Task A.

Data and computer system security

1. Any from:
 an interconnected set of components used to collect, store, process and transmit data and digital
information
 is a formal, sociotechnical, organizational system designed to collect, process, store, and
distribute information
 a set of interrelated components that collect, process, store, and distribute information to support
decision making and control in an organization
 are combinations of hardware, software, and telecommunications networks that people build and
use to collect, create, and distribute useful data, typically in organizational settings
 interrelated components working together to collect, process, store, and disseminate information
to support decision making, coordination, control, analysis, and visualization in an organization
2. Any from
 Computer systems use data to process tasks ranging from sending emails to performing complex
calculations. Without data, they won't work.
 The data fed into a computer system dictates the instructions it will receive and therefore the
actions it will take.
 Data is needed in computer science to process programs, coding, and other computer tasks.
 The computer system in turn stores retrieves, classifies, organises and synthesizes the data to
produce information according to a pre-determined set of instructions.
3. Any from
 While information system security refers to the protection of technical systems, data security is
generally concerned with the protection of information
 Data Security focuses on protecting data from unauthorized access, use, disclosure, disruption,
modification, or destruction. Systems Security, on the other hand, is more concerned with
securing the systems that store, process, and transmit this information.
 Information security encompasses a broader spectrum of practices, including technical,
administrative, and physical controls, to protect all types of information assets within an
organization. Data protection, however, narrows down its focus to safeguarding personal or
sensitive data, typically governed by privacy laws and regulations.
 Information security aims to ensure the confidentiality, integrity, and availability of all
information assets, not limited to personal data. It encompasses measures such as network
security, access controls, encryption, incident response, and disaster recovery. Data protection
primarily emphasizes the privacy and lawful processing of personal data, focusing on aspects
like consent, purpose limitation, data minimization, data retention, and individual rights.
4. Any from
Hacking: Hacking refers to an unauthorized user gaining access to a computer or a network.
Cracking: Cracking is reverse engineering of software, passwords or encryption could lead to
unauthorized access to sensitive information.
Malware: Malware (short for malicious software) disrupts computer operations, gathers sensitive
information, or gains access to a computer system to compromise data and information.
Misuse: Employees may take advantage of entrusted resources or privileges for a malicious or
unintended purpose.
Errors: Errors such as system misconfigurations or programming errors can cause unauthorized access
by cybercriminals. Errors can occur in-house due to faulty programming, or hackers can find loopholes
that can cause errors as well.

