A5 Software and hardware security measures
• Understand the use and effectiveness of software and hardware security measures,
including:
o antivirus software and detection techniques, including virus signatures, heuristics
techniques used to identify potentially suspicious file content, techniques for dealing
with identified threats
o software and hardware firewalls and the filtering techniques they use, including:
– packet filtering and inspection
– application layer awareness
– inbound and outbound rules
– network address
o user authentication:
– user login procedures
– strong password
– text and graphical password
– biometric authentication
– two-step verification
– security tokens, including USB-based and near field keys
– knowledge-based authentication, including question and response pairs
– Kerberos network authentication for Windows® and Linux®-based operating systems
– certificate-based authentication
o access controls and the methods to restrict users’ access to resources, including
applications, folders, files and physical resources
o trusted computing.
• Understand the purpose and uses of encryption, including:
o safe password storage
o digital rights management (DRM)
o file, folder, disc encryption o communications encryption:
– built into devices, including smartphones and tablets
– The Onion Router (Tor)
– virtual private networks (VPNs)
– digital certificates and certificate authorities
– Hypertext Transfer Protocol Secure (HTTPS)
– public/private keys.
• Precautions that can be taken to protect a wireless local area network (WLAN) from
unauthorised access, including:
o MAC address filtering and hiding the service set identifier (SSID)
o wireless encryption – Wired Equivalent Privacy (WEP), Wi-Fi Protected Access 2
(WPA2) and Wi-Fi Protected Setup (WPS), mitigating known wireless vulnerabilities
o consideration of security issues during network and system design to ensure security
is built-in from the development stage.
Links to Learning Outcomes |
Links to Assessment criteria |
|
|---|---|---|
Anonymous Assessment - Learners assess an anonymous piece of work containing deliberate mistakes against given success criteria.