to sir shane!!

bye sir! see u at UM Digos.heheh
humana jod among Comped321!
God bless

Goodbye!

Bye2x na people..
end na sa term..humana fud among Comped..
huhuhuhuhu..
God bless us always..
Bye sir!hehehe

Quiz 9

1. Define the term, computer security risks, and briefly describe the types
of cybercrime perpetrators: hacker, cracker, script kiddie, corporate spy,
unethical employee, cyberextortionist, and cyberterrorist.

Computer security is a branch of computer technology known as Information Security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. 

Cybercrime Perpetrators

Hacker refers to a computer programmer who is able to create usable computer programs where none previously existed. 

Cracker is a variation of hacker , with the analogy equal to a safe cracker. Some individuals use the term cracker in an attempt to differentiate from the honorable computer programmer definition of hacker.

Script kiddy is an individual who executes computer scripts and programs written by others. Their motive is to hack a computer by using someone else’s software. Examples include password decryption programs and automated access utilities.
Corporate Spy - have excellent computer and networking skills and are hired to break into a specific computer and steal its proprietary data and information.

Unethical employee - break into their employers' computer for a variety of reasons. Some simply want to exploit security weakness.

Cyberextortionist - is someone who uses e-mail as a vehicle for extortion. These perpetrator s send an organization a threatening e-mail message indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization s network - if they are not paid of a sum of money.

Cyber-terrorist - a programmer who breaks into computer systems in order to steal or change or destroy information as a form of cyber-terrorism

2. Describe various types of Internet and network attacks (computer viruses,
worms, Trojan horses, rootkits, botnets, denial of service attacks, back
doors, and spoofing), and identify ways to safeguard against these attacks,
including firewalls, intrusion detection software, and honeypots. 


A computer virus is a potentially damaging program that affects, or infects, a computer negatively by altering the way the computer works without the user's knowledge or permission.
A worm is a program that copies itself repeatedly, using up resources and possibly shutting down the computer or network.
A Trojan horse is a program that hides within or looks like a legitimate program.
A root kit is a program that hides in a computer and allows someone from a remote location to take full control of the computer.
To take precautions against this malware:
1. Do not start a computer with removable media in the drives or ports.
2. Never open an e-mail attachment unless you are expecting the attachment and it is from a trusted source.
3. Disable macros in documents that are not from a trusted source.
4. Install an antivirus program and a personal firewall.
5. Stay informed about any new virus alert or virus hoax.
6. To defend against a botnet, a denial of service attack, improper use of a back door, and spoofing, users can install a firewall, install intrusion detection software, and set up a honeypot.


3. Discuss techniques to prevent unauthorized computer access and use

Unauthorized access is the use of a computer or network without permission. Unauthorized use is the use of a computer or its data for unapproved or illegal activities. Organizations can take measures such as implementing a written acceptable use policy (AUP), a firewall, intrusion detection software, an access control, and an audit trail. Access controls include a user name and password or passphrase, a CAPTCHA, a possessed object, and a biometric device.

4. Identify safeguards against hardware theft and vandalism. 

Hardware theft is the act of stealing computer equipment. Hardware vandalism is the act of defacing or destroying computer equipment. The best preventive measures against hardware theft and vandalism are common sense and a constant awareness of the risk. Physical devices and practical security measures, such as locked doors and windows, can help protect equipment. Passwords, possessed objects, and biometrics can reduce the risk of theft or render a computer useless if it is stolen.

5. Explain the ways software manufacturers protect against software piracy. 

Software piracy is the unauthorized and illegal duplication of copyrighted software. To protect themselves from software piracy, manufacturers issue a license agreement and require product activation.

6. Discuss how encryption works, and explain why it is necessary 

Encryption prevents information theft and unauthorized access by converting readable data into unreadable characters. To read the data, a recipient must decrypt, or decipher, it into a readable form. An encryption algorithm, or cypher, converts readable plaintext into unreadable cipher text. Encryption is used to protect information on the Internet and networks.

7. Discuss the types of devices available that protect computers from
system failure.

A system failure is the prolonged malfunction of a computer. A common cause of system failure is an electrical power variation such as noise, an undervoltage, or an overvoltage. A surge protector, also called a surge suppressor, uses special electrical components to smooth out minor noise, provide a stable current flow, and keep an overvoltage from reaching the computer and other electronic equipment. An uninterruptible power supply (UPS) contains surge protection circuits and one or more batteries that can provide power during a temporary loss of power.

8. Explain the options available for backing up computer resources. 

A backup is a duplicate of a file, program, or disk that can be used to restore the file if the original is lost, damaged, or destroyed. Users can opt for a full backup or a selective backup. Some users implement a three-generation backup policy that preserves three copies of important files: the grandparent, the parent, and the child. Others use RAID or continuous backup. Most operating systems and backup devices include a backup program.

