ࡱ> M bjbj== !WW}lHHHHHHH\:::8:L;|\1f<|=:===="= =$ d֑H=====֑ AHH== A A A=:H=H= A= A AEI~{HH<=< ~A\88:&>\Ć<<t 01<@< A\\HHHHExplain the consequences of malpractice and crime on information systems. Chapter 10 Describe the possible weak points within information technology systems. Chapter 11 - online systems, storage medium, theft or duplication, compromising electronic emanations (tempest), viruses Describe the measures that can be taken to protect information technology systems against internal and external threats. - Clerical procedures, passwords, levels of access, write-protect, back-up, restoration and recovery. Describe the access levels required for on-line files Describe the particular issues surrounding access to, and use of the Internet; e.g. censorship, security, ethics. THE CONSEQUENCES OF MALPRACTICE AND CRIME ON INFORMATION SYSTEMS  HYPERLINK "http://www.met.police.uk/computercrime/" http://www.met.police.uk/computercrime/ HYPERLINK "http://news.bbc.co.uk/1/hi/business/2264508.stm" http://news.bbc.co.uk/1/hi/business/2264508.stm HYPERLINK "http://www.trusecure.com/" http://www.trusecure.com/Theft or corruption of data etc. can prove fatal to businesses and to life itself e.g. 80% of companies go bust within 18 months of disaster. Sinking of HMS Sheffield in Falklands war - inability of anti-missile radar to function when a telephone call was being made to London on the same frequency. Air crashes resulting from errors in flight data stored in airborne computer. Case Study Heathcote P.50 NHSNet is the system used by the NHS to store patients' records. Staff can access the system with a swipe card and there is a firewall between the computer system and the Internet. The NHS says that the system will only be accessed by authorised people who have a clear need to use it and that all operations on the system will be monitored. Others suggest that the sheer number of people who will be using the system will mean that the swipe card system is not a sufficient level of security. Heathcote lists groups of people who might want to steal data from the NHS: Insurance companies Anti abortionists Blackmailers Stalkers Lawyers (the ambulance chasing variety) Companies marketing drugs Funeral parlours POSSIBLE WEAK POINTS WITHIN AN ICT SYSTEM. 1. Dishonest employees who use the computer system to commit crime e.g. fraud Bogus data entry e.g. changing or inventing data so improper data is produced Using knowledge of banks computer system to embezzle money from inactive customer accounts. Bogus output Program patching Alteration of files Suspense accounts Ghost accounts 2. Stealing from the computer  HYPERLINK "http://www.wired.com/wired/archive/4.02/catching.html" http://www.wired.com/wired/archive/4.02/catching.html Physical theft - a disk or software, or copying ideas (theft of intellectual rights) Theft of computer time- e.g. running own business on company computers, stealing electricity Software piracy Hacking. Industrial Espionage  HYPERLINK "http://news.com.com/2009-1001-954728.html" http://news.com.com/2009-1001-954728.html 3 Attacking the computer A virus e.g. Morris Worm ( a program that replicates itself and spreads from computer to computer An e-mail bomb 4. Hardware failure e.g. a hard disk failure could render the data inaccessible Disc Crashes 5. Malpractice Faulty procedures (e.g. poorly trained employees who don't know how to use the system properly) Backup procedures not being followed (e.g. by an employee using a laptop outside the office) 6. Acts of God i.e.. Natural disasters e.g. fire, flood, earthquake 7. IP Spoofing A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify the packet headers so that it appears that the packets are coming from that host. 8. e-mail spoofing Forging an e-mail header to make it appear as if it came from somewhere or someone other than the actual source. 9. Phreaking Closely related to hacking, using a computer or other device to trick a phone system. Typically, phreaking is used to make free calls or to have calls charged to a different account. MEASURES TO PROTECT ICT SYSTEMS FROM INTERNAL AND EXTERNAL THREATS. See the diagram in Heathcote p.249 Improve network security Maintenance contracts Uninterruptible Power Supply (UPS) Using tape-streamers Training Staff Employing security staff Using disk mirroring Staff training p.52  HYPERLINK "http://www.fast.org.uk/" http://www.fast.org.uk/ So that staff know how to use the system and do not, therefore, do accidental damage To be aware of legislation see Data Protection Act, Computer Misuse Act, Health and Safety, Copyright. Be aware of safe procedures see BS7799 Be aware of the company Code of Conduct. BS7799 BS 7799 (ISO17799) is comprehensive in its coverage of security issues, containing a significant number of control requirements. Compliance with it is consequently a far from trivial task, even for the most security conscious of organizations.  