CS 110 Final Exam: The Web and Safety & Security (up to pg 45)

What is the difference between the web and the internet?

The internet is a global data communications network, while the web is just one of the many technologies that use the internet to distribute data.

World Wide Web (web)

a collection of HTML documents, images, videos, and sound files that can be linked to each other and accessed over the internet

Hypertext

describes a computer system that could store literary documents, link them in logical relationships, and allow readers to comment and annotate on what they read

Web site

typically contains a collection of related information organized and formatted so it can be accessed using a browser

Web server

an internet-based computer that stores website content and accepts requests from browsers

Web page

based on an HTML source document that is stored as a file on a web server

Hypertext links (links)

used to connect web pages

Unidirectional links

i.e. document A links to document B, but not vice versa

Bidirectional links

connect 2 documents using a 2-way link that can be following from either document

uniform resource located (URL)

the unique address of every web page

Name 4 rules for correctly typing a URL.

1. A URL never contains spaces.
2. The http:// can be omitted.
3. Always use a forward slash (/).
4. Duplicate the URL's capitalization exactly.

What are 2 services that can create short URLs?

Bitly & Goo.gl

What is one disadvantage to short URLs?

May lead to questionable web sites and scams

What are the 6 essential elements of a browser?

1. an entry area for URLs and searches
2. navigation controls
3. refresh button
4. home button
5. settings menu
6. display area

How can you customize your browser?

1. change home page
2. customize bookmarks and favorites
3. control tab behavior
4. select predictive services
5. adjust password settings

Browser home page

the first page displayed when the browser starts

Predictive services

look ahead and anticipate what you might do when searching or filling out forms while using a browser

Bookmarks

link to pages that you use frequently

Browser tabs

allow your browser to queue up multiple web pages so that you can easily switch between them

Browser extension

adds features to a browser

Plugin

a program that extends a browser's ability to work with file formats (i.e. Adobe flash player)

Browser cache

temporary files stored on the device when the browser fetches pages and graphics to form a web page

History list

list of sites you've visited

Private browsing

traces of your activity are not maintained in the history list or browser cache

List 5 popular browsers.

1. Apple Safari
2. Google Chrome
3. Microsoft Internet Explorer
4. Microsoft Edge
5. Mozilla Firefox

HTML

the foundation for professional designed corporate web sites

What is the current version of HTML?

HTML5

Why is HTML called a markup language?

because authors mark up documents by inserting special instructions (HTML tags) that specify how the document should appear when displayed in a browser window

HTML document (source document)

similar to word processing file but has an .htm or .html extension; incorporates HTML tags; source of the HTML tags used to construct a web page

What are 4 tools for creating web pages?

1. HTML conversion utility
2. online HTML editor
3. locally installed HTML editor
4. text editor

HTML conversion utility

creates an HTML document from a conventional document, spreadsheet, or other text-based file

Online HTML editor

select a template, choose a color scheme, enter titles and other text, upload graphics, and add links to other pages

Locally installed HTML editor

offers professional features for managing extensive corporate web sites

Text editor

with these tools, you start from scratch, with a blank page, and enter HTML codes along with text that you want for your web page

Cascading style sheets (CSS)

a set of detailed style specifications for an HTML document

Inline CSS

style sheets can be intermixed with an HTML doc; avoided by professional designers

Internal CSS

included with the header of an HTML doc; places formatting elements where they can be edited

External CSS

style rules are placed in a separate file with a .css extension; for web sites with more than one page, this is recommended approach

Static web page

displays the same information regardless of who accesses it

Dynamic web page

displays customized content in response to keyboard or mouse actions or based on information supplied directly or indirectly by the person viewing the page

Client-side scripts

embedded in an HTML document and run locally when a web page is displayed by a browser; they are used to customize aspects of the user interface and for simple interactions

Server-side scripts

run on web servers rather than on local devices; they typically access information from a database and use that information to create customized web pages on the fly

What are the 4 steps for establishing a web site?

1. selecting a hosting service
2. choosing a domain
3. posting web pages
4. testing pages in various browsers

HTTP

a communication protocol that works with TCP/IP to get the elements for web pages to a local browser

HTTP methods

a set of commands that help the browser communicate with web servers

HTTP session

a sequence of transactions most commonly used to request data from a web server and return the files needed to display a web page in a browser window

Stateless protocol

the server does not "remember" its state from one session to the next

HTTP status code

indicates whether the browser's request could be fulfilled

What does HTTP status code 200 mean?

request was fulfilled

What does HTTP status code 404 mean?

source does not exist

Cookie

a small chunk of data generated by a web server and stored as a text file in memory or on disk

What do web sites use cookies for?

