Professional Documents
Culture Documents
And Data Secure.: Software and Network Security: Encryption Techniques Eg Public and Private Key Call Back
And Data Secure.: Software and Network Security: Encryption Techniques Eg Public and Private Key Call Back
Your manager was impressed with the physical security poster that you created, he has now asked
that you create a booklet to the same standard which this time looks at software and network
security measures.
Again the image of this document is highly regarded. It must be visual with explanations short and
to the point. For each point you must explain how it works and how it can help keep systems
and data secure.
Software and network security: encryption techniques eg public and private key; call back;
handshaking; diskless networks; use of backups; audit logs; firewall configuration; virus
checking software; use of virtual private networks (VPN); intruder detection systems;
passwords; levels of access to data; software updating; disaster recovery eg backup
systems, whole system replacement, tiers of recovery
A) P4
Produce a report that explains the policies and procedures used for managing IT security issues.
These policies should be referred back to relevant examples.
Your report should follow a similar format:
Introduction
Conclusion
Sources
C) P5
Create a presentation which explains how someones employment contract would affect the
security of a system. You should use example that are relevant to an educational centre or a bank.
Items to include:
D) P6
Create a report which will be issued to organisations that reviews the current laws and regulations
which are related to security and privacy of data. Your report should include ways in which these
can effect organisations and the consequences of breaching these laws.
Laws to include:
Laws: legislation eg Computer Misuse Act 1990; Copyright, Designs and Patents Act 1988;
privacy and compensation requirements of Data Protection Act 1984, 1998, 2000
B) M1
You now need to add a section to your presentation where you discuss information security. It is
not sufficient to mearly explain what each is, you must discuss and compare each point.
It is recommended that you begin by expelling each point on a separate slide and then compare
them to each other later on.
All sources must be referenced.
You should be writing about the following:
Information security: confidentiality; data integrity; data completeness; access to data
C) M2
You have now been asked to produce a report that explains the operation of encryption techniques
and how it is used to secure systems transmitted data.
Ciphers
E) M3
Add a section to your report about which explains the role of ethical decision making with regard
to IT security in an organisation. You must provide evidence that you have really thought about
the issues involved and come to a decision about how to deal with each. You should Use the laws
above as well as the section below and think about the ethical decisions for each.
You might like to start by explaining what is meant by ethical.
You should consider the following:
Ethical decision making: eg freedom of information versus personal privacy (electoral roll,
phone book and street maps put together); permission eg to use photographs or videos,
CCTV footage.
D) D1
You have been asked to assume the worst case scenario where an organisation has lost its data.
You must produce a report which discusses and compares different ways of recovering from a
disaster scenario. You should also make suitable diagrams which give a visual representation to
the reader.
You must research into the following areas but be aware each area has more than one topic to
research about:
Whole system replacement - The building has been destroyed, what do you do?
Tiers of recovery
B) D2
Add a new section to your report from above which evaluates the effectiveness of these security
policies.
You should add a new section with a title of Security Policies Effectiveness and you will need to
update your introduction, conclusion and sources.
D1:
Full Back up
Full backup is a method of backup where all the files and folders selected for the
backup will be backed up. It is commonly used as an initial or first backup
followed with subsequent incremental or differential backups. After several
incremental or differential backups, it is common to start over with a fresh full
backup again.
Some also like to do full backups for all backup runs typically for smaller folders
or projects that do not occupy too much storage space.
Incremental backup
Incremental backup is a backup of all changes made since the last backup. The
last backup can be a full backup or simply the last incremental backup. With
incremental backups, one full backup is done first and subsequent backup runs
are just the changed files and new files added since the last backup.
Advantages
Disadvantages
Restores are slower than with a full backup and differential backups.
Restores are a little more complicated. All backup sets (first full
backup and all incremental backups) are needed to perform a restore.
Differential backup
Differential backups fall in the middle between full backups and incremental
backup. A differential backup is a backup of all changes made since the last full
backup. With differential backups, one full backup is done first and subsequent
backup runs are the changes made since the last full backup. The result is a
much faster backup then a full backup for each backup run. Storage space used
is less than a full backup but more then with Incremental backups. Restores are
slower than with a full backup but usually faster then with Incremental backups
While Wednesdays backup does not include the files from the first full backup, it
still contains the files backed up on Tuesday.
Advantages
Disadvantages
Mirror backup
Mirror backups are as the name suggests a mirror of the source being backed up. With mirror
backups, when a file in the source is deleted, that file is eventually also deleted in the mirror
backup. Because of this, mirror backups should be used with caution as a file that is deleted by
accident, sabotage or through a virus may also cause that same file in mirror to be deleted as well.
Some do not consider a mirror to be a backup.
Many online backup services offer a mirror backup with a 30 day delete. This means that when you
delete a file on your source, that file is kept on the storage server for at least 30 days before it is
eventually deleted. This helps strike a balance offering a level of safety while not allowing the
backups to keep growing since online storage can be relatively expensive.
Many backup software utilities do provide support for mirror backups.
Advantages
The backup is clean and does not contain old and obsolete files
Disadvantages
There is a chance that files in the source deleted accidentally, by sabotage or through a
virus may also be deleted from the backup mirror.
Full PC backup of full computer backup typically involves backing up entire images of the
computers hard drives rather than individual files and folders. The drive image is like a snapshot of
the drive. It may be stored compressed or uncompressed.
With other file backups, only the users document, pictures, videos and music files can be restored
while the operating system, programs etc need to be reinstalled from is source download or disc
media.
