They represent the middle ground between white hat hackers and black hat hackers. One common example of grey hat hacking is someone who exploits a vulnerability in security to spread public awareness that it exists. This may be seen as bad as black hat hackers can take advantage of it.
34.  
35. An ethical hacker is an individual hired to hack into a network or system to identify and repair potential vulnerabilities to prevent black hat hackers finding them. They are security experts which specialise in penetration testing of a software and computer system for the purpose of evaluating and improving security. Generally, a software or hardware seller achieves greater profits through hiring ethical hackers, as they can add value to the product if the customer knows it is secure.
36.  
37.  
38.  
39. IDENTITY THEFT
40. Define
41.  
42. Identity theft is where somebody takes someone elses personal information and uses this to pretend to be somebody who they are not - it can be devastating personally and financially. The different types of information that can be stolen include but are not limited to:
43. -Credit cards or debit cards.
44. -Passports.
45. -Addresses.
46. -Birth certificates.
47. -Bank statements.
48.  
49. Online Example
50.  
51. This mainly happens through phising, where the thief send emails or create fake websites pretending to be a legitimate company asking for a user’s details. Many people tend to fall for this as it looks real. When the thief has this information, they can take a person’s name and try to recreate their identifying documents and try to become them by opening bank accounts, borrowing and taking money, and developing relationships and friendships. They can duplicate passports and driving licences to use as a form of identification.
52.  
53. Offline Example
54.  
55. Offline identity fraud happens just as much as it does online. Examples of this is where people will steal people’s post from mailboxes and through rubbish bins. Thieves will go through mailboxes and rubbish bins looking for credit card statements, bank receipts, etc… These letters may contain credit card information and can apply for new credit cards without the person even knowing. They can also change the address where the mail is sent, so the victim does not receive statements, making them less likely to notice any unauthorised changes. A prevention method to this is by shredding the letters and then recycling them.
56.  
57.  
58. GENERAL DATA PROTECTION REGULATION
59. Define
60.  
61. The General Data Protection Regulation or GDPR is a new set of rules designed with the purpose to give citizens in the EU more control over their personal data. The aim of this is to simplify the regulatory environment for businesses so that both businesses and citizens in the EU can fully benefit from the digital economy. Furthermore, almost every aspect of everyone’s daily lives revolves around data. From social media, retailers, banks, and the government, almost every service we use online involves the collection and analysis of personal data in some shape of form. Organisations store our names, addresses, credit card details, and analyse them. This can cause many problems, especially when databases are hacked and this information is leaked.
62.  
63. Under the terms of the General Data Protection Regulation, not only will organisations have to ensure that personal data is gathered legally and under strict conditions, but those who collect and manage it will be obliged to protect it from misuse and exploitation, as well as to respect the right of the people who own the data, or else face penalties for not doing so.
64.  
65. GDPR applies to any organisation which is operating inside the European Union, as well as any organisations outside of the EU which offer goods or services to customers or businesses inside the EU. One of the major changes that GDPR will bring to everyone is providing consuners with a right to know when their data has been hacked. Organisations will be required to notify the appropriate national bodies as soon as possible in order to ensure EU citizens can take appropriate measures to prevent their data from being abused. Some organisations may be reluctant to do this as it can make their business’ reputation look bad and customers may not want to carry on buying from the business incase this happens again.
66.  
67. Business & Website Privacy Policies
68.  
69. Most websites always have a section on their website which shows the privacy policy as this is a legal requirement because internet users are now concerned about having their personal information scattered about, the input of a privacy policy on a website has become a very important factor. People don’t want their data being used for malicious purposes or being passed on to other companies without permission. It is used to inform website visitors of just how protected their personal information is when they visit the site, giving the user a peace of mind.
70.  
71. An example of a privacy policy is Google’s privacy policy, in it they say “We use data for analytics and measurement to understand how our services are used.” With this they are saying they analyse all data gained to optimise their product design and make performance and their user’s experience better. This is good because they are not only protecting data, but using it to become more efficient. However they must protect this information because their business’ reputation may look bad and customers may not want to carry on using the services if their information is at risk.
72.  
73. Cookies
74.  
75. Everytime you visit a website on the internet, there is a large possibility that a cookie, which is a temporary file, is left on your device therefore the site can recognise it is you the next time you visit. Cookies contain information such as personal information, usernames and passwords. This information is useful as they can save you from having to type in your details everytime you log in to a website. They can also store information on what you have recently looked at on a website or purchased. This is why on websites such as Amazon, it comes up with recommended items based on what a user’s previous purchases were. Businesses must also legally declare what they are specifically using the information gathered from cookies for.
76.  
77.  
78.  
79. SECURITY OF WEBSITE DATA
80. SSL
81.  
82. SSL stands for Secure Socket Layer and is a security protocol used to secure data between two devices using encryption. Millions of websites use this daily to ensure their customers details are safe. You can tell if a website is secure on not because it will have a padlock at the top of the page next to the URL address bar. URLs which begin with “https” rather than “http” shows that the website is secure indicating it is encrypted.
83.  
84. SSL Certificates
85.  
86. This security process is supported by an SSL certificate, which keeps the information secure as it travels from a site to the server. Without this, cyber criminals would be able to access your information. Information is secured using a public key and a private key, meaning everyone has access to the public key and only one specific user has their private key.