HYPERLINK "http://www.thewindow.to/bs7799/" http://www.thewindow.to/bs7799/ Set up an Audit Trail P51  HYPERLINK "http://www.guardian.co.uk/online/story/0,3605,390973,00.html" http://www.guardian.co.uk/online/story/0,3605,390973,00.html A record showing who has accessed a computer system and what operations he or she has performed during a given period of time. Audit trails are useful both for maintaining security and for recovering lost transactions. Most accounting systems and database management systems include an audit trail component. In addition, there are separate audit trail software products that enable network administrators to monitor use of network resources. Timestamping of files to aid the audit trail. Backup Procedures p.52 Maintain the generational system of backups (Grandfather-Father-Son) p.247. Online Backup is a system by which all data is stored onto three separate disks (if one disk fails, the transaction is still processed). Periodic Backup means backing up at specified intervals (e.g. every day). For extra security, the backup tape is often moved to a secure location e.g. a fireproof safe or a completely different building. In the case of a laptop, it could be given a "boot lock" and sensitive data on the computer could be encrypted. Physical Protection p.51 ID badges for employees an entry control system to the IT department keycards Voiceprints Retina scans Checks on prospective employees to combat techno-terrorism Never use original program disc Asset register Caution CCTV Smartcards Password Protection There should be frequent updates of passwords, read p.252 about handshaking and the use of one-time passwords. A Hierarchy of passwords is often used (see below) Callback Software Terminal Identification measures include lockouts - e.g. three tries at a password and the use of Callback software via modem. Encryption p.51 HYPERLINK "http://computer.howstuffworks.com/encryption.htm" http://computer.howstuffworks.com/encryption.htm HYPERLINK "http://www.learnthenet.com/english/animate/encrypt.html" http://www.learnthenet.com/english/animate/encrypt.htmlThe translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it Examples of information that would be encrypted are:- Credit-card information Social Security numbers Private correspondence Personal details Sensitive company information Bank-account information Virus Protection p.52 Virus protection software and routines (p.253) What is a virus? How might it be introduced? What measures should be taken to minimise the risks? RAID, Redundant servers Access Rights and Access Levels Access rights may typically be set to Read-Only, Read/Write, or No Access. This ensures that users within a company can only change data they are authorised to do so. On the school network, different access levels exist: 1. ICT Technician s (full accessrights) 2. Teachers (have access to shared folders and their student work) Students Basic Group Why is it important to control access in this way? On a hospital network, the access levels might be: 1. No Access (receptionists will not be allowed any access to patients records) 2. Read Only (junior nursing staff would be allowed to read records but not to change them) 3. Read and Copy (a doctor from another hospital might be allowed to take a copy of a patient record) 4. Read and Update (only the patients own doctor would be allowed to update a record) Problems still exist. For example, people can leave terminals logged on (terminals could be set to shut down after a specified period e.g. 10 minutes). Technical support staff could have access to sensitive data when they are repairing computers). Firewall  HYPERLINK "http://computer.howstuffworks.com/firewall.htm" http://computer.howstuffworks.com/firewall.htmA system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. Contingency Plans/Disaster Recovery Plans Insurance Secure Power Supplies Verification/Validation Checks Internet monitoring HYPERLINK "http://safety.ngfl.gov.uk/schools/?INDEX=ALL" http://safety.ngfl.gov.uk/schools/?INDEX=ALLSome companies and schools use the Internet through a "firewall" that controls what is accessible on the Internet e.g. a school may have a filtering system so that students cannot access undesirable material. Businesses also have the incentive to stop employees wasting work time by surfing the Internet for their own amusement. Managers are also worried that employees might be downloading pornography or using the company Email system improperly. There is also a fear of litigation, especially in the United States where some women have sued for "sexual harrassment" because they have been sent offensive files or messages. Case Study - in 1999 the New York Times fired 23 office staff who had been Emailing smutty jokes to each other. EXAMINATION QUESTIONS 1996 (6 marks) The illegal use of computer systems is sometimes known as computer-related crime. Give three distinct examples of computer related crime Give three steps that can be taken to help prevent computer-related crime ANSWERS a any from:  