100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Unit 11: Cyber Security and Incident Management (Final WorkBook) $9.71
Add to cart

Other

Unit 11: Cyber Security and Incident Management (Final WorkBook)

 90 views  0 purchase
  • Course
  • Institution

(This Booklet is unsolved you have to solve it yourself) This document is a booklet covering questions that will cover the question for all 5 activities for the exam. There are 3 learning aims which contain 10 topics each. AI will be a good source for you to research these questions. if you can ...

[Show more]

Preview 10 out of 197  pages

  • April 27, 2023
  • 197
  • 2021/2022
  • Other
  • Unknown
avatar-seller
BTEC Level 3 National in
Information Technology:
Unit 11
Learner Workbook 1
Learning Aim A:
Cyber security threats, system vulnerabilities and
security protection methods



Learner name


Tutor name




Specification: BTEC NQF Level 3 Diploma / Extended Diploma in IT Page 1
Unit 11: Cyber Security and Incident Management

,DISCLAIMER
This learner workbook is designed to give learners an introduction to the content listed under the
essential content section within the specification for BTEC NQF IT Level 3 Unit 11 (Cyber Security
and Incident Management.) Learners must cover all specified content before the assessment.

Tutors need to ensure that this learner workbook is used in conjunction with the following
documents which can be found on the Pearson website:

• Unit specification

• Instructions for Conducting External Assessments (ICEA)

• Unit 11 Sample Assessment Materials (SAMs)

• Unit 11 Sample Marked Learner Work (SMLW)

• Unit 11 Scheme of work

• Unit 11 Delivery guide

• Unit 11 Scheme of work

• Unit 11 Administrative guide

• Unit 11 Templates

• Any other new/updated documentation relevant to this unit

The information in this learner workbook is considered to be correct at the date of publication.




Specification: BTEC NQF Level 3 Diploma / Extended Diploma in IT Page 2
Unit 11: Cyber Security and Incident Management

,Start of Learning Aim A Review
Confidence
Topic Checklist Item
Low Medium High
I know the causes of sabotage and theft and the methods
that can be used to reduce them.
I know the causes of unauthorised access and the
Topic 1
methods that can be used to reduce them.
Internal
I know the causes of unsafe working practices and the
Threats
methods that can be used to reduce them.
I know the causes of accidental loss, disclosure of data
and methods that can be used to reduce them.
I know the meaning of malware, the different types and
how they can threaten the security of a computer system.
I know the meaning of a virus, the different types and
Topic 2 how they can threaten the security of a computer system.
External I know the meaning of hacking, the different types and
Threats how they can threaten the security of a computer system.
I know the meaning of social-engineering, the different
types and how they can threaten the security of a
computer system.
I know what operation loss means and how this impacts
an organisation.
Topic 3 I know what financial loss means and how this impacts an
Impacts of organisation.
Credible I know what reputation loss means and how this impacts
Threats an organisation.
I know what intellectual property loss means and how this
impacts an organisation.
I know why a network may become vulnerable and how
to reduce these vulnerabilities.
I know why an organisation may become vulnerable and
how to reduce these vulnerabilities.
I know why software may become vulnerable and how to
reduce these vulnerabilities.
Topic 4 I know why operating systems may and how to reduce
System these vulnerabilities.
Vulnerabilities I know why mobile/portable devices may become
vulnerable and how to reduce these vulnerabilities.
I know why cloud computing may become vulnerable and
how to reduce these vulnerabilities.
I know what an attack vector is and how to reduce these
vulnerabilities.
I know where to find information on the latest hardware
and software threats.
Continued on the next page…..




Specification: BTEC NQF Level 3 Diploma / Extended Diploma in IT Page 3
Unit 11: Cyber Security and Incident Management

,Start of Learning Aim A Review Continued…
Confidence
Topic Checklist Item
Low Medium High
I know the requirements under the Data Protection Act 1998
to keep data safe.
I know the definitions of illegal practices under the Computer
Topic 5 Misuse Act 1990.
Legal I know the requirements to allow companies to monitor
Responsibilities employees under the Telecommunications Regulations 2000.
I know the requirements under the Fraud Act 2006 to deal
with fraud.
I know the duties of employers and employees under the
Health & Safety at Work Act 1974.
I know the different uses and effectiveness of locks/card
entry systems.
I know the different uses and effectiveness of biometrics.
I know the different uses and effectiveness of CCTV/alarm
Topic 6
systems.
Physical
I know the different uses and effectiveness of security
Security staff/guards.
I know the different types of backups, why they are used.
I know the difference between on-site and off-site backups
and why they are used.
I know the use of and effectiveness of antivirus software.
I know why antivirus software makes use of signatures and
Topic 7
heuristics.
Antivirus and
I know the use of and effectiveness of firewalls.
Firewalls
I know different filtering techniques used by firewall
software.
I know what is meant by the term user authentication.
I know the different types of user authentication and how
Topic 8 effectively they secure data.
Authentication I know what is meant by the term access control.
& Access
I know different types of access control.
Controls
I know different access controls that can be used and how
effectively they secure IT systems.
I know what is meant by the term encryption.
Topic 9 I know the different uses of encryption.
Encryption I know the different methods of encryption.
I know how effectively encryption methods keep data safe.
I know why wireless networks are more vulnerable to
attacks.
Topic 10 I know what is meant by the term MAC address filtering and
Protecting SSID and how effectively they secure a wireless network.
Wireless I know different methods of wireless encryption and how
Networks effectively they secure a wireless network.
I know what should be considered when designing a network
to reduce the risks of attacks.




