OCR LEVEL 3 CAMBRIDGE TECHNICAL

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "OCR LEVEL 3 CAMBRIDGE TECHNICAL"

Transcription

1 Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT NETWORKED SYSTEMS SECURITY J/601/7332 LEVEL 3 UNIT 28 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10

2 NETWORKED SYSTEMS SECURITY J/601/7332 LEVEL 3 AIM AND PURPOSE OF THE UNIT On completion of this unit learners will know the range of network attacks, where they originate and why. Learners will be able to use this information to develop an understanding of the ways in which networks can be protected and how organisations can avoid or reduce their risk of attack and plan security procedures to protect the network. Learners will also have the necessary practical skills to configure hardware and software to improve security against attack and carry out tests on systems to confirm that the network system is secure from potential attacks and threats. 2

3 Networked systems security Level 3 Unit 28 ASSESSMENT AND GRADING CRITERIA Learning Outcome (LO) Pass Merit Distinction The learner will: The assessment criteria are the pass requirements for this unit. The learner can: To achieve a merit the evidence must show that, in addition to the pass criteria, the learner is able to: To achieve a distinction the evidence must show that, in addition to the pass and merit criteria, the learner is able to: 1 Know the types and sources of network attacks 2 Know about security related hardware and software 3 Understand organisational aspects of network security 4 Be able to apply system security P1 describe how networks can be attacked P2 describe how networked systems can be protected P3 explain what an organisation can do to minimise security breaches in networked systems P4 plan procedures to secure a network P5 configure a networked device or specialist software to improve the security of a network M1 explain reasons why networks can be attacked M2 explain types of security hardware and software which are used to protect networks M3 develop user documentation to enable users to secure a network D1 compare the effectiveness of security measures used by organisations D2 develop a test plan to test the security of the network system 3

4 TEACHING CONTENT The unit content describes what has to be taught to ensure that learners are able to access the highest grade. Anything which follows an i.e. details what must be taught as part of that area of content. Anything which follows an e.g. is illustrative, it should be noted that where e.g. is used, learners must know and be able to apply relevant examples to their work though these do not need to be the same ones specified in the unit content. LO1 - Know the types and sources of network attacks types of threats external hacking internal hacking malware; worms, viruses, spyware, Trojans, time bombs and Denial of Service attacks theft of resources and equipment. reasons for carrying out attacks or hacking into systems cyber terrorism hacktivism espionage, (industrial or international) personal gain disgruntled employees trying to retaliate against the employer. LO2 - Know about security related hardware and software Hardware security systems physical, (e.g. key pad, card entry, surveillance cameras, fingerprint readers, locking equipment cabinets, parallel systems, access control, circuit breakers, fuses) routers switches wireless access point. Software operating system security confidentiality levels integrity of software and data. software security passwords user permissions updates and patches. LANS authentication, (e.g. Wire Equivalence Privacy, WI-FI Protected Access) access control, (e.g. Medium Access Control). encryption symmetric, public key encryption protocols, (e.g. Secure Socket Layer). firewalls hardware anti-virus software. intrusion detection. LO3 - Understand organisational aspects of network security risk assessment to establish minimum levels of access for users clarity and simplicity of security procedures effect of procedures on staff, (i.e. training requirements) implementation/maintenance costs against lost time/ data recovery costs. different types of networks wired Wi-Fi LAN (Local Area Network) WAN (Wide Area Network) MAN (Metropolitan Area Network) CAN (Campus Area Network) serve based networks peer to peer networks. effectiveness of security measures size of organisation type of industry, (e.g. retail, finance, e-commerce etc) external and internal security functions deterrent measures preventative measures. policies guide decision making allow managerial discretion integral part of organisational strategies formulated by top management. procedures drive actions detailed and rigid tactical tools. examples of policies and procedures include: backup 4

