Exam (elaborations)
Unit 11 - Cyber Security Activity 3 Distinction Answers
- Institution
- PEARSON (PEARSON)
Unit 11 - Cyber Security Activity 3 Distinction Answers. Made by examiner on 02/01/2023
[Show more]
Content preview
1 - BCTAA Employee Device AccessAppropriateness of Protection Measure
It is an important consideration that each employee at BCTAA is able to keep their own work
safe and secure, where only they can access it.
Alternative Protection Measures that Could be Used
Alternatively, each computer at the office could be unique to the employee that uses it,
meaning that only person A can use computer A and so on. This would mean that every user
logs in to their own allocated computer to manage their own files.
A downside to the idea of having individual PCs for each employee, would be that they
wouldn’t be networked together, meaning that there would be no way for them to share files
directly over the network.
Rationale for Choice of Protection Measure
The reason I chose this protection measure was so that employees are able to securely
store and access the files that relate to their jobs, while still being able to share files and to
access publically shared files.
2 - Theft or Copying of Door Access Card
Appropriateness of Protection Measure
It is important to educate the employees of the risks that can exist when they do not look
after their access cards, because it will promote them to keep their cards safe and to not
allow them to be used by others.
It is also an important step to increase the security regarding the card-based access to the
office, so that the office is kept physically secure.
Alternative Protection Measures that Could be Used
An entirely different access method could be employed, like a keycode that all employees
must memorise, or a biometric fingerprint scanner that all employees have been whitelisted
on.
The issues with these come down to the expense of biometrics and technical proficiency
required to set it up and maintain it, as well as the possibility of misremembering a code for a
keypad as the code will likely change on a regular basis.
, Rationale for Choice of Protection Measure
I think that the best method for protecting cards is to keep employees aware of the security
risks, to improve the physical security that protects physical access, and to provide
capabilities of preventing card ID theft such as RFID proof wallets.
3 - Man in the Middle Attack
Appropriateness of Protection Measure
I believe that the protection measure of ensuring that all wireless communication is
encrypted is very appropriate for BCTAA. In order to prevent attackers from being able to
intercept and then read sensitive information passed via a wireless transmission, the data
being sent must be encrypted. Failure to ensure encryption would resort in untrustworthy
wireless communication.
Alternative Protection Measures that Could be Used
An alternative to risking data and information that is being sent to, from, and within the
network, would be to use wired connections for as much communication as possible. This
would be impossible to achieve between the network and the internet/client, but BCTAA
could cut down on any of the wireless devices that are being used, and replace them with
wired connections. For example, the staff mobile devices would not be allowed to connect to
the network.
Rationale for Choice of Protection Measure
I believe that the protection measure I have come up with is vital if wireless communication
is to be had with the EH network. Therefore, wireless encryption via protocols such as FTP
or TLS is required.
4 - Public Areas Hours
Appropriateness of Protection Measure
The accessibility to both, the EH network, and the building itself by guests is possible outside
of the typical working hours of the offices at the building, meaning that the offices of the
network are potentially more at risk, since they are empty of employees, unsupervised,
which could allow an attacker to gain access.
It is therefore important to ensure additional measures of security to lessen the risk of
unauthorised access to the office, or to the network.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller BTECLevel3IT. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £15.98. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
73918 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy revision notes and other study material for 14 years now