9. Identify risks and safeguards associated with wireless communications. 

Wireless access poses additional security risks. Intruders connect to other wireless networks to gain free Internet access or an organization's confidential data. Some individuals intercept and monitor communications as they transmit. Others connect to a network through an unsecured wireless access point (WAP), sometimes using the techniques of war driving or war flying. Some safeguards include firewalls, reconfiguring the WAP, and ensuring equipment uses a wireless security standard, such as Wi-Fi Protected Access (WPA) and 802.11i.

10. Discuss ways to prevent health-related disorders and injuries due to
computer use. 
 
A computer-related repetitive strain injury (RSI) can include tendonitis and carpal tunnel syndrome (CTS). Another health-related condition is eyestrain associated with computer vision syndrome (CVS). To prevent health-related disorders, take frequent breaks, use precautionary exercises and techniques, and use ergonomics when planning the workplace. Computer addiction occurs when the computer consumes someone's entire social life.

11. Recognize issues related to information accuracy, intellectual property
rights, codes of conduct, and green computing. 

Computer ethics govern the use of computers and information systems. Issues in computer ethics include the responsibility for information accuracy and the intellectual property rights to which creators are entitled for their works. An IT (information technology) code of conduct helps determine whether a specific computer action is ethical or unethical. Green computing reduces the electricity and environmental waste while using a computer.

12. Discuss issues surrounding information privacy, including electronic
profiles, cookies, spyware and adware, spam, phishing, privacy laws, social
engineering, employee monitoring, and content filtering.

Information privacy is the right of individuals and companies to deny or restrict the collection and use of information about them. Issues surrounding information privacy include the following. 
An electronic profile combines data about an individual's Web use with data from public sources, which then is sold.
A cookie is a file that a Web server stores on a computer to collect data about the user.
Spyware is a program placed on a computer that secretly collects information about the user.
Adware is a program that displays an online advertisement in a banner or pop-up window.
Spam is an unsolicited e-mail message or newsgroup posting sent to many recipients or newsgroups at once.
Phishing is a scam in which a perpetrator attempts to obtain personal or financial information.
The concern about privacy has led to the enactment of many federal and state laws regarding the disclosure of data. As related to the use of computers, social engineering is defined as gaining unauthorized access or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others. Employee monitoring uses computers to observe, record, and review an employee's computer use. Content filtering restricts access to certain materials on the Web.

Quiz 8

Quiz 8 - Database Management

1. Define the term, database, and explain how a database interacts with data
and information.
answer:

Database is a collection of information organized in such a way that a computer program can quickly select desired pieces of data. You can think of a database as an electronic filing system.
is an organized collection of data for one or more purposes, usually in digital form. The data are typically organized to model relevant aspects of reality (for example, the availability of rooms in hotels), in a way that supports processes requiring this information (for example, finding a hotel with vacancies). The term "database" refers both to the way its users view it, and to the logical and physical materialization of its data, content, in files, computer memory, and computer data storage. This definition is very general, and is independent of the technology used. However, not every collection of data is a database; the term database implies that the data is managed to some level of quality (measured in terms of accuracy, availability, usability, and resilience) and this in turn often implies the use of a general-purpose Database management system (DBMS). A general-purpose DBMS is typically a complex software system that meets many usage requirements, and the databases that it maintains are often large and complex.

2. Describe file maintenance techniques (adding records, modifying records,
deleting records) and validation techniques.
answer:

When you want to add  to or make changes to your data in your Microsoft Office Access 2003 database, you can do much of your work in forms and datasheets. After you design your tables and queries, you can use a form or datasheet as a window into the data. You can also use a data access page to add or edit data in a database that is on an intranet or on the Internet.
This topic explains how to use forms, datasheets, and data access pages for adding and modifying your data. It also provides examples of each method, working with the North wind Traders sample database.

Add a record

1. To add a record, do one of the following:
• If you are working with a form, open the corresponding form in Form view.
• If you are working with a data access page, open the corresponding page in Page view. If Access is not installed on your computer, open the page in your Web browser.
• If you are working with a table, open the corresponding table in Datasheet view.
2. In Datasheet or Form view, click the New button on the navigation toolbar. To add a record to a subform, click New on the subform's navigation toolbar. If you don't see the navigation toolbar inside the subform, or if the button is disabled, you will not be able to add records to the subform. In a data access page, click New on the record navigation toolbar.

 Note   If the New button appears disabled on a page, it means that you do not have permissions to add new records. Contact the owner of the database. If you don't see the New button on a data access page, it either means that the page is read-only, or that the designer of the page has customized the appearance of the button. Look for custom instructions about using the page, or contact the page's designer.