hacking to gain access to, or modify datadeliberate introduction of viruses to destroy datatechno-terroismtheft of dataor any examples in contextmodification of data/code to perpetuate fraudb any fromphysical security of systems and roomsdo not leave terminals active and unattendeddocument securityhardware security and identification deviceslevels of passwords-do not reveal passwordsaudit proceduresencryptiondismissed staff leave premises immediatelyor any examples in context 1991 (16 marks) There are three ways in which the security of data within a large company database may be compromised. The data could be read, altered or destroyed by persons not authorised to do so. Give five examples of how unauthorised access to data might occur and how you could prevent them. (10) Give three examples of how data might be altered or destroyed and the way each example could be prevented or controlled. (6) ANSWERS a Any five from Unauthorised use of the system.Make everyone register and be given Personal Identity Number before they can log-on to the system. User would also have a private password.Access to registered users to areas for which they have no access rights. Make access to other areas impossible by forcing them to use a menu driven system tailored to their legitimate needs. In a time sharing situation, make access to other users directories by a further passwordData could be read directly from the screen if the screen is facing the window Re-site the screen.Data could be read from the screen by a radio device outside the building tuned to receive emissions from the screen.  Fit the terminal or the room with a screen which absorbs those emissions. The ID and password of an authorised user can be stolen. Do not write it down or lend your passwordDiscs could be stolen and read elsewhere.  Lock them up.Data might be left on the screen and read by a passer by.  Re-site the terminal to make users log-off before doing something else. Computer could automatically log them off after a few minutes of inactivityUnauthorised access to rooms where terminals are sited could be controlled by smart cards or keysData could be read via access from a remote, unauthorised terminal.  Terminal hardware must identify itself. b Any three from to control altering data. Have a menu system which does not give up-date facilities to everyonewhere read access to the data has to be allowed, have an extra password necessary to allow alterations.if volatile data is corrupted or destroyed by a power failure, make sure recent back-up or roll-back facilitycontrol access to room where large scale magnetic storage is used to avoid sabotage by a large magnet.in case of fire destroying equipment or data, make sure backup equipment or data is stored elsewhere. 1995 (10 marks) An estate agent uses a PC based network system to assist in the operation of its business. The main uses of the system are word-processing and the maintenance of customer and property details. Although the majority of files are stored on the network server the manager of the agency holds certain confidential files on her own station only. You are asked to devise an efficient backup strategy for the system. a What hardware is required to enable the whole system to be backed up? (2) b Give three features of the backup software that will be required to enable an efficient strategy to be devised (3) c Suggest an appropriate backup strategy (3) d What physical precautions should be taken with the backup media to ensure that recovery can take place? (2) ANSWERS (a ) a tape streamer (1) and a local disc for the station (1) accept CD-ROM drive with the ability to master or CE-WORM portable external hard disc (b) mirror imagebackup all filesbackup only changed filesprocedure customisationbackup selected file types/save setautomated backup at specified timerecovery of all filesrecovery of selected files (1) to different paths (1)backup stand-alone whenever there are changeswork concurrently with System Audit Logverification concept (c) WHAT to backup (1) WHEN to backup (1)any further explanation (1)backup all files once/twice per weekbackup only changed files dailywrite protectverify/writeconfidential files on separate station require backup( IF verify is in a or b need different) (d) secure (e.g. lock away) and fireproof storage or any natural disaster off-site storage physical write protect use a sequence of tapes to avoid overwrite 1995 (20 marks) Criminal activity and malpractice in connection with the use of Information Technology Systems is one of the fastest growing areas of crime, but many organisations are loath to admit there is a problem. Excluding the area of viruses discuss this statement. Include in your discussion:- at least three specific examples of areas of criminal activity specific examples of the types of people who may get involved possible reasons why organisations are loath to admit there is a problem at least three specific examples of countermeasures which can be taken