5 Networked systems security Level 3 Unit 28 recovery data classification (e.g. public, confidential, commercially sensitive) authentication passwords, usernames biometrics physical security identify passes key cards locked door or locked computer requirements inappropriate website access policies e.g. pornographic and other inappropriate websites mobile technology security copying and downloading of software anti malware measures (e.g. up to date anti-malware software) back up and back up locations data destruction the security software and hardware which can be implemented. LO 4 - Be able to apply system security network security plan document to include: sections: title page with organisation name, system identification, (e.g. name, identification code, name of system security plan owner document version table) system characteristics should include the following: system type system status purpose of system system interconnection and information sharing programs and applications on system. applicable laws or regulations security level protection requirements management controls including certification, accreditation, tasks and milestones, continuous monitoring security planning policy and procedures rules of behaviour software usage restrictions user installed software. operation controls to include: security awareness and training and associated policy and procedures awareness courses security training for users and technical staff security training records configuration change control and monitoring access restrictions. contingency planning contingency policy and procedures contingency plan contingency training contingency plan testing and exercises to be carried out a range of contingency activities, (e.g. alternative storage sites, information system backup, telecommunication services, information system recovery and rebuild) control policies, (e.g. incident response, maintenance, physical access, media protection, personnel security, information input, error handling, spam protection) technical controls, (e.g. access management and enforcement, information flow, separation of duties. Number of attempts at log in, period of time for which failed attempts at log-in will count towards the total permitted number, remote access, wireless access restrictions, control of mobile devices including laptops). test plan create a test plan containing the following headings: test number date of test description of test anticipated test result actual test result issues actions to be taken. the test plan should monitor system security elements including: level of staff training in correct security procedures level of staff awareness of the need for security as stated in the network security plan the level of contingency training what contingency plan testing has take place what contingency exercises have taking place what security issues have been identified and addressed the success or failure of the elements of the security plan the success or failure of the elements of the contingency plan. 5

6 securing networks - hardware use of shielding, (transmission control) intrusion detection, (e.g. alarms) router switch wireless access points. securing networks - software personal access control setting protocols and access levels encryption of files configuring firewalls and anti-virus software. 6

7 Networked systems security Level 3 Unit 28 DELIVERY GUIDANCE Know the types and sources of network attacks Learners must be taught about the different types of threats to network security. This could be delivered through a presentation of the different types of threats and how they affect networks i.e. what do they do. Learners could then research real life examples of the different types of threats. A group discussion could then follow on how these attacks are implemented and why the attacks are instigated e.g. external hacking to extract sensitive information, cyber terrorism attacking particular governments to try and destroy or discredit them. Encouraging learners to research articles or recorded discussions of real-life examples where threats have turned into reality is a way to engage them. They in turn can conduct further research, possibly working in teams, and present other examples, which can be fed back to the whole group through discussion or presentations. The tutor can use this activity to correct any misconceptions and fill in any gaps in the knowledge demonstrated. Know about security related hardware and software Learners must have a good understanding of the constraints and principles for designing network security measures, for example no user should have higher access levels than they need to carry out their legitimate activities. Information relating to the different hardware and software security measures could be presented to the learners through a presentation. An overview of the different security measures could be given, with the learners then having to consider different real life examples of when the different measures are used, e.g. - use of card entry systems to access buildings and rooms, for example the server room for a network is normally protected by a lock or keypad. Learners should be taught about the different hardware and software available to support the securing of a network as per the teaching content. The learners must have an understanding of how hardware and software can be configured and used to secure different types of networks. Tutors can use examples, such as when organisational systems have been unavailable or slow because of the testing or checking. Examples such as these will enable learners to understand why interference with normal processing and usage is one way in which users can become disaffected with security. It is important for learners to understand that security systems which use too much user time or require irrelevant activities to be carried out can cause security plans to: not be implemented properly not be implemented at all circumvented by the user. Understand organisational aspects of network security The tutor could begin by asking learners to review: the knowledge that they have already gathered the restrictions and behaviours that they have to deal with when using the institutional, training or work based information systems creating lists of policies and procedures which these represent. It is important that tutors ensure that learners can differentiate between policies and procedures before embarking on this activity. The learner must be introduced to the range of policies and procedures which can be used to minimise security breaches, these should include the policies and procedures identified in the teaching content. Through a group discussion, learners could discuss the security measures implemented by different organisations and compare their effectiveness as per the teaching content. 7

