💾 Test 2 Specification

Data Protection, Security and Acess Control

Topic 1: Protection of data

    1. Data Security

    Students should be able to:

    • Define data security
    • Explain why data security is important
    • Identify factors affecting data security

    Data Security is the protection of data from unauthorized access, theft, corruption, or loss

    Factors affecting data security include:

    • Weak passwords
    • Viruses and malware
    • Unauthorized users
    • Hardware failure
    • Power outages
    • Natural disasters
    • Human Error

Types of threats to computer systems

Types of threats:

  • Virus
  • Worm
  • Trojan Horse
  • Spyware
  • Ransomware
  • Hacker Attack
  • Power failure

Methods of protecting data

  • Use strong passwords
  • Install anti-virus
  • Update software regularly
  • use firewalls
  • Restrict unauthorized access
  • Backup important files
  • Use encryption

Data backup

A backup is a copy of data stored seperately from the original

types of backup:

  • Full backup
  • Incremental backup
  • System backup
  • Selective backup
  • cloud backup

    • What students should know:

  • What a backup is
  • Why backups are important
  • Different types of backup

A full backup is a complete copy of all data on a computer or storage device.

An incremental backup only copies data that has changed since the last backup, making it faster and more efficient than a full backup.

A system backup creates a copy of the entire operating system, including all files, settings, and applications, allowing for a complete restore in case of a system failure.

A selective backup allows users to choose specific files or folders to back up, providing flexibility in what data is protected.

Cloud backup involves storing data on remote servers accessed via the internet, providing off-site protection and easy access from multiple devices.

Disaster Recovery Plan (DRP)

A Disaster Recovery Plan (DRP) is a documented process or set of procedures to recover and protect a business's IT infrastructure in the event of a disaster.

Key components of a DRP include:

  • Risk Assessment
  • Business Impact Analysis
  • Recovery Strategies
  • Plan Development
  • Testing and Maintenance

Examples of disasters:

  • Fire
  • Flood
  • Earthquake
  • Cyber Attack
  • Power Outage
  • Hardware Failure
  • Human Error

A DRP helps organizations minimize downtime, protect data, and ensure business continuity in the face of unexpected events. It is essential for businesses to regularly review and update their DRP to address new threats and changes in technology.

Recovery actions:

  • Data Restoration from backup
  • Assess damage
  • Repair hardware
  • Communication Plan
  • Testing and Training
    • You don't need to memorize all of this! Look at the main heading of the lesson and refer to your notes

Encryption and Cryptography

Encryption is the process of converting data into a coded format to prevent unauthorized access. Cryptography is the study of techniques for secure communication in the presence of adversaries.

What encryption use:

  • Protect confidential information
  • Secure online transactions
  • Prevent unauthorized access

Cryptography is the science of securing information using codes and encryption techniques.

Digital Signatures

A digital signature is a cryptographic technique used to verify the authenticity and integrity of digital documents or messages. It provides a way to ensure that the sender of a message is who they claim to be and that the message has not been altered in transit.

How digital signatures work:

  • Key Generation: The sender generates a pair of cryptographic keys - a private key and a public key.
  • Signing: The sender uses their private key to create a digital signature for the message or document they want to send.
  • Verification: The recipient uses the sender's public key to verify the digital signature. If the signature is valid, it confirms that the message was indeed sent by the claimed sender and has not been tampered with.

Purpose

  • Confirms identity of sender
  • Verifies document integrity
  • Authenticate users
  • Prevents document tampering

Biometrics

Biometrics refers to the measurement and analysis of unique physical or behavioral characteristics for the purpose of identification and access control. It is commonly used in security systems to verify the identity of individuals based on their biometric traits.

Types of biometric authentication:

  • Fingerprint scanner
  • Facial recognition
  • Voice recognition
  • Retina scan

Malware

Malware is software designed to damage, disrupt, or gain unauthorized access to computer systems.

  • Viruses
  • Worms
  • Trojan Horses
  • Ransomware

Preventing malware

  • Install antivirus software
  • Keep software updated
  • Avoid suspicious links and downloads
  • Use strong passwords

Multi-factor authentication

Multi-factor authentication (MFA) is a security process that requires users to provide two or more forms of identification before gaining access to a system or account. This adds an extra layer of security by combining something the user knows (like a password), something they have (like a smartphone), and something they are (like a fingerprint).

Types of MFA:

  • Something you know (Password,Pin)
  • Something you have (Mobile phont)
  • Somthing you are (Biometric authentication; fingerprint, iris, etc)

Benefits

  • Stronger security
  • Reduces unatuthorized access
  • Protects sensitive information

Topics most likely to appear in the test

  • Types of threats
  • Methods of Protecting Data
  • Types of backup
  • Disaster Recovery Plan
  • Enryption
  • Digital Signatures
  • Biometrics
  • Malware and Types of Malware
  • Ways to prevent virus
  • Multi-factor authentication
← Back to Home