Security / BTEC-L5c Assessment 2022
Added on 2022-06-08
70 Pages29740 Words26 Views
FinanceLeadership ManagementProfessional DevelopmentDesign and CreativityTheoretical Computer ScienceTest PrepWeb DevelopmentEnvironmental SciencePolitical Science
|
|
|
SECURITY / BTEC -L5C/FT/04/18 / KH58922
Contents
LO1 Assess risks to IT security........................................................................................................................2
P1 Identify types of security risks to organisations:..................................................................................2
P2 Describe organisational security procedures:.......................................................................................5
M1 Propose a method to assess and treat IT security risks:......................................................................8
LO2 Describe IT security solutions...............................................................................................................15
P3 Identify the potential impact to IT security of incorrect configuration of firewall policies and
third-party VPNs:.......................................................................................................................................15
P4 Show, using an example for each, how implementing a DMZ, static IP and NAT in a network can
improve Network Security:........................................................................................................................17
M2 Discuss three benefits to implement network monitoring systems with supporting reasons:........21
LO1 & LO2 D1 Investigate how a ‘trusted network’ may be part of an IT security solution:.................24
LO3 Review mechanisms to control organisational IT security..................................................................28
P5 Discuss risk assessment procedures:....................................................................................................28
P6 Explain data protection processes and regulations as applicable to an organization:.....................31
M3 Summarize the ISO 31000 risk management methodology and its application in IT security:.....36
M4 Discuss possible impacts to organizational security resulting from an IT security audit:..............39
D2 Consider how IT security can be aligned with organizational policy, detailing the security impact
of any misalignment:..................................................................................................................................42
LO4 Manage organisational security............................................................................................................44
P7 Design and implement a security policy for an organization:............................................................44
P8 List the main components of an organizational disaster recovery plan, justifying the reasons for
inclusion:.....................................................................................................................................................50
M5 Discuss the roles of stakeholders in the organization to implement security audit
recommendations........................................................................................................................................54
D3 Evaluate the suitability of the tools used in an organizational policy:..............................................56
References.......................................................................................................................................................62
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 1
Contents
LO1 Assess risks to IT security........................................................................................................................2
P1 Identify types of security risks to organisations:..................................................................................2
P2 Describe organisational security procedures:.......................................................................................5
M1 Propose a method to assess and treat IT security risks:......................................................................8
LO2 Describe IT security solutions...............................................................................................................15
P3 Identify the potential impact to IT security of incorrect configuration of firewall policies and
third-party VPNs:.......................................................................................................................................15
P4 Show, using an example for each, how implementing a DMZ, static IP and NAT in a network can
improve Network Security:........................................................................................................................17
M2 Discuss three benefits to implement network monitoring systems with supporting reasons:........21
LO1 & LO2 D1 Investigate how a ‘trusted network’ may be part of an IT security solution:.................24
LO3 Review mechanisms to control organisational IT security..................................................................28
P5 Discuss risk assessment procedures:....................................................................................................28
P6 Explain data protection processes and regulations as applicable to an organization:.....................31
M3 Summarize the ISO 31000 risk management methodology and its application in IT security:.....36
M4 Discuss possible impacts to organizational security resulting from an IT security audit:..............39
D2 Consider how IT security can be aligned with organizational policy, detailing the security impact
of any misalignment:..................................................................................................................................42
LO4 Manage organisational security............................................................................................................44
P7 Design and implement a security policy for an organization:............................................................44
P8 List the main components of an organizational disaster recovery plan, justifying the reasons for
inclusion:.....................................................................................................................................................50
M5 Discuss the roles of stakeholders in the organization to implement security audit
recommendations........................................................................................................................................54
D3 Evaluate the suitability of the tools used in an organizational policy:..............................................56
References.......................................................................................................................................................62
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 1
SECURITY / BTEC -L5C/FT/04/18 / KH58922
LO1 Assess risks to IT security
P1 Identify types of security risks to organisations:
Unauthorized use of a system
Use of the computer or its data for unapproved or illegal activity. The following example should be
considered invalid or unauthorized by the organization:
Download, store or distribute pornography.
