Excerpt of Chapter 1 from An Essential Guide to Cybersecurity

What is Cybersecurity?

History

Beginning in the 1970s, the exploration of then-emerging telecommunications technology began. The first modern day hackers appeared as they attempted to sidestep the system by making free phone calls, a practice that was defined as "phreaking”, pioneered by John Draper, a.k.a. Captain Crunch. Draper was later arrested and convicted on charges related to his nefarious phreaking activities multiple times. By 1986, malware, in the form of the first virus, "Brain", took shape, the same year that the Computer Fraud and Abuse Act was instituted. It prohibits unauthorized access or damage of protected computers. Two years later, the Morris worm followed, named after Robert Morris. The virus was so severe and spread so rapidly that it successfully shut down much of the internet. The Morris worm was a landmark incident as the first widespread instance of a denial-of-service (DoS), cybersecurity attack. Fortunately, due to the infancy of the internet at the time, the impact was not as devastating as it would have been today. But it paved the way for the numerous kinds of security issues that have emerged in the decades since. A computer hacker and fugitive named Kevin Poulsen, was featured on America's Most Wanted, and was arrested in 1991. However, since his release from prison, he reinvented himself as a journalist and contributed to the online computer security news portal SecurityFocus. In the years to follow, viruses and attacks such as backdoors, denial-of-service attacks, direct-access attacks, eavesdropping, spoofing, tampering, privilege escalation, phishing, clickjacking, and social engineering all emerged.

The first decade of the 21st Century saw malicious Internet activity become a major criminal enterprise, as adware and spyware emerged with programs such as Conducent, TimeSink, Aureate/Radiate and Comet Cursor. Malware also appeared, with big-name threats such as Code Red, Nimda, Welchia, Slammer and Conficker all wreaking havoc on unprotected machines. AOL suffered through the first real phishing attacks, with fraudsters stealing users' credentials. Today, phishing attacks have become increasingly mainstream, with online banking and social networking sites. Zero day attacks, ransomware, rogue antispyware, clickfraud, government attacks, and other attacks have all made their mainstream debut in the current decade.

The Morris worm and other early nuisance attacks ultimately led to the development of the security industry including the establishment of CERTs (Computer Emergency Response Teams) for coordinating responses to these kinds of emergencies, and preventative and detective security products. There has also been further development of antivirus technology in order to spot the signature of the virus and prevent it from executing. These threats have played an integral role in driving the awareness of computer users of the risks of reading emails from untrusted and unreliable sources and opening their attachments (which lead to the establishment of spam). Companies began to realize that if viruses were to spread from corporate email accounts, questions about the security and integrity of that company would likely be brought into the public eye.

  

 

Importance of Cybersecurity

Cybersecurity is one of the most urgent issues of today, with computer networks always being targeted by criminals. The danger of cyber security breaches will only increase as these networks expand. The necessity of strong cybersecurity measures is self-evident. In recent years, there has been a proliferation of cyberattacks that have wreaked havoc on companies, governments and individuals. One of the most problematic and insidious elements of cybersecurity is the quickly and constantly evolving nature of security risks. Cyber risk has been established at the top of the international agenda, as high-profile breaches (i.e. WikiLeaks) have raised fears that hack attacks and other security failings could endanger the global economy.

The U.S. federal government has allotted over $13 billion annually to cyber security since late 2010. The Global Risks 2015 report stated that 90 percent of companies worldwide recognize they are insufficiently prepared to protect themselves against cyber attacks. Cyber crime (explained in further detail in Chapter 3) costs the global economy over US$400 billion per year, according to the Center for Strategic and International Studies. Furthermore, in 2013, approximately 3,000 companies in the United States had their systems compromised by criminals. High-profile US retailers Target and Home Depot were among many organizations that has lost customer data and credit card information. In other companies, money from accounts have been stolen, industrial espionage has occurred, and in some cases, the cyber thieves even took over company systems and demanded ransom money to unlock them.

Governments and businesses around the world are constantly searching for better cyber defense strategies. For instance, the European Network and Information Security Agency held a cyber security exercise in October 2014, involving 29 countries and more than 200 organizations. This included government bodies, telecoms companies, energy suppliers, financial institutions and Internet service providers. Other sensible precautions can be taken by organizations to minimize losses from cyber criminals. With proper levels of preparation and specialist assistance, it is possible to control damages, as well as recover from a cyber breach and its consequences. Due to growth and impact of social media and other technological innovations, we live in an increasingly networked world, from personal banking to government infrastructure. Cyber threats constantly take aim at secret, political, military, or infrastructural assets of a nation, or its people. Therefore, cybersecurity is a critical part of any governments’ security strategy; protecting these networks is paramount.

