Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protecting IT systems (2)

Published bySusan Conley Modified over 5 years ago

Similar presentations

Presentation on theme: "Protecting IT systems (2)"— Presentation transcript:

1 Protecting IT systems (2)
Level 2 Diploma Unit 11 IT Security

2 Password security Password protection is the most common
Password policies need to be defined Do not write passwords down Change the password periodically Use a strong password Use nonsense words Protect against multiple attempts Longer time between attempts Lock out after so many attempts

3 Password vulnerability
Passwords are not stored as entered, they are “hashed” to a new value which is stored Hashing mathematically changes the string to a value which cannot be decoded without knowing a key Passwords should be stored in hidden system files only accessible with system privileges Passwords can be obtained by “sniffing” wireless transmissions or getting access to a system (e.g. via a back door) A WEP protected wireless system can be cracked in under a minute

4 Password strength A user-selected eight-character password with numbers, mixed case, and symbols can be cracked on a desktop PC in 16 minutes A minimum secure password length is now 12 characters

5 Physical access control
Access authorisation Who grants access rights? Who is allowed in? How are they identified? Are there different levels of control?

6 Exercise Complete the table with the items on the left Item Area
Permitted access IT Staff Reception Staff Principal’s office Students Finance office General public IT office Principal Server room Classrooms IT Help desk staff Computer rooms

7 Access control system The key requirements are: Central control
For authorisations Flexible access permissions Temporary upgrades Visitors Reporting For audit control Unauthorised attempts

8 Control and permissions
Add users Bar users Change users’ access permissions Control many buildings in different locations using TCP/IP Set permissions individually or by department. Restrict areas to certain groups. Set shift patterns

9 Monitoring View real time events as they are happening Monitor
who is where in a building if doors have been left propped open if a door has been forced Generate reports

Download ppt "Protecting IT systems (2)"

Similar presentations

HEALTH, SAFETY AND SECURITY. HEALTH AND SAFETY POLICY This is a statement that sets out how a firm manages health and safety in the workplace. Shows the.

HEALTH, SAFETY AND SECURITY. HEALTH AND SAFETY POLICY This is a statement that sets out how a firm manages health and safety in the workplace. Shows the.
HIPAA Security.

HIPAA Security.
Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
An investigation into the security features of Oracle 10g R2 Enterprise Edition Supervisor: Mr J Ebden.

An investigation into the security features of Oracle 10g R2 Enterprise Edition Supervisor: Mr J Ebden.
Thoughts on Technology Issues for Small Business Implementing Technical Safeguards to support Your Policies.

Thoughts on Technology Issues for Small Business Implementing Technical Safeguards to support Your Policies.
Understand Database Security Concepts

Understand Database Security Concepts
Cryptology Passwords and Authentication Prof. David Singer Dept. of Mathematics Case Western Reserve University.

Cryptology Passwords and Authentication Prof. David Singer Dept. of Mathematics Case Western Reserve University.
1 Figure 6-16: Advanced Server Hardening Techniques Reading Event Logs (Chapter 10)  The importance of logging to diagnose problems Failed logins, changing.

1 Figure 6-16: Advanced Server Hardening Techniques Reading Event Logs (Chapter 10)  The importance of logging to diagnose problems Failed logins, changing.
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
Chapter 5 Database Application Security Models

Chapter 5 Database Application Security Models
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
Administrative Practices Outcome 1

Administrative Practices Outcome 1
Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.

Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Managing User Accounts, Passwords and Logon Chapter 5 powered by dj.

Managing User Accounts, Passwords and Logon Chapter 5 powered by dj.
Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.

Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.

Similar presentations

Ads by Google