to minimise the threats. MARK ALLOCATION 6 points on areas of criminal activity, 4 for types of people involved, 4 for why organisations loath to admit there is a problem, 6 for countermeasures, 4 for presentation/coherence Paragraph 1: Introduction. What have you been asked to do? Paragraph 2: A discussion of at least three Areas of criminal activity Hacking (1) Explanation/definition (1)Computer fraud (1) Explanation/definition (1)Industrial espionage (1) Often a multi-national company has a larger intelligence gathering service than a small company e.g. Gdp of austria is lower than general motors. Many companies gather information on competitors by legitimate means e.g. Conferences, newspapers, market prices, stock movements, advertising agencies. Some agencies exist which will perform specific tasks e.g. Traffic tracking of a company use of a wan. Virgin v british airways database case is another example (1) Deliberate malpractice by an employee (1) Explanation/definition (1)Terrorism (1) Explanation/definition (1)Organised crime (1) Explanation/definition (1)Pornography (1) Explanation/definition (1)Software theft (1) Explanation/definition (1)Data theft (1) Explanation/definition (1)Tempest (electronic emanations: radiation security) add Faraday cages (1) Explanation/definition (1) Non-registration of DP act (1) Plus explanation of the illegal activity (1) Paragraph 3: A discussion of the types of people involved but no marks are given for duplicates Disenchanted employees: either as insider help to assist external attackers or self-interest or redundant staffMilitary intelligence services: exchanging of information between allies can be tappedIndustrial intelligence services: competitors intercepting information on sales, forecasts, current dealsVandals: hacking into systems to cause deliberate data corruptionUsers: following non-standard working practices e.g. Using system time for football pools projections or distributing pornographyTerrorist organisations - political extremists taking action against computer installations e.g. Physical destruction of railway signalling centreMedia/newspapers: similar to industrial intelligenceProfessional criminals: organised fraud involving significant groups of people e.g. Visa credit card fraudSmall organisations: failure to register under DP Act as they think they will not get caughtParagraph 4: A discussion of why Organisations are loath to admit there is a problem Inability to take effective action to stop the problemLoss of credibility (with the public and with other organisations) which subsequently affects businessMay lead to copy cat activitiesPotential for staff morale or industrial relations problems if it is internalParagraph 5: A discussion of at least three Specific countermeasures physical securitychoice of location, entry to site, entry to specific areas, checking of baggage and supplies, protection of services e.g. electricity, air conditioning, heatdocument security:handling, recording use, accounting for, purging of all documents used in the system e.g. data collection, reportspersonnel securityneed to know, two person authorisation levels to task, rotation of duties, authorisation of sensitive tasks, recruitment screening, disciplinary procedures, termination procedureshardware securityprotect hardware from tampering, hardware identification devices, maintenance procedures, fault tolerance, tendering for supply and maintenancesoftware security:protection by the OS, passwords, separation of software and devices, audit control of design and development, control of installation and upgradesTempest:VDU away from windows, clear screens when not in use, avoid metal areas, avoid phone areasComms and network security encryption, passwords or staff ID badges, dial-back systemsComputer Misuse Act discussion of offences, penalties and possible loopholesDP Act is relevant in a general sense:discuss registration need, deterrent effect, penalties. NOT detailed analysis Paragraph 6: Conclusion 1994 (15 marks) A local group of electrical retailers uses a computerised system to assist in the administration of its business. The manager of the group becomes concerned about software copyright and the potential dangers of viruses but does not fully understand the issues involved. Describe three different types of software licensing agreement which are currently offered by software producers. (6) Explain what is meant by a virus (3) Describe two different methods of protecting the organisation against viruses. (6) a Treat as bookOne copy in use at a time being passed to another userMulti-userUsually one/half the number of master discs with agreement to copy onto a specified number of machines for multiple use at any one timeNetwork licenseNormally software resides on host with a specified number of stations on that single network being given access at any one timeSite licenseLicense extends to cover all machines within that institutionb A software routine which once