Describe security methods designed to protect the security of data

6.1 Data Security 🚨

What is Data Security?

Data security is like a digital lockbox that keeps information safe from unauthorised access, misuse, or theft. Think of it as a vault that only the right keys can open. 🔐

Common Threats ⚠️

  • Malware & Viruses 🦠
  • Phishing Attacks 🎣
  • Man‑in‑the‑Middle (MITM) 🕵️‍♂️
  • Weak Passwords 🔑
  • Insider Threats 👥

Security Methods 🛡️

Below are the main methods used to protect data. Each method is like a different layer of a castle wall.

Method Purpose Example
Encryption Turns readable data into unreadable code. AES, RSA
Authentication Verifies who you are. Passwords, 2FA, biometrics
Access Control Limits what authorised users can do. Role‑based access, ACLs
Audit Trails Records who accessed what and when. Log files, monitoring tools

Encryption Explained 🔒

Think of encryption as a secret code that only people with the right key can decode. Two popular types:

  1. Symmetric Encryption – same key for encrypting and decrypting. Example: AES (Advanced Encryption Standard).
  2. Asymmetric Encryption – public key to encrypt, private key to decrypt. Example: RSA.

    RSA formula: $E(m) = m^e \mod n$ (encrypt) and $D(c) = c^d \mod n$ (decrypt). The pair $(e, n)$ is public, $(d, n)$ is private.

Authentication & Access Control 🧩

Authentication is like showing your ID at a club door. Access control decides what rooms you can enter after you’re let in.

  • Password strength: use at least 12 characters, mix of letters, numbers, symbols.
  • Two‑factor authentication (2FA): add a second step, e.g., a code from your phone.
  • Role‑based access control (RBAC): users get permissions based on their job role.

Security Best Practices 🧪

  1. Keep software up‑to‑date: install patches promptly.
  2. Use firewalls to block unwanted traffic.
  3. Back up data regularly and store backups securely.
  4. Educate users about phishing and social engineering.
  5. Implement least‑privilege principle: give users only the access they need.

Exam Tips for 9618 📚

Remember:

  • Define key terms: confidentiality, integrity, availability (CIA triad).
  • Use diagrams to show how encryption or authentication works.
  • Explain the purpose of each security method with a real‑world example.
  • Show awareness of current threats and how to mitigate them.
  • Practice writing short, clear explanations – examiners look for understanding, not just jargon.

Revision

Log in to practice.

2 views 0 suggestions