8 Be able to apply system security It is important that learners understand the need to test security measures and how the tests can be carried out. Learners should be asked to consider the different security threats and attacks that they have previously been taught and their associated security measures. They should then think about how these security measures could be tested. The learners should be given guidance on what constitutes a good test plan i.e. number of test, date of test, description of test, anticipated result of test, actual test result, issues that have occurred and the number of the re-test. Through a group discussion between the tutor and the class, a plan should be devised to secure a given network. This could be based on a type of organisation e.g. insurance company who will store information relating to their customers i.e. names, addresses, dates of birth, bank details etc. They could be given a template of a network security planning document to complete for the network. The learners will need to consider what documentation should be put into place to support the users who need to apply the procedures. This can include the network managers who have to put the security measures in place, to the staff who have to use login procedures etc. This again could be delivered by having an initial group discussion between the tutor and the learners about who may need documentation and why. The class could then work together in smaller groups to develop user documentation for the different personnel involved. Learners should be given a network system where they have to a) plan the security measures to be implemented using the appropriate documentation, b) devise user documentation so that the users can implement the security measures, c) develop a test plan to test the security of the network system after the security measures have been implemented. 8

9 Networked systems security Level 3 Unit 28 SUGGESTED ASSESSMENT SCENARIOS AND TASK PLUS GUIDANCE ON ASSESSING THE SUGGESTED TASKS It should be noted that the evidence for a number of assessment criteria could be provided in a single report but this is at the discretion of the tutor. Assessment Criteria P1 and M1 For P1, learners are required to describe how networks can be attacked. They must be able to provide at least one example of each of the types of threats from the teaching content, but can present more examples. Learners could produce a report or a presentation with detailed speaker notes. Alternatively learners could produce a table with appropriate headings. For merit criterion M1 learners must explain the reasons why networks can be attacked and present their findings. This could be an extension of their evidence for P1, explaining the type of threats and why these attacks are carried out. This could be an extension to the report produced for P1 or an extension to the presentation. If the learner used the table format for P1, they could produce a separate report or presentation. Assessment Criteria P2, M2 The learner could evidence P2 by creating a report, presentation with detailed speaker notes or a leaflet describing how networked systems can be protected. Learners may find it easier, if they give examples of different threats, as produced as evidence for P1, and then provide a description of how a network can be secured to prevent the attacks taking place. For merit criterion M2 learners must explain the types of security hardware and software which are used to protect networks. They could provide the information in a report, presentation with detailed speaker notes or in a table. The evidence should include at least three different types of security hardware and three different types of security software. Assessment Criteria P3, D1 P3 could be achieved through learners producing a report or presentation with detailed speaker notes explaining what an organisation can do to minimise security breaches in networked systems. Learners could be given a scenario for a particular type of organisation. For distinction criterion D1 learners must provide a comparison of the effectiveness of security measures used by organisations. They should compare organisations of different sizes and types in order to provide a comparison of the external and internal security functions, deterrent measures and preventative measures. They could provide this in a table format, a report or as a presentation with detailed speaker notes. Assessment Criteria P4, M3 and D2 P4 may be achieved by the learner producing a plan of the necessary security procedures required to protect the network of a given system. The evidence will be the plan. For merit criterion M3 learners must produce documentation that will enable the staff involved in the security of the IT system to implement the planned security measures. The documentation can be in either paper format, electronic, interactive presentation etc. Learners should ensure that the documentation is clear and easy to follow. For distinction criterion D2 learners must produce a test plan which can be used to test the security of the network. The test plan must be detailed and include the headings identified in the teaching content. Assessment Criterion P5 For P5, learners will need to configure a networked device or specialist software to improve the security of a network. Evidence could be presented in the form of annotated photos or screenshots supported by detailed assessor observation. SUGGESTED SCENARIOS Learners could be given a scenario for a particular type of organisation e.g. small travel agents who have 6 computers on a wired network linked to a server. The information stored on the server includes: names, addresses and telephone numbers of customers wishing to purchase a property as well as the vendors (people selling properties). All of the accounts information including the payroll is stored on the server. The computers are used by the accounts manager, the office manager, two admin assistants and two qualified estate agents who conduct valuations on properties. RESOURCES This unit requires that learners have access rights to the hardware and software of a network and also to any security components. They must be able to change and monitor security settings. The access to hardware and the opportunities to add or change components also requires that 9