The combination of technical factors, increased human activity, and notable events (such as our recent presidential election) have provided a critical moment in efforts for cybersecurity. The field is growing rapidly in importance due to increasing reliance on computer systems and the Internet in most societies, wireless networks (i.e. Bluetooth and Wi-Fi ), and the growth of "smart" devices (smartphones, televisions, tablets, etc.) To secure a computer system, it is important to understand the attacks that can be made against it, and these threats can be classified into numerous categories.

Chapter 5 of How to Create a Basic Web Site - Creating a Blog

Chapter 5 Creating a Blog

How to Create a Basic Web Site by DMStudent

Excerpt of How to Create a Basic Web Site (Chapter 2 - Starting a Web Page)

HTML Editors

An HTML editor is a specialized piece of software that enables the creation of HTML code.
Users are able to enter raw text in order to create and maintain their websites. A good
HTML editor helps boost productivity enormously. Here is a list of some of the most
popular and effective editors:
• Microsoft Expression Web
• Google Web Designer
• Adobe Dreamweaver
• Microsoft Visual Web Developer
• Microsoft FrontPage
• Notepad

In this book, we will use Notepad to create the website.


Here is the link to the e-book, which is available for purchase at Amazon.com:

http://www.amazon.com/gp/product/B00YE05M82?*Version*=1&*entries*=0

Excerpt of "How to Create a Basic Web Site" by David Miller (Chapter 1 - Introducing the Internet and HTML)

What is the Internet?

History

The Internet was first established in 1969 by the Advanced Research Projects Agency Network (ARPANET). This was spearheaded by the US Department of Defense. Beginning in the 1970s, e-mail and other messaging systems were created and distributed among large companies as well as government organizations. These systems allowed individuals in each organization to send messages to each other. However, problems arose with general refusal to allow interconnection of computers between organizations. Over time, issues like these made it necessary to establish rules that would enable various users to communicate (whether in organizations or not) on the Internet and send messages. By 1987, ARPANET was heavily congested on its telephone lines; thus, a network run by the National Science Foundation (NSFNet) merged with two other networks (CSNet and BITNET) to form a major network that can handle the increasing online traffic. The result was a contract with corporations such as IBM and Sprint to operate the network’s main backbone (connections and technology that support large amounts of data). IBM and Sprint were also among the first companies to help provide commercial Internet access.

The Internet or World Wide Web (WWW) possesses global broadcasting capability that serves as a medium for information dissemination, collaboration, and interaction among individuals and their computers regardless of geographic location. Simply called the Web, this innovative channel of communication, utilizes technology as a way to access, send and share information. It is a vast network of interconnected computers and networks that link millions of businesses, agencies, institutions, and individuals. Structurally, the Internet consists mainly of web pages which are really documents, images and audio files containing immense amounts of information. Web pages are connected to one another via connections called hyperlinks. Viewing and interacting with web pages are possible because of the technical capabilities of web browsers. These technological programs allow users to view text, images, videos, and other multimedia. Normally, a website contains one or more web pages that are grouped together under a common theme, for personal, commercial or social purposes. When a computer connects to the Internet, it becomes a web client.

Major Elements of the Internet

Listed below are brief descriptions of some of the network systems, services, programs and devices that support and impact operation of a website on the Internet.

Intranets/Extranets

An intranet is an information portal designed for the internal communications of various businesses. They include enterprises, governments, industries and financial institutions. Compared to the Internet, intranets can be tailored specifically to meet the exact needs of businesses and organizations. Users of intranets consist mainly of managers and directors, support staff, customer service, and other stakeholders. Extranets are portals designed for businesses to provide external users such as important clients, industry partners, and suppliers with limited access to certain files on computer systems.