87.  
88.  
89. FIREWALL
90. Define
91.  
92. A firewall can either be hardware or software and it’s job is mainly to protect a network or computer from unauthorised incoming or outgoing data packet traffic. It does this by looking at all the data packets and then it decides whether or not the packets should be allowed through onto the network/computer or whether it should be denied depending on the rules that have been set by the operator. It prevents unauthorised access and also stops data leaving a user’s computer that has not been authorised. It protects the contents of the user’s hard drives as well as stops a user’s internet connection being shared without their knowledge. However if the firewall’s protection is set too high, all incoming and outgoing connections may be blocked from the internet - causing a user to not be able to connect to websites or send and receive emails. Some firewall applications have a paid version as well as a free version, the paid version offers features like more updates, better and more efficient tools and better support.
93.  
94. Negatives
95.  
96. Software based firewalls have a big negative which is the computer’s overall performance may drop if the computer is quite old. Firewalls are constantly running and therefore require processing power and take up RAM space, using up space which could be used for other operations. However hardware firewalls do not experience this issue. A negative with a hardware firewall is that they are very expensive to purchase and setup for every single network in a work place. Some work places have multiple networks, making this very expensive. They can also stop users from being able to access the internet all together if set too high.
97.  
98.  
99. STRONG & WEAK PASSWORDS
100. Define
101.  
102. Passwords are used on almost every website where registration is required, for example, Facebook. This means they must be strong or else other users will be able to guess them and access your account, stealing your information. The use for strong passwords are therefore essential when protecting your information and data. Passwords are usually used with a username, however on some sites can be used alongside other security measures. On some websites, you have to use a password, security pin, use authenticator, verify your email address, etc… All passwords should be different for each website you use and a long length filled with numbers and characters.
103.  
104. Examples
105.  
106. An example of a weak password would be “password” or the user’s date of birth. These are easily guessable and breachable, putting the user’s information at major risk. An example of a strong password would be “3r28brb92ewdn” as it is random letters and numbers mixed and a long length. Even though it would be hard to remember, it can be written down somewhere secure to allow the user to log in. The longer and more random the password is, the harder it will be to crack.
107.  
108.  
109.  
110.  
111.  
112. Task 3
113. Planning Documents
114. Storyboards
115.  
116. Storyboards are ‘mock-ups’ of a webpage layout and content. These can be hand drawn, or created using ‘wireframe’ software tools. Standard features of a storyboard are the location of the navigation bar, the location of images or other webpage content such as videos and text. Storyboards are used during the design process of a website so that the client can visualise how a website will look and what content will be required to make this website. If there are any major changes needed to be made, it will save time and money by editing them during this stage rather than when the website is in development. Furthermore a benefit is that you can edit the storyboard easily and have a rough idea how the website will look, making it more suited to the owner’s needs. If someone making a website doesn’t use a storyboard, they may not have the website end up how they wanted it. Here is an example of a storyboard:
117.  
118.  
119.  
120. Moodboard
121.  
122. Moodboards are a mixture of images, colours, fonts, font sizes and other webpage elements that are put together by a website designer so that the client can visualise the look and feel of a website. It is vital as part of the planning process as it will save costly errors if a wrong decision is made during the process of creation. They are used to convey and pitch idea for websites during the creation stage. However mood boards can be hard to create, with many hours spent looking through images, websites and books looking for the perfect image to sum up the intended feel for the website. However an advantage is how the website owner can get across a certain feel and ‘mood’ for a website through this, giving the website an extra effect, setting the tone and suggesting the direction for the website to go in. If a user doesn’t use a moodboard, the website can be quite bland and boring, causing users not to want to use it.
123.  
124.  
125.  
126. Navigation Diagram
127.  
128. A navigation chart is used when there is potentially one or more ways to navigate around a website. For example, on a website each user may want to visit pages in a different order and on an information point. The user may also want to view some certain sections but not others. It starts with the main welcome screen or the home page at the top of the diagram, and then shows the many different way a user can access various parts of the website. What is important is that the website designer shows they have given thought into what the best way to structure the website to make it suitable for the audience. Navigation diagrams tend to contain less detail than a storyboard, but shows the pathways between pages. If a website designer does not do this, they may get confused and lost to what page navigates to another page, which can waste time and money. Here is an example of a navigation diagram:
129.  
130.  
131. WYSIWYG Software
132. Define
133.  
134. A WYSIWYG editor or program allows a developer to see what the end result will end up looking like while the website is being designed. It is an acronym for “what you see is what you get”. It can also be contrasted with more traditional editors that require the developer to enter markup, and do not permit an immediate way to see the results.
135.  
136. Example
137.  
138.  
139.  
140. CSS
141. CSS or cascading style sheets is used on most websites nowadays and is used to decide what the website page will look like. They are stored on the webserver and the administrator will use this to decide how the website will be displayed. It is a simple design language which was created with the intention to simplify the process of making web pages presentable.
142.  
143. CSS is used by almost every website developer as it is very easy to learn and understand and comes with many features. With CSS, the website developer can control the colour of text, the font style, the background colours or images, and much more. It is usually combined with the markup languages HTML or XHTML. There are multiple advantages to using CSS, some being, it saves time as you can reuse the same sheet in multiple HTML pages and it also makes pages load faster.