10 learners have the necessary training in the Health and Safety aspects of working with live electronic equipment. Tutors will need to be experienced in all of these areas in order to train and support learners throughout the unit. Access to network systems is also important for learners to carry out security hardware and software configurations, and carry out the necessary learning activities for learning outcome 4. Learners may require internet access to conduct research on real life security breaches. 10

11 Networked systems security Level 3 Unit 28 MAPPING WITHIN THE QUALIFICATION TO THE OTHER UNITS Unit 1 - Communication and employability skills for IT Unit 4 - Managing networks Unit 5 - Organisational systems security Unit 7 - Computer networks LINKS TO NOS 6.2 IT Security Management 6.3 IT Disaster Recovery 11

12 CONTACT US Staff at the OCR Customer Contact Centre are available to take your call between 8am and 5.30pm, Monday to Friday. We re always delighted to answer questions and give advice. Telephone

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT COMPUTER NETWORKS R/601/7320 LEVEL 3 UNIT 7 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 COMPUTER NETWORKS R/601/7320 LEVEL

More information

OCR Level 2 CAMBRIDGE TECHNICAL

OCR Level 2 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR Level 2 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT IT security J/601/4057 LEVEL 2 UNIT 18 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 IT SECURITY J/601/4057 LEVEL 2 Aim

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT ORGANISATIONAL SYSTEMS SECURITY T/601/7312 LEVEL 3 UNIT 5 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 ORGANISATIONAL SYSTEMS

More information

OCR LEVEL 2 CAMBRIDGE TECHNICAL

OCR LEVEL 2 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 2 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT DOING BUSINESS ONLINE Y/601/5083 LEVEL 2 UNIT 21 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 DOING BUSINESS ONLINE Y/601/5083

More information

Networked Systems Security

Networked Systems Security Unit 32: Networked Systems Security Unit code: QCF Level 3: Credit value: 10 Guided learning hours: 60 Aim and purpose J/601/7332 BTEC National The aim of this unit is to ensure learners know about the

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT e-commerce A/601/7313 LEVEL 3 UNIT 6 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 e-commerce A/601/7313 LEVEL 3 UNIT 6

More information

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Computer and Network Security Policy Policy Number: 04.72.12 Effective Date: November 4, 2003 Issuing Authority: Office of the Vice President for

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT WEB SERVER SCRIPTING A/601/0443 LEVEL 3 UNIT 26 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 WEB SERVER SCRIPTING A/601/0443

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT IT TECHNICAL SUPPORT J/601/7279 LEVEL 3 UNIT 8 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 IT TECHNICAL SUPPORT J/601/7279

More information

Qualification Specification. Level 4 Certificate in Cyber Security and Intrusion For Business

Qualification Specification. Level 4 Certificate in Cyber Security and Intrusion For Business Qualification Specification Level 4 Certificate in Cyber Security and Intrusion For Business ProQual 2015 Contents Page Introduction 3 Qualification profile 3 Centre requirements 4 Support for candidates

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT INFORMATION SYSTEMS H/601/7256 LEVEL 3 UNIT 2 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 INFORMATION SYSTEMS H/601/7256

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT CLOUD COMPUTING IN BUSINESS M/505/5384 LEVEL 3 UNIT 40 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 CLOUD COMPUTING IN

