ICT: Unit 2: L.O.5 Flashcards
What are the 4 different types of Information Sources?
1) Internal:
–>Comes from within an organisation
(e.g. a report from the accounts department on the organisation’s finance)
–>Usually confidential
2) External:
–>Comes from outside an organisation
(e.g. reports generated by the government)
3) Primary:
–>Collected by an individual in the organisation (e.g. a staff satisfaction survey)
4) Secondary:
–>Collected by a third party outside an organisation (e.g. market research coming from an agency)
What are the 2 different Data types?
1) Quantitative
–>Data which can be measured (e.g. a set of numbers or values)
2) Qualitative:
–>Data which is descriptive (e.g. the colour of a car)
What are ‘DFD’s?
Data Flow Diagrams (DFDs):
–>Show how data is used and how it moves around a system
What are some common DFD symbols?
1) Process box:
–>What is using the data/ what is it doing to the data
(rounded rectangle)
2) External entity:
–>What/who is providing or receiving the data
(regular rectangle)
3) Data store:
–>Where data is being held (e.g. a database)
(rectangle with an open end)
4) Data Flow:
–>The transfer of data
(arrow)
What is a ‘Level 0’ and ‘Level 1’ DFD?
Level 0:
–>Gives an overview of how the system works (e.g. for a backup system)
Level 1:
–>Goes into more detail than level 0
What are the ‘DFD’ Level 1 rules?
1) Each external entity has at least one input or output
2) Each process has at least one input or output
3) Data flows in only one direction
4) Every data flow is labelled
5) Every data flow connects to atleast one process
Why is ‘Information Security’ important
-Information is the most valuable asset to an organisation
–>Security breaches happen when information:
…is deleted when it shouldn’t be
…is accessed by someone who shouldn’t have access
What are the 3 ‘good’ information security principles?
1) Confidentiality:
–>Information should only be accessed by people that are authorised to do so
(+)–> The more important the files are, the fewer people are allowed access (tiered levels of access)
(-)–> Passwords are routinely shared and lots of staff are still using their default passwords
–>Attacks that access personal information are severe breaches of confidentiality
2) Integrity:
–>Information should be maintained so that it is up-to-date, accurate, and useful for its purpose.
(+)–> Information is encrypted when it is sent over a network to prevent an attacker intercepting it and changing key details
(-)–> Keeping no record of the changes that authorised users make to the secure servers
–>Attackers may damage integrity by tampering with information
3) Availability:
–>Information should be easy to access and use by those who need it
(+)–> Having a fast, reliable network that is encrypted and is accessed through 2 factor authentication login
(-)–> Requiring every employee to get written permission by the CEO to access information held on a server
–>Some attacks target availability e.g. targeting a server with high amounts of malicious tracking
What are the 5 categories of ‘risk’ to information?
Risk–> how bad events which could happen (high risk= high likelihood and impact)
1) Unauthorised access to data:
–>includes hacking
–>Could steal information
–>Espionage (longer-term spying)
2) Unintended access to data:
–>Where a mistake or lack of knowledge leads to someone accessing information they shouldn’t (e.g. a technician not setting up access levels properly)
3) Accidental loss of data:
–>When a mistake or equipment failure means the information can’t be accessed again (lost)
4) Intentional destruction of Data:
–>e.g. via malware (like a virus) or physical destruction
–>This is often to make it harder for the organisation to operate
5) Intentional tampering of Data:
–>Changing the data (usually to benefit the attacker)
–>e.g. hacking in to fraudulently change bank balances
What are some Short-term impacts of a ‘Security breach’?
1) Failure of security–> confidential information could be breached
( 1) could lead to 2) and 3) )
2) Loss of IP (Intellectual Property)–>
-includes business ideas/software/policies
-this may have been accessed or destroyed
3) Loss of 3rd Party Information–>
-someone else (e.g. a customer) could have their information accessed or destroyed
–>could be used to commit identity theft
4) Loss of services and access–>
-Availability is affected, meaning regular customers and staff may find it harder to operate
What are some Long-term impacts of a ‘Security breach’?
1) Reputational Loss:
–> The organisation may put off possible customers and staff if they think there is poor security
–> Ongoing costs to fix and improve security
–> Lawsuits
2) Threat to National Security:
–> If classified information was reached, it could be used against the country
(e.g. used to weaken the military or law enforcement)
–> Fines/prosecution from the government
–> Further opportunistic attacks
What are some common ‘Policies’ in IT?
1) Staff Access Rights:
–> Setting out who should be able to view what.
-(access should be limited to only those who need it–> tiered levels of access)
2) Responsibilities of Staff:
–> The expectations on how to use the IT securely
-(e.g. ‘‘set complex passwords’’ or ‘‘Don’t write down logins’’)
3) Risk Assessments:
–> Regular checks on the current risks and how ready the organisation is to defend
4) Effectiveness of Protection Measures:
–> Reviewing the current measures
–> May set out when and how the current measures are tested
5) Disaster Recovery Policy
What is the ‘Disaster Recovery Policy’?
‘Disaster Recovery Policy’:
–> Setting out what steps are needed following a major incident, it should include:
-Who is responsible for what
-Dos and Don’ts
-Expectations for backing up, and the timeline of data recovery
-Contingencies: such as alternative provisions
What are some ‘Physical Protection Measures’ for Information?
1) Hiring Security Staff:
–> Guarding/Patrolling and checking secure areas
2) Shredding Old Paperwork:
–> So that anything thrown out can’t be easily read
3) Alternative Locations for Backups:
–> In case the main location is damaged
4) Consideration of Flood Levels:
–> If a flood is a risk, place computer systems above expected flood levels
5) Locking Systems:
–> Individual workstations and server rooms can be protected with locking systems using (e.g. Keypads/Biometrics)
(Biometrics are much harder for an attacker to fake)
What is a ‘Logical Protection Measure’?
Measures to protect computer systems while they are running
What is a ‘Physical Protection Measure’?
Measures to prevent unauthorised access to a computer system
What are some ‘Logical Protection Measures’ for information?
1) Anti-malware:
–> Scans the computer for known malware (malicious software)
–> If malware is found, the application will alert and can quarantine it and remove it from the computer
–> Anti-malware must be regularly updated so its database is up to date
2) Firewalls:
–> Monitor networks and filter messages based on rules
(e.g. they can block messages coming from certain websites or areas in the world) (a blacklist)
–> Can be software and hardware
3) Passwords:
–> Used only to allow access to authorised users (in theory only that person should know their password)
–> When passwords are shown on screen they should be ‘Obfuscated’ (hidden with a different character e.g. stars:’****’
(this reduces the risk of ‘Shoulder Surfing’)
4) Encryption:
–> Uses a secret key (a password) to scramble the data so it becomes unreadable
–> Only authorised users who have the key can descramble and understand the message
What are the 2 types of encryption?
1) Encrypted at Rest:
–> Data held on storage (which is encrypted) (e.g. on a hard drive)
2) Encrypted in Transit:
–> Dara being sent over networks (whilst being encrypted)
What can impact the flow of information (DFDs)?
1) Information characteristics–> e.g. information is entered incorrectly, causing delays
2) Human error–> e.g. information is lost or staff don’t follow protocol
3) Communication Breakdown–> e.g. meetings postponed or emails unread
4) Hardware failure–> e.g. network connection breaking or system failure
