15198515
Description
Mind Map by Leah Stockall, updated more than 1 year ago
|
Created by Leah Stockall
about 6 years ago
|
|
Protecting Software
Systems
- Securing Operating Systems
- There are security vulnerabilities in all
operating systems and as these are
identified, they should be removed by
installing update
- There are security vulnerabilities in all
operating systems and as these are
identified, they should be removed by
installing update
- Effective Network Security
Provision
- Users must receive training
and be aware of the security
threats
- Network administrators and technical staff should:
- Receive on-going training
to keep up with
developments in security
- Ensure that all operating systems
updates ad software patches are
applied
- Receive on-going training
to keep up with
developments in security
- All employees should be
required to read and sign a
network acceptable use
policy
- Users must receive training
and be aware of the security
threats
- Audit Trails-audit Software
- They can monitor all network
activity and keep a record of all user
activity- their audit trail. it allows a
technician to study what has
happened during a cyber attack
- They can monitor all network
activity and keep a record of all user
activity- their audit trail. it allows a
technician to study what has
happened during a cyber attack
- Modular Testing
- A module is an independent bloc of code that
implements a small number of routines. as
only a small amount is being tested, any
problem should be easier to fix
- A module is an independent bloc of code that
implements a small number of routines. as
only a small amount is being tested, any
problem should be easier to fix
- Vulnerabilities In Coding The Program
- Code vulnerabilities
- When the code does the task intended
but, due to the way it works, it may
create a security issue in some
circumstances
- When the code does the task intended
but, due to the way it works, it may
create a security issue in some
circumstances
- Bad coding practice
- Some programmers write poor-quality code
and don't consider how safe or secure their
code is
- Code reviews - Theses issues can be minimised by having regular code
reviews to look at security vulnerabilities in the code. reviews can be
carried out by other programmers (or teams of programmers) or
automated reviews by specialist software which highlights potential
security vulnerabilities
- Some programmers write poor-quality code
and don't consider how safe or secure their
code is
- Code vulnerabilities
- Software Design Stage
- The software designers will need to consider:
- What kind of authentication is needed?
- Will access control be needed?
- Are warnings needed before allowing
users to copy or delete large amounts of
information?
- Is encryption needed for sensitive
information?
- Will the software be exposed to
threats from hackers?
- What kind of authentication is needed?
- The software designers will need to consider:
- WORKED EXAMPLE
- A group of programmers is developing a software application that will be
used over a network. It is very important that the software application
has no security vulnerabilities. discuss how the programmers could
minimise security vulnerabilities during development. (4marks)
- ANWSER
- During the design stage they could investigate
whether authentication, access control and
encryption are needed to protect the software
from hackers. they should check the c9ode to
ensure there are no vulnerabilities that could
be used by hackers and carry out modular
testing as each routine is completed. Others
teams of programmers should be asked to
look for vulnerabilities in the code
- During the design stage they could investigate
whether authentication, access control and
encryption are needed to protect the software
from hackers. they should check the c9ode to
ensure there are no vulnerabilities that could
be used by hackers and carry out modular
testing as each routine is completed. Others
teams of programmers should be asked to
look for vulnerabilities in the code
- ANWSER
- A group of programmers is developing a software application that will be
used over a network. It is very important that the software application
has no security vulnerabilities. discuss how the programmers could
minimise security vulnerabilities during development. (4marks)
Want to create your own Mind Maps for free with GoConqr? Learn more.