More information

Unit 3 Cyber security

Unit 3 Cyber security 2016 Suite Cambridge TECHNICALS LEVEL 3 IT Unit 3 Cyber security Y/507/5001 Guided learning hours: 60 Version 1 September 2015 ocr.org.uk/it LEVEL 3 UNIT 3: Cyber security Y/507/5001 Guided learning hours:

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT WEB ANIMATION FOR INTERACTIVE MEDIA A/502/5661 LEVEL 3 UNIT 18 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 WEB ANIMATION

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT WEBSITE PRODUCTION Y/601/6623 LEVEL 3 UNIT 12 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 WEBSITE PRODUCTION Y/601/6623

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT SYSTEM DESIGN R/505/4647 LEVEL 3 UNIT 33 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 SYSTEM DESIGN R/505/4647 LEVEL 3

More information

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding

More information

Best Practices For Department Server and Enterprise System Checklist

Best Practices For Department Server and Enterprise System Checklist Best Practices For Department Server and Enterprise System Checklist INSTRUCTIONS Information Best Practices are guidelines used to ensure an adequate level of protection for Information Technology (IT)

More information

Small Business IT Risk Assessment

Small Business IT Risk Assessment Small Business IT Risk Assessment Company name: Completed by: Date: Where Do I Begin? A risk assessment is an important step in protecting your customers, employees, and your business, and well as complying

More information

HIPAA Security Alert

HIPAA Security Alert Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information

More information

OCR LEVEL 2 CAMBRIDGE TECHNICAL

OCR LEVEL 2 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 2 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT IT SUPPORT F/601/3277 LEVEL 2 UNIT 7 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 IT SUPPORT F/601/3277 LEVEL 2 AIM OF

More information

Supplier Security Assessment Questionnaire

Supplier Security Assessment Questionnaire HALKYN CONSULTING LTD Supplier Security Assessment Questionnaire Security Self-Assessment and Reporting This questionnaire is provided to assist organisations in conducting supplier security assessments.

More information

The Protection Mission a constant endeavor

The Protection Mission a constant endeavor a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring

More information

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C. Belmont Savings Bank Are there Hackers at the gate? 2013 Wolf & Company, P.C. MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2013 Wolf & Company, P.C. About Wolf & Company, P.C.

More information

ICANWK303A Configure and administer a network operating system

ICANWK303A Configure and administer a network operating system ICANWK303A Configure and administer a network operating system Release: 1 ICANWK303A Configure and administer a network operating system Modification History Release Release 1 Comments This Unit first

More information

Name: Position held: Company Name: Is your organisation ISO27001 accredited:

Name: Position held: Company Name: Is your organisation ISO27001 accredited: Third Party Information Security Questionnaire This questionnaire is to be completed by the system administrator and by the third party hosting company if a separate company is used. Name: Position held:

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

OCR LEVEL 2 CAMBRIDGE TECHNICAL

OCR LEVEL 2 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 2 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT WEBSITE DEVELOPMENT A/601/3245 LEVEL 2 UNIT 9 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 WEBSITE DEVELOPMENT A/601/3245

More information

Principles of ICT Systems and Data Security

Principles of ICT Systems and Data Security Unit 14: Principles of ICT Systems and Data Security Unit code: L/601/3508 QCF Level 2: BTEC Specialist Credit value: 6 Guided learning hours: 45 Aim and purpose This unit introduces the common types of

More information

INFORMATION SECURITY FOR YOUR AGENCY

INFORMATION SECURITY FOR YOUR AGENCY INFORMATION SECURITY FOR YOUR AGENCY Presenter: Chad Knutson Secure Banking Solutions, LLC CONTACT INFORMATION Dr. Kevin Streff Professor at Dakota State University Director - National Center for the Protection

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT PROJECT PLANNING WITH IT Y/601/7321 LEVEL 3 UNIT 9 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 PROJECT PLANNING WITH IT

More information

RL Solutions Hosting Service Level Agreement

RL Solutions Hosting Service Level Agreement RL Solutions Hosting Service Level Agreement April 2012 Table of Contents I. Context and Scope... 1 II. Defined Terms... 1 III. RL Solutions Responsibilities... 2 IV. Client Responsibilities... 4 V. The