Use the system to run private businesses for personal gain or profit, including payment-based
services or subscription or stock trading
Accessing or downloading web site materials or sending messages that are defamatory, harassing
or discriminating
Online gambling or accessing online dating services
Interfere with ICT and device facilities in ways such as spam or mass mailing forms or transmit
files that may cause unnecessary burden on agency resources
Scan signature images into email messages or attached documents as they may provide personal
signatures to others who may copy and use it as verification of fraudulent material
Knowingly loading materials from the internet or email containing viruses, worms, trojan horses,
spyware or any defamatory features or damaging others.
Unauthorised copying of data from a system
By accessing the data from a system then stealing also copying computer-based confidential
information with intent to cause wrongful damages to owners of confidential information and wrong
gains to the perpetrator. Illegal data copying is a growing problem for an organization.
What is the mode of copy without permission?
USB Card Drivers & Drives (Pen) - This is the easiest and cheapest option according to these
criminals and very easy to hide. Memory cards now come in variants of 256GB and 512 GB, so it
becomes easier to move large amounts of data.
Email - Some actors only use email to transfer files from their official account to personal or
home computer accounts, they slowly transfer data to avoid detection by IT departments to
transmit a large amount of data. The perpetrators send this email to their personal accounts for
reasons of 'work from home'.
Printing - They will not leave any electronic evidence behind, they just take the print of the main
document and steal the same copy.
Remote Access - This can be used by unauthorized access (Hacking) or authorized access, as
some organizations provide remote access to their employees so they can work from their home
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 2
LO1 Assess risks to IT security
P1 Identify types of security risks to organisations:
Unauthorized use of a system
Use of the computer or its data for unapproved or illegal activity. The following example should be
considered invalid or unauthorized by the organization:
Download, store or distribute pornography.
Use the system to run private businesses for personal gain or profit, including payment-based
services or subscription or stock trading
Accessing or downloading web site materials or sending messages that are defamatory, harassing
or discriminating
Online gambling or accessing online dating services
Interfere with ICT and device facilities in ways such as spam or mass mailing forms or transmit
files that may cause unnecessary burden on agency resources
Scan signature images into email messages or attached documents as they may provide personal
signatures to others who may copy and use it as verification of fraudulent material
Knowingly loading materials from the internet or email containing viruses, worms, trojan horses,
spyware or any defamatory features or damaging others.
Unauthorised copying of data from a system
By accessing the data from a system then stealing also copying computer-based confidential
information with intent to cause wrongful damages to owners of confidential information and wrong
gains to the perpetrator. Illegal data copying is a growing problem for an organization.
What is the mode of copy without permission?
USB Card Drivers & Drives (Pen) - This is the easiest and cheapest option according to these
criminals and very easy to hide. Memory cards now come in variants of 256GB and 512 GB, so it
becomes easier to move large amounts of data.
Email - Some actors only use email to transfer files from their official account to personal or
home computer accounts, they slowly transfer data to avoid detection by IT departments to
transmit a large amount of data. The perpetrators send this email to their personal accounts for
reasons of 'work from home'.
Printing - They will not leave any electronic evidence behind, they just take the print of the main
document and steal the same copy.
Remote Access - This can be used by unauthorized access (Hacking) or authorized access, as
some organizations provide remote access to their employees so they can work from their home
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 2
SECURITY / BTEC -L5C/FT/04/18 / KH58922
computer, it also makes confidential data detection for law enforcement. agency law or private
investigator.
Everything stored in the organization has some potential values, some of the targets for
breaking data are as follows:
Client & Finance contact information such as credit card and debit card information
source code & algorithm
network qualification such as Passwords & Certificates
records of personnel and data of private employees
other user's personal documents stored on company computer
The company's strategic data, including executive and executive staff communications.