3. Enter your data, and then press TAB to go to the next field.

Edit a record

You can change the data in one or more fields in a record. For example, if you want to correct the spelling of a customer name, you can open the Customers form in Form view, move to the record that corresponds to the customer, and edit the Name field in the form. When you move to a different record, Access will automatically update the field in the underlying table.

1. Open the form (in Form view), page (in your Web browser or in Page view), or table (in Datasheet view) that has the record that you want to edit.
2. Move to the record by using the buttons on the navigation toolbar.
3. Use the mouse or the TAB or arrow keys to move to the field that you want to edit.

To replace the entire contents of a field in a datasheet, click near the left edge of the field when the pointer turns to a plus, as shown in the following example. In a form, click the field's label.

To add to the existing contents of a field, place the insertion point where you want to enter the new characters. You can move the insertion point by using the arrow keys. In the following example, the insertion point is at the end of the current contents of the field, so anything that you type will be appended to the string "Alfreds FutterKiste".

4. Enter your text in the field. If text in the field was selected before you started typing, the characters that you type will replace that text.

 Note   If you make a typing mistake, press the BACKSPACE key. If you want to cancel all editing changes to a field, press the ESC key.

When you try to move out of a field after entering data, Access validates the data, making sure that the value you entered is allowed in that field. If the value isn't allowed, Access alerts you with a validation message. For more information, see Troubleshoot editing data in a field.

To move out of the field, you must either change the data to an acceptable value or undo your changes by pressing the ESC key.

When you move to another record, Access performs record-level validation, and then saves your changes. If the record can’t be saved, you must either make any necessary corrections or undo your changes.

Delete the contents of a field or an entire record

You can delete the text in a field to either leave the field blank (if the field supports Null values), or to replace the text with another value. You can also permanently delete one or more records in a table:

• To delete text in a field, select the text and then press DEL.

For information on how to select a field, see Select fields and records.

• To delete one or more records in a datasheet or a form, select the records and then press DEL.
• To delete a record on a data access page, click the Delete button on the record navigation toolbar.

3. Discuss the terms character, field, record, and file.
answer: 

Field is a combination of one or more characters. It . It is the smallest unit of data user accesses

 Record is a group of related fields.

File is a collection of related records.

4. Discuss the functions common to most database management systems:
data dictionary, file retrieval and maintenance, data security, and backup
and recovery.
answer:

Data dictionary contains data about each file in a database and each field within the files.

5. Differentiate between a file processing approach and the database
approach.
answer:

File processing approach - each department or area within an organization has its own set of data files.

Database Approach -Many programs and users share the data in a database. Reduces data redundancy, improves data integrity, shares data, permits easier access, and reduces development time.

6. Describe characteristics of relational, object-oriented, and
multidimensional databases.
answer:





Relational Database - is a database that stores data in tables that consist of rows and columns. Each row has a primary key and each column has a unique name.

Object - oriented database (OODB) - stores data in objects. An object is an item that contains data, as well as the actions that read or process the data.

Multidimensional database - stores data in dimensions and can store more than two dimensions of data.

7. Explain how to access Web databases.
answer:




•Object-oriented databases often use Object Query Language (OQL) to manipulate and retrieve data.
    A relational database stores data in tables that consist of rows and columns
        –Each rowhas a primary key
        –Each columnhas a unique name
        •A relationshipis a link
    A multidimensional database can store data in more than two dimensions of data
        –Can consolidate data much faster than a relational database.

8. Define the term, computer security risks, and briefly describe the types
of cybercrime perpetrators: hacker, cracker, script kiddie, corporate spy,
unethical employee, cyberextortionist, and cyberterrorist.
answer:

A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability. A hacker means someone who  breaks into computer, someone who can make a computer do what he wants.

Cracker someone who breaks into someone's else computer system often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security.
Script kiddie -A person, normally someone who is not technologically sophisticated, who randomly seeks out a specific weakness over the Internet in order to gain root access to a system without really understanding what it is s/he is exploiting because the weakness was discovered by someone else.

9. Identify database design guidelines and discuss the responsibilities of
database analysts and administrators.
answer:


10. Discuss techniques to prevent unauthorized computer access and us. 
answer:

Operating system and software patches and updates

There is no such thing as perfect software, often a software program may have several issues and could potentially have security vulnerabilities that can leave your computer open to attacks that compromise your computer and your data.

Software patches, updates, and drivers are made available, often for free, to consumers to help keep a software program and operating systems running properly and secure. If the program you're using does not have any method of checking for updates on its own it is up to you to verify the program is up-to-date. Often this can be done by visiting the web site of the developer who created the program. A listing of third-party companies and links to each of their pages can be found on our third-party support page.