Securing networked systems.
http://qualifications.pearson.com/content/dam/pdf/BTEC-Specialist-Qualifications/ICT-Systems-and-Principles/2010/Specification/AP025131-BTEC-ICT-Systems-and-Principles-u45.pdf
And the outcomes being covered are:
.1 Describe how networks can be attacked
.1 Describe how networked systems can be protected
2.2 Explain what an organisation can do to minimise security breaches in networked systems
You will probably be asked to put together a power point presentation/word document that covers the above. 'll go into the unit content in a second but in general it needs to be set out in a way that we can easily pick out the evidence which addresses those outcomes.
For example,would start with a section called something like "Network Threats".
Then run through some different threats, as an example:
1. Type of Attack – Virus/Malware, DDoS, Phishing etc.
Description – Give a summary of what this is and some information about how this type of attack might take place, the source of the attack and the damage it could do/effect it will have
2. How to protect against this type of attack.
Mention any software/hardware that can be used to protect against it or minimise the effect of the attack
So you need to come up with a few different examples of the attacks and how to protect against it.
Here is the Unit Content (page 3 of the specification) which relates to the above:
(for 1.1)
Attacks: types eg denial of service, back door, spoofing, mathematical, brute force, software exploitation, viruses, rootkits, worms, Trojans, spyware, adware
Sources of attacks: internal eg disaffected staff; external eg via internet connections or through unsecured wireless access point, viruses introduced by email
(for 2.1)
Email systems: security features eg secure MIME, spam, hoaxing, relay agents
Wireless systems: security features eg site surveys, MAC association, WEP/WPA keys, TKIP
Networked devices: security features eg router, switch, wireless access point
Transmission media: issues eg use of shielding
Personal access control: devices eg biometrics, passwords, usernames, permissions, digital signatures
Security control at device level: access control eg protocols, log in, certificates
Encryption: eg encrypting files for confidentiality, encryption with application-specific tools, recovering encrypted data
Intrusion detection systems: devices eg firewalls, virus protection, spyware protection, file monitoring, folder monitoring, use of honeypots, alarms
You don't need to mention everything pasted above, it is just to give you some ideas of what to talk about.
Pick some of the potential attacks/sources of attack from the 1.1 contents,
Then underneath that address the specific attack with something from the 2.1 contents.
For the second part of the presentation you are looking at the following outcome
2.2 Explain what an organisation can do to minimise security breaches in networked systems
Some people struggle to see the difference between this and 2.1.
2.1 is about addressing the specific attacks mentioned in 1.1. So quite technical.
2.2 is more about general good practice organisations can implements to minimise attacks. Notice the verb used is 'Explain' so you need a little bit more than bullet points here.
You could think of 2.2 as being fairly non-technical as it covers things like monitoring entry to the building, disposing of sensitive info correctly, promoting awareness amongst staff etc.
I'm sure you have plenty of security related policies, training and practices you need to follow when you are at work so feel free to use examples if you like.
The unit content for this is:
Policies and procedures: monitoring; education and training; backup and recovery schemes; configuring and upgrading software; setting up file and folder permissions
User responsibilities: adherence to specific guidelines eg strength of password, installation of new software
Education of IT professionals: maintenance of skills; knowledge of exploits; application of updates and patches
Physical security of system: lock and key; logging of entry; secure room environments; authentication of individual
Risk assessment and reduction: potential risks; penetration testing; security audits
So the second part of the presentation based on the above should finish it off.
Have a look through that and let me know if you want me to go through any of the individual parts, discuss anything first, or for me to check any notes. If you think it all sounds ok then contact the assessor for a brief once your marking is up to date.
Don't think you'll have any issues, the biggest tip I can really give is just to make sure the three outcomes are easily identifiable in the final document:
Section 01: Types of Network Attack (1.1) and How to Protect Against Them (2.1)
Section 02: Networked Systems Security for Organisations. (2.2)
A really good section to look at for this information is comptia 220-1002
And then the security section which contains just about everything you will need.