Data Leakage: Unauthorized electronic or physical transmission of data or information from within a
company to an external destination or recipient could leave data in the wrong hands.
 Cloud Computing: Storing unencrypted sensitive data with lax access controls leaves data stored in the
cloud vulnerable to improper disclosure.
Mobile Devices: Mobile devices carrying sensitive data can be lost or stolen, possibly causing data to
fall into the wrong hands.
Availability Attacks: Availability attacks are structured cyberattacks to extort or damage companies
whose websites or online assets are a major source of revenue.
Advanced Persistent Threats (APT): The goal of an APT isn’t to corrupt files or tamper, but to steal
data as it continues to come in. Hackers attack computer systems while avoiding detection and
harvesting valuable information over a long period of time.
Third Parties / Service Providers: Third-party networks may be used by other external cybercriminals
as an initial access point into a company’s network.
Non-Technical Vulnerabilities
Physical: Theft, tampering, snooping, sabotage, vandalism, local device access, and assault can lead to a
loss of data or information.
Environmental: Natural events such as tornadoes, power loss, fires, and floods pose hazards to the
infrastructure in which data assets are located.
Insider Threat: Employees, contractors, or partners can commit fraud, espionage or theft of intellectual
property.
Social Media: Employees often fall victim to scams or reveal information not intended for public
knowledge on social media.
Dumpster Diving: Improper disposal of sensitive data could lead to improper disclosures and sensitive
information just sitting in trash bins. Having internal procedures when disposing of sensitive documents
is crucial in preventing this kind of a non-technical vulnerability.
Social Engineering: Attackers rely heavily on human interaction to gain access to company networks
or systems, usually tricking users into breaking normal security procedures and revealing their account
credentials.
5. Any from:
Encryption is a fundamental technique for data protection that involves transforming data into an
unreadable format using encryption algorithms. It ensures that even if data is compromised, it remains
incomprehensible without the corresponding decryption key.
Data loss prevention techniques involve the identification, monitoring, and prevention of data leakage
or unauthorized data access. DLP solutions use a combination of content analysis, policy enforcement,
and user behavior monitoring to identify and prevent the unauthorized transmission of sensitive data.
6. Any from:
Access Controls and Authentication - Implementing stringent access controls and authentication
mechanisms is crucial for data protection. Organizations should adopt strong user authentication
methods, such as two-factor authentication (2FA) or biometric authentication, to ensure that only
authorized individuals can access sensitive data.
Data backup and disaster recovery techniques are vital for protecting data against system failures,
natural disasters, or malicious attacks. Regularly backing up critical data ensures that it can be restored
in the event of data loss or corruption.
Intrusion Detection and Prevention Systems (IDPS) solutions monitor network traffic and system
activity to detect and prevent unauthorized access, malware infections, or other security breaches. These
systems analyze network packets, log files, and other indicators to identify suspicious activities or
anomalies.
Employee Training and Awareness. Human error and insider threats pose significant risks to data
security. Educating employees about data protection best practices and raising awareness about potential
security threats is crucial.
7. Any from:
 Data encryption protects your sensitive data by rendering it inaccessible, even if stolen
  Encryption, which helps keep your data safe from hackers, is effectively scrambling up data and
making it only decipherable with a key
 Encryption can help prevent data breaches caused by hackers by making it difficult for
unauthorized parties to access and read
8. Any from:
 Use a firewall to create a barrier between inside information and the outside world. Firewalls
prevent unauthorized access to private network and alert to intrusion attempts.
 Install antivirus software to protect system by detecting real-time threats to ensure your data is
safe.
 Using strong passwords is a crucial way to prevent network intrusions. The more secure your
passwords are, the harder it is for hackers to invade your system.
 Use two-factor authentication as an additional defense layer. Passwords are the first line of
defense against computer hackers. However, a second layer boosts protection. Two-factor
authentication, which boosts security because it requires you to type in a numerical code — sent
to your phone or email address — in addition to your password when logging in.
9. Any from:
 Limited threat protection because — while mirroring protects against hardware failures — it
offers limited protection against data corruption
 A disk mirroring strategy used to protect a computer system from loss of data and other potential
losses due to disk failures, not against outside attacks
10. Using data backup and disaster recovery techniques are vital for protecting data against system failures,
natural disasters, or malicious attacks but does not prevent from hacking or cracking.
Task B. Safety methods

1 (a) Any from:

 a string of characters used to verify the identity of a user during the authentication process
 a secret word or phrase that must be used to gain admission to a place.
 a string of characters that allows access to a computer system or service.
 a secret word or expression used by authorized persons to prove their right to access, information, etc.
1 (b) Each 1 mark
 A combination of uppercase letters, lowercase letters, numbers, and symbols.
 Not a word that can be found in a dictionary or the name of a person, character, product, or
organization.
 The length of the password more than 8 symbols
1 (c) Any from:
 Strong passwords are considerably harder to crack (or break) – and that's even with the powerful
password-cracking software that is available today.
 Creating a strong and secure password can reduce the risk of cybercriminals guessing your password
 A strong password is one that is designed to be hard for a person or program to guess
1 (d) Any from:
 Access Controls and Authentication - Implementing stringent access controls and authentication
mechanisms is crucial for data protection.
 Encryption is a fundamental technique for data protection that involves transforming data into an
unreadable format using encryption algorithms. It ensures that even if data is compromised, it remains
incomprehensible without the corresponding decryption key.
 Employee Training and Awareness. Human error and insider threats pose significant risks to data
security. Educating employees about data protection best practices and raising awareness about potential
security threats is crucial.
2 (a) Any from
 A firewall prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a
set of security rules.
 A software firewall is an application that runs on a device and prevents specific types of traffic from
entering that device.
 A firewall security device that monitors network traffic, allowing or blocking traffic based on certain
security rules
 A firewall controls incoming and outgoing network traffic according to predetermined security rules. It
can be set up as a barrier between an internal trusted network and external untrusted networks, and
typically allows only authorized traffic while blocking potentially harmful data.
 A firewall respone for following:
o Traffic Filtering: Firewalls screen data packets (pieces of data) in the network's flow-in and
flow-out directions, allowing or blocking them according to certain rules.
o Access Control: They decide which applications, services, and devices can access the network,
thus protecting sensitive resources.
o Threat Detection: Some of them can detect and prevent other types of threats, such as viruses,
malware, or even suspicious behavior.
2 (b) Any from:
 Role-Based Access Control (RBAC): This feature allows for different levels of access based on user
roles, such as students, teachers, administrators, and parents. Each role has specific permissions that
dictate what information and functionalities they can access, ensuring that sensitive data is protected and
only available to authorized users.
 User Profiles: The system often includes detailed user profiles that store essential information, such as
personal details, enrollment status, course history, and academic performance. This helps personalize
the user experience and provides easy access to relevant information for each user.
  Secure Authentication: A robust authentication system is crucial, often incorporating multi-factor
authentication (MFA) to enhance security. This feature ensures that users verify their identity through
multiple methods, reducing the risk of unauthorized access.
 Activity Tracking and Audit Logs: This feature records user actions within the system, enabling
administrators to monitor usage, track changes, and identify any suspicious activity. It supports
accountability and helps in compliance with regulations regarding data security.
 Self-Service Functionality: Many systems provide self-service options for users to manage their
accounts, such as password resets, updating personal information, and viewing their academic records.
This reduces administrative workload and empowers users to handle their accounts effectively.

