Post on 06-Nov-2015
description
Sales Training
ICDL PROFILE
Presented by : Shajid C1
IT SecurityMODULE - 12Security Concepts
International Computer Driving License Module 12 ExecuTrain of Qatar
Data ThreatsDistinguish between data and information.Understand the term cybercrime.Understand the difference between hacking, cracking and ethical hacking.Recognise threats to data from force majeure like: fire, floods, war, earthquake.Recognise threats to data from: employees, service providers and external individuals.
International Computer Driving License Module 12 ExecuTrain of Qatar
Distinguish between data and informationData is raw, unorganized facts that need to be processed. Data can be something simple and seemingly random and useless until it is organized.When data is processed, organized, structured or presented in a given context so as to make it useful, it is called information.International Computer Driving License Module 5 ExecuTrain of Qatar
CybercrimeIdentity TheftPhishingHackingDownloading illegal music or videos.Electronic Vandalism, terrorism and extortion.Illegal interception of communications.Inappropriate and other offensive materialElectronic money laundering.
International Computer Driving License Module 12 ExecuTrain of Qatar
Hacking / Cracking/ Ethical Hacking
International Computer Driving License Module 12 ExecuTrain of Qatar
Threats to data from force majeureForce Majeure relates to unforeseen events beyond the control of the company.FireFloodsWarEarthquake.
International Computer Driving License Module 12 ExecuTrain of Qatar
Other threats to dataEmployeesService providersExternal individualsInternational Computer Driving License Module 12 ExecuTrain of Qatar
Value of InformationReasons for protecting personal information like: Avoiding identity theftName, Credit Card Number, Address, DOB, etc.FraudBorrow moneyObtain Services
International Computer Driving License Module 12 ExecuTrain of Qatar
Value of Informationcont..Reasons for protecting commercially sensitive information like:Preventing theft or misuse of :Client detailsFinancial information
International Computer Driving License Module 12 ExecuTrain of Qatar
Value of Informationcont..Identify measures for preventing unauthorised access to data like: EncryptionDigital ID (Private Key)Certificate (Public Key)PasswordsInternational Computer Driving License Module 12 ExecuTrain of Qatar
Value of Informationcont..Basic characteristics of information security like: Confidentiality Integrity Availability
International Computer Driving License Module 12 ExecuTrain of Qatar
Value of Informationcont..Identify the main data/privacy protection, retention and control requirements in your country.Data Protection Act.1995 European Data Protection DirectiveTo Protect the rights of the Data SubjectTo set out the responsibilities of the data controller
International Computer Driving License Module 12 ExecuTrain of Qatar
Value of Informationcont..Rights of the Data Subject:Fairly and lawfully processedProcessed for limited purposesAdequate, relevant and not excessiveAccurateNot kept longer than necessaryProcessed in accordance with the data subject rightsSecureNot transferred to countries without adequate data protection
International Computer Driving License Module 12 ExecuTrain of Qatar
Value of Informationcont..Importance of creating and adhering to guidelines and policies for ICT use.FirewallAutomatic UpdatesAnti virusAnti-spywarePasswordsInternet SecurityInstall and Uninstall Devices or Software's.
International Computer Driving License Module 12 ExecuTrain of Qatar
Personal SecuritySocial engineering Information gathering.Fraud.Computer system access.
International Computer Driving License Module 12 ExecuTrain of Qatar
Methods Of Social EngineeringPhone CallsPhishingShoulder Surfing
International Computer Driving License Module 12 ExecuTrain of Qatar
Identity theft and its implicationsPersonalFinancialBusinessLegal
International Computer Driving License Module 12 ExecuTrain of Qatar
Methods of identity theftInformation DivingSkimmingPretexting
International Computer Driving License Module 12 ExecuTrain of Qatar
File SecurityUnderstand the effect of enabling/ disabling macro security settings.Set a password for files like:DocumentsCompressed filesSpreadsheets
International Computer Driving License Module 12 ExecuTrain of Qatar
EncryptionAdvantages Of EncryptionLimitations Of Encryption
International Computer Driving License Module 12 ExecuTrain of Qatar
Malware
International Computer Driving License Module 12 ExecuTrain of Qatar
MalwareTrojansRootkitsBackdoors
International Computer Driving LicenseInfectious MalwareVirusesWorms
International Computer Driving License Module 12 ExecuTrain of Qatar
MalwaresTypes of data theft, profit generating/extortion malwares : AdwareSpyware BotnetsKeystroke LoggingDiallers
International Computer Driving License Module 12 ExecuTrain of Qatar
Anti-virus softwareAnti-VirusLimitations of Anti-VirusVirus Scan Specific drivesFoldersFiles usingSchedule scans
International Computer Driving License Module 12 ExecuTrain of Qatar
Anti-virus softwareQuarantine : Effect of quarantining infected/suspicious files.
