[242.1] Select and use appropriate methods to minimise security risk to IT systems and data Assessment Criteria
1.1| | Describe the security issues that may threaten system performanceThe possible threats to system performance may be: unwanted e-mail (‘spam’), malicious programs (including viruses, trojans) and hackers. Security precautions can be taken beforehand such as use of access controls. We can configure anti-virus software, adjust firewall settings, adjust internet security settings; backup; store personal data and software safely; treat messages, files, software and attachments from unknown sources with caution; download security software updates. | |
| | |
1.3| | Describe the threats to system and information security and integrityThe possible threats to information security may be: from theft, unauthorised access, accidental file deletion, use of removable storage media; malicious programs (including viruses, trojans), hackers, phishing and identity theft; unsecured and public networks, default passwords and settings, wireless networks, Bluetooth, portable and USB devices. | |
1.4| | Keep information secure and manage personal access to information sources securelyProtect systems and data: Access controls: Physical controls: log-in details should be treated as credit card information and not to be left lying anywhere with an easy access, locks, passwords, access levels. | |
1.5| | Describe ways to protect hardware, software and data and minimise security riskThere are steps to prevent threats to system and information: access to information sources should be allowed with Username and password/PIN selection. The system set up on password strength; how and when to change passwords (monthly); online identity/profile; Real name, pseudonym; what personal information to include, who can see the information; Respect confidentiality, avoid inappropriate disclosure of information....