2 (c) Any from:

 Data Security: Encryption protects sensitive information from unauthorized access. Even if an attacker
gains access to the storage system, the encrypted data remains unreadable without the proper decryption
keys.
 Data Integrity: Encryption can help ensure that data hasn’t been tampered with. By using methods like
cryptographic hashing along with encryption, any unauthorized modifications can be detected.
 Mitigating Data Breaches: In the event of a data breach, encrypted data can significantly reduce the
impact. Even if data is stolen, encryption makes it much less valuable to cybercriminals.
 Protection Across Environments: Data often moves between different environments (on-premises,
cloud, etc.). Encrypting data ensures that it remains secure regardless of where it is stored or
transmitted, reducing the risk of exposure during transfer
 Compliance Requirements: Many regulations (like GDPR, HIPAA, and PCI-DSS) mandate the
encryption of personal and sensitive data. Non-compliance can lead to significant legal penalties and
loss of customer trust.
2 (d) Any from:
 Data Recovery: Backups provide a reliable way to restore data in case of loss due to hardware failure,
accidental deletion, or corruption. This ensures that critical information can be recovered quickly and
minimizes downtime.
 Accidental Changes: Users may inadvertently make changes to files or databases that can cause issues.
Backups enable organizations to revert to a previous state, effectively undoing mistakes without
significant disruption.
 Disaster Recovery: In the event of natural disasters (like fires or floods), backups stored offsite can
help ensure that data remains safe and accessible, supporting business continuity.
 Version Control: Backups can help maintain multiple versions of files, allowing users to access
previous iterations and recover important information that may have been lost in updates or changes.
 Protection Against Cyber Threats: Regular backups safeguard against ransomware attacks and other
cyber threats. If data is compromised, having recent backups allows organizations to restore their
systems without paying ransoms.
2 (e) Any from: adv – 1 mark, disadv -1
 Advantages
 Accessibility: Cloud storage allows users to access their backups from anywhere with an internet
connection, making it convenient for remote work and on-the-go access.
 Scalability: Cloud storage solutions can easily scale to accommodate growing data needs without the
need for significant hardware investments. Users can adjust their storage capacity as required.
 Cost-Effectiveness: Many cloud storage services offer pay-as-you-go pricing models, allowing
organizations to only pay for the storage they use, which can be more economical than maintaining
physical backup infrastructure.
 Automatic Backups: Many cloud services offer automated backup features, ensuring that data is
regularly backed up without requiring manual intervention, which helps reduce the risk of data loss.
 Data Redundancy: Cloud providers typically store data across multiple locations, ensuring that
backups are secure and accessible even in the event of a hardware failure or natural disaster.
 Disadvantages
  Internet Dependency: Accessing cloud storage requires a stable internet connection. Slow or
unreliable internet can hinder the ability to retrieve backups quickly.
 Security Concerns: While cloud providers implement security measures, storing sensitive data
offsite can raise concerns about data breaches and unauthorized access.
 Ongoing Costs: While initial costs may be lower, ongoing subscription fees for cloud storage can
add up over time, especially as storage needs increase.
 Limited Control: Users rely on third-party providers for data management, which can limit control
over backup processes, security protocols, and data recovery options.
 Compliance Issues: Organizations handling sensitive data must ensure that their cloud storage
provider complies with relevant regulations (like GDPR or HIPAA), which can complicate data
management.
2 (f) Any from:
RAID 0 focuses on performance and speed, with no redundancy, when RAID 1 emphasizes data redundancy
and security, with a slight performance trade-off.
RAID 0 ideal for applications where speed is critical, but data loss risk is higher, while RAID 1 suitable for
environments where data protection is essential.