introduced into a system replicates itself whenever the program to which it is attached is run on some flag e,g, time, date or when copied Physical limitations e.g. Branded discs, limit access to drives, reduce links to external networks, flag discs/files to read-only, clean backup and recovery disc, do not borrow software, restrict links to communication systems Toolkits - check discs before use on a sheep-dip station using a toolkit utility and remove it Guards: install a guard utility on all stand-alone machines which automatically tests any disc and remove it Virus programs need regular updates - name and description 1996 A multi-national organisation maintains an information technology system which holds a large amount of vital and sensitive data. Describe THREE steps which should be taken to protect the data against deliberate theft or corruption. (6) Describe THREE steps which should be taken to protect the data against accidental loss. (6) 1997 A common way of permitting different levels of access to on-line files is the use of passwords. Once a password has been input the user may be allowed to perform a number of different actions upon the data within the files, dependent on the level of access given by that password. Describe FOUR of these possible actions. (4 marks) 1994 (20 marks) Society, organisations and individuals are now so dependent on IT systems that the consequences if these systems were to fail would be catastrophic. Discuss the major threats to, or possible causes of failure, of an IT system and explain what steps can be taken to minimise them or their consequences. MARK ALLOCATION 5 points on threats/causes of failure, 5 for minimise risk in context of threat, 5 minimise consequences of failure, 5 for presentation and argument Paragraph 1: Introduction - What have you been asked to do? How will you answer? Paragraph 2: A discussion of at least four of the Threats or causes of failure PhysicalFire, flood, power failure, rats eating cables, coffeeHardware failureProcessor failure, disc crashTelecommunications failureCable faults, data corruption, gateway downData control failureData inaccurate e.g. Rounding, incorrect codesSoftware failureBugs, unsuited to taskInvalid dataUser errors, undiscovered corruption e.g. Upgrade, processing cycle faultComputer crime/abuse Hacking, virusesSystem design failure Failure to build into the design the appropriate measures e.g. London ambulance service or european airbus Paragraph 3: A discussion of what Steps can be made to minimise the effects of failure Physical Regular maintenance, uninterrupted power supplies, duplicate systems, keyboard protectors, human restrictions (explain)Hardware Restricted access/usage, backup systems, duplicate systems, reputable suppliersTelecomms Regular maintenance, installation of appropriate spec. Cable, avoidance of interference causesData ControlData control systems e.g. batch & control totals, data validation methods, restriction of users, routine backupsSoftware Log of usage, error logs, reputable suppliers, authorised upgradesInvalid DataValidation, verification, log of processing cycle, authorisation, routine backupsComputer Crime/Abuse Password or encryption, virus checkingSystem Design Failure Validation of design, acceptance testing, duplicate design teamsRedundant/Departing Staff Lead Off Premises Or Disciplinary Measures As Anti-Virus/Password Offence Paragraph 4: A discussion of the Steps to minimise consequences i.e. how to recover if it does fail. THIS IS OFTEN MISSED OUT BY WEAK STUDENTS!!! PhysicalDuplicate systems, standby systemsHardware failureAs above plus backup files and roll-backComms failureAlternative gateway links, alternative node pointsSoftware failureMaintain sequential backups, hot line system support contracts, PC Anywhere links with support supplierInvalid dataJournal logs and incremental backup procedures with roll-backComputer crime/abuseAs above + toolkits giving disc recoverySystem design failureFailsafe systems, manual override (if feasible), duplicate command systems e.g. 5 voting cpus Paragraph 5: Conclusion June 2001.11. Explain, with reasons, two levels of access that could be given to different categories of users of an on-line stock control system. 4 marks Examples Stock managerread/write access (1)- ability to add delete and amend records of stock e.g. add a new product, delete a product out of stock, change prices (1). Sales staff read/write access (1) need to be able to see details about stock and to change data as sales are made (1) Store manager read/view only access (1) - needs to be able to view(read) data but not change it(1) Any 2 2 marks 2nd mark dependant on first. This question is about the types of access that can be given not how it is controlled and so nothing on passwords, etc gains credit. Allow Full Access rights: 1 mark terms plus 1 for explanation Read Read/Write Amend Delete Add/Delete/Write/Append January 2002.5. Information Systems need to be protected from both internal and external threats. (a) Explain, using examples, the differences between an internal and an external threat to an Information System. 