Home

Key Learning

Create Task Work

CB Notes

Review Ticket

Studying

5.6 Notes -> Safe Computing

• Personal Identifiable Information (PII)
  • Creating Web Sites and posting information is adding a searchable PII
  • Problem: people post on LinkedIn and forget that other people may look at their IG and FB
• Things you should consider when adding PII
  • Good: Name, email (preferably junk email), picture, high school attended, college attended, properties you own, State-City of residence, all State-City of previous residence, Credit Report
  • Gray: Birthdate, place of birth, street address, phone number, maiden names of Mother and Grandmother, Drivers License Number
  • Bad: Credentials for Access, Two-Factor Authentication on Financial accounts, SSN, Tax records
• Beware, Establish practices for your own Safety
  • Multi-factor authentication –> enter code that has been texted or emailed to you. Also biometrics
  • Malware often sent in attachments to things in email –> click attachment and it adds virus to computer
  • Phishing –> promise one thing through a link only to steal your info
• Factors to Increase Security
  • Use Multi Factor Authentication
  • Biometrics –> secure systems, fingerprints, or facial recognition
  • Symmetric encryption –> only one key used to encrypt and decrypt electronic info
  • Asymmetric cryptography –> (aka public-key cryptography) use pair of key to encrypt/decrypt a message and protect it from unauthorized access/use
  • SSL uses asymmetric and symmetric encryption
• Nefarious Uses of Internet
  • Virus/Malware
  • Phishing
• GitHub Pages:
  • Describe PII you have seen on project in CompSci Principles.
    • Contact info pages, Database/CRUD
  • What are your feelings about PII and your exposure?
    • I believe it’s probably a good idea to share as little personal information as possible because you don’t need random people to know everything about you.
  • Describe good and bad passwords? What is another step that is used to assist in authentication.
    • Bad passwords contain personal information, isn’t complex (doesn’t contain special characters and numbers), and is too short. A step that you can use to assist in authentication is Multi Factor Authentication which provides and added layer of security to your entry.
  • Try to describe Symmetric and Asymmetric encryption.
    • In symmetric encryption, you only have one key. In asymmetric, you use a pair of keys to encrypt/decrypt messages.
  • Provide and example of encryption we used in deployment.
    • An example of encryption we used in deployment was creating an AWS account.
  • Describe a phishing scheme you have learned about the hard way. Describe some other phishing techniques.
    • I’ve never suffered from a phishing scheme. I do remember once when that Discord virus was running wild and a friend of mine ‘gifted me free nitro’. I was suspicious of the link and waited for any further confirmation (and if she didn’t provide it I was going to search up the url to see if it was reliable). Other phishing techniques could come from emails or other sites.