Specification: BTEC NQF Level 3 Diploma / Extended Diploma in IT Page 4
Unit 11: Cyber Security and Incident Management

, Introduction
What is Cyber Security?




Specification: BTEC NQF Level 3 Diploma / Extended Diploma in IT Page 5
Unit 11: Cyber Security and Incident Management

,Introduction

What is cyber security?
1. In your own words describe what is meant by the term ‘cyber-attack.’ (PASS)

A cyber-attack is a cybercriminal attack that uses one or more computers to target a single or
numerous computers or networks. A cyber assault can be used to intentionally disable machines,
steal data, or launch additional attacks from a compromised computer. To conduct a cyber-attack,
cybercriminals utilise a range of tactics, like malware, phishing, ransomware, and denial of service
etc.

2. Explain the different reasons why organisations should keep data safe. (PASS)

To meet compliance requirements, to prevent breaches that hurt businesses, to prevent breaches
that hurt data subjects / individuals, to maintain and improve brand value, to strengthen and grow
business, to support ethics, to maintain public, investor and customer trust, to support your
customers’ wishes, to be a competitive differentiator and gain a competitive advantage, to increase
physical safety, to build customer loyalty, to support innovation.

3. Describe what is meant by the following types of attack. (PASS)

Type Explanation
Hacker A hacker is a person who solves a technological problem by using computer,
networking, or other abilities. Anyone who utilises their skills to obtain
unauthorised access to systems or networks in order to conduct crimes is
referred to as a hacker. A hacker may, for example, take information in order
to harm individuals through identity theft or knock down a system and, in many
cases, hold it hostage in exchange for a ransom.
Insider Any person with or without authorised access to or knowledge of an
organisation's resources, such as staff, facilities, information, equipment,
networks, and systems, is considered an insider.
Script kiddie A person who, due to a lack of ability in writing their own computer scripts or
codes, hacks into computers using existing computer scripts or codes.
Scammer/Phisher Phishing is a type of social engineering assault in which cyber thieves deceive
victims into revealing personal information or installing malware on their
device. The person who commits this crime is called a Phiser.

4. Describe what is meant by the following motivations for an attack. (PASS)

Type Explanation
Espionage
Public good Type your answer here.
Score settling Type your answer here.
Public good Type your answer here.
Thrill Type your answer here.
Fraud Type your answer here.




Specification: BTEC NQF Level 3 Diploma / Extended Diploma in IT Page 6
Unit 11: Cyber Security and Incident Management

, 5. In your own words describe what is meant by the term ‘cyber security.’ (PASS)

Type your answer here.




Specification: BTEC NQF Level 3 Diploma / Extended Diploma in IT Page 7
Unit 11: Cyber Security and Incident Management

, Topic 1
Internal Threats




Specification: BTEC NQF Level 3 Diploma / Extended Diploma in IT Page 8
Unit 11: Cyber Security and Incident Management

,Topic 1: Internal Threats
Topic 1: Topic Objectives:
• Pass - Describe what is meant by different internal threats.

• Merit - Describe the different methods that organisations could use to reduce the risks
caused by internal threats.

• Distinction - Evaluate how effectively these security methods reduce the risks caused by
internal threats.




Topic 1: Specification Coverage:




Specification: BTEC NQF Level 3 Diploma / Extended Diploma in IT Page 9
Unit 11: Cyber Security and Incident Management

, Topic 1: Introductory Task:
Lookup the word ‘Disgruntled.’

Think of an experience you have had with a company where you became disgruntled (e.g. having to
wait 40 minutes in a restaurant for your food to be served).

Describe how this made you feel and how your attitude towards the company changed. (PASS)

I ordered food in McDonalds once and they took the payment. My order serial number was showing
on the digital board but soon it disappeared, they did not even call my name to collect my order.
When I went to the till and complaint about it the employees started targeting me instead of looking
into it. I was extremely annoyed with their judgmental behaviour, and it showed negative
appearance from the restaurant.


Topic 1: Deeper Learning Activities:

Sabotage and theft
1. Describe what is meant by the term ‘sabotage’ in the context of a computer network.
(PASS)

Computer Sabotage causes the hardware or the data on the system to be destroyed or damaged.
Because the computer is not used to carry out the destruction, this sort of computer crime
resembles classical sabotage. If computer-assisted security mechanisms must be defeated, or if the
system is managed to cause harm to itself, sabotage may take some expertise.


2. Describe what is meant by the term ‘theft’ in the context of a computer network. (PASS)

The act of taking digital information from an unknown victim's computers, servers, or electronic
devices with the goal to jeopardise privacy or get personal information is known as data theft.
Financial information, such as credit card numbers or bank accounts, to personal information, such
as social security numbers, drivers licence numbers, and medical data, are all examples of
information. Data theft was formerly solely a problem for huge corporations and organisations, but
it is now a rising problem for individual computer users.

3. Research an organisation that has experienced employee sabotage or theft.

Describe:
• Which employee was responsible
• Why the employee carried out the attack
• The impacts the attack had on the organisation (MERIT)

Tesla sabotage




Specification: BTEC NQF Level 3 Diploma / Extended Diploma in IT Page 10
Unit 11: Cyber Security and Incident Management

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Afsar08. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $9.71. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

52510 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$9.71
  • (0)
Add to cart
Added