Understanding Threats to ICT Systems and Data

unit 345 level 3 principles of ict systems n.w
1 / 20
Embed
Share

Explore common physical and electronic threats to ICT systems and data, along with security vulnerabilities related to remote access technologies. Learn about measures to safeguard against threats and enhance overall security in the digital realm.

  • Threats
  • ICT systems
  • Security vulnerabilities
  • Remote access
  • Data protection
rayaanacharya
kirchoff_k Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. UNIT 345 LEVEL 3 PRINCIPLES OF ICT SYSTEMS

  2. 1.1 Describe common types of physical threats to ICT systems and data (hardware damage, loss and theft) 1.2 Describe common types of electronic threats to ICT systems and data (e.g. denial of service, data theft or damage, unauthorised use) 1.3 Explain the security vulnerabilities associated with remote access technologies (including wireless) LO1 1. UNDERSTAND THE COMMON TYPES OF THREAT TO ICT SYSTEMS AND DATA

  3. Burglary Natural Disaster Accidental Damage Terrorism Fire Smoke Damage Flood Overheating Electrical Faults Old Assets 1.1 PHYSICAL THREATS

  4. Fire Alarms CCTV Locks Fire Doors Drains Security Guards Electric Fences Faraday Cages/Rooms Generator/UPS Surge Protector Policies and procedures to upgrade assets Access control Burglar alarm 1.1 ADEQUATE PHYSICAL SECURITY?

  5. iCloud External Hardrives Phones Tablets Cd s USB s SD cards Camera s Sat Nav Laptop 1.1 LOSS OR THEFT DUE TO DATA THAT IS EASILY TRANSPORTED/ MOVED

  6. Fire Water Electrical Accidental Damage Vandalism Maintenance Hackers Viruses/Malware 1.1 DAMAGE TO EQUIPMENT

  7. Malware Spyware Trojan Rootkit Logic Bomb Worm Keyloggers Virus Spoofing DOS Spam Ransomware Wireless eaves dropping DOSD dog Phishing Hacking War Driving Wireshark Botnet 1.2 ELECTRONIC THREATS

  8. Bluetooth no security Web scripts Wireshark packet tracer WEP WPA WPA2 Wireless extenders Remote access- Phone call Team Viewer- Wireless Google Earth Human interaction Social engineering 1.3 SECURITY VUNERABILITIES

  9. Home Working Web Email access Wireless Connections Mobile Phones Bluetooth Laptops Web Page Hijack REMOTE ACCESS SECURITY VUNERABILITIES

  10. 2.1 Describe methods of providing physical access control and security for ICT systems (locks, biometric controls, CCTV, shielding, fire detection and control) 2.2 Describe methods of providing electronic access control and security for ICT systems (firewalls, virtual networks, secure connection/transfer protocols, secure wireless connection) 2.3 Differentiate the following Access Control methods: ?Mandatory ?Discretionary ?Role Based 2.4 Describe the operation of common types of malicious code: ?Virus ?Trojan ?Logic Bomb ?Worm ?Spyware 2.5 Describe the characteristics of strong passwords and methods of attacking password-protected systems LO2 UNDERSTAND HOW TO PROTECT ICT SYSTEMS

  11. Locks Doors Server Cabinet RFID cards CCTV Alarms Biometrics Fingerprint, voice and retina. Smart Cards /NHS Faraday Cages Shielding Fire Control Systems alarms sprinklers etc Motion Detector 2.1 METHODS OF PROVIDING PHYSICAL ACCESS CONTROL AND SECURITY FOR ICT SYSTEMS

  12. Authentication Methods Firewalls Virtual Networks Secure Connection/ transfer protocols Wireless connection security Login and password protection Access Rights and permissions Virus, Malware and Spyware protection Secure remote access Back up and restore systems Monitoring systems ( email, activity etc logging) 2.2 DESCRIBE METHODS OF PROVIDING ELECTRONIC ACCESS CONTROL AND SECURITY FOR ICT SYSTEMS

