Posts

M3 - Report on the similarities and differences between securing wireless and wired networked systems.

When using a wired network, it is extremely difficult for an attacker to intercept your connection and steal bandwidth, whereas when using a wireless connection others can see and potentially access your wireless network, sometimes within seconds, enabling them to use your bandwidth and steal any information that is shared over the network. Wireless signals can be picked up from somebody in a neighbouring building or sitting in a car near your house, which is why they can be so unsecure. To make the problem worse some routers get delivered with encryption disabled, meaning anybody can connect to the network without having to enter a password, most homeowners don’t know that they need to enable anything leaving them very vulnerable. The good news is that it is not very hard to make your wireless network secure, which will both prevent others from stealing your internet and will also prevent hackers from taking control of your computer through your own wireless network. Changing the

D2 - Compare the security benefits of different cryptography techniques.

Symmetric Cryptography A Symmetric Key Algorithm is an encryption system in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message. The key can be a number, a word or just a string of random characters. This key is applied to a message to change the content  and make it unreadable. This key could be as simple as reversing every word so it is written backwards. It acts as a password so only the sender and receiver can decrypt and read the message. Symmetric Key Systems and very simple and fast, although the main disadvantage of using this method is that you have to share the key with the receiver somehow, meaning anyone could get hold of it and decrypt your messages. Stream Cipher & Block Cipher A stream cipher is a type of symmetric encryption, they are designed to be exceptionally fast, much faster than any block cipher. Block ciphers operate on large blocks of data, whereas stream ciphers encrypt each plaintext di

M2 - Suggest how users can be authenticated to gain access to a networked system

Different Types of Access Security Identification - This is when somebody says who they are. Authentication - This is when somebody proves they are who they say they are, this is usually through some form of ID, i.e. Passport or Driving License.   Authorisation - This is when somebody gives you permission to do something. Two Factor Standard Of Authentication Two factor standard of authentication is when two different types of proof is necessary. For example when withdrawing money from an ATM you would need a valid debit card and the corresponding PIN number. Two factor standard of authentication is better and far more secure than one factor standard authentication because it requires the attacker to gain two different types of authentication which is much harder than finding out just one.  Username/Password This method requires the user to provide a valid username and corresponding password, if either of these is incorrect they will be denied access. This is a good metho

P3 - Explain what an organisation can do to minimise security breaches in networked systems

Policies and Procedures Security Policies A security policy is a document containing the rules and regulations regarding computer network access within an organisation. The purpose of the security policy is so that all the users within the organisation have a set of rules to follow and also so the organisation can protect their devices. The security policy will be constantly changing and being improved because over time they will discover more and more things they have missed out. It is important to have a security policy in place so that all of their data is secure and can only be accessed by authorised people. Education and training All organisations should have policies in place regarding education and training, this is to ensure all colleagues are able to use the latest software and are aware of the latest and best techniques to use when working on the organization's network. If a colleague regularly uses a piece of software, and a 2013 version is released with new helpful

D1 - Discuss Recent Network Threats

Cross-Site Scripting (XSS) Cross-Site Scripting is a computer security vulnerability that is mostly found in web applications. XSS allows attackers to inject client-side scripts into web pages that are then viewed by others. The people that view this web page can then be infected without even knowing as the page appears to be normal. Depending on what scripts the attacker uses the effects can range from something very minor to a major security risk. XSS can be used to gain control and bypass the authorisation process. SQL Injection SQL Injection is a  technique  used to attack data driven applications and is implemented by adding parts of SQL statements in to entry fields within a website.This is done  in an attempt to get the website to accept a newly formed rouge SQL command to the database. SQL injection is a code injection  technique  that exploits a security vulnerability in an applications software. The vulnerability occurs when the user input field is incorrectly filtered.

M1 - Explain The Operation Of Different Intruder Detection Systems

Firewalls Firewalls are designed to prevent unauthorised access to a computer or network. You can implement a firewall in both hardware and software, or a combination of both. A firewall will monitor data packets coming in and out of the network it is protecting and will enforce the company's network security policy. It filters out the packets that look suspicious and do not meet the specified security criteria. Most organisations use firewalls to protect their network from the Internet. There are a few different types of firewall, these are: Packet Filtering Firewall Stateful Inspection Packet Filtering Firewall Proxy Firewall Packet Firewalls Packet filtering was the first type of firewall to be created, a packet filtering firewall will control what data can flow into and out of a network. It will accept or reject packets of data based on a set of user-defined rules, these rules are called ACLs. ACLs are lines of text that the firewall will apply to each packet of d

P2 - Describe How Networked Systems Can Be Protected

Emails are a very good method of communication; they do however have the potential to be harmful to a network.  Spam Guard Spam is one of the most common email security risks. Spam involves identical emails being sent to hundreds of thousands of people in the hope that a small percentage of the recipients will open them and be interested in them. The majority of spam emails are sent to advertise a product or service; however some of these emails may contain viruses or links to phishing websites. Roughly 130 billion spam emails are sent every day, this is why it is vital that you protect your organisation against it. In addition to wasting people’s time with unwanted email, spam also uses up a lot of network bandwidth slowing the whole network down. Spammers collect email addresses from chat rooms, websites, customer lists, newsgroups, and viruses which harvest users' address books, and are sold to other spammers. Sending the emails costs the spammer nothing, so even if only on