4 marks (b) For each of the following, describe a measure that a company can take to protect his or her Information System from: (i) Internal threats; 2 marks (ii) External threats. 2 marks a) 2 2 marks Internal threats are from within the company or organisation / caused by own staff(1) example (1). Can accept theft of components as an example. External threats come from outside the company or organisation/ caused by people from outside the organisation (1) example (1). Accept Natural Disasters Power failure. NB Examples may only be used once e.g. hacking is either internal or external but not both. b) (i) Internal: 1 mark for measure and 1 mark for explanation of how measure prevents threat Examples Procedures for using disks/virus checking/ (1) prevents employees introducing virus onto network (1) Auto save/ confirmation of delete/ other software functions (1) designed to prevent loss/corruption of data from careless mistakes (1) Passwords & Ids/Access levels (1) to prevent unauthorised modification.(1) Guidelines on working practice (1) to prevent health and safety issues with employees/ loss of staff from illness etc Good pay/benefits (1) prevent loss of experienced/vital staff (1) Code of conduct (1) to prevent(1) Training of staff (1) to prevent misuse/accidental mistakes (1) Security cameras/CCTV etc must explain how it prevents (2 or 0) (ii) External: 1 mark for measure and 1 mark for explanation of how measure prevents threat. Examples Audit trails/Backups MUST explain how they protect (so either 2 or 0) Firewalls (1) prevent access to/corruption of data from external sources (1) Encryption (1) used to prevent misuse of data if intercepted during transfer (1) Physical measures locks/guards/ CCTV (1) prevent unauthorised access by non employees (1) UPS (1)-prevent loss of data when power lost (1). June 1999 3 Different levels of access can be provided for on-line files which permit users to perform a number of different actions upon records within the files. Give four of these possible actions. (4) Marks must only be awarded where the action is on a record within the file, therefore delete file, rename file, copy file etc will not be given any credit. Answers should include any four of the following: Add a record Append a record Delete a record Read Read only Write Read/write View a record Read/Write View part of a record Edit a record The answers could be of the read/write type or of the add a record type both are valid as they are actions on a record. If the word record/data is not present, still give mark Amend record CANNOT ALLOW EXECUTE NONE Not acceptable Allow PRINT a record 4.Many companies now have a code of practice for employees working with information technology a) Explain what is meant by a code of practice. 3 marks A set of rules/policy/guidelines/Procedures/Standards (1) belongs to an organisation/employer/company (1) governs the behaviour and action of members/employees(1) b) Explain three benefits to a company of having a code of practice 3 x 2 = 6 marks Need to cover eventualities such as preventing the : Misuse of equipment (1), stopping company from having large maintenance bills or replacement costs(1) Misuse of software (1), preventing company being liable under copyright laws(1) Misuse of Internet facilities (1), preventing company from having wasted resources staff time and phone costs(1) Misuse of email facilities (1), lack of work being done and therefore low productivity (1) Misuse of data (1), leaving company open to prosecution under Data Protection Act (1) Gives company option of dismissal (1) if Code of Practice not followed (1) Better trained/informed work force/higher level of employee skills (1) Due to interchange of ideas/skills (1) Importance is that it is misuse rather than illegal operations, which are covered MUST BE RELEVANT TO IT AND NOT GENERALISED SOCIAL/ETHICAL/MORAL NB A CODE OF PRACTICE IS DIFFERENT TO A CODE OF CONDUCT 2000.5.Describe, with reasons, three measures, other than passwords, that may be taken to maintain the integrity of data against malicious or accidental damage. DO NOT ACCEPT PASSWORDS or LEVELS OF ACCESS Use of copies of sensitive data for day-to-day use master copies only updated at end of day/week (1) plus (1) for reason Use of virus baths/virus software/firewalls to prevent deliberate damage to data (1) plus (1) for reason Clear set of internal procedures for staff to follow when using data to prevent use of own software/data from dubious sources etc (1) plus (1) for reason Audit trails (1) to record use of data by whom when etc (1) Good selection and vetting procedures for new staff (1) to prevent any person with a grudge or ulterior motives being employed(1) Physical/Automatic log off of terminals (1) to prevent unauthorised access (1) Keyboard locks (1) as above (1) Physical