Tuesday, September 6, 2016

1.2.2 Security aspects


SHOW UNDERSTANDING OF THE SECURITY ASPECTS OF USING THE INTERNET AND UNDERSTAND WHAT METHODS ARE AVAILABLE TO HELP MINIMISE THE RISKS
THERE ARE MANY METHODS TO PROTECT COMPUTER SYSTEMS SUCH AS FIREWALLS, ANTI-VIRUSES, ANTI-SPYWARE, SECURE COMMUNICATIONS CHANNEL SUCH AS SECURE SOCKETS LAYER (SSL), TRANSPORT SECURITY LAYER (TCL), PASSWORDS ETC.
 


SHOW UNDERSTANDING OF THE INTERNET RISKS ASSOCIATED WITH MALWARE, INCLUDING VIRUSES, SPYWARE AND HACKING
THERE ARE MANY DIFFERENT KINDS OF RISKS WHEN ACCESSING THE INTERNET. FOR EXAMPLE, THERE MAY BE VIRUSES, MALWARE, SPYWARE AND HACKING.
 


EXPLAIN HOW ANTI-VIRUS AND OTHER PROTECTION SOFTWARE HELPS TO PROTECT THE USER FROM SECURITY RISKS (THIS ALSO LINKS INTO SECTION 1.4 OF THE SYLLABUS)
THERE ARE MANY WAYS SUCH AS:
FIREWALL - HARDWARE AND/OR SOFTWARE THAT GUARDS A PRIVATE NETWORK BY ANALYSING THE INFORMATION LEAVING AND ENTERING THE NETWORK
ANTI-VIRUS - A PROGRAM THAT FINDS AND REMOVES VIRUSES FROM A COMPUTER.
ANTI-SPYWARE - SOFTWARE THAT HELPS PREVENT COMPUTERS FROM BECOMING INFECTED BY DIFFERENT TYPES OF SPYWARE.
SECURE SOCKETS LAYER - A STANDARD SECURITY PROTOCOL FOR ESTABLISHING AN ENCRYPTED LINK BETWEEN A WEB SERVER AND A BROWSER, ENSURING THAT ALL DATA PASSED BETWEEN THEM REMAINS PRIVATE. OFTEN USED FOR ONLINE BANKING.
TRANSPORT SECURITY LAYER - A CRYPTOGRAPHIC PROTOCOL DESIGNED TO PROVIDE COMMUNICATIONS SECURITY OVER A COMPUTER NETWORK.
BIOMETRICS - A TECHNIQUE OR DEVICE THAT EXAMINES A FINGERPRINT, VOICE PATTERN, OR THE IRIS OR RETINA OF THE EYE, TO PROVIDE ACCESS TO A COMPUTER SYSTEM.
PASSWORD - A PRIVATE COMBINATION OF CHARACTERS ASSOCIATED WITH THE USER NAME THAT ALLOWS ACCESS TO CERTAIN COMPUTER RESOURCES.
PROXY SERVER - A FORM OF NETWORK SECURITY THAT ACTS AS A GO-BETWEEN FOR REQUESTS ON A NETWORK, SUCH AS THE INTERNET.
VIRTUAL PRIVATE NETWORK - A PRIVATE NETWORK THAT USES A PUBLIC NETWORK (USUALLY INTERNET) TO SECURELY CONNECT USERS BY USING ENCRYPTION.
USER ACCESS RIGHTS - A METHOD OF RESTRICTING ACCESS TO LOCATIONS, SOFTWARE, OR SETTINGS WITHIN A COMPUTER SYSTEM. A FOLDER OR HARD DRIVE FOR EXAMPLE.
PLAINTEXT - THE INFORMATION THE SENDER WISHES TO TRANSMIT TO A RECEIVER. CIPHER-TEXT - THE RESULT OF ENCRYPTION PERFORMED ON PLAINTEXT USING AN ALGORITHM.

ENCRYPTION - THE PROCESS OF ENCODING MESSAGES OR INFORMATION IN SUCH A WAY THAT ONLY AUTHORISED PARTIES CAN READ IT, TYPICALLY THROUGH THE USE OF A KEY.
SYMMETRIC-KEY ALGORITHMS/ENCRYPTION - BOTH ENCRYPTION OF PLAINTEXT AND DECRYPTION OF CIPHER TEXT USE THE SAME KEY. THE KEYS MAY BE IDENTICAL OR THERE MAY BE A SIMPLE TRANSFORMATION TO GO BETWEEN THE TWO KEYS.

ASYMMETRIC/PUBLIC-PRIVATE KEY ENCRYPTION - ENCRYPTION OF PLAINTEXT IS PERFORMED THROUGH THE USE OF A SHARED PUBLIC KEY AND A SECRET PRIVATE KEY. THE RECEIVER CAN DECODE THE CYPHER TEXT USING THE PUBLIC KEY AND THEIR OWN PRIVATE KEY. PRACTICALLY UNBREAKABLE.
SPAM FILTER - SOFTWARE THAT IDENTIFIES UNSOLICITED AND UNWANTED E-MAIL MESSAGES AND BLOCKS THEM FROM THE RECIPIENT'S INBOX

COMMON SENSE (EDUCATION) - MAKING ONESELF AWARE OF THE THREATS, SO THAT THEY MAY BE AVOIDED.

0 coment�rios:

Post a Comment