LO3 Flashcards
What is identifying assets
There are two types of assets organisations identify which are called Physical assets and digital assets.
Digital assets are assets which are in the form of binary such as images, multimedia and textual content files.
Physical assets are hardware such as computers, printers, networking cabling, mice etc
What is identifying risk of assets
A risk is a threat of something that could happen, therefore organisations should identify risks in order to prepare for the eventuality of the risk for example conducting risk assessments
every single asset is at risk, risks for digital assets could be viruses, hacking and failure of protection from unauthorised users internally and externally
risks to physical assets can be damage, theft, malicious intent
Procedures can be put in place to prevent these risks such as anti viruses, locking rooms to protect physical assets
List of testing and monitoring measures
Vulnerability testing
Intrusion detecting
What is Vulnerability testing
identification of a list of vulnerabilities that can be prioritised and tested , the forms of vulnerability testing are penetration testing, Fuzzing, Sandboxing, security functionality
Talk about each form of vulnerability testing
Penetration testing- involves a skilled hacker or a team of hackers who you request for them to see if they can gain access to your system to understand what weaknesses the system has that needs to be fixed
Fuzzing- A method used to the security of the software for any unknown vulnerabilities such as security loop holes and coding errors it works by inputting large amounts of random data in attempt to make the system crash
Sandboxing- an isolated computer environment in which a program or file can be executed without affecting the application it runs on
security functionality- test used to identify flaw in security mechanism that are supposed to protect data and information and maintain functionality
What is Intrusion detection systems
device or software used to detect any malcious activity and the different forms of intrusion detection is Network intrustions detection system, Host intrusion system, Distributed intrusion system, Anomaly based intrusion system and signature based intrusion system
Talk about each form of intrusion detection system
Network intrusion detection system- Monitors all in bound and outbound network activity to identify any suspicious activity patterns which may indicate a cyber security attack
Host intrusion system- installed software such as firewalls, anti virus, anti spyware detection programmes that have two way access to the external environment such as internet access which monitors any suspicious activity
Distributed intrusion detection system- consist of multiple intrusion detection systems over a large network that communicate with each other to provide a broader view of the network’s activity as a whole and facilitates faster analysis of any issues
Anomaly based intrusion detection- Software designed to detect computer intrusions and misuse by monitoring the activity taking and classifies the activity as normal and as expected or if it is malicious activity however if the malicious activity falls under normal patterns it will not be detected
signature based intrusion detection- Mointors spefic patterns for network traffic or known instruction sequences used by malware it must be kept upto date to be effective with anti virus or anti spyware
types of cyber security controls
Physical hardware Software encryption cryptography procedures
Talk about physical cyber security controls
Limits access to buildings, rooms, and physical IT assets
examples
biometrics- using a persons physical characteristics for identification to allow access to the building and room
Locks- Prevents intruders from accessing rooms
Swipe cards- magnetic cards allowing authorised people access to buildings, rooms and IT equipment however can be lost or stolen
Talk about hardware cyber security controls
Prevents the physical removal of items
Safe- Securely stores small items of equipment such as tablets, phones, removable storage drives
Cable locks- Used to secure items such as laptops and computers
Talk about software cyber security control
Software helps prevent unauthorised access to networks, computer systems and data
firewall- controls and monitors incoming and outgoing network traffic and decides on whether to allow or block the identified traffic
Anti malware- protects systems from malware and infection such as anti virsues and anti spyware
operating system updates- protects against cyber attack by removing and correcting vulnerabilities with the system that has been identified
Talk about encryption cyber security control system
Encryption protects the confidentiality of digital data, while it is stored or transmitted using the internet or computer networks there are two types of encryption
asymmetric encryption- Uses two keys to encrypt plain text/ unencrypted information, anything encrypted by a public key can only be decrypted by a private key
Symmetric encryption- Only uses one key shared amongst people who need access to the data
Talk about cryptography
Protects information and resources on open and closed networks and allows only the sender and intended recipient to view information
Talk about procedures in cyber security controls
There are different procedures in cyber security controls
access management- Process of managing access to a computer system or network by allowing authorised users and prevent unauthorised access
Data Backup- Process of copying or achieving data, including files and folders, so that they can be restored if the data is lost from the system
Remote working- Asessing the risks involved with remote working can include
- the type of information and services that can be accessed or stored on devices
- devices security configuration
What is Data at rest, data in transit and data in cloud
Data at rest- Means data is at rest stored in a hard drive and is fairly secure as it protected by defences such as firewall, and anti malware programs
Data in transit- • Data is at its most vulnerable when it is in motion, and protecting information in this state requires specialized defences.
• When you send an email, anyone with the right tools can intercept your email as it moves along its path through the electronic infrastructure best way to make it more secure is through encrypted platforms
data in the cloud- data stored on servers made my big trustowrhty companies such as google and the data is accessible to via the internet, ways to keep the data secure is by regularly updating your passwords and include numbers and symbols making it harder to guess