1. monitor your path through a site
2. gather information
3. collect personal information
4. verify that you have logged into a site using a valid ID

Session cookies

cookies stored in memory and deleted when the browser is closed

Persistent cookies

cookies that are stored on a device after a session ends (some are programmed to time out after a designated date)

First-party cookie

set by the domain that hosts a web page

Third-party cookie

set by a site other than the one you connected to

HTTP secure connection

encrypts the data stream between client devices and servers

Public key encryption

a very clever process that requires one key to encrypt data, but a different key to decrypt it

Web search engine

a computer program designed to help people locate information on the web by formulating simple queries consisting of one or more words called keywords

What are the 4 components of a search engine?

1. web crawler
2. indexer
3. database
4. query processor

Web crawler

combs the web to gather data that's representative of the contents of web pages; generally do not gather material from the invisible web

Indexer

processes the information gathered by the crawler into a list of keywords and URLs stored in a database

Database

stores billions of index references to web pages

Query processer

allows you to access the database by entering search terms, and then produces a list of web pages that contain content relevant to your query

Invisible web

encompasses pages that require password-protected logins and pages that are dynamically generated with server-side scripts

Link popularity

a measure of the quality and quantity of the links of the links from one web page to others

Search engine optimization (SEO)

can affect the ranking and visibility of web pages

Sponsored links

sites bumped to the top positions on their results list OR placed in a clearly marked area

How to formulate searches?

1. a few keywords
2. not case sensitive
3. don't bother with "stop" words (i.e. and, a)
4. uses stemming technology that automatically looks for other variations of words
5. order of words matters
6. uses location if allowed
7. uses context and predictive technology
8. narrow the search

Search operator

a word or symbol that describes a relationship between search terms and thereby helps you create a more focused query

Encryption

transforms a message or data file in such a way that its contents are hidden from unauthorized readers

Plaintext (cleartext)

an original message or file that has not yet been encrypted

Ciphertext

an encrypted message or file

Decryption

the process of converting cipher text into plaintext

Cryptographic algorithm

a procedure for encryption or decryption

Cryptographic key

a word, number, or phrase that must be known to encrypt or decrypt data

Advanced encryption standard (AES)

the encryption standard currently used worldwide

Authentication protocols

(i.e. passwords, PINs, fingerprint scans) the first line of defense against data thieves and snoopers

Strong password

difficult to hack; at least 8 characters, 1 or more uppercase, numbers, symbols

Brute force attack

uses password-cracking software to generate every possible combination of letters, numerals, and symbols

Dictionary attack

helps hackers guess your password by stepping through a dictionary containing word lists

What are some characteristics of weak passwords?

1. words from a dictionary
2. doubled words
3. default passwords
4. sequences of numbers like dates or phone numbers
5. words with sequence of numbers at the ends
6. words with symbol or numeric mutations
7. username
8. conventional capitalization

Password manager

stores user IDs with their corresponding passwords; may include strength meter

Malware

refers to any computer program designed to surresptiously enter a digital device

Malware exploit or payload

the action carried out by malware code

What are 3 common classifications of malware?

viruses, worms, trojans

What are some malware threats?

1. display irritating messages and pop-up ads
2. delete or modify your data
3. encrypt data and demand random for the encryption key
4. upload or download files
5. record keystrokes to steal passwords and credit card numbers
6. send messages containing malware and spam to everyone in address book
7. disable antivirus and firewall software
8. block access to specific web sites and redirect a browser to infected web sites
9. cause response time slowdowns
10. allow hackers to remotely access data stores on a device
11. allow hackers to take remote control of a device and turn it into a zombie
12. link a device to others in a botnet that can send spam
13. cause network traffic jams

Computer virus

a set of self-replicating program instructions that surreptitiously attaches itself to a legitimate executable file on a host device

Code injection

the process of modifying an executable file or data stream by adding additional commands

Side-loading

an app from a source other than an official App Store is installed on a device

Rootkit

any code that is designed to hide the existence of processes and privileges

Computer worm

a self-replicating, self-distributing program designed to carry out unauthorized activity on a victim's device

Mass-mailing worm

spreads by sending itself to every address in the address book of an infected device

Internet worm

looks for vulnerabilities in operating systems, open communication ports, and JavaScripts on web pages

File-sharing worm

copies itself into a shared folder under an innocuous name

Trojan

a computer program that seems to perform one function while actually doing something else; most are not designed to replicate themselves

Dropper

designed to deliver or "drop" malicious code into a device

Antivirus software

a type of utility software that looks for an eliminated viruses, trojans, worms, and other malware

Virus signature

a section of program code that contains a unique series of instructions known to be part of a malware exploit

Heuristic analysis

techniques used by antivirus software to detect malware by analyzing the characteristics and behavior of suspicious files; may produce false positives