zuai-logo

Safe Computing

David Foster

David Foster

7 min read

Listen to this study note

Study Guide Overview

This AP Computer Science Principles study guide covers digital information (PII, data collection, risks, safe practices), internet safety (authentication, encryption, malware, phishing, safe computing habits), and exam preparation. Key terms include strong passwords, multifactor authentication (MFA), symmetric/public key encryption, and digital certificates. The guide includes practice questions and emphasizes data privacy and security, authentication, encryption, malware, and phishing as high-priority exam topics.

AP Computer Science Principles: Ultimate Study Guide 🚀

Hey there! Let's get you prepped and confident for your AP CSP exam. This guide is designed to be your go-to resource, especially the night before the test. We'll break down the key concepts, connect the dots, and make sure you're ready to rock!

1. Digital Information 💾

1.1 Information Collection & Privacy

  • Personal Data: Computers store your personal data. Location, cookies, and browsing history can identify you.

  • Tracking: Search engines track history for suggestions and targeted marketing. Devices record IP addresses and locations.

  • Personally Identifiable Information (PII): This includes age, race, phone numbers, medical/biometric data, financial info, and SSN.

Key Concept

Protecting PII is crucial. Be aware of what information is collected and how it's used.

  • Benefits of Data Collection:

    • Enhances user experience (e.g., social media connections, faster product searches).
    • Powers personalized features (e.g., TikTok's For You page).

  • Harms of Data Collection:

    • Exploitation for stalking or identity theft.
    • Data breaches put users at risk.

  • Think Before You Post: Information online can be used in unintended ways. Screenshots and forwarding make deletion difficult.

Exam Tip

Be cautious about what you share online. Once it's out there, it can be hard to remove. Always think before you post!

  • Example: A picture of your view can reveal where you live.

1.2 Other Dangers of Computing

  • Viruses and Worms:

    • Viruses attach to files and need activation. Worms operate independently.
    • Example: ILOVEYOU virus (2000) and WannaCry worm (2017) caused billions in damages.

  • Malware: Malicious software designed to damage or control systems. Includes ransomware and adware.

  • Phishing: Tricking users into giving personal info by posing as a trusted entity.

  • Keylogging: Recording keystrokes to steal sensitive information like passwords.

  • Rogue Access Points: Unauthorized access points that can intercept data on public networks.

Common Mistake

Never click on links or download from untrusted sources. Be wary of strange messages, even from friends.

  • Safe Computing: Be wary and download only from trusted sources.

Practice Question

Which of the following is NOT considered personally identifiable information (PII)? A) Your full name B) Your IP address C) Your favorite color D) Your social security number

Answer: C

What is the primary difference between a virus and a worm? A) A virus requires user activation, while a worm can operate independently. B) A worm requires user activation, while a virus can operate independently. C) A virus is more harmful than a worm. D) A worm is always attached to an email, while a virus is not.

Answer: A

Explain the potential benefits and harms of collecting personal information online. Provide two examples of each.

Scoring Breakdown: Benefit 1 (1 point): A valid benefit of collecting personal information is stated. Benefit 2 (1 point): A second valid benefit of collecting personal information is stated. Harm 1 (1 point): A valid harm of collecting personal information is stated. Harm 2 (1 point): A second valid harm of collecting personal information is stated. Example 1 (1 point): A valid example of a benefit or harm is given. Example 2 (1 point): A second valid example of a benefit or harm is given.

Sample Answer: Benefits: Personal information can enhance user experience by connecting with friends on social media (Example 1) and provide personalized content like TikTok's For You page (Example 2). Harms: This information can be exploited for stalking purposes (Example 1) or identity theft (Example 2) if not protected.

2. The Internet 🌐

2.1 Principles of Safe Computing

  • Authentication: Keeping unauthorized users out of your accounts.

    • Strong Passwords: Use a mix of uppercase, lowercase, numbers, and symbols (e.g., M4r13_cur13). Avoid common phrases or personal info.

Memory Aid

Think of a strong password like a secret code only you know. Make it unique and hard to guess!

  - **Multifactor Authentication (MFA):** Requires multiple verification methods (knowledge, possession, inheritance).
Quick Fact

MFA adds extra layers of security. Always use it when available!