restrictions on access to equipment (1) reason to restrict access (1) Regular backups (1) to ensure data kept as up to date as possible in the event of accidental damage (1) Not staying on line longer than necessary(1) to reduce chances of hacking(1) Write protection of disks/files(1) to prevent overwriting/damage to data(1) Encryption/Encoding (1) Restriction on use of floppy disks (1) Callback system for log-on (1) Authenticity of software (1) Screensavers (1) Software measures to protect data Better training Plus other realistic examples (allow only one locking mechanism) Any 3 x 2 marks one for describing one for reason Measure (1) plus Explanation (1) 6 MARKS June 2003.7 (8 marks) The use of laptop computers by company employees has increased the threats to ICT systems. Describe four threats to ICT systems caused by employees using laptops. AS Module 1 (I CT1): TOPIC 8 Malpractice & Data Theft  HYPERLINK "http://www.nchadderton.zen.co.uk/front.htm" http://www.nchadderton.zen.co.uk/front.htm Page  PAGE 1 of  NUMPAGES 15 JRT,BCDEx g h ʽʱӢӱӎӱ{xxCJ5CJjJB*CJUphjB*CJUph0JCJjB*CJUphjB*CJUph5B*CJmH phsH 5B*CJph B*CJph6B*CJph 56CJ56CJmH sH 6B*CJmH phsH -U-Dek$$Ifl0D!U[064 la$If' & F$d%d&d'dNOPQ ́T) w j???+ & Fh$d%d&d'dNOPQ^h#$d%d&d'dNOPQk$$Ifl0D!U[064 la$Ifw x   : U g h * & F)$d%d&d'dNOPQ[$\$'$d%d&d'dNOPQ 1 3DNc#$d%d&d'dNOPQ' & F$d%d&d'dNOPQ' & F$d%d&d'dNOPQFGH}~cdUkOY!j}~8пɺгЭФФ鳝鳝гj5CJU5B* CJph3 B* CJph35CJmH sH  5mH sH  B*CJph0JCJjtCJU jCJUCJ 0J5CJj'5B*CJUph5B*CJphj5B*CJUph5FUVk$mm* & F $d%d&d'dNOPQ[$\$[$\$,$d%d&d'd1$7$8$H$NOPQ[$\$ 1$7$8$H$[$\$' & F$d%d&d'dNOPQ ij~8#$d%d&d'dNOPQ&$d%d&d'dNOPQ[$\$[$\$8Nqo()1%#$d%d&d'dNOPQ'$d%d&d'dNOPQ' & F!$d%d&d'dNOPQno()1%&STUtuvAP/~,?CJmz57׼˷׮塮׊׊׊׊׊׊׊׮׮ B* CJph3j[5B*CJUphj5B*CJUph5B*CJph0JCJjfB*CJUphjB*CJUph B*CJphCJ5CJ 0J5CJj5CJUj5CJU6%vwm^^+ & F+$d%d&d'dNOPQ' & F+$d%d&d'dNOPQ' & F-$d%d&d'dNOPQ#$d%d&d'dNOPQ 57Ph!).9:N+ & F#$d%d&d'dNOPQ+ & F+$d%d&d'dNOPQ7P !()-.89:N  Q R !!4!7!;!C!X!ɺԱɦɦ B* CJph3 CJmH sH  jCJUB*CJmH phsH 0JCJmH sH jB* CJUph3B* CJmH ph3sH jB* CJUph35B* CJmH ph3sH  B*CJphCJ5B*CJph9N $If' & F%$d%d&d'dNOPQ' & F$$d%d&d'dNOPQ c!!!!!!"."/"E" & F&$Ifk$$Ifl0c)064 laX!_!."E"""""""#####~$$$$^'_'h'i'j''''''( ((&(M(U(Z(b((( ))))))*%*'*;*<*v*w*x****-ʾʯ㕡 0J5CJj. 5CJUj5CJU0JCJj B* CJUph3jB* CJUph3 B* CJph35B* CJph356CJCJ5CJ5B*CJph B*CJph6B* CJph38E"t"""""""###$h$ww2 h$d%d&d'dNOPQ[$\$^h`&$d%d&d'dNOPQ[$\$^#$d%d&d'dNOPQ h$r$~$$$=%% &e&^'QQQQ/ h$d%d&d'dNOPQ^h`#$d%d&d'dNOPQ&$d%d&d'dNOPQ[$\$3 & F. \$d%d&d'dNOPQ[$\$^ ^'_'i'''))))*&*'*;**$Ifk$$Ifl0,"064 la$If **x+-------.>.lg & F#$d%d&d'dNOPQk$$Ifl0,"m+064 la -%------ ..C.H.....000k1o111J2T2d277999;;<<l=>>?l@}@AAAA$B,BmBrBBBBCCCCCDD9H:HEH[HtHH.L:LaLoLLTMMMMMMMRRRRRSSTT56B*CJph6B*CJph5B*CJph B*CJphCJ6CJT>.........///9/g/h/s/x|(4l$$Ifl09  t04 la$If & Fs/t/u///// 0 060G0H0S0~0000Ttl$$Ifl09  t04 la$If000f11J2T2d2233\3.4/4~44x$If & Fl$$Ifl09  t04 la44 5W5X5Y555555556667/7 H$Ifl$$Ifl09  t04 la/707u77777788F8}8~8888U9$Ifl$$Ifl09  t04 laU9V9W999999n;;/<\<<<<^l$$Ifl09  t04 la$If<=L=h=l=y=======>>>R> 4l$$Ifl09  t04 la$If & FR>S>>>>>>>>>>\\$Ifl$$Ifl09  t04 la >> ? ? ?1?Q?R?`?m?n??????xp$Ifl$$Ifl0~ ` t04 la?@*@A@l@m@JAAABdBBBCCDD8D$If & F8D9DMDhDiDDVFWFFFFFFFFFF$Ifl$$Ifl09  t04 laF G&G'G;GVGWGgGGGGGG H8H9H:H8l$$Ifl09  t04 la$If:HHIIhIiIIIJJJJ-K.KcKdKKK-L`  PxY$$Ifl D! t04 la$If-L.LLLL"M#MEMCCY$$Iflh t04 la$IfY$$Ifl D! t04 laEMFMMMMMN<$IfY$$Iflh t04 laNNNOO&OOOO}P~PP$Q%Q.QQQ d$Ifl$$Ifl09  t04 laQQQQQ1R2RYRRRRRRSWT|T< & F/l$$Ifl09  t04 la$If|TTTTUU#UUUU*B*CJph56B*CJph5B*CJph66CJ6B*CJph B*CJphD4WXxXX Y!YYZoZpZ[[[j\]]]]J^S^^$If & F^^^^^^___G_H_Y_p_q_~___ `$Ifl$$Ifl04   t04 la____`s`t`u```Oa l$$Ifl04   t04 la$If OaPaYaaaabb#bbbbbbbCcDcl<$Ifl$$Ifl09  t04 laDcYcccccc?d@dAdBdCdddedl$$Ifl09  t04 la$Ifeee=e>eLeeeeeefEfFf[fff0$Ifl$$Ifl0h  v t04 lafffffgg#ggg[hXX)$d%d&d'd1$7$8$H$NOPQ1$7$8$H$l$$Ifl0h  v t04 la$If [hh?@jklqrxyz{{{5CJmHnHsH uj5CJUmH sH 5CJmH sH 0JCJmH sH jW CJUmH sH  CJmH sH jCJUmH sH  5B*ph5CJ556CJmH sH 6CJmH sH  CJmH sH 5CJmH sH CJ6CJ 56CJ0tyuuuuuu*vcvvvw[www}})$d%d&d'd1$7$8$H$NOPQ)$d%d&d'd1$7$8$H$NOPQ1$7$8$H$#$d%d&d'dNOPQwFxxyWyjyyy#zuzzzz{{7||:}v}}}G~g~~)$d%d&d'd1$7$8$H$NOPQk2Ceu *́&$$d%d&d'dNOPQa$1$7$8$H$)$d%d&d'd1$7$8$H$NOPQ$a$CJ5j5CJUmH sH 0 / =!"#$%DyK (http://www.met.police.uk/computercrime/yK Phttp://www.met.police.uk/computercrime/5DyK 0http://news.bbc.co.uk/1/hi/business/2264508.stmyK `http://news.bbc.co.uk/1/hi/business/2264508.stmDyK http://www.trusecure.com/yK 4http://www.trusecure.com/MDyK 6http://www.wired.com/wired/archive/4.02/catching.htmlyK lhttp://www.wired.com/wired/archive/4.02/catching.htmlDyK *http://news.com.com/2009-1001-954728.htmlyK Thttp://news.com.com/2009-1001-954728.htmlDyK http://www.fast.org.uk/yK 0http://www.fast.org.uk/DyK  http://www.thewindow.to/bs7799/yK @http://www.thewindow.to/bs7799/iDyK =http://www.guardian.co.uk/online/story/0,3605,390973,00.htmlyK zhttp://www.guardian.co.uk/online/story/0,3605,390973,00.html9DyK 1http://computer.howstuffworks.com/encryption.htmyK bhttp://computer.howstuffworks.com/encryption.htm1DyK /http://computer.howstuffworks.com/firewall.htmyK ^http://computer.howstuffworks.com/firewall.htm)DyK -http://safety.ngfl.gov.uk/schools/?INDEX=ALLyK Zhttp://safety.ngfl.gov.uk/schools/?INDEX=ALL!DyK +http://www.nchadderton.zen.co.uk/front.htmyK Vhttp://www.nchadderton.zen.co.uk/front.htm i@@@ Normal CJOJQJ_HkH'mH sH tH 6@6 Heading 1$@& 5B*CJ<A@< Default Paragraph Font,@, Header  9r , @, Footer  9r &)@& Page Number.B@". Body TextB*CJ(U@1( Hyperlink>*B*:^@B: Normal (Web)dd[$\$FP@RF Body Text 21$7$8$H$CJmH sH u~U-DT)wx:Ugh1 3 D N c F U V k $ ij~8Nqo()1%vwm57Ph!).9:Nc./Et h r ~ =!! "e"^#_#i###%%%%&&&'&;&&&x')))))))*>*********+++9+g+h+s+t+u+++++ , ,6,G,H,S,~,,,,,,f--J.T.d..