Ethernet

Ethernet is the physical connection method of cabling networking technologies for local area (LAN) and larger networks to a computer. Simply put it is the cable that connects a computer or other device to a router or network.  Ethernet is known as arguably the most popular and most effective network technology in the world. Furthermore, it is the most widely-installed local area network (LAN) technology. There are industry standards that govern Ethernet communication to technology devices. These standards include how communication is provided for connected devices as well how they are attached to a common medium such as a router that provides a path where electronic signals travel. An Ethernet LAN typically uses coaxial cable or special grades of twisted pair wires. In recent times, it is more commonly a twisted pair or fiber optic cabling. Most home computers are connected to the Internet using either coaxial cable or wireless adapters. 

Routers

Routers are electronic devices that provide the mechanism for computers to communicate with other computers in a network, or to connect to an intranet or the Internet. The primary function of a router is to access the best path to receive data from one device and to transmit it to another. The internet service provider (ISP) assigns an Internet Protocol (IP) address (example of an IP address: 175 . 16 . 235 . 2) for each of the devices that are connected to the router. 

Servers

Basically, servers are computers which serve information to other computers and receive from them also. On the Internet, web servers are structured in networks that contain software and files that are capable of connecting with other computers online. The software continuously runs on a computer and allows other computers to upload and download documents. Each file is private; only the users of that network can access those files. There are many online companies such as Dot5Hosting, Hostmonster, iPage, Web.com, HostGator, and GoDaddy.com to host websites. These companies usually charge monthly fees for their hosting services.

Browsers

A Web browser is a computer program used for accessing sites or information on a network (as the World Wide Web) and view web pages on the Internet. Web browsers are created by software run on the computer to connect to various operating system software programs across the Internet. The most commonly used web browsers include America Online, Internet Explorer, Google Chrome, Mozilla Firefox, and YouTube Browser. Users can navigate between each page through hyperlinks (detailed in Navigation section).

E-Mail

Short for electronic mail, e-mails are electronic messages containing files, images, and/or other attachments sent through a network (online) to a specific individual or group. Most Internet providers allow users to send and receive e-mail messages. There are e-mail programs such as Microsoft Outlook or Mozilla Thunderbird.  The most common way that users send and receive e-mail is through free online e-mail services or web mail such as AOL mail, Hotmail, Google Mail (Gmail), and Yahoo Mail.

Navigation

Web navigation refers to the process of going through (or navigating) on a webpage, or on a network of multiple information resources online. The primary user interface used for navigation is the web browser. The constant goal is to have a web navigation interface that helps to maximize usability. Most web browsers have a navigation toolbar with buttons of frequently used web commands such as “back”, “reload”, “stop”, “print”, “Home”, etc. In the middle of the toolbar is the location (also called address or URL) bar, which describes the text box for entering a web address in the browser. A Uniform Resource Locator (URL) is a uniquely formatted text that web browsers and other software uses to help identify network resources (web pages, documents, graphics, etc.) on the Internet. There are four parts for the addressing scheme in a URL:

·        Transfer protocol (http://) - set of rules necessary for transporting the files, the most common type of Internet protocol is HTTP.

·        Domain name – unique name for the address on the host computer.

·        Pathname - Directory or folder where file is stored.

·        Name of the file.

Internet Security

Internet security helps to establish rules and measures against attacks over the Internet. It involves not only browser security, but also network security in general as it relates to other applications and operating systems. Internet security programs monitor the exchange of information, and prevent intrusion or fraud. Different methods have been used to protect the transfer of data, including encryption, which refers to scrambling and encoding data transmission online, and preventing intruders from decoding and reading the page’s content.  The page is encrypted when there is a padlock icon at the bottom of the browser window. Web page security elements can be checked on the Internet Explorer.

Computer Security

Computer security is comprised of programs that are designed specifically for computing devices such as computers and smartphones used in both private and public settings such as the Internet. Functions of security applications involve protecting all the processes and mechanisms for digital equipment, information and services from viruses, malware and hacking. Computer security software detects and prevents unauthorized access or changes or destruction of information. It is becoming increasingly important to purchase this type of software to protect personal information and documents on PCs, smart phones, tablets and social media.

