May 2019 Q6 a.
In a sophisticated business environment, computer systems are exposed to security risks that threaten the security and integrity of both the system and the data held in it. The risks associated with hackers, eavesdroppers and viruses can be minimised through a variety of controls that provide network and communication security.
Required:
Identify FIVE (5) controls that can provide network and communication security and comment on each one of them.(10 marks)
View Solution
- Anti-virus software
Anti-virus software, such as McAfee or Norton, search systems for viruses and remove them. Anti-virus programs include an auto-update feature that downloads profiles of new viruses, enabling the software to check for all known or existing viruses. Very new viruses may go undetected by anti-virus software (until the anti-virus software vendor updates their package – and the organisation installs the update). - A firewall
External email links can be protected by way of a firewall that may be configured to virus check all messages, and may also prevent files of a certain type being sent via email (eg .exe files, as these are the most common means of transporting a virus). Firewalls can be implemented in both hardware and software, or a combination of both. A firewall disables part of the telecoms technology to prevent unauthorised intrusions. - Encryption
Data that is transmitted across telecommunications links is exposed to the risk of being intercepted or read during transmission (known as ‘eavesdropping’). Encryption is used to reduce this risk and involves scrambling the data at one end of the line, transmitting the scrambled data, and unscrambling it at the receiver’s end of the line. A person intercepting the scrambled data is unable to make sense of it. - Electronic signatures
One way of providing electronic signatures is to make use of what is known as public key (or asymmetric) cryptography signatures. Public key cryptography uses two keys – public and private. The private key is only known to its owner and is used to scramble the data contained in a file. The received ‘scrambled’ data is checked against the original file using the public key of the person who signed it. - Authentication
Authentication is a technique of making sure that a message has come from an authorised sender. Authentication involves adding extra data in a form previously agreed between sender and recipient. - Dial-back security
Dial-back security operates by requiring the person wanting access to dial into the network and identify themselves first. The system then dials the person back on their authorised number before allowing access.