Menu
- 10 Marks
Question
In a sophisticated business environment, computer systems are exposed to security risks that threaten the security and integrity of both the system and the data held in it. The risks associated with hackers, eavesdroppers, and viruses can be minimized through a variety of controls that provide network and communication security.
Required:
Identify FIVE (5) controls that can provide network and communication security and comment on each one of them. (10 marks)
Answer
Controls for Network and Communication Security
- Anti-virus software:
Anti-virus software, such as McAfee or Norton, searches systems for viruses and removes them. These programs include an auto-update feature that downloads profiles of new viruses, enabling the software to check for all known or existing viruses. Very new viruses may go undetected by anti-virus software until the software vendor updates their package and the organization installs the update. - Firewall:
External email links can be protected by a firewall, which may be configured to virus-check all messages and may also prevent files of a certain type, such as .exe files, from being sent via email. Firewalls can be implemented in both hardware and software, or a combination of both, and they disable part of the telecoms technology to prevent unauthorized intrusions. - Encryption:
Data transmitted across telecommunications links is exposed to the risk of being intercepted or read during transmission, known as ‘eavesdropping.’ Encryption reduces this risk by scrambling the data at one end of the line, transmitting the scrambled data, and unscrambling it at the receiver’s end of the line. A person intercepting the scrambled data is unable to make sense of it. - Electronic signatures:
Electronic signatures can be provided using public key (or asymmetric) cryptography. Public key cryptography uses two keys: public and private. The private key is only known to its owner and is used to scramble the data contained in a file. The received ‘scrambled’ data is checked against the original file using the public key of the person who signed it. - Authentication:
Authentication ensures that a message has come from an authorized sender by adding extra data in a form previously agreed upon between the sender and recipient. - Dial-back security:
Dial-back security operates by requiring the person wanting access to dial into the network and identify themselves first. The system then dials the person back on their authorized number before allowing access.
(6 points well explained @ 1.67 marks each = 10 marks)
- Tags: Communication Security, IT Controls, Network Security
- Level: Level 1
- Uploader: Uploader1