Virus
If the virus hits it, the news is always bad. This virus can copy itself and infect other machines
without users even knowing that the machine has been infected until a disaster attack. If the virus hits
the network then it may spread to files on other machines that are connected to the network. Viruses
can also be sent via e-mail, instant messaging, intranets and other shared networks that cause
networks and machines to load or crash. They can also capture keystrokes where security problems
are located because the password and banking details can be obtained in this way. Viruses can cause
great security risks and start a problem cycle for organizations. Implementing anti-virus solutions can
save your network and all your files and e-mails that are easily lost and damaged.
Malware Attacks
Malware is software designed to interrupt the computer system. It also has the ability to collect
sensitive information from a user's computer. Business-related malware attacks are business details
that can be compromised and also have the ability to prevent employee access to their accounts.
Pests can come from USB emails, files, or memory sticks, where as soon as they are opened or
inserted, malware will spread to the computer system and begin to interrupt the system without users
viewing it. As a result, businesses will be able to lose data, compromised data, loss of trust also affect
their reputation, as users will experience malware attacks. For example, information business plans
can be leaked.
Technical failures
Such as software bugs, computer crashes or complete failure of computer components. Technical
failures can be a disaster if, for example, you cannot retrieve data on a failed hard drive and no
backup copy is available.
Physical threats
Due to physical access or damage to IT resources such as servers. These include theft, damage
caused by fire or flood, or unauthorized access to confidential data by employees or outsiders.
Human error
For example, people may accidentally delete important data, or fail to comply with security
procedures properly.
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 3
computer, it also makes confidential data detection for law enforcement. agency law or private
investigator.
Everything stored in the organization has some potential values, some of the targets for
breaking data are as follows:
Client & Finance contact information such as credit card and debit card information
source code & algorithm
network qualification such as Passwords & Certificates
records of personnel and data of private employees
other user's personal documents stored on company computer
The company's strategic data, including executive and executive staff communications.
Virus
If the virus hits it, the news is always bad. This virus can copy itself and infect other machines
without users even knowing that the machine has been infected until a disaster attack. If the virus hits
the network then it may spread to files on other machines that are connected to the network. Viruses
can also be sent via e-mail, instant messaging, intranets and other shared networks that cause
networks and machines to load or crash. They can also capture keystrokes where security problems
are located because the password and banking details can be obtained in this way. Viruses can cause
great security risks and start a problem cycle for organizations. Implementing anti-virus solutions can
save your network and all your files and e-mails that are easily lost and damaged.
Malware Attacks
Malware is software designed to interrupt the computer system. It also has the ability to collect
sensitive information from a user's computer. Business-related malware attacks are business details
that can be compromised and also have the ability to prevent employee access to their accounts.
Pests can come from USB emails, files, or memory sticks, where as soon as they are opened or
inserted, malware will spread to the computer system and begin to interrupt the system without users
viewing it. As a result, businesses will be able to lose data, compromised data, loss of trust also affect
their reputation, as users will experience malware attacks. For example, information business plans
can be leaked.
Technical failures
Such as software bugs, computer crashes or complete failure of computer components. Technical
failures can be a disaster if, for example, you cannot retrieve data on a failed hard drive and no
backup copy is available.
Physical threats
Due to physical access or damage to IT resources such as servers. These include theft, damage
caused by fire or flood, or unauthorized access to confidential data by employees or outsiders.
Human error
For example, people may accidentally delete important data, or fail to comply with security
procedures properly.
