B063 2016: Policies and Security

HideShow resource information
What is single-factor authentication?
Where the user can obtain access to an account or service using one factor e.g. a password.
1 of 32
Suggest a risk with SFA.
If the same password is used for multiple applications, the user is more vulnerable to being hacked.
2 of 32
What is two-factor authentication?
A security method by which users obtain access by providing two different, separate factors to identify themselves.
3 of 32
What are the different types of factors that can be used for authentication? Give an example for each.
Knowledge (password or pin), possession (membership card) and biometric (fingerprint or DNA).
4 of 32
Give an example of two-factor authentication.
A bank card reader, as it requires a PIN number (knowledge) to be entered and a debit card (possession).
5 of 32
What does mTAN stand for?
Mobile transaction number.
6 of 32
How is two-factor authentication used in Progress Leisure?
The member enters their username and password (knowledge) into the login. Progress Leisure receives login request and sends security code to member's mobile phone (possession), which the member enters to login.
7 of 32
Give 2 benefits of two-factor authentication.
Greater security, deterrent as hackers are more likely to avoid this more secure system.
8 of 32
Give 2 limitations of two-factor authentication.
A phone or a card/reader is needed to log on, customers dislike the extra time taken to log in.
9 of 32
Suggest 2 ways that a password could be made more secure.
They should be a mixture of numbers, letters and symbols, using lower case and upper case and the user should change them regularly.
10 of 32
What is meant by 'access rights'?
It is set up by the system administrator to limit network access to relevant files only for a user.
11 of 32
What is encryption used for?
It is used to make stored data more secure, by making it unreadble to people who do not have the key to decode it. This is commonly used to protect data that is transmitted over the Internet.
12 of 32
What is a firewall?
It is a combination of hardware and software, which is used to prevent unauthorised requests from hackers to gain access to the network of computer system, via the Internet.
13 of 32
How does a firewall work?
It checks the integrity of incoming messages and requests for service from the system. If a message seems suspicious, it is rerouted temporarily until the legitimacy has been established.
14 of 32
What is meant by hacking?
It is the practice of breaking into secure computer systems.
15 of 32
What is an intrusion detection system (IDS) used for?
It is used to monitor the network or computer system for malicious activities.
16 of 32
What happens if an incident is detected by an IDS?
A report is produced, which is sent to the network management for further action to prevent any risk to the system.
17 of 32
What is a virus?
A program that copies itself and spread throughout the computer system, with the intent to damage or corrupt files.
18 of 32
How does antivirus software work?
It helps to minimise the risk by searching the system for viruses and deleting them when they are detected. It also treats files and attached email files from unknown sources with caution.
19 of 32
What is spyware?
Programs that run in a computer system to gather information and pass it on to other interested parties.
20 of 32
Why should you run an anti-spyware program?
It will prevent and detect spyware from being installed and to remove any spyware that has been previously been installed.
21 of 32
What are 4 headings does the acceptable use policy (AUP) at Progress Leisure?
Purpose, acceptable internet usage, unacceptable behaviour, user compliance.
22 of 32
What is the purpose of Progress Leisure's AUP?
To ensure that members understand what is appropriate browsing behaviour, and to specify the directives necessary to protect the IT network infrastructure.
23 of 32
What does the Progress Leisure website provide for members?
Information to help them obtain their fitness goals, such as information about fitness, health and diet.
24 of 32
Name 3 acceptable uses of the Wi-Fi at Progress Leisure.
Personal use such as social media and browsing the internet, member profile including booking classes, and the Progress Leisure website.
25 of 32
What does the Progress Leisure AUP on Acceptable Internet usage state?
The members' use of the Internet must fully comply with legislation including the Data Protection Act, Computer Misuse Act and the Copyright, Design and Patent Act, and that the Internet must be used in an acceptable way.
26 of 32
Name 4 general and system activities that are examples of unacceptable behaviour under Progress Leisure's AUP.
The introduction of malicious programs onto the network or server, attempting to access unauthorised data on the server or other members' accounts, executing network monitoring with the intention of intercepting data, and downloading pirated software
27 of 32
What must all messages be like when posted on chatrooms etc. about Progress Leisure, according to the AUP?
Genuine member opinions, and correct and simply keeping to facts.
28 of 32
What must all messages NOT be like when posted on chatrooms etc. about Progress Leisure, according to the AUP?
They mustn't promote activities that are illegal, promote material that is violent, sexually explicit or discriminatory. They also must not contain material that is obscene or offensive and they mustn't be used to misrepresent or threaten a person.
29 of 32
What must members not do, regarding emails, according to Progress Leisure's AUP?
They mustn't send emails that are unsolicited or 'junk'.
30 of 32
Why does Progress Leisure use web monitor software?
In order to control and monitor the usage of its Wi-Fi, so that users adhere to the AUP. It is also used to filter and block websites that are considered unsuitable and unacceptable for members.
31 of 32
What are members agreeing to in the user compliance section of the AUP for Progress Leisure?
That they have read and understood the Progress Leisure AUP and that they are aware that if they violate any terms and conditions, then their access privileges will be removed etc.
32 of 32

Other cards in this set

Card 2

Front

Suggest a risk with SFA.

Back

If the same password is used for multiple applications, the user is more vulnerable to being hacked.

Card 3

Front

What is two-factor authentication?

Back

Preview of the front of card 3

Card 4

Front

What are the different types of factors that can be used for authentication? Give an example for each.

Back

Preview of the front of card 4

Card 5

Front

Give an example of two-factor authentication.

Back

Preview of the front of card 5
View more cards

Comments

No comments have yet been made

Similar ICT resources:

See all ICT resources »See all Society and Uses of ICT resources »