1.3.

3 Learning Outcome 2: Establish and install security measures

knowledge in relation to:

o Definition of security risk management o Benefits of Risk management
o Risk management procedures: Risk assessment, Risk mitigation Uncertainty
analysis,
Interdependencies, Cost
considerations o Benefits of security
measures
o Types of Security measures: Firewalls, User accounts control, Security
policies,
Antivirus, Encryption, Secure Socket Layer protocol (SSL), Multi-factor authentication,
Malware detection, Site monitoring, Daily or weekly
backups o Application of security measures

1.3.3.2 Information Sheet

Risk is the possibility of something adverse happening. Risk management is the

process of assessing risk, taking steps to reduce risk to an acceptable level and
maintaining that level of risk. Though perhaps not always aware of it, individuals
manage risks every day. Actions as routine as buckling a car safety belt, carrying an
umbrella when rain is forecast, or writing down a list of things to do rather than trusting
to memory fall into the purview of risk management. People recognize various threats to
their best interests and take precautions to guard against them or to minimize their
effects.

Risk assessment often produces an important side benefit in depth knowledge about
system and an organization as risk analyst tries to figure out how system and functions
are interrelated. Risk assessment, the process of analyzing and interpreting risk, is
comprised of three basic activities:

o Determining the assessment's scope and methodology; o Collecting

and analyzing data; and
o Interpreting the risk analysis results

Read: Introduction to computer security:

http://www.davidsalomon.name/CompSec/auxiliary/handbook.pdf

Risk mitigation involves the selection and implementation of security controls to reduce
risk to a level acceptable to management, within applicable constraints.
 Assess
Risk

Risjk
Identify Management Control
Risk Risk
Process

Review
Controls

Source: www.123rf.com
Figure 62: Risk Management Process

Interdependencies: Risk management touches on every control it is, however, most closely
related to life cycle management and the security planning process. The requirement to
perform risk management is often discussed in organizational policy and is an issue for
organizational oversight.

The cost of different methodologies can be significant. A "back-of-the-envelope"

analysis or high-medium-low ranking can often provide all the information needed.
However, especially for the selection of expensive safeguards or the analysis of systems
with unknown consequences, more in-depth analysis may be warranted.

Secure Sockets Layer (SSL) is a standard protocol used for the secure transmission of
documents over a network. Developed by Netscape, SSL technology creates a secure
link between a Web server and browser to ensure private and integral data transmission.
SSL uses Transport Control Protocol (TCP) for communication.

Multi-factor authentication is an authentication method in which a computer user is

granted access only after successfully presenting two or more pieces of evidence to an
authentication mechanism: knowledge, possession, and inherence. Two-factor
authentication is a type, or subset, of multi-factor authentication.

Cloud
IaaS

Cloud
VPN apps

MFA
Chared
On- resource
premises
s

Server
login BYOD

Figure 63: Multi-factor authentication (MFA)

Watch: Introduction to multi-factor authentication: https://youtu.be/tFv101qURKE

Malware detection focuses on detecting intrusions by monitoring the activity of systems and
classifying it as normal or anomalous.

Malware Infection Symptoms

• Strange emails
• Files wont open
Source: www.centrify.com
 • Programs acting weird
• Pop-up

Source: thelatesttechnews.com
Figure 64: Malware infection symptoms
Watch: Prevention and detection of malware: https://youtu.be/Ces7UeMQ7ic

Site monitoring is the process of testing and verifying that end-users can interact with a
website or web application as expected. Website monitoring is often used by businesses
to ensure website uptime, performance, and functionality is as expected.

Some common backup frequencies you'll see offered include continuous, once per
minute, every x minutes (e.g. every 11 minutes), hourly, daily, weekly, monthly, and
manually. Continuous backup means that the software is constantly backing up data.

Application security encompasses measures taken to improve the security of an

application often by finding, fixing and preventing security vulnerabilities.

Watch: Introduction to site monitoring: https://youtu.be/Ufw6iuwm1rU

1.3.3.3 Self-Assessment
i. What is meant by risk assessment of an organization’s ICT department?
ii. What is SSL?
A. Source socket layer
B. Secure socket lay
C. Socket secure layer
D. Secure socket layer iii. What is Multi-factor authentication? iv.
What is site monitoring?
v. Evaluation of security control measures is done as per the ICT Security policy in
the lab
vi. Installation of Security control measures is done as per the ICT Security policy
in the lab.
vii. Case situation: How can you help an organization to set multi-factor
authentication when making any changes on their system administration settings?
viii. _____________ is an authentication method in which a computer user is granted
access only after successfully presenting two or more pieces of evidence to
support credibility.
A. Multi-factor authentication
B. Cost
 C. Monitoring

1.3.3.4 Tools, Equipment, Supplies and Materials

Computer, anti-virus, maintenance tools, anti-spyware, password management software,
Internet

1.3.3.1 References
• http://www.davidsalomon.name/CompSec/auxiliary/handbook.pdf
• https://www.keycdn.com/blog/website-monitoring-tools
• Cyber Security, authored by John G. Voeller published by Wiley 2014