More information

SECURITY CONSIDERATIONS FOR LAW FIRMS

SECURITY CONSIDERATIONS FOR LAW FIRMS SECURITY CONSIDERATIONS FOR LAW FIRMS Enterprise Risk Management Professional consulting firm that specializes in cyber security Founded in 1998 in Miami, Florida Serves more than 150 clients, locally,

More information

Section 12 MUST BE COMPLETED BY: 4/22

Section 12 MUST BE COMPLETED BY: 4/22 Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege

More information

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0 BCS IT User Syllabus IT for Users Level 2 Version 1.0 June 2009 ITS2.1 System Performance ITS2.1.1 Unwanted messages ITS2.1.2 Malicious ITS2.1.1.1 ITS2.1.1.2 ITS2.1.2.1 ITS2.1.2.2 ITS2.1.2.3 ITS2.1.2.4

More information

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft) 1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction

More information

A practical guide to IT security

A practical guide to IT security Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or

More information

Unit 4 Computer networks

Unit 4 Computer networks 2016 Suite Cambridge TECHNICALS LEVEL 3 IT Unit 4 Computer networks H/507/5003 Guided learning hours: 60 Version 1 September 2015 ocr.org.uk/it LEVEL 3 UNIT 4: Computer networks H/507/5003 Guided learning

More information

Internet tools and techniques at this level will be defined as advanced because:

Internet tools and techniques at this level will be defined as advanced because: Unit Title: Using the Internet OCR unit number: 41 Level: 3 Credit value: 5 Guided learning hours: 40 Unit reference number: F/502/4298 Unit purpose and aim This is the ability to set up and use appropriate

More information

ICANWK406A Install, configure and test network security

ICANWK406A Install, configure and test network security ICANWK406A Install, configure and test network security Release: 1 ICANWK406A Install, configure and test network security Modification History Release Release 1 Comments This Unit first released with

More information

NOS for IT User and Application Specialist. IT Security (ESKITU04) November 2014 V1.0

NOS for IT User and Application Specialist. IT Security (ESKITU04) November 2014 V1.0 NOS for IT User and Application Specialist IT Security (ESKITU04) November 2014 V1.0 NOS Reference ESKITU040 ESKITU041 ESKITU042 Level 3 not defined Use digital systems NOS Title Set up and use security

More information

Security aspects of e-tailing. Chapter 7

Security aspects of e-tailing. Chapter 7 Security aspects of e-tailing Chapter 7 1 Learning Objectives Understand the general concerns of customers concerning security Understand what e-tailers can do to address these concerns 2 Players in e-tailing

More information

Critical Controls for Cyber Security. www.infogistic.com

Critical Controls for Cyber Security. www.infogistic.com Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability

More information

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This

More information

Top tips for improved network security

Top tips for improved network security Top tips for improved network security Network security is beleaguered by malware, spam and security breaches. Some criminal, some malicious, some just annoying but all impeding the smooth running of a

More information

IIABSC 2015 - Spring Conference

IIABSC 2015 - Spring Conference IIABSC 2015 - Spring Conference Cyber Security With enough time, anyone can be hacked. There is no solution that will completely protect you from hackers. March 11, 2015 Chris Joye, Security + 1 2 Cyber

More information

Managing internet security

Managing internet security Managing internet security GOOD PRACTICE GUIDE Contents About internet security 2 What are the key components of an internet system? 3 Assessing internet security 4 Internet security check list 5 Further

More information

ULH-IM&T-ISP06. Information Governance Board

ULH-IM&T-ISP06. Information Governance Board Network Security Policy Policy number: Version: 2.0 New or Replacement: Approved by: ULH-IM&T-ISP06 Replacement Date approved: 30 th April 2007 Name of author: Name of Executive Sponsor: Name of responsible

More information

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two Information Security in Universities

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two Information Security in Universities Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two Information Security in Universities Agenda Information Security Management in Universities Recent