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 3
SECURITY / BTEC -L5C/FT/04/18 / KH58922
Browsing to an unsafe website and naivety with Social Media
Employees can cause damage to the organization not only by using personal devices for work but
also by making personal use of the tool. This includes browsing unsafe websites. While it is not
appropriate for employees to view adult content on work devices, it is also very dangerous. Many
pornographic websites hide malicious content in their URLs, which means users can install malicious
software onto corporate networks by clicking on obscene links. Like most online users, employees
like to create their social media profile. But where they check in and what they post can pose a threat
to the organization. To illustrate, social media users often recognize shortened links. Companies used
URL shortening services to help track link click rates on social media. However, because shortened
URLs do not disclose information about their real purpose, attackers also use it to trick users into
visiting malicious websites. If the employee clicks a link while logged in to one of their accounts on
the work device, which can parse problems for the network of organizations. In addition, what
workers in social media can do is a threat to the organization. For example, if the employee displays
detailed information about their work on social media sites, attackers can use that information to
create bull phishing emails aimed at steal their corporate credentials. The employee may also post
pictures that inadvertently associate sensitive information about the organization, such as by
installing a selfie that includes parts of documents that contain organizational financial information.
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 4
Browsing to an unsafe website and naivety with Social Media
Employees can cause damage to the organization not only by using personal devices for work but
also by making personal use of the tool. This includes browsing unsafe websites. While it is not
appropriate for employees to view adult content on work devices, it is also very dangerous. Many
pornographic websites hide malicious content in their URLs, which means users can install malicious
software onto corporate networks by clicking on obscene links. Like most online users, employees
like to create their social media profile. But where they check in and what they post can pose a threat
to the organization. To illustrate, social media users often recognize shortened links. Companies used
URL shortening services to help track link click rates on social media. However, because shortened
URLs do not disclose information about their real purpose, attackers also use it to trick users into
visiting malicious websites. If the employee clicks a link while logged in to one of their accounts on
the work device, which can parse problems for the network of organizations. In addition, what
workers in social media can do is a threat to the organization. For example, if the employee displays
detailed information about their work on social media sites, attackers can use that information to
create bull phishing emails aimed at steal their corporate credentials. The employee may also post
pictures that inadvertently associate sensitive information about the organization, such as by
installing a selfie that includes parts of documents that contain organizational financial information.
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 4
SECURITY / BTEC -L5C/FT/04/18 / KH58922
P2 Describe organisational security procedures:
Security procedures are detailed step-by-step instructions on how to implement, enable, or enforce
security controls as outlined in your organization's security policy. The purpose of the Security
procedures is to ensure consistency in the implementation of security controls or the implementation
of relevant security business processes. They must be followed every time the controls are
implemented or the business-related security process is followed. Below are the examples of
organizational security procedures:
General procedure
Anyone who attempts to enter the office area from the receipt must cross the first security check
point.
All employees must have an identity card and submit their identity card to the security guard for
verification. So, security guards must carefully check identification cards, employee photos,
employee names and card identification cards to ensure that they are a company employee.
The worker's face must be clear for safety checks and after the safety identity of the worker is
pure, they can move forward and scan the fingerprint to access the office.
If the employee's face is not identical to the identity card, the security guard must contact the
senior employee of the employee or the human resources department to obtain the confirmation.
So, if anyone who tries to enter the office from the reception cannot be confirmed as a pure
worker, they must be guided by the building by the security guard.
Virus Protection Procedure
Network:
IT will respond to any detected, likely or imminent attack to the organization as it sees
appropriate in accordance with the IT Security Policy.
If an attack is likely or imminent, IT may isolate the organization network from the rest of the
Internet if no other protection is available.
If the network has been infected, IT may isolate the contaminated portion of the organization
network from the rest of the organization.
Device:
A PC, laptop or other device that has been infected will be disconnected from the organization
network.
The infected device will need to be cleaned and cleared of any threat to the organization network.
The device may be required to be presented for inspection by IT before reconnection to the
organization network is permitted.
Members of the organization community are required to abide by the Desktop Virus Protection
Guidelines to reduce the risk of virus problems.
File:
If an infection to a file occurs, the following steps apply:
If a file can be cleaned, it is cleaned.
