Learners will investigate different system security threats and the methods used to protect against them. They will learn how encryption can be used to protect data, and will plan and undertake activities to protect systems from security attacks and vulnerabilities while complying with legal and organisational requirements.
Understand security threats and the legal requirements affecting system security.
Current security threats and techniques (which are continually evolving), including: internal threats, external threats, physical threats, social engineering and software-driven threats, techniques used to obtain secure information (software that has a malicious intent).
Network-based threats: passive threats, including wiretapping, port scanning and idle scanning.
Active threats, including denial-of-service attack, spoofing, man in the middle, Address Resolution Protocol (ARP) poisoning, smurf attack, buffer overflow, heap overflow, format string attack, Structured Query Language (SQL) injection and cyber attack.
Cloud computing security risks.
Data security risks: principles of confidentiality, integrity and availability of information, unauthorised access or modification of information, deliberate or accidental loss of information, the need to protect intellectual property from theft or malicious damage.
Legal requirements: data protection legislation and the requirements it places on organisations to keep data about stakeholders secure.
Computer misuse legislation and its definitions of illegal practices and applications.
Copyright, designs and patents legislation and its requirements in terms of protecting software products and digital media such as music and films.
Telecommunications (Lawful Business Practice) (Interception of Communications) regulations and their requirement to allow companies to monitor employee communication using systems and other uses of the internet while at work.
Fraud legislation, legal liability and contractual obligations.
System security breach is likely to result in one or more of the following: operational impact on an organisation of the loss of data or service, financial impact of loss of service, such as an e-commerce website damage to reputation, legal consequences of data privacy breaches, forensics research requirements to identify data lost, stolen or copied.
Explain different system security threats and their potential impact on organisations.
Explain the principles of data security and the legal requirements organisations must adhere to.
Understand cryptographic techniques and processes used to protect data.
Cryptographic principles: digital rights management (DRM), password storing and salts; obfuscation and steganography; secure transactions, multi-factor authentication; file, folder, disk encryption; encryption of communication data.
Cryptography methods: shift ciphers, one-time pads, hash functions (e.g. MD4, MD5, SHA-2 SHA-3), block ciphers, stream ciphers, cryptographic primitives, e.g. pseudo random functions, one-way functions, cryptographic salts and their use in storing passwords, encryption algorithms, e.g. RSA, DES, 3DES, mathematical principles, integer factorisation, prediction of prime numbers.
Applications of cryptography: symmetric key encryption, public key encryption, key exchanges (Diffe-Hellman), digital certificates (including certificate authorities), HTTPS protocol, virtual private networks (VPNs), Generic Routing Encapsulation (GRE) tunnel, encryption of data on Wi-Fi networks.
Explain the principles and uses of cryptography.
Assess the impact of encryption and data protection on security and legal issues.
Evaluate the effectiveness of different applications of cryptography.
Understand the techniques used to protect systems from security threats.
Physical security: door locks, card key entry, closed circuit television (CCTV), voice control and biometric scans, DNA identification technology, servers, routers, switches kept in a secure location with controlled access, backing up data, e.g. full backup, differential and incremental backups, use of a fire safe and off-site data storage, disaster recovery plans for use when an organisation’s systems become unavailable.
Organisational policies and their application, including internet and email use policies, security and password procedures, staff responsibilities, training of staff on IT security issues, disciplinary procedures, security audits and their application to check compliance of policies and procedures.
Software based protection: anti-virus software and detection techniques, software and hardware firewalls and filtering techniques, domain management, user authentication, access controls and the methods they use to restrict authorised/unauthorised users access to resources.
Explain how different protection techniques can help protect systems in an organisation.
Be able to implement strategies to protect systems from security threats.
Protection strategies: organisational policies, anti-malware protection, firewall configuration, wireless security, access control, testing and reviewing protection applied.
Produce a system security plan of the protection to be applied in line with legal and organisational requirements.
Perform tasks to protect a system and review the extent and level of protection applied.