What is security?

 What is security? 

 

 

 

Computer security is the act of protecting the validity, integrity and confidentiality of data on a computer system. Computer security is essential to a business especially if they hold confidential information that could breach GDPR regulations if leaked. Similarly, a business could lose data from an attack, making them lose business and money. 

Data could be altered, stolen or destroyed by a hacker. Each method has its own disadvantages to the business. This is why it is important to protect their data stores and network from attacks. 

Types of attacks 

    • Denial of service – Overloading network infrastructure with illegitimate packets so that the device blocks legitimate packets from entering. 
    • Man in the middleIntercepting network traffic to read their contents. 
    • Phishing – Social engineering technique where a hacker tries to convince an employee that they are legitimate. 
    • Password attack – Cracking a password to an account to view data inside. 
    • SQL injection – Injecting illegitimate SQL queries into entry forms on websites to execute code remotely. 
    • Cross site script – Injecting malicious code into a website so that it runs. 

 

CIA 

CIA stands for confidentiality, integrity and authenticity. It is a key model for a security system on a business’ network. 

PKI 

PKI stands for public key infrastructure. It is the concept of issuing digital certificates to identify users and protect data. The NCSC explains PKI as: 

“A private PKI can act as a trust service for many different technologies or systems. Examples include providing identity and trust services in VPNs, internal web applications, IoT, and end user device authentication.” 

Ethical hacking and Penetration testing 

Ethical hacking is the process of legally hacking a business to find vulnerabilities which could be exploited by malicious hackers. Both the business and hacker must agree to the correct documents which stops the ethical hacker from being persecuted against the computer misuse act. A penetration test is the test the hacker performs to find vulnerabilities and report them to the network administrator. 

 

Comments

Post a Comment

Popular posts from this blog

OSA Assignment 1 - Task 3 GUIDE

Image
  OSA Assignment 1 – Task 3 Guide     Exam parameters   Time length – 5 hours (2x 2 ½ sessions)   Marks available – 28     Task 3: Design – Communication Equipment   In this task you are required to submit :   A technical proposal covering the switches, wireless infrastructure and specifications   Justification of planned network architecture and considerations for security, resilience, performance and redundancy   Evidence print screens   Annotated floor plan/network diagram     Technical Proposal   The technical proposal in task 3 follows a similar format as task 2. It's another large document detailing the requirements and recommendations for the company. In task 3, however , it should discuss communication and other digital equipment such as switches, CCTV and APs.   You should recommend multiple hardware solutions and justify between them.   Here are some examples of tables and information ...
Read more

OSA Assignment 1 - Task 1 GUIDE

  OSA Assignment 1 – Task 1 Guide     Exam parameters   Time length – 3 hours   Marks available – 20     Task 1: Planning   In this task you are required to submit :   A project plan   Gantt chart showing th e critical path   Explanation of legal requirements   Physical and digital threat countermeasures   Annotated floor plan     Gantt Chart   The Gantt Chart is the first document you should create. This details each phase of the project alongside the timescale to complete it.   Ensure you make a note of the deadline for the project along with any pre-requisites such as cabling. This should all be implemented into your Gantt Chart.   You can follow a layout like this:   Project:   Pre considerations (Gathering project timescale, risk assessments, ...)   Planning (Devising project plan, identifying budget, ...)   Design (Research hardware, identify topology, ...)   Pre ...
Read more

OSA Summer 2023 Mock - Task 1, Assignment 1

Image
  OSA Summer 2023 Mock – Task 1           Legal requirements   The company must ensure they are compliant with the correct legislation whilst the project is undertaken.   If any person is working at height, the correct safety measures to prevent injury or death must be imposed under The Work at Height Regulations 2005. They must have an appropriate safety harness on and hazardous areas at height should be i dentified in the risk assessment.   By storing data internally on a local file server, the business is responsible for maintaining the confidentiality, availability and integrity of that data. They must comply with The Data Protection Act 2018 and General Data Protection Regulations.   Display screen equipment regulations (DSE) should be considered when installing workstations. Ergonomic and posture-friendly chairs should be installed and employees given appropriate breaks from working around screens.     Data p...
Read more