  -  **Categories of Verification:**
     - **Knowledge:** Something you know (password, PIN, security questions).
     - **Possession:** Something you have (USB, access badge, one-time codes).
     - **Inheritance:** Something you are (fingerprints, voice).
  • Encryption: Encoding data to prevent unauthorized access. Decryption is decoding.

    • Traditional Methods: Caesar Cipher (shifting letters), French Great Cipher (complex substitution).

Memory Aid

Encryption is like putting your message in a secret box with a key. Only someone with the key can open it.

  -  **Modern Methods:**
     - **Symmetric Key Encryption:** One key for both encryption and decryption.
     - **Public Key Encryption:** Public key to encrypt, private key to decrypt. Relies on digital certificates issued by Certificate Authorities (CAs).
  - **Digital Certificates:** Verify website authenticity. Like a signature on a check.
  - **Trust Model:** Determines if a digital certificate is legitimate.

2.2 Other Safe Computing Practices

  • Regular Software Updates: Patches up errors and vulnerabilities.

  • Virus and Malware Scanning Software: Protects against malicious software (e.g., Norton, McAfee).

  • Firewalls: Monitor traffic and block unsafe websites.

  • Data Backups: Mitigate hardware failure or virus attacks.

  • Permissions: Control what data companies have access to.

  • Device Security: Keep devices safe from physical theft or hacking.

  • Internet Connection Security: Be cautious of free WiFi.

  • Stay Informed: Technology is always evolving.

Focus on authentication, encryption, and safe computing practices. These topics are frequently tested!
Practice Question

Which of the following best describes symmetric key encryption? A) It uses one key for encryption and a different key for decryption. B) It uses the same key for both encryption and decryption. C) It uses a public key for encryption and a private key for decryption. D) It does not use keys for encryption.

Answer: B

What is the purpose of a digital certificate in public key encryption? A) To encrypt the message. B) To decrypt the message. C) To verify the authenticity of a website. D) To provide a password for the user.

Answer: C

Explain the concept of multifactor authentication (MFA) and provide two examples of how it enhances security.

Scoring Breakdown: MFA Definition (2 points): A clear definition of MFA is provided. Example 1 (1 point): A valid example of MFA is given. Example 2 (1 point): A second valid example of MFA is given. Security Enhancement 1 (1 point): A valid explanation of how MFA enhances security is given. Security Enhancement 2 (1 point): A second valid explanation of how MFA enhances security is given.

Sample Answer: Multifactor authentication (MFA) is a security system that requires multiple methods of verification to access an account. For example, it might require a password (knowledge) and a one-time code sent to your phone (possession). Another example is using a fingerprint (inheritance) and a PIN (knowledge). MFA enhances security by adding extra layers of verification, making it harder for unauthorized users to gain access even if they have one piece of information, like a password. It also ensures that if one method is compromised, others are still in place to prevent unauthorized access.

Final Exam Focus 🎯

High-Priority Topics:

  • Data Privacy & Security: PII, data collection, benefits/harms, safe posting.
  • Authentication & Encryption: Strong passwords, MFA, symmetric/public key encryption, digital certificates.
  • Malware & Phishing: Viruses, worms, malware types, phishing techniques.
  • Safe Computing Practices: Software updates, firewalls, backups, permissions.

Common Question Types:

  • Multiple Choice: Definitions, comparisons, scenarios.
  • Free Response: Explaining concepts, analyzing situations, applying knowledge.

Last-Minute Tips:

  • Time Management: Pace yourself, don't get stuck on one question.

  • Read Carefully: Pay attention to keywords and details.

  • Stay Calm: Take deep breaths, you've got this!

  • Review Key Terms: Make sure you understand the definitions.

  • Connect Concepts: AP questions often combine multiple topics.

Exam Tip

Remember to read each question carefully and manage your time effectively. You are well prepared!

Congratulations! 🎉

You've covered all the key areas. You're ready to ace the AP CSP exam! Go get 'em! 💪

Explore more resources

FlashcardFlashcard

Flashcard

Continute to Flashcard

Question BankQuestion Bank

Question Bank

Continute to Question Bank

Mock ExamMock Exam

Mock Exam

Continute to Mock Exam

Previous Topic - Legal and Ethical Concerns

Question 1 of 12

What piece of information is NOT considered Personally Identifiable Information (PII)? 🤔

Your phone number

Your browsing history

Your favorite book

Your social security number