Network Security

    Security of any kind is critical for personal reasons and organizational reasons. If a person does not lock their doors at home when they leave for the day, they leave their home vulnerable. Other people who may want to cause harm or anyone looking to do anything bad can have access to that person's personal belongings. When you think of personal data, most people don’t really think about how what they do online can be taken and used against them. My guess for this reaction is that online data is not tangible; a person cannot physically hold that data, so they may think it doesn’t exist. The test explains that personal data can be described as PII (personally identifiable information). The book states that PII is any information that can be used to identify a person. (CompTIA, 2024) PII can be seen as a person's name, home address, phone number, SSN, Email, and bank account number. In the world of organizations, like regular people, they have data that can be taken and used against them. Organizations carry people's data to either provide a service or sell a service. The difference is that more people's data can be taken when an organization has a breach.

    Threat actors use many ways to access personal and organizational information; for instance, they use malware, ransomware, pharming, computer viruses, phishing, smishing, HTTPS phishing, and social engineering. The most common methods people see of these attacks are phishing and smishing; some people call them nasty emails, scam calls, or even scam texts. We have all experienced when we get a text from a strange number saying “hello” or an email that states that you have won money, and all you need to do is claim the money through a link provided. These are examples of phishing and smishing, where a threat actor uses emails or text messages to get a person to access a link that they build to get a person's information. These attacks are widespread and happen every day. Technology organizations like Microsoft, Apple, Google, and Meta have all build different security systems in all their products to protect a person of various kinds of threats, like Apple has started a new security protocol that allows the phone to read the number and let the user know if it is a scam text or call. But of course, where there is a wall, there is a way around it; threat actors have developed a way to go around this security feature. According to the article on Newspaper Source Plus by Loraine Centeno, threat actors have built a method that, if a person replies to a smishing attempt, would cause the preinstalled security methods to deactivate, and allow threat actors to access data. (Newspaper Source Plus, 2025) The lesson I have learned from phishing and smishing is that technology is only as good as its user. The person or organization that follows protocols to protect data is best practice; if a person ignores protocols and doesn’t follow them, they put themselves at risk of being vulnerable to a threat actor.

    Going along with the technology theme is only as good as being a user; social engineering is another threat actor that more people should be aware of. In the article titled “Social engineering,” Aaron Korora describes social engineering as an art and technique of convincing people to release confidential information or engage in a course of action they may not necessarily choose for themselves. (Salem Press Encyclopedia, 2025) Social Engineering involves people tricking or making people do things they don’t want. Both threat scenarios involve people getting attacked and getting information. In the phishing example, they get attacked via technology; in social engineering, people are attacked in person. Social engineering has many different forms, from a person getting data via a conversation, a person leaving data open on the computer, or accessing flash drives that have malware. Social engineering, like phishing, has basic protocols that people follow to avoid these types of attacks, such as not writing their passwords down, not sharing sensitive data with other people, or having basic security. 

    If personal or organizational data is involved, security protocols must be implemented to protect sensitive data. Most people think that security to protect data needs to be complicated and overwhelming, but security can be as basic as not clicking a link in an odd-looking email or using multifactor authentication. Protocols are in place for protection and must be followed to stay protected. In the same way a person locks their door before leaving their home, one action can protect tons of information.

References:

CompTIA (2024). CertMaster Learn Tech+ (pp. 2.1.2). Computing Technology Industry Association (CompTIA). https://labsimapp.testout.com/v6_0_678/index.html/productviewer/1215/2.1.2/e2363228-53bb-4e27-87e7-26cd1de40137/outline?nonce=u1MK7ww8v4gNpEzTKI2HuWx8ONSxqmJz-Ps_b2i8v_4

Ma, A. K. P. A. (2025). Social engineering. Salem Press Encyclopedia. https://research.ebsco.com/c/6cb5lq/viewer/html/orc7ujnkzr

Smishing texts can trick you into turning off your iPhone’s security protections. Here’s why replying to scammers is a bad idea. (2025). Guelph Mercury (ON). https://research.ebsco.com/c/6cb5lq/viewer/html/qd2pxhze55

Comments

Post a Comment

Popular posts from this blog

Web/Mobile App Critique

Image
       The app I chose to discuss is the YouTube mobile app. I chose this app because it is one of my favorite apps and has many options and ways to use it. YouTube started as a website that allowed people to upload videos, so it was a platform where people could sort and share videos. At this point, YouTube just celebrated 20 years of the first video being uploaded, “Me at the Zoo”, where one of the original website developers shared a small video of himself at the zoo. At this point, YouTube sorts through billions of videos. YouTube as a mobile app allows users to see different videos from education, music, podcasts, fitness, vlogs, shorts, etc. The app is straightforward; you can go ahead and select any video on the screen and start watching it. As a user, you can choose or search for videos and subscribe to channels that allow you to follow different creators to get a personal curation of other videos. The number of things you can do in the app is very well laid ...
Read more

Traveling Through a Network

       Well, learning about the two different commands, I have learned a lot from both commands, ping and traceroute. The ping command is used to communicate with a specific website or address to see if the computer and website are communicating. The ping command in troubleshooting can be used to see if a computer and a website or address communicate. In my three trials, I got no lost packets, meaning my laptop communicates perfectly fine with all the websites. The tracerouting command is used to communicate with the same websites, but it maps out all the routers it hits before getting to the website. It's a road map of all the routers hit by the website.                The difference in geographic locations makes a difference; if I traceroute a website hosted on a local server, it would take fewer hops to get the website to respond. Like the international websites, it took more hops to get to the loc...
Read more