  13. Mandatory access if rules exist / active directory / permissions Discretionary access determined by the owner Role Based eg IT Tech, Teacher, Student. 2.3 ACCESS CONTROL METHODS: MANDATORY DISCRETIONARY ROLE BASED

  14. ?Virus ?Trojan ?Logic Bomb ?Worm ?Spyware 2.4 DESCRIBE THE OPERATION OF COMMON TYPES OF MALICIOUS CODE:

  15. Dictionary attack Keylogger Keyboard attack Brute Force Social engineering Phishing Man in the middle attack wireshark packet sniffing Rainbow Attack key words Uppercase, lowercase, numbers, symbols, not using words, not using dates, names. Length 8 or more, keyboard pattern. Password History, saving passwords Saving Passwords wallet or in Windows. 2.5 DESCRIBE THE CHARACTERISTICS OF STRONG PASSWORDS AND METHODS OF ATTACKING PASSWORD- PROTECTED SYSTEMS

  16. 3.1 Describe cryptographic algorithms: ?Hashing - Sha1, SHA 256, MD5 Sum, ?Symmetric - DES, 3DES, AES and RC4 ?Asymmetric RSA Public Key cryptography 3.2 Describe how cryptography can be applied to ICT system and data security in terms of: ?Confidentiality ?Integrity ?Authentication ?Non-repudiation ?Access Control 3.3 Explain the operation of Public Key Infrastructure (PKI) 3.4 Explain the concepts of the Key Management and Certificate lifecycles LO3: UNDERSTAND THE APPLICATIONS OF CRYPTOGRAPHY TO ICT SYSTEMS AND DATA

  17. ?Hashing - Sha1, SHA 256, MD5 Sum, ?Symmetric - DES, 3DES, AES and RC4 ?Asymmetric RSA Public Key cryptography Link - http://packetlife.net/blog/2010/nov/23/symmetric- asymmetric-encryption-hashing/ 3.1 DESCRIBE CRYPTOGRAPHIC ALGORITHMS:

  18. ?Confidentiality ?Integrity ?Authentication ?Non-repudiation ?Access Control 3.2 DESCRIBE HOW CRYPTOGRAPHY CAN BE APPLIED TO ICT SYSTEM AND DATA SECURITY

  19. 3.3 EXPLAIN THE OPERATION OF PUBLIC KEY INFRASTRUCTURE (PKI)

  20. 3.4 EXPLAIN THE CONCEPTS OF THE KEY MANAGEMENT AND CERTIFICATE LIFECYCLES

Related


Cloud Computing Market Trends

Cloud Computing Market Trends

Harsh1
The Impact of APRN Regulation in South Carolina

The Impact of APRN Regulation in South Carolina

jefferson
Operating System Memory Management in CS 345

Operating System Memory Management in CS 345

rocky
CS 345 Lecture 1: Introduction and Math Review

CS 345 Lecture 1: Introduction and Math Review

maeli
Overview of U.S. Army Force Structure and Unit History Division

Overview of U.S. Army Force Structure and Unit History Division

sal_ob
California LifeLine Third Party Administrator Presentation Summary

California LifeLine Third Party Administrator Presentation Summary

arla_4
Westar Energy Transmission Projects Update Meeting

Westar Energy Transmission Projects Update Meeting

emge_ton
Unit Rates in Mathematics

Unit Rates in Mathematics

main324
The LabVIEW Unit Test Framework

The LabVIEW Unit Test Framework

seha_655
Unit Name Details and Specifications

Unit Name Details and Specifications

angelmar
Mastering Concurrency in Operating Systems: Tips and Strategies

Mastering Concurrency in Operating Systems: Tips and Strategies

persinger_s
Unit Value Submission Guidelines for Production Entities

Unit Value Submission Guidelines for Production Entities

tenenbaum_k
Unit Testing in Software Engineering

Unit Testing in Software Engineering

laas

More Related Content