Cybersecurity 

Cybersecurity is the overall process of utilizing security measures for data confidentiality, integrity, and availability. Cybersecurity protects assets such as the vast amounts of data on computers, servers, and cloud technology from hackers and unauthorized access. The goal of cybersecurity is to protect and ensure security of data. Some of the measures include access control, awareness training, risk assessment, security assessment, vulnerability management, etc. Cybersecurity functions are critical because web servers open windows between individual networks and the entire world virtually. Server maintenance, web application updates and website coding help to determine the degree of web security. Websites are prone to security risks, in addition to networks where web servers are connected. Furthermore, all programs either have bugs or weaknesses to varying degrees, since they are inherently complex . However, poorly written software exacerbates security issues, and the bugs will create web security issues that directly affect web applications and the server. In recent times, there have been cyber attacks against major corporations such as Target, Home Depot, Neiman Marcus and Sony.  The combination of technical factors, increased human activity, and notable events have provided a critical moment in efforts for cybersecurity.

Examples of Security Programs

There are some effective and inexpensive Internet software programs (many with free trials) that can increase cybersecurity for websites and computers in general. Here is a list of some of the programs:

·        AVG Secure Search

·        AVG Internet Security

·        Avast Free Antivirus 2015

·        Norton Internet Security

·        Comodo Antivirus 7 

·        Bitdefender Total Security 2015

·        360 Internet Security

The entire downloadable e-book will be made available soon on Amazon.com.

Constructing Quality Questions for Discussions

How to Promote Collaborative Learning Online

The integration of online engagement with collaborative online learning assessment adds value to the teaching and learning experience. Technology has improved the assessment experience with discussion board assignments and group projects, and also by providing helpful resources such as video, audio, articles, and databases. Additionally, icebreaker activities in the early weeks, such as games and simulations further help to engage and attract students to work and communicate together.  Collaborative learning has helped learners achieve a more complete level of knowledge, due to frequent interaction with their peers as they exchange ideas and information. It also gives instructors an idea of the level of students’ knowledge, understanding, and ability to participate in teamwork.

However, many adult learners typically deal with time constraints and various issues in their personal and working lives, and have established patterns and opinions. They may not be particularly receptive to participating much in group discussions or assignments, and it may also be difficult for learners to be available to meet with each other to work on these projects.

Instructions

Please explain the ways in which instructors should implement collaborative learning, and when they are appropriate to use. Additionally, please share your experiences regarding the positive and negative aspects of collaborative projects for any type of learning environment (face-to-face, online, blended, etc.).

Scoring Rubric Link:

http://www.scribd.com/doc/160384526/Scoring-Rubric

Additional Learning Resources

Eberly Center (n.d.). Design and Teach a Course. Retrieved August 13, 2013 from http://www.cmu.edu/teaching/designteach/design/instructionalstrategies/groupprojects/benefits.html

Horton, W. (2006). Designing for the Virtual Classroom, E-Learning by Design. Retrieved August 14, 2013 from https://class.waldenu.edu/bbcswebdav/institution/USW1/201360_04/MS_INDT/EIDT_6511/Week%207/Resources/Resources/embedded/Horton_Ch9_DesignVirtual_.pdf

Palloff, R., & Pratt, K. (2007). Building online communities: Effective strategies for the virtual classroom. Retrieved August 13, 2013 from https://class.waldenu.edu/bbcswebdav/institution/USW1/201360_04/MS_INDT/EIDT_6511/Week%207/Resources/Resources/embedded/Paloff_Ch8.pdf

Sherry, L. (1996). Issues in Distance Learning. Retrieved August 14, 2013 from http://home.comcast.net/~lorraine.sherry/publications/issues.html

Weimer, M. (2011). 10 Benefits of Getting Students to Participate in Classroom Discussions. Retrieved August 14, 2013 from http://www.facultyfocus.com/articles/teaching-and-learning/10-benefits-of-getting-students-to-participate-in-classroom-discussions/

Plagiarism Detection and Prevention

What plagiarism detection software is available to online instructors?

EVE (Essay Verification Engine) software, and Turnitin.com, an online detection service, are two of the most commonly used plagiarism detection software (Jocoy & DiBiase, 2006). They both compare individual student papers to Web documents and/ or to essay databases. This is done to find and report instances of matching text. Turnitin catches Web plagiarism and checks sources from students’ bibliographies for plagiarism, including articles that are unavailable on the Web. Free online search engines such as Google also allow instructors to track down copied phrases.
Course management systems such as WebCT and Blackboard help to limit access to a test for a specific date, in addition to a precise block of hours on that date (McNett, 2002). They also limit the time available for test completion to increase the difficulty of students searching for the answers. User-tracking functions make it possible for an instructor to determine the time that each question was answered by the student.

How can the design of assessments help prevent academic dishonesty?

