Presentation is loading. Please wait.

Presentation is loading. Please wait.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

Published byMaurice Potter Modified over 8 years ago

Similar presentations

Presentation on theme: "G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems."— Presentation transcript:

1 G061 - Network Security

2 Learning Objective: explain methods for combating ICT crime and protecting ICT systems

3 Network Security ICT crime often deliberate act of theft –stealing data (whether viewing or taking), –stealing software or equipment. natural disasters and mistakes by humans can also cause data to be lost or equipment to be damaged networked computers are prone to security problems: –hacking (unauthorised access), –viruses, spyware, malware

4 Network Security Preventative measures: Physical Security Logical Security

5 Physical Security lock the computer up –entry measures to get into room/building security guards/CCTV cameras no floppy/CD/DVD drives –prevents copying & theft of data –prevents virus being transferred onto computer system disable USB ports –memory sticks/removable HDD can’t be used

6 Software Security firewalls, backup, encryption, biometric security, software patches & updates, ‘anti-virus’ & anti-spyware software, access rights, auditing, education of users, user IDs, & passwords –methods for ensuring passwords remain effective

7 Firewall network security device –stands between a network and the outside world –can either be hardware and/or software based. –examines data packets moving into and out of the system configured to permit or deny connections –using a set of rules –access is denied if not allowed by the rules –rules set using the organization's security policy configured by the system administrator –checks data sent by users and applications –filters websites users are permitted to visit

8 Backup making copies of current data –in case the originals are lost or corrupted (or stolen) back-up is made to removable storage media –memory stick, portable HDD, CD-R, DVD-R, magnetic tape…. back-up copy is stored off-site –or in different location data can be restored from the back-up if required

9 Encryption What is encryption? the process of disguising messages –so that only the intended recipient can understand them. –encrypted data can only be understood by reversing the encryption process (decryption) data is sent in a scrambled form. –uses a random process set up using a special key value the data is then decoded at receiver –by reversing the encryption process (decryption)

10 Biometric Security technology used to measure some feature of a person –in order to identify them within a security system fingerprint –scans fingerprint, finds identifying unique marks, –matches/does not match to record in system voice recognition retina scans facial recognition DNA

11 Software patches & updates corrects loopholes & bugs in software –stops hackers exploiting them and gaining access must regularly update virus data files –so new viruses can be detected regular security patches to operating systems & applications –to combat security loopholes & bugs

12 Viruses a virus is a piece of software that is designed to: –cause deliberate harm to data stored on a computer –replicate itself so that it transfers to other computers removable media used in an infected system can then carry the virus to another machine programs downloaded from the Internet can also spread a virus.

13 Spyware What?: collects information about a person or organisation –without the user’s knowledge can track a user’s keystrokes –to find out what is being typed, including passwords Why?: can be used to pass information on to advertisers can be used to find out usernames and passwords –used to hack into a user’s bank account

14 Virus & Spyware Protection install anti-virus software on all computers –detects viruses & malware (e.g. spyware) –allows removal of infected code from file –allows deletion of infected files must regularly update virus data files

15 Access Rights data is commercially valuable –could be stolen or damaged/modified may want to restrict access to data –so that no unauthorised changes can be made different users are given different access rights to data legal restrictions on the access to personal data –DPA

16 Levels of Access Noneuser cannot obtain information nor change data Read onlyuser can obtain information but not change the data Read/writeuser can change data as well as obtain information Append onlyuser cannot change existing data but can add new data Fulladministrator/supervisor level - can perform all operations

17 Audit Logs logs are maintained automatically by the system audit logs track: –who did what, –at which workstation, –when it occurred. logs can be used to see which member of staff: –accessed particular files –other resources – web pages.

18 User IDs & Passwords Why? allow access to user areas –stop unauthorised access –protect data to make individual users members of groups –allow access to files based on access rights –allow access to resources – printers, software to be able to monitor use –audit logs to comply with the law –DPA

19 User IDs Effectiveness of user ID maintained by: must be unique –so can be sure who is doing what can be suspended when user is away –e.g. on holiday, leaves the company …. can be linked to resources –an individual machine –software applications –times of use

20 Passwords Effectiveness of password maintained by: 1.Network Manager: –force password change frequently –make minimum length password –make unrecognisable words only (not in dictionary) –must contain numbers and letters (& punctuations) –cannot reuse passwords –3 incorrect password attempts  account is locked 2.User: –not writing password down –make it something others can’t guess – not personal –make sure no one is looking when you type it in

Download ppt "G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems."

Similar presentations

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
GCSE ICT Networks & Security..

GCSE ICT Networks & Security..
POSSIBLE THREATS TO DATA

POSSIBLE THREATS TO DATA
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
A-Level Computing data damage and prevention. Objectives To know the dangers associated with a computer system To understand the methods of prevention.

A-Level Computing data damage and prevention. Objectives To know the dangers associated with a computer system To understand the methods of prevention.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
Hacking, Viruses and the Copyright Law. Learning Objectives  Describe what Hacking is and what Viruses are.  List what viruses can do and describe how.

Hacking, Viruses and the Copyright Law. Learning Objectives  Describe what Hacking is and what Viruses are.  List what viruses can do and describe how.
By Mrs. Smith DATA INTEGRITY AND SECURITY. Accurate Complete Valid Data Integrity.

By Mrs. Smith DATA INTEGRITY AND SECURITY. Accurate Complete Valid Data Integrity.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Issues Raised by ICT.

Issues Raised by ICT.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Similar presentations

Ads by Google