They could sell confidential info for personal gain or commit sabotage (e.g. delete or corrupt files)
2 of 24
Why is human error a threat to ICT systems?
Failure to follow procedures e.g. writing down passwords, not changing passwords regularly, not shredding paper copies etc.
3 of 24
Why are viruses a threat to ICT systems?
External and internal threats as those with removable media can infect a system, or externally, through the Internet.
4 of 24
Why is spyware a threat to ICT systems?
Data that is stored on internal computer systems is sent to an external source without you even knowing and without your permission. Passwords might be stolen, perhaps by the monitoring of keystrokes. Networked computers can spread it quickly
5 of 24
What are data access threats?
Gaining control of data during transmission without permission by an unauthorised person
6 of 24
What are service threats?
Stop the data being used by the organisation it belongs to by disrupting the normal running of the software.
7 of 24
What is data encryption?
Scrambling data and then re-scrambling at the intended destination. The data cannot be understood if intercepted. An encryption key scrambles and unscrambles the data
8 of 24
How can hardware be used to protect ICT systems?
Locking doors, securing computers to surfaces. biometrics, preventing unauthorised use of USB ports
No access, read only, read/write, read/write/delete, full control
11 of 24
What is a firewall?
Restrict access from intruders by securing data access ports
12 of 24
How can procedures help protect ICT systems?
Employees should be given training on what employee responsibilities are regarding data security and include penalties for malpractice
13 of 24
What institute must companies register with to follow the DPA?
Information Commission
14 of 24
What is a data controller?
Appointed by the organisation. Responsible for data held by the organisation
15 of 24
What rights do data subjects have under the DPA?
See what data is being held about them, To have any errors corrected • To refuse to allow data to be processed for third parties, To refuse to allow sensitive data to be processed, to complain to the data commissioner about abuse of data cont
16 of 24
to claim compensation if damage has been caused by misuse of the act
.
17 of 24
What is the role of the data protection commissioner?
To enforce and oversee the act, raise awareness of the act, investigate complaints
18 of 24
What exemptions are there to the DPA?
Can't see data that may affect national security or hinder police investigations, electoral roll has to be publicly available
19 of 24
What are the three levels of the Computer Misuse Act?
Level 1- unauthorised access to computer material. Level 2- unauthorised access with the intent to commit a further crime. Level 3- unauthorised modification of computer material
20 of 24
What is the penalty for committing a level 1 offence?
6 months in prison or £2000 fine or both
21 of 24
What are the penalties for level 2 or 3 offences?
5 years in prison/ fine/ both
22 of 24
What does the Copyright, Designs and Patents Act cover?
The coding of a piece of software is protected. Cannot be directly copied
23 of 24
What software licences are there available?
Single-user licence= allows user to install software on a single machine. Multi-user licence= allows a number of installations up to max in the agreement. Site licence= allows a number of users within that site to use the software
24 of 24
Other cards in this set
Card 2
Front
Why are employees a threat to ICT systems?
Back
They could sell confidential info for personal gain or commit sabotage (e.g. delete or corrupt files)
Comments
No comments have yet been made