Computer Science – 6.1 Data Security | e-Consult
6.1 Data Security (1 questions)
Login to see all questions.
Click on a question to view the answer
Protecting computer systems requires a layered approach, employing a combination of hardware and software security measures. The specific measures implemented depend on the system's criticality and the potential threats it faces. Here's a breakdown across different levels:
Stand-alone PC Security:
- Antivirus/Antimalware Software: Detects and removes malicious software like viruses, worms, and Trojans. Regular updates are crucial.
- Firewall: Controls network traffic, blocking unauthorized access to the PC. Software firewalls are typically built into operating systems.
- Strong Passwords & Multi-Factor Authentication (MFA): Using complex, unique passwords and enabling MFA significantly reduces the risk of unauthorized access.
- Operating System Updates (Patching): Regularly applying security patches addresses known vulnerabilities in the OS.
- Data Encryption: Encrypting sensitive data protects it if the PC is lost or stolen. Full disk encryption is a common option.
- Physical Security: Protecting the PC from physical theft or unauthorized access is essential.
Network Security:
- Firewall (Network Level): A network firewall protects the entire network from external threats. It examines incoming and outgoing traffic and blocks suspicious connections.
- Intrusion Detection/Prevention Systems (IDS/IPS): Monitors network traffic for malicious activity and takes action to prevent attacks. IDS detects, IPS prevents.
- Access Control Lists (ACLs): Controls which users and devices can access specific network resources.
- Virtual Private Networks (VPNs): Encrypts network traffic, protecting data transmitted over public networks.
- Network Segmentation: Dividing the network into smaller, isolated segments limits the impact of a security breach.
- Regular Security Audits: Periodically reviewing network security configurations and logs to identify vulnerabilities.
Threat Considerations:
- Malware (Viruses, Ransomware, Trojans): Preventative measures include antivirus software, strong passwords, and avoiding suspicious links/attachments. Detective measures include regular scans and intrusion detection systems.
- Denial-of-Service (DoS) Attacks: Network firewalls and intrusion prevention systems can help mitigate DoS attacks. Rate limiting can also be employed.
- Man-in-the-Middle (MitM) Attacks: Using HTTPS and VPNs protects against MitM attacks.
- Phishing Attacks: User education is crucial to prevent phishing attacks. Email filtering and spam detection can also help.