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 5
P2 Describe organisational security procedures:
Security procedures are detailed step-by-step instructions on how to implement, enable, or enforce
security controls as outlined in your organization's security policy. The purpose of the Security
procedures is to ensure consistency in the implementation of security controls or the implementation
of relevant security business processes. They must be followed every time the controls are
implemented or the business-related security process is followed. Below are the examples of
organizational security procedures:
General procedure
Anyone who attempts to enter the office area from the receipt must cross the first security check
point.
All employees must have an identity card and submit their identity card to the security guard for
verification. So, security guards must carefully check identification cards, employee photos,
employee names and card identification cards to ensure that they are a company employee.
The worker's face must be clear for safety checks and after the safety identity of the worker is
pure, they can move forward and scan the fingerprint to access the office.
If the employee's face is not identical to the identity card, the security guard must contact the
senior employee of the employee or the human resources department to obtain the confirmation.
So, if anyone who tries to enter the office from the reception cannot be confirmed as a pure
worker, they must be guided by the building by the security guard.
Virus Protection Procedure
Network:
IT will respond to any detected, likely or imminent attack to the organization as it sees
appropriate in accordance with the IT Security Policy.
If an attack is likely or imminent, IT may isolate the organization network from the rest of the
Internet if no other protection is available.
If the network has been infected, IT may isolate the contaminated portion of the organization
network from the rest of the organization.
Device:
A PC, laptop or other device that has been infected will be disconnected from the organization
network.
The infected device will need to be cleaned and cleared of any threat to the organization network.
The device may be required to be presented for inspection by IT before reconnection to the
organization network is permitted.
Members of the organization community are required to abide by the Desktop Virus Protection
Guidelines to reduce the risk of virus problems.
File:
If an infection to a file occurs, the following steps apply:
If a file can be cleaned, it is cleaned.
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 5
SECURITY / BTEC -L5C/FT/04/18 / KH58922
If it can't be cleaned, and the file is recoverable from backup, it is deleted.
If it can't be cleaned, and the file is not recoverable from backup, it is quarantined off the
network.
Router and Switch Security Procedure
1 Each router must meet the following configuration and operation standards
2 No local user accounts configured on the router.
3 Password that allows must be stored in secure encrypted form on all routers. The router must
have a password that allows the current production password setting.
4 Access rules should be added as business requirements arise.
5 All networks connected to the production network must be operated and managed by the
Infrastructure and Network Control Systems.
Accessing Building Time for Staff Procedures
No employee may enter the building unless they are responsible, they have obtained prior
permission from their line manager. If for any reason any access is required, the following
procedures need to be followed.
Get approval from your line manager
Speak to Parking Manager and Community Safety Managers to make sure they access the
company, and tell them you will be out of the clock.
Make sure your scratch card will allow you to have access to the building at the weekend.
You must enter the building through the back door.
You must complete the 'out of clock' sheet, by the alarm panel, downstairs. This must be
completed by the time you leave when you depart.
Check in with CCTV
The CCTV will call at the designated interval, to ensure staff safety, if no CCTV answers will
call the primary depositors who are investigating.
You must check with CCTV when you leave.
Safety of equipment and property procedure
No equipment such as laptops and projectors for example should be left unattended in a meeting
or space of the Committee. Those using the equipment are responsible for their safety and
security.
Individual wealth is an individual's responsibility and if staff, volunteers or visitors bring
valuable items to the office, they must ensure they are safely stored in a safe place. The Council
shall not be liable for lost property if there is no proof of delay.
Cash records will be stored in a locker / locked vault in the office, in compliance with financial
control policies.
Any theft or loss must be reported immediately to the Building Manager and to the Police if
appropriate.
Visitors are not allowed to allow others to enter unauthorized buildings from previous employees.
When leaving the office, all filing cabinets holding sensitive information / materials must be
locked and the keys are kept in a safe location. All internal doors need to be locked, windows
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 6
If it can't be cleaned, and the file is recoverable from backup, it is deleted.
