In the last 2 decades, theirs have
been a rapid development in hardware and software in computer, phone or
tablets. It has revolutionised the man kind which made us do and discover
things which we could never imagined 10-20 years ago or maybe 5 years ago. As we
are advancing in an uncontrollable speed, the treat to all the system are also
increasing rapidly. That why we need to make sure our system is treat free and
our security measurements are strong to avoid any internal and external treats.
For example, our government is more like a digital government as they are
slowly moving everything online and let the public take control of their own
stuff. This also increase the risk of the government position as we have seen
in recent years like NHS dos attack and member of parliament email being hack
and password being changed.
Describe using examples how software and network security measures, tools
and techniques can keep systems and data secure. (Pass 3)
These build a protective barrier
around the computers that are connected to a network, so that only authorized
programs can access data on a particular workstation. The IT admin can control
exactly which software is allowed to pass data in and out of the system. For example,
automatic updates might be allowed for some installed software.
We must regularly backups the
information in case of physical or processing problems. This may be a full
backup of all information or partial backup of just information that has
changed since the last full backup. This helps because it means if something
goes wrong, none of the student’s work is lost or their information is lost.
PCs can be attacked by viruses,
worms and Trojans arriving with email during access to the internet. Anti-Virus
software checks for intruders. It attempts to trace viruses by spotting the
virus signature. As this happens people who code the virus will adopt cloaking
techniques such as poly-morphing. Almost as soon as virus coders invent new viruses,
anti-virus software vendors produce updated version of their software. The
anti-virus software vendors maintain a database of information about viruses,
their profile and signatures.
Encryption of the Network
Public and Private key (Part of encryption)
There is a security certificate
issued by a public website. The certificate is a public key. Then what happens
is that this exchange creates a private key. The private key is 1024-bit value
(this is a massive number), then the protocol exchanges the numbers giving a
large calculation that only the two in the exchange will know. There is also a
hash which is generated from the results of each calculation as part of each
private key generation.
This is used to keep a record of
network database activity, recording who has done what, where they did it and
when. The majority of databases and network activities will go unnoticed, but
the purpose of the audit log is, to maintain a detailed record of how any
system has been used, on recognition of an issue.
The management of passwords is
essential. In a school like BISH password are very important as they keep
important data secure. To make sure the password is safe and secure, it should
be at least 8 characters long which both numbers and letters, one which is
complete and utter nonsense and to change their password at least every 90
This happens on a WAN (Wide area
network). The process of handshaking, is that data can be sent using a public
workstation which may not be trusted so to improve this each device has to
complete a challenge. This can be random but can carry a remote user name and
On each workstation at BISH the
BIOS allows the workstation to boot from, CD, Network or Hard drive. In
diskless networks workstations do not allow any drives to be used which stops
users to adding new devices.