Online assessments (or e-assessments) offers flexibility since they can be accessed from any geographic location, prevents schedule conflicts, and avoids wastage of resources. However, academic dishonesty is a major issue with assessments. Academic dishonesty is defined by cheating, plagiarism, and other covert methods to achieve high grades in exams, course assignments and projects. Instructors have to make the assessment a learning experience with “hard” questions, and avoid overly difficult or overly easy tests. It is also important for instructors to create assessments that mirror real-life situations, and can relate to personal experiences (University of Wisconsin-Eau Claire, n.d.). Employing a proctor for the assessment is also helpful. Proctors help to ensure that students take the assessment at a designated time, without collaborators and unauthorized materials (Rowe, 2004). Assignments can be designed to incorporate collaboration, including discussion posts and online group projects (Boettcher & Conrad, 2011). The instructor also has to be clear about the purpose and content of the assessment. Time limits should be set, along with low stakes (the questions worth few points). The assessments should contain clear definitions of what is considered cheating and plagiarism, including questions that can erase any misconceptions (University of Wisconsin-Eau Claire, n.d.).

What facilitation strategies do you propose to use as a current or future online instructor?

In watching the video, I discovered that one of the important functions of a facilitator is to educate learners about copyright, fair use, plagiarism, and cheating (Laureate Education, n.d.). Students should be informed about course requirements, and available support and communication (via syllabus, course announcements). Students also have to be taught to properly paraphrase and cite material, and should discuss their role as self-directed learners. I would also encourage students to make use of libraries and writing centers to learn about correctly paraphrasing and citing resources. I also believe that having TAs and tutors can also discourage cheating, by conducting sessions with students to discuss any questions or difficulties that they have with the course. I have worked with TAs at USF, and it was quite helpful to my overall understanding of the course and subject.

What additional considerations for online teaching should be made to help detect or prevent cheating and plagiarism?

In reading the resources and conducting research online, I discovered that there are several ways in which cheating and plagiarism can be prevented. Drawing questions randomly for each student from a pool is one example, helping to reorder multiple-choice answers randomly if possible (Rowe, 2004). Place one question per page when administering an exam. Placing one question per page when administering an exam or assignment is also helpful, as well as disabling printing and copying options, and requiring some short essay questions (University of Wisconsin-Eau Claire, n.d.). For the latter, students would apply concepts or material from the course.
CMSs as WebCT and BlackBoard have plagiarism prevention capabilities, which make it possible to administer a proctored examination online (McNett, 2002). Tests can be structured to require the input of a proctor’s ID and student’s ID, so that the exam can’t start until the proctor is present. It is also possible to limit access to a test to a specific computer at a specific Internet address, where a proctor can be present. Another technique that reduces cheating is the use of question banks. This entails use of several course-delivery software packages that supports databases of questions from which the software selects items, according to specific rules. These capacities randomize the sequence of questions, making it more difficult for memorizing and sharing the sequence of answers.

References:

Boettcher, J. V., & Conrad, R. (2010). The online teaching survival guide: Simple and
practical pedagogical tips. San Francisco, CA: Jossey-Bass.

Jocoy, C. & DiBiase (2006). Plagiarism by Adult Learners Online: A case study in detection and remediation. Retrieved June 13, 2013 from http://www.irrodl.org/index.php/irrodl/article/view/242/466

Laureate Education, Inc. (Producer). (n.d.). Plagiarism and Cheating [Video webcast]. Retrieved June 13, 2013 from https://class.waldenu.edu/webapps/portal/frameset.jsp?tab_tab_group_id=_2_1&url=%2Fwebapps%2Fblackboard%2Fexecute%2Flauncher%3Ftype%3DCourse%26id%3D_2818946_1%26url%3D

McNett, M. (2002). Curbing Academic Dishonesty in Online Courses. Retrieved June 13, 2013 from http://www.ion.uillinois.edu/resources/pointersclickers/2002_05/

Rowe, N.C. (2004). Cheating in Online Student Assessment: Beyond Plagiarism. Retrieved June 13, 2013 from http://www.westga.edu/~distance/ojdla/summer72/rowe72.html

University of Wisconsin-Eau Claire (n.d.). Desire2Learn 9.0: Tips to Ensure Academic Honesty. Retrieved June 13, 2013 from http://www.uwec.edu/help/D2Lv9/deter.htm