Explain what an organisation can do to minimise security breaches in networked systems

  • Home / General / Explain what an…

Explain what an organisation can do to minimise security breaches in networked systems

Give a summary of what this is and some information about how this type of attack might take place the source of the attack and the damage it could do/effect it will have

 

Securing networked systems.

The unit spec is:

http://qualifications.pearson.com/content/dam/pdf/BTEC-Specialist-Qualifications/ICT-Systems-and-Principles/2010/Specification/AP025131-BTEC-ICT-Systems-and-Principles-u45.pdf

And the outcomes being covered are:

1.1 Describe how networks can be attacked

2.1 Describe how networked systems can be protected

2.2 Explain what an organisation can do to minimise security breaches in networked systems

You will probably be asked to put together a power point presentation/word document that covers the above. I’ll go into the unit content in a second but in general it needs to be set out in a way that we can easily pick out the evidence which addresses those outcomes. For example I would start with a section called something like “Network Threats”.

Then run through some different threats as an example:

  1. Type of Attack – Virus/Malware DDoS Phishing etc.

Description – Give a summary of what this is and some information about how this type of attack might take place the source of the attack and the damage it could do/effect it will have

  1. How to protect against this type of attack.

Mention any software/hardware that can be used to protect against it or minimise the effect of the attack

So you need to come up with a few different examples of the attacks and how to protect against it.

Here is the Unit Content (page 3 of the specification) which relates to the above:

(for 1.1)

Attacks: types eg denial of service back door spoofing mathematical brute force software exploitation viruses rootkits worms Trojans spyware adware

Sources of attacks: internal eg disaffected staff; external eg via internet connections or through unsecured wireless access point viruses introduced by email

(for 2.1)

Email systems: security features eg secure MIME spam hoaxing relay agents

Wireless systems: security features eg site surveys MAC association WEP/WPA keys TKIP

Networked devices: security features eg router switch wireless access point

Transmission media: issues eg use of shielding

Personal access control: devices eg biometrics passwords usernames permissions digital signatures

Security control at device level: access control eg protocols log in certificates

Encryption: eg encrypting files for confidentiality encryption with application-specific tools recovering encrypted data

Intrusion detection systems: devices eg firewalls virus protection spyware protection file monitoring folder monitoring use of honeypots alarms.