More information

T141 Computer Systems Technician MTCU Code 50505 Program Learning Outcomes

T141 Computer Systems Technician MTCU Code 50505 Program Learning Outcomes T141 Computer Systems Technician MTCU Code 50505 Program Learning Outcomes Synopsis of the Vocational Learning Outcomes * The graduate has reliably demonstrated the ability to 1. analyze and resolve information

More information

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable

More information

How to Secure Your Environment

How to Secure Your Environment End Point Security How to Secure Your Environment Learning Objectives Define Endpoint Security Describe most common endpoints of data leakage Identify most common security gaps Preview solutions to bridge

More information

OCR LEVEL 2 CAMBRIDGE TECHNICAL

OCR LEVEL 2 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 2 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT UNDERSTANDING CLOUD COMPUTING L/505/5652 LEVEL 2 UNIT 30 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 Understanding cloud

More information

Computer Networks. Credit value: 10 Guided learning hours: 60. Aim and purpose. Unit introduction. Learning outcomes

Computer Networks. Credit value: 10 Guided learning hours: 60. Aim and purpose. Unit introduction. Learning outcomes Unit 9: Computer Networks Unit code: QCF Level 3: Credit value: 10 Guided learning hours: 60 Aim and purpose R/601/7320 BTEC National The aim of this unit is to ensure learners understand the key components

More information

External Supplier Control Requirements

External Supplier Control Requirements External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must

More information

Franciscan University of Steubenville Information Security Policy

Franciscan University of Steubenville Information Security Policy Franciscan University of Steubenville Information Security Policy Scope This policy is intended for use by all personnel, contractors, and third parties assisting in the direct implementation, support,

More information

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended

More information

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards SCADA Compliance Tools For NERC-CIP The Right Tools for Bringing Your Organization in Line with the Latest Standards OVERVIEW Electrical utilities are responsible for defining critical cyber assets which

More information

OCR LEVEL 2 CAMBRIDGE TECHNICAL

OCR LEVEL 2 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 2 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT COMPUTER GRAPHICS H/601/5801 LEVEL 2 UNIT 10 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 COMPUTER GRAPHICS H/601/5801

More information

How are we keeping Hackers away from our UCD networks and computer systems?

How are we keeping Hackers away from our UCD networks and computer systems? How are we keeping Hackers away from our UCD networks and computer systems? Cybercrime Sony's Hacking Scandal Could Cost The Company $100 Million - http://www.businessinsider.com/sonys-hacking-scandal-could-cost-the-company-100-million-2014-12

More information

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure.

More information

Cyber Self Assessment

Cyber Self Assessment Cyber Self Assessment According to Protecting Personal Information A Guide for Business 1 a sound data security plan is built on five key principles: 1. Take stock. Know what personal information you have

More information

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np Meaning Why is Security Audit Important Framework Audit Process Auditing Application Security

More information

OCR Level 2 CAMBRIDGE TECHNICAL

OCR Level 2 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR Level 2 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT Project planning using IT A/601/3259 LEVEL 2 UNIT 16 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 Project planning using

More information

IT - General Controls Questionnaire

IT - General Controls Questionnaire IT - General Controls Questionnaire Internal Control Questionnaire Question Yes No N/A Remarks G1. ACCESS CONTROLS Access controls are comprised of those policies and procedures that are designed to allow

More information

Wellesley College Written Information Security Program

Wellesley College Written Information Security Program Wellesley College Written Information Security Program Introduction and Purpose Wellesley College developed this Written Information Security Program (the Program ) to protect Personal Information, as

More information

OCR CAMBRIDGE LEVEL 2

OCR CAMBRIDGE LEVEL 2 Cambridge T E C OCR CAMBRIDGE LEVEL 2 CERTIFICATE/DIPLOMA IT BUSINESS IT SKILLS T/601/5012 LEVEL 2 UNIT 3 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 BUSINESS IT SKILLS T/601/5012 LEVEL 2 AIM OF THE

More information

IT security management Unit number: 29 Level: 5 Credit value: 15 Guided learning hours: 60 Unit reference number: A/601/1995.

