Please enable JavaScript.
Coggle requires JavaScript to display documents.
IT Security (P1 Threat types (Passive threats (Wire-tapping, Port scanning…
IT Security
P1 Threat types
Internal threats
Deliberate
Data theft
Insider threats / employee actions
Accidental loss of data
External threats
Types:
destruction
withholding and/or disruption of systems
data theft
Perpetrators
competitors
cyber criminals
governments
terrorists
Reasons
Political purposes
Financial gain
Physical threats
Types:
Equipment stolen
Maliciously Damaged
Accidental damage
Fire
Flood
Earthquake
Social engineering threats
Shoulder-surfing
Spear phishing and whaling
Dumpster diving
Passive threats
Wire-tapping
Port scanning
Idle scanning
Dumpster diving
War driving
Is the opposite to active threats
Active threats
DDos
Man-in-the-middle
Software-driven threats
Malware
Virus
Worms
Trojan
Ransomware
Spyware
Adware
Rootkit
Backdoor
Logic Bomb
P3: Legal requirements for IT system security
Data Protection Act 1998.
Computer Misuse Act 1990
Copyright, Designs and Patents Act 1988
Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000
Fraud Act 2006
Legal liability and contractual obligations
Cryptographic methods
Shift cyphers
One-time pad
Hash functions
Block and stream cyphers
P2: Information security
What is it?
Principles of Information Security
Confidentiality
Integrity
Availability