Chat with us, powered by LiveChat

xplain what an organisation can do to minimise security breaches in networked systems.

Words: 2
Pages: 1
Subject: Theology

REVISION

No references needed, written format in English (United Kingdom)
The explanation of what needs to be put in the document as a minimum, is from my tutor below

The unit spec is:

http://qualifications.pearson.com/content/dam/pdf/BTEC-Specialist-Qualifications/ICT-Systems-and-Principles/2010/Specification/AP025131-BTEC-ICT-Systems-and-Principles-u45.pdf

And the outcomes being covered are:

1.1 Describe how networks can be attacked

2.1 Describe how networked systems can be protected

2.2 Explain what an organisation can do to minimise security breaches in networked systems

Then run through some different threats, as an example:

1. Type of Attack – Virus/Malware, DDoS, Phishing etc.

Description – Give a summary of what this is and some information about how this type of attack might take place, the source of the attack and the damage it could do/effect it will have

2. How to protect against this type of attack.

Mention any software/hardware that can be used to protect against it or minimise the effect of the attack

So you need to come up with a few different examples of the attacks and how to protect against it.

Here is the Unit Content (page 3 of the specification) which relates to the above:

(for 1.1)

Attacks: types eg denial of service, back door, spoofing, mathematical, brute force, software exploitation, viruses, rootkits, worms, Trojans, spyware, adware

Sources of attacks: internal eg disaffected staff; external eg via internet connections or through unsecured wireless access point, viruses introduced by email

(for 2.1)

Email systems: security features eg secure MIME, spam, hoaxing, relay agents

Wireless systems: security features eg site surveys, MAC association, WEP/WPA keys, TKIP

Networked devices: security features eg router, switch, wireless access point

Transmission media: issues eg use of shielding

Personal access control: devices eg biometrics, passwords, usernames, permissions, digital signatures

Security control at device level: access control eg protocols, log in, certificates

Encryption: eg encrypting files for confidentiality, encryption with application-specific tools, recovering encrypted data

Intrusion detection systems: devices eg firewalls, virus protection, spyware protection, file monitoring, folder monitoring, use of honeypots, alarms

You don’t need to mention everything pasted above, it is just to give you some ideas of what to talk about.

Pick some of the potential attacks/sources of attack from the 1.1 contents,

Then underneath that address the specific attack with something from the 2.1 contents.

For the second part of the presentation you are looking at the following outcome

2.2 Explain what an organisation can do to minimise security breaches in networked systems

Some people struggle to see the difference between this and 2.1.

2.1 is about addressing the specific attacks mentioned in 1.1. So quite technical.

2.2 is more about general good practice organisations can implements to minimise attacks. Notice the verb used is ‘Explain’ so you need a little bit more than bullet points here.