week 3

8.3 Threat Mitigation

 

8.3.1 Understand the purposes, processes, benefits and drawbacks of common threat mitigation techniques:

• security settings:

o hardware

o software

• anti-malware software:

o function

o actions

• intrusion detection

• encryption:

o hashing

o symmetric

o asymmetric

• user access policies

Digital systems like school networks, business IT systems or online platforms are always at risk from threats like hacking, viruses, or people accessing things they shouldn’t. To help stop these threats, organisations use user access controls, policies, and procedures. Let’s break this down into two key areas:

Permissions

What are permissions?
Permissions are rules that decide what each user is allowed (or not allowed) to do on a system. Think of it like having different keys to open different doors. Not everyone should be able to unlock every door!

Why are permissions important?
They help stop unauthorised users from accessing private or sensitive information. If someone only needs to write emails and use Word, there’s no reason they should be able to access finance files or system settings.

Examples of permissions:

• A student can log in and use Word and PowerPoint but can’t install new software.

• A teacher might be able to access class folders and mark books, but not see payroll data.

• An IT technician might have full admin access because they need to maintain the system.

How this helps prevent threats:

• Stops users from making harmful changes by accident.

• Blocks hackers from easily moving around the system if they do get in.

• Reduces the damage if someone’s login details are stolen.

2. IT User Policies

What is an IT user policy?
It’s a set of rules that explains how users should use the organisation’s IT systems. Everyone who uses the system must agree to follow these rules.

What do these policies usually include?

• Acceptable Use Policy (AUP): What you can and can’t do on the network. For example, not downloading dodgy software or visiting unsafe websites.

• Password Policy: Rules for creating strong passwords, how often to change them, and not sharing them with others.

• Data Protection Policy: How to handle private data safely, like student records or customer information.

• Email and Internet Use: Guidelines to avoid spam, scams, and wasting time online.

How this helps prevent threats:

• Educates users on safe behaviour.

• Reduces the chance of someone accidentally causing a security problem.

• Makes it easier to identify and deal with rule-breakers.

Example situation:
If a student downloads a game full of malware onto a school computer, they’ve broken the AUP. Because they agreed to the rules, the school can take action and also knows where to look to fix the problem.

• staff vetting

• staff training

• software-based access control

• device hardening

• backups:

o type (full, incremental, differential)

o safe storage

• software updates

What are software updates?
Software updates are new versions or improvements made to programs and systems you use — like Windows, antivirus software, web browsers, or apps.

Why are they important for security?

• Fix security flaws: Hackers are always looking for weaknesses in software. Updates often fix these gaps before they can be used to attack the system.

• Improve performance: Updates can also make software run better and smoother, which reduces system crashes that might be exploited by attackers.

• New features or tools: Sometimes updates add tools that make it easier to manage security or improve user experience.

Example:
If a computer is using an old version of Windows that hasn’t been updated in months, it may be missing vital security fixes, making it an easy target for hackers or viruses.

• firmware/driver updates

• air gaps

• certification of APIs (application programme interface)

• VPNs (Virtual private networks)

What is a VPN, and how does it work?

• multi-factor authentication (MFA)

• password managers

• port scanning

• penetration testing:

o ethical hacking

o unethical hacking

8.3.2 Understand the processes and procedures that assure internet security, and the reasons why they are used:

• firewall configuration:

o rules for traffic (inbound and outbound)

o traffic type rules

o application rules

o IP address rules

• network segregation:

o virtual

o physical

o offline network

• network monitoring

• port scanning.

Last Updated
2025-12-17 15:21:37