If it can't be cleaned, and the file is not recoverable from backup, it is quarantined off the
network.
Router and Switch Security Procedure
1 Each router must meet the following configuration and operation standards
2 No local user accounts configured on the router.
3 Password that allows must be stored in secure encrypted form on all routers. The router must
have a password that allows the current production password setting.
4 Access rules should be added as business requirements arise.
5 All networks connected to the production network must be operated and managed by the
Infrastructure and Network Control Systems.
Accessing Building Time for Staff Procedures
No employee may enter the building unless they are responsible, they have obtained prior
permission from their line manager. If for any reason any access is required, the following
procedures need to be followed.
Get approval from your line manager
Speak to Parking Manager and Community Safety Managers to make sure they access the
company, and tell them you will be out of the clock.
Make sure your scratch card will allow you to have access to the building at the weekend.
You must enter the building through the back door.
You must complete the 'out of clock' sheet, by the alarm panel, downstairs. This must be
completed by the time you leave when you depart.
Check in with CCTV
The CCTV will call at the designated interval, to ensure staff safety, if no CCTV answers will
call the primary depositors who are investigating.
You must check with CCTV when you leave.
Safety of equipment and property procedure
No equipment such as laptops and projectors for example should be left unattended in a meeting
or space of the Committee. Those using the equipment are responsible for their safety and
security.
Individual wealth is an individual's responsibility and if staff, volunteers or visitors bring
valuable items to the office, they must ensure they are safely stored in a safe place. The Council
shall not be liable for lost property if there is no proof of delay.
Cash records will be stored in a locker / locked vault in the office, in compliance with financial
control policies.
Any theft or loss must be reported immediately to the Building Manager and to the Police if
appropriate.
Visitors are not allowed to allow others to enter unauthorized buildings from previous employees.
When leaving the office, all filing cabinets holding sensitive information / materials must be
locked and the keys are kept in a safe location. All internal doors need to be locked, windows
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 6
SECURITY / BTEC -L5C/FT/04/18 / KH58922
checked and when the main building departs, the alarm must be set. Failure to do so may lead to
the disciplinary procedures.
Use Safety Layered procedure
The employee should have a firewall that protects their Internet traffic, and then each server should
be protected by antivirus software and operating system firewalls as well.
Security Audit procedure
The employee should print the security log every week and analyse the activity. If you notice
repeated trials on security violations, strengthen the attacked area and report the Internet address
that strikes to the appropriate Internet service provider.
You should also track the websites your employees visit to see if anyone is accessing websites
that may contain viruses or other security risks.
Email Filter procedure
Place email filters on your server that check attachments and check for potentially harmful files.
Include a section in your employee's email that recommends that employees not open
attachments in emails from people they do not know.
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 7
checked and when the main building departs, the alarm must be set. Failure to do so may lead to
the disciplinary procedures.
Use Safety Layered procedure
The employee should have a firewall that protects their Internet traffic, and then each server should
be protected by antivirus software and operating system firewalls as well.
Security Audit procedure
The employee should print the security log every week and analyse the activity. If you notice
repeated trials on security violations, strengthen the attacked area and report the Internet address
that strikes to the appropriate Internet service provider.
You should also track the websites your employees visit to see if anyone is accessing websites
that may contain viruses or other security risks.
Email Filter procedure
Place email filters on your server that check attachments and check for potentially harmful files.
Include a section in your employee's email that recommends that employees not open
attachments in emails from people they do not know.
