Copyright Goodheart-Willcox Co., Inc. Chapter 2 Information Security Fundamentals 47 Cookies Cookies are small text fi les that are saved on the computer for use with web browsers and websites. If a website uses a cookie, the cookie contains information about your visit to the site. It can be used to store preferences so, when you return to the site, you do not have to provide this information again. The idea behind cookies is simple. They make your web surfi ng personalized to your browsing. Unfortunately, cookies can be used maliciously. There are dif- ferent types of cookies to be aware of: • session cookies • persistent cookies • secure cookies • third-party cookies Most reputable companies will publish a cookie policy. A cookie policy should state if the site uses cookies. If cookies are used, the policy should explain how. In some cases, the user may be able to opt out. Most web browsers also have a setting to prevent cookies from being saved. MTA Security Fundamentals 1.3 Goodheart-Willcox Publisher Figure 2-8. Hardware keyloggers are widely available. They can be used to record every keystroke on the keyboard. Quick Look 2.2.3 Cookie Policy It is a good practice for a company to have a cookie policy if its website uses cookies. This provides an openness to the users. Some sites even have a pop-up window to alert the user that cookies are being used. 1. Launch a web browser, and navigate to a search engine. 2. Enter the search phrase CNN privacy policies. In the list of results, select the article entitled Privacy Policy— CNN.com (it will likely be the fi rst article listed).