//\/.0/0~000 1W1X1Y111111152223/303u33333344F4}4~4444U5V5W555555n77/8\88889L9h9l9y9999999:::R:S::::::::::: ; ; ;1;Q;R;`;m;n;;;;;;<*<A<l<m<J===>d>>>??@@8@9@M@h@i@@VBWBBBBBBBBBB C&C'C;CVCWCgCCCCCC D8D9D:DDEEhEiEEEFFFF-G.GcGdGGG-H.HHHH"I#IEIFIIIIIJJJKK&KKKK}L~LL$M%M.MMMMMMM1N2NYNNNNNNOWP|PPPPQQ#QQQQaLaaaaaabEbFb[bbbbbbbcc#ccc[dd.s/04/7U9<R>>?8DF:H-LEMNQ|T4W^_OaDcef[hlqtwCEFGIJKMNPQSTUVXYZ[\]^_`abcdefghiklmnopqrstvwxyDBD G } c %Tt Qi###;&w&&~XXXXXXXXXXXX8rX! _Hlt453376904~@~x&&}}q~{~~~~\ k l mn",hjY)\)))*******++++ +9+E+h+i+u+}+++++++ ,,6,;,H,R,S,\,,,T.U.11=13 3333344F4J4~444444W5Y555n7o777/8}}q~{~~~~3333333333333333333333333333333333333333333333 ' h =!E!!! ""e"/8}}q~{~~~~J Regan/Shared IT Folder:A-Level:ICT1:10.8 .MALPRACTICEJ Regan2MacIntosh HD:Temporary Items:Word Work File A_3390J Regan/Shared IT Folder:A-Level:ICT1:10.8 .MALPRACTICEJ Regan2MacIntosh HD:Temporary Items:Word Work File A_1006J Regan/Shared IT Folder:A-Level:ICT1:10.8 .MALPRACTICEJ Regan/Shared IT Folder:A-Level:ICT1:10.8 .MALPRACTICEJ Regan2MacIntosh HD:Temporary Items:Word Work File A_3294J Regan/Shared IT Folder:A-Level:ICT1:10.8 .MALPRACTICEJ Regan/Shared IT Folder:A-Level:ICT1:10.8 .MALPRACTICE D>H:\learnict05\as_a2\topics\crime_and_ict\10.8 .MALPRACTICE.dot<DU?6e6Ԅ? ,p TCLTTa|[܋TTB,p`tG#/|*H,Q*k4J|*@h8^8`.@h8^8`.@h8^8`.^`CJOJQJo(^`CJOJQJo(oww^w`CJOJQJo(GG^G`CJOJQJo(^`CJOJQJo(  ^ `CJOJQJo(  ^ `CJOJQJo(^`CJOJQJo(WW^W`CJOJQJo(h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(h ||^|`OJQJo(h LL^L`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh ^`OJQJo(h \\^\`OJQJo(h ,,^,`OJQJo(oh ^`OJQJo(h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(hh^h`CJOJQJo(88^8`CJOJQJo(o^`CJOJQJo(  ^ `CJOJQJo(  ^ `CJOJQJo(xx^x`CJOJQJo(HH^H`CJOJQJo(^`CJOJQJo(^`CJOJQJo(^`CJOJQJo(^`CJOJQJo(opp^p`CJOJQJo(@ @ ^@ `CJOJQJo(^`CJOJQJo(^`CJOJQJo(^`CJOJQJo(^`CJOJQJo(PP^P`CJOJQJo(h^`.h^`.hpLp^p`L.h@ @ ^@ `.h^`.hL^`L.h^`.h^`.hPLP^P`L.h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(h88^8`.h^`.h L ^ `L.h  ^ `.hxx^x`.hHLH^H`L.h^`.h^`.hL^`L.h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo( hh^h`OJQJo( 88^8`OJQJo(o ^`OJQJo(   ^ `OJQJo(   ^ `OJQJo(o xx^x`OJQJo( HH^H`OJQJo( ^`OJQJo(o ^`OJQJo(h88^8`.h^`.h L ^ `L.h  ^ `.hxx^x`.hHLH^H`L.h^`.h^`.hL^`L.h ^`OJQJo(h ^`OJQJo(oh pp^p`OJQJo(h @ @ ^@ `OJQJo(h ^`OJQJo(oh ^`OJQJo(h ^`OJQJo(h ^`OJQJo(oh PP^P`OJQJo(h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(\ \^\` o(.^`.pLp^p`L.@ @ ^@ `.^`.L^`L.^`.^`.PLP^P`L.h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(h^`.hpp^p`.h@ L@ ^@ `L.h^`.h^`.hL^`L.h^`.hPP^P`.h L ^ `L.h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(/\pȶ xз(ظ08kLlllG#|*<]_Ja|[TM7\SG@BWF.?Djte`t?6e0Wz o TC<Q* TZq? TB8]b Sh @h 8^8`OJQJo(̵@h8^8`.$@h8^8`.|@h8^8`.Զ@h8^8`.,@h8^8`.@h8^8`.ܷ0@h8^8`.4`~@h8^8`.\@h8^8`.`@h8^8`.< @h8^8`. @h8^8`.`@h8^8`.D@h8^8`.@h8^8`.l@h8^8`.Xl@h8^8`.l@h8^8`.x@h8^8`.@h8^8`.D    ^#_#i###'&;&&&))********+++9+g+h+s+t+u+++++ , ,6,G,H,S,~,,,,,T.d..//\/.0/0~000 1W1X1Y111111152223/303u33333344F4}4~4444U5V5W5555h9l9y9999999:::R:S::::::::::: ; ; ;1;Q;R;`;m;n;;;;?@@8@9@M@h@i@@VBWBBBBBBBBBB C&C'C;CVCWCgCCCCCC D8D9D:DDEEhEiEEEFFFF-G.GcGdGGG-H.HHHH"I#IEIFIIIIIJJJKK&KKKK}L~LL$M%M.MMMMMMM1N2NYNNNPPPQQ#QQQQaLaaaaaabEbFb[bbbbbbc}~@~`@UnknownGz Times New Roman5Symbol3& z Arial3z Times?5 z Courier New;Wingdings"1hV"V"v2g5!0dc1;%`3.1 BACKGROUND IT Department DOh+'0  4 @ L Xdlt|3.1 BACKGROUND.1 IT DepartmentT D10.8 .MALPRACTICE.dot9 D828Microsoft Word 9.0o@@:7@.@.2g՜.+,D՜.+,@ hp  School5c 3.1 BACKGROUND Titleh 8@ _PID_HLINKSA N!-http://safety.ngfl.gov.uk/schools/?INDEX=ALL0z/http://computer.howstuffworks.com/firewall.htmm58http://www.learnthenet.com/english/animate/encrypt.html[1http://computer.howstuffworks.com/encryption.htm=http://www.guardian.co.uk/online/story/0,3605,390973,00.htmlcf http://www.thewindow.to/bs7799/8'http://www.fast.org.uk/T *http://news.com.com/2009-1001-954728.html  6http://www.wired.com/wired/archive/4.02/catching.htmlQhttp://www.trusecure.com/>l0http://news.bbc.co.uk/1/hi/business/2264508.stm$y(http://www.met.police.uk/computercrime/=|+http://www.nchadderton.zen.co.uk/front.htm  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{}~Root Entry FAData |1TableWordDocument!SummaryInformation(DocumentSummaryInformation8CompObjjObjectPoolAA  FMicrosoft Word Document MSWordDocWord.Document.89q