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 7
SECURITY / BTEC -L5C/FT/04/18 / KH58922
M1 Propose a method to assess and treat IT security risks:
Methods to assess IT risks
By following well-defined steps, we can analyse the security risks in a computing system. The steps
on the below are described in detail in the following sections:
Identifying and prioritizing assets
Assets include servers, customer contact information, sensitive partner documents, trade secrets
and so on. Remember, what you think a technician is worth is probably not the most valuable one
for a business. Therefore, you need to work with business and management users to create a list
of all valuable assets. For each asset, gather the following information, as appropriate:
Software
Hardware
Data
Interface
IT Security Policy
IT security architecture
Network topology
Since most organizations have limited budgets for risk assessment, you may need to limit the
scope of the project to mission critical assets. Accordingly, you need to define the standard to
determine the importance of each asset. General criteria include the value of financial assets,
legal standing and organizational interests. Once the standards have been approved by
management and formally incorporated into the risk assessment security policy, use them to
classify each asset you identified as critical, primary or minor.
Identify threats
Threats are anything that can exploit vulnerabilities to violate security and cause harm to your
organization. While hackers and malware may jump into the mind, there are many other types of
threats:
System failure. Possibility of system failure depends on the quality of your computer. For
relatively new and high-quality equipment, the likelihood of system failure is low. But if the
equipment is old or from "no-name" vendors, the chances of failure are much higher.
Therefore, it is wise to buy high-quality equipment, or at least equipment with good support.
Malicious people. There are three types of malicious behaviour:
Interference is when someone causes damage to your business by deleting data,
engineering denial of service (DDOS) that is distributed against your site, physically steal
a computer or server, and so on.
Interception is a classic hacking, where they steal your data.
Impersonation is a misuse of others' entitlements, which are often obtained through social
engineering attacks or abusive attacks, or purchased on dark sites.
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 8
M1 Propose a method to assess and treat IT security risks:
Methods to assess IT risks
By following well-defined steps, we can analyse the security risks in a computing system. The steps
on the below are described in detail in the following sections:
Identifying and prioritizing assets
Assets include servers, customer contact information, sensitive partner documents, trade secrets
and so on. Remember, what you think a technician is worth is probably not the most valuable one
for a business. Therefore, you need to work with business and management users to create a list
of all valuable assets. For each asset, gather the following information, as appropriate:
Software
Hardware
Data
Interface
IT Security Policy
IT security architecture
Network topology
Since most organizations have limited budgets for risk assessment, you may need to limit the
scope of the project to mission critical assets. Accordingly, you need to define the standard to
determine the importance of each asset. General criteria include the value of financial assets,
legal standing and organizational interests. Once the standards have been approved by
management and formally incorporated into the risk assessment security policy, use them to
classify each asset you identified as critical, primary or minor.
Identify threats
Threats are anything that can exploit vulnerabilities to violate security and cause harm to your
organization. While hackers and malware may jump into the mind, there are many other types of
threats:
System failure. Possibility of system failure depends on the quality of your computer. For
relatively new and high-quality equipment, the likelihood of system failure is low. But if the
equipment is old or from "no-name" vendors, the chances of failure are much higher.
Therefore, it is wise to buy high-quality equipment, or at least equipment with good support.
Malicious people. There are three types of malicious behaviour:
Interference is when someone causes damage to your business by deleting data,
engineering denial of service (DDOS) that is distributed against your site, physically steal
a computer or server, and so on.
Interception is a classic hacking, where they steal your data.
Impersonation is a misuse of others' entitlements, which are often obtained through social
engineering attacks or abusive attacks, or purchased on dark sites.
SITI NORHADIAYTUL FITRI BINTI HAJI ABD RASHID 8
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Network Security: A Comprehensive Guide to Protecting Your Organizationlg...
|28
|5139
|104
IT Security Audit: A Comprehensive Guide to Protecting Your Organizationlg...
|30
|6006
|199
Understanding IT Security Risks, Audit, and Policies towards Organizational Information Securitylg...
|17
|3957
|352
Risk assessment of IT security, possible solutions and mechanisms to control IT security risk - HNDlg...
|18
|5374
|103
IT Security: Types of Risks, Organizational Procedures, Impact of Firewall Configuration, Implementation of DMZ, Static IP and NATlg...
|18
|1181
|61
iT Securitylg...
|17
|5127
|60