IT security management Unit number: 29 Level: 5 Credit value: 15 Guided learning hours: 60 Unit reference number: A/601/1995. Unit title: IT security management Unit number: 29 Level: 5 Credit value: 15 Guided learning hours: 60 Unit reference number: A/601/1995 UNIT AIM AND PURPOSE This unit provides the opportunity for learners

More information

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and

More information

INFORMATION TECHNOLOGY ENGINEER V

INFORMATION TECHNOLOGY ENGINEER V 1464 INFORMATION TECHNOLOGY ENGINEER V NATURE AND VARIETY OF WORK This is senior level lead administrative, professional and technical engineering work creating, implementing, and maintaining the County

More information

CP3043 Social, Legal and Professional Aspects of Computing. Mr Graham Brown. Assessment 2

CP3043 Social, Legal and Professional Aspects of Computing. Mr Graham Brown. Assessment 2 CP3043 Social, Legal and Professional Aspects of Computing Mr Graham Brown Assessment 2 Colin Hopson 0482647 Wednesday 16 th April 2008 i Contents 1 Introduction... 1 1.1 The Bridgeway Building Society...

More information

Better secure IT equipment and systems

Better secure IT equipment and systems Chapter 5 Central Services Data Centre Security 1.0 MAIN POINTS The Ministry of Central Services, through its Information Technology Division (ITD), provides information technology (IT) services to government

More information

HR Documents and Templates Information Technology PolicyPro

HR Documents and Templates Information Technology PolicyPro HR Documents and Templates Information Technology PolicyPro PLANNING Strategic Planning Contents of an IT Strategic Plan (F) Strategic Issues Checklist (CH) Tactical Planning Implementation Planning Change

More information

BUSINESS OCR LEVEL 3 CAMBRIDGE TECHNICAL. Cambridge TECHNICALS INTERNET MARKETING IN BUSINESS CERTIFICATE/DIPLOMA IN M/502/5432 LEVEL 3 UNIT 11

BUSINESS OCR LEVEL 3 CAMBRIDGE TECHNICAL. Cambridge TECHNICALS INTERNET MARKETING IN BUSINESS CERTIFICATE/DIPLOMA IN M/502/5432 LEVEL 3 UNIT 11 Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN BUSINESS INTERNET MARKETING IN BUSINESS M/502/5432 LEVEL 3 UNIT 11 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 INTERNET MARKETING

More information

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT UNDERSTANDING THE BUSINESS ANALYTICS PROCESS FOR BIG DATA J/505/5326 LEVEL 3 UNIT 39 GUIDED LEARNING HOURS: 60 UNIT CREDIT

More information

ICAB4236B Build security into a virtual private network

ICAB4236B Build security into a virtual private network ICAB4236B Build security into a virtual private network Release: 1 ICAB4236B Build security into a virtual private network Modification History Not Applicable Unit Descriptor Unit descriptor This unit

More information

3. Are employees set as Administrator level on their workstations? a. Yes, if it is necessary for their work. b. Yes. c. No.

3. Are employees set as Administrator level on their workstations? a. Yes, if it is necessary for their work. b. Yes. c. No. As your trusted financial partner, Maps Credit Union is committed to helping you assess and manage risks associated with your business online banking. We recommend that you do a periodic risk assessment

More information

Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.

Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted. Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted. Administrative Awareness Case Study: Government Offices Certification and Accreditation:

More information

IT Networking and Security

IT Networking and Security elearning Course Outlines IT Networking and Security powered by Calibrate elearning Course Outline CompTIA A+ 801: Fundamentals of Computer Hardware/Software www.medallionlearning.com Fundamentals of Computer

More information

Information Technology Cyber Security Policy

Information Technology Cyber Security Policy Information Technology Cyber Security Policy (Insert Name of Organization) SAMPLE TEMPLATE Organizations are encouraged to develop their own policy and procedures from the information enclosed. Please

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT EXPLORING COMPUTER APPLICATIONS M/505/5403 LEVEL 