International Computer Driving License Module 12 ExecuTrain of Qatar
Anti-virus software - InstallationImportance of :Downloading and installing software updatesAnti-virus definition files
International Computer Driving License Module 12 ExecuTrain of Qatar
Network Security
International Computer Driving License Module 12 ExecuTrain of Qatar
NetworksNetwork types:Local area network (LAN)Wide area network (WAN)Virtual private network (VPN)
International Computer Driving LicenseRole of the network administratorManaging the:AuthenticationAuthorisationAccounting
International Computer Driving License Module 12 ExecuTrain of Qatar
FirewallFunctionsLimitationsInternational Computer Driving License Module 12 ExecuTrain of Qatar
Network ConnectionsCablesWirelessInternational Computer Driving License Module 12 ExecuTrain of Qatar
Network Security ImplicationsMalwareUnauthorised data accessMaintaining PrivacyInternational Computer Driving License Module 12 ExecuTrain of Qatar
Wireless SecurityPassword for Wireless network.Wired Equivalent Privacy (WEP)Encryption using Network Security key. Wi-Fi Protected Access (WPA)Media Access Control (MAC)International Computer Driving License Module 12 ExecuTrain of Qatar
Unprotected Network - Security issuesVisibility to other users
International Computer Driving License Module 12 ExecuTrain of Qatar
Connect to a Wi-Fi network
International Computer Driving License Module 12 ExecuTrain of Qatar
Access ControlNetwork AccountLoginUsername and PasswordPassword PoliciesEasy to remember difficult to guessMinimum Eight CharactersMix of Numbers letters symbolsCase sensitiveInternational Computer Driving License Module 12 ExecuTrain of Qatar
Biometric SecurityFingerprint ScanningFacial RecognitionVoice RecognitionEye ScanningInternational Computer Driving License Module 12 ExecuTrain of Qatar
Secure Web Use
International Computer Driving License Module 12 ExecuTrain of Qatar
Web BrowsingBe aware that certain online activity (purchasing, financial transactions) should only be undertaken on secure web pages.Identify a secure website like:httpslock symbol
International Computer Driving License Module 12 ExecuTrain of Qatar
PharmingPharming is a cyber attack intended to redirect a website's traffic to another, fake site.Pharmingcan be conducted either by changing the hosts file on a victim's computer or by exploitation of a vulnerability in DNS server softwareInternational Computer Driving License Module 12 ExecuTrain of Qatar
Digital CertificateIn cryptography, a public keycertificate(also known as adigital certificateor identity certificate) is an electronic document used to prove ownership of a public key.Secure Socket Layer (SSL)Transport Layer Security (TSL)
International Computer Driving License Module 12 ExecuTrain of Qatar
SSL
International Computer Driving License Module 12 ExecuTrain of Qatar
One Time Password - OTPA one-time password is a password that is valid for only one login session or transaction, on a computer system or other digital device.International Computer Driving License Module 12 ExecuTrain of Qatar
Browser SettingsAutocompleteCookieDelete Private DataInternational Computer Driving License Module 12 ExecuTrain of Qatar
Content ControlInternet filtering software,Parental control software.
International Computer Driving License Module 12 ExecuTrain of Qatar
Social NetworkingUnderstand the importance of not disclosing confidential information on social networking sites
International Computer Driving License Module 12 ExecuTrain of Qatar
Social Networking Cont..Be aware of the need to apply appropriate social networking account privacy settings.Understand potential dangers when using social networking sites like: Cyber BullyingGroomingMisleading/Dangerous InformationFalse IdentitiesFraudulent Links Or Messages.
International Computer Driving License Module 12 ExecuTrain of Qatar
Communications
International Computer Driving License Module 12 ExecuTrain of Qatar
Encrypting, Decrypting An EmailUnderstand the purpose of encrypting, decrypting an email.Understand the term digital signature.Create and add a digital signature.
International Computer Driving License Module 12 ExecuTrain of Qatar
eMail SecurityBe aware of the possibility of receiving fraudulent and unsolicited e-mailUnderstand the term phishing. Identify common characteristics of phishing like: using names oflegitimate companies, people, false web links.Be aware of the danger of infecting the computer with malware by opening an e-mail attachment that contains a macro or an executable file.
International Computer Driving License Module 12 ExecuTrain of Qatar
Instant MessagingUnderstand the term instant messaging (IM) and its usesUnderstand the security vulnerabilities of IM like:malware, backdoor access, access to files.Recognise methods of ensuring confidentiality while using IM like: encryption, non-disclosureof important information, restricting file sharing
International Computer Driving License Module 12 ExecuTrain of Qatar
Secure Data ManagementInternational Computer Driving License Module 12 ExecuTrain of Qatar
Securing and Backing Up DataRecognise ways of ensuring physical security of devices like: log equipment location and details, use cable locks, accesscontrol.
International Computer Driving License Module 12 ExecuTrain of Qatar
Securing and Backing Up DataRecognise the importance ofhaving a back-up procedure in case of loss of data, financial records, web bookmarks/history.
International Computer Driving License Module 12 ExecuTrain of Qatar
Securing and Backing Up DataIdentify the features of a backup procedure like:regularity/frequency, schedule, storage location.
International Computer Driving License Module 12 ExecuTrain of Qatar
Back up and Restore dataBack up data.Restore and validate backed up data.
International Computer Driving License Module 12 ExecuTrain of Qatar
Secure DestructionUnderstand the reason for permanently deleting data from drives or devices.Distinguish between deleting and permanently destroying data
International Computer Driving License Module 12 ExecuTrain of Qatar
Secure DestructionIdentify common methods of permanently destroying data like: shreddingdrive/media destruction degaussingUsing data destruction utilities.
International Computer Driving License Module 12 ExecuTrain of Qatar
International Computer Driving License