Describe How Software and Network Security Can Keep Systems and Data SecureP3. M2 AND D1 UNIT 7

Learning Objectives

Learn how software and network security can keep systems and data secure

Assessment Criteria

P3 – Describe how software and network security can keep systems and data secure

M2 – Explain the operation and use of an encryption technique in ensuring security of transmitted data

Discuss different ways of recovering from a disaster

Network and software security

Encryption Techniques –

Cipher encryption which is no longer used,

RSA encryption – public/ private key

WEP for wireless access points

WAN connections for routing protocols

Call Back

Used in dial up systems where network administrators can dial ino a network and the device will call them back. This can only be done from a trusted registered line not any location

Handshaking

CHAP – Challenge handshake authentication protocol

Diskless Networks

CD/DVD Drives or USB drives are allowed. They will not have any CD drives on desktops and permissions will mean that these drives even if available cannot be used.

Backups

Ensuring that backup procedures are in place to ensure that data can be restored if anything goes wrong

Incremental backups

Differential backups

Fire Safe back up

Full back ups

Archive Backups

Raid backups which have a real time mirror image so that they can be restored without redundancy

Audit Logs

This logs network and database activity

If there is an issue administrators can look through the logs to help them find the problem

Works with monitoring systems which enable alarms to be place on a system, alerting system administrators to potential suspicious activity e.g. Syslog

Firewall Configurations

This blocks unwanted traffic from organisations

Explain difference between internal and external systems

Explain NAT

UDP Ports and TCP Ports

Virus Checking Software

Explain how anti virus programs work

VPN

Explain what a VPN is and protocols used to protect snooping

Intrusion Detection Systems

These will look for attacks on the network from hackers and tools they may use

Some will be passive and record attempts and then be reviewed by admin controller

Some will be reactive and reconfigure the firewall to block the intrusion

Explain Access Control Lists ACL’s and Routing Protocols

Explain Passwords

How are passwords used and explain strong passwords

Access levels

Explain levels of access to data

Read

Write

Execute Privilege

Updating Software

Ensure that latest updates are installed will ensure security is maintained,

Disaster Recover

Disaster Recovery

Backups Systems

Whole System replacement very rare

Tiers of Recovery

Merit

Explain in detail how RSA encryption works

Use this website to help you

http://searchsecurity.techtarget.com/definition/RSA

Distinction

Create a brochure to show how an organisation can recover from a disaster. You must discuss different ways a business can recover from a disaster include: Different backups and restores, whole system replacement. Tiers of recovery and discuss the scenarios of how they will be used