With the full PC backup however, you can restore the hard drives to its exact state when the
backup was done. Hence, not only can the documents, pictures, videos and audio files be restored
but the operating system, hardware drivers, system files, registry, programs, emails etc. In other
words, a full PC backup can restore a crashed computer to its exact state at the time the backup
was made.
Full PC backups are sometimes called Drive Image Backups
Advantages
A crashed computer can be restored in minutes with all programs databases emails etc
intact. No need to install the operating system, programs and perform settings etc.
Ideal backup solution for a hard drive failure.
Disadvantages
May not be able to restore on a completely new computer with a different motherboard,
CPU, Display adapters, sound card etc.
Any problems that were present on the computer (like viruses, or mis-configured drivers,
unused programs etc) at the time of the backup may still be present after a full restore.
Local backup
A local backup is any backup where the storage medium is kept close at hand. Typically, the
storage medium is plugged in directly to the source computer being backed up or is connected
through a local area network to the source being backed up.
Advantages
Offers good protection from hard drive failures, virus attacks, accidental deletes and
drives
Data transfer cost to the storage medium can be negligible or very cheap
Since the backups are stored close by, they are very conveniently obtained whenever
Disadvantages
Since the backup is stored close by to the source, it does not offer good protections against
theft, fire, flood, earthquakes and other natural disasters. When the source is damaged by any of
these circumstances, theres a good chance the backup will be also damaged.
Offsite backup
Any backup where the backup storage medium is kept at a different geographic location from the
source is known as an offsite backup. The backup may be done locally at first on the usual storage
devices but once the storage medium is brought to another location, it becomes an offsite backup.
When the backup drives of the office computers are taken home by the Administrator or
Manager for safekeeping.
When the backup drive is kept at another branch office at another site or building.
When the backup drive is kept at a bank safe deposit box.
When the backup is sent across the Internet or network connection to a storage facility or
data centre in another city. (Also known as online backup or remote backup)
Offsite backups offer all of the same protection as local backups with added protection against
theft, fire, floods, earthquakes, hurricanes and other natural disasters. Putting the backup media in
the next room as the source would not be considered an offsite backup as the backup does not
offer this added protection.
Advantages
Offers additional protection when compared to local backup such as protection from theft,
fire, flood, earthquakes, hurricanes and more.
Disadvantages
Except for online backups, it requires more due diligence to bring the storage media to the
offsite location.
May cost more as people usually need to rotate between several storage devices. For
example when keeping in a bank deposit box, people usually use 2 or 3 hard drives and rotate
between them. So at least one drive will be in storage at any time while the other is removed to
perform the backup.
Because of increased handling of the storage devices, the risk of damaging delicate hard
disk is higher. (does not apply to online storage)
NOTE : With faster Internet connections and more and more online backup providers coming up
with competitive packages, the practice of bringing home a hard disk or bringing it to the bank is
becoming less attractive.
Online backup
An online backup is a backup done on an ongoing basis to a storage medium that is always
connected to the source being backed up. The term online refers to the storage device or facility
being always connected. Typically the storage medium or facility is located offsite and connected to
the backup source by a network or Internet connection. It does not involve human intervention to
plug in drives and storage media for backups to run.
Many commercial data centers now offer this as a subscription service to consumers. The storage
data centers are located away from the source being backed up and the data is sent from the
source to the storage center securely over the Internet.
Typically a client application is installed on the source computer being backed up. Users can define
what folders and files they want to backup and at one times of the day they want the backups to
run. The data may be compressed and encrypted before being sent over the Internet to the
storage data center.
The storage facility is a commercial data center located away from the source computers being
backed up. Typically they are built to certain fire and earthquake safety specifications. They have
higher security standards with CCTV and round the clock monitoring. They typically have backup
generators to deal with grid power outages and the facility is temperature controlled. Data is not
just stored in one physical media but replicated across several devices. These facilities are usually
serviced by multiple redundant Internet connection so there is no single point of failure to bring
the service down.
Advantages
Offers the best protection against fires, theft and natural disasters.
Because data is replicated across several storage media, the risk of data loss from
Disadvantages
Is a more expensive option then local backups.
Initial or first backups can be a slow process spanning a few days or weeks depending on
Internet connection speed and the amount of data backed up.
Can be slow to restore.
Remote backup
emote backups are a form of offsite backup with a difference being that you can access, restore or
administer the backups while located at your source location or other physical location. The term
remote refers to the ability to control or administer the backups from another location.
You do not need to be physically present at the backup storage facility to access the backups.
Putting your backup hard drive at your bank safe deposit box would not be considered a remote
backup. You cannot administer or access it without making a trip to the bank. The term remote
backup is often used loosely and interchangeably with online backup and cloud backup.
Advantages
Disadvantages
More expensive then local backups
Cloud backup
Cloud backup is a term often used loosely and interchangeably with Online Backup and Remote
Backup. This is a type of backup where data is backed up to a storage server or facility connected
to the source via the Internet. With the proper login credentials, that backup can then be accessed
securely from any other computer with an Internet connection. The term cloud refers to the
backup storage facility being accessible from the Internet.
Advantages
Since this is an offsite backup, it offers protection from fire, floods, earth quakes and other
natural disasters.
Able to easily connect and access the backup with just an Internet connection.
Data is replicated across several storage devices and usually serviced by multiple internet
Disadvantages
FTP backup
This is a kind of backup where the backup is done via the File Transfer Protocol (FTP) over the
Internet to an FTP Server. Typically the FTP Server is located in a commercial data center away
from the source data being backed up. When the FTP server is located at a different location, this
is another form of offsite backup.
Advantages
Since this is an offsite backup, it offers protection from fire, floods, earth quakes and other
natural disasters.
Able to easily connect and access the backup with just an Internet connection.
Disadvantages