Describe methods that can be used to restrict the risks posed by threats

6.1 Data Security – Restricting Risks from Threats

Common Threat Types

• Malware (viruses, worms, trojans) 🦠
• Phishing & social engineering 🎣
• Denial‑of‑Service (DoS) attacks 🚫
• Insider threats (employees misusing access) 👤
• Unpatched software vulnerabilities 🔧

Methods to Restrict Risks

1. Authentication – Confirming who you are.

   Analogy: A password is like a secret handshake you share only with trusted friends. 🗝️

   • Passwords & PINs
   • Two‑factor authentication (2FA) – a second check, like a key + a fingerprint.
   • Biometrics – fingerprint, face scan.
2. Authorization – Deciding what a user can do.

   Analogy: A library card lets you borrow books, but not the staff room. 📚

   • Role‑Based Access Control (RBAC)
   • Least Privilege principle – give only the minimum rights needed.
3. Encryption – Turning data into unreadable code.

   Analogy: Writing a message in a secret language that only you and your friend can read. 🧩

   Example formula (RSA):
   $$E(m) = m^e \bmod n$$

   • Symmetric (same key for encrypt/decrypt) – fast, used for files.
   • Asymmetric (public/private key pair) – secure key exchange.
4. Firewalls & Network Segmentation – Physical and virtual barriers.

   Analogy: A fence around your house keeps unwanted visitors out. 🚧

   • Hardware firewalls – hardware devices.
   • Software firewalls – installed on PCs.
   • Segmentation – dividing networks into isolated zones.
5. Patch Management – Updating software to fix known bugs.

   Analogy: Fixing cracks in a wall before a storm hits. 🛠️

6. Security Monitoring & Logging – Watching for suspicious activity.

   Analogy: CCTV cameras that record everything. 📹

7. Backup & Recovery – Keeping copies of data.

   Analogy: A spare key hidden in a safe. 🔑

8. Security Awareness Training – Teaching users to spot threats.

   Analogy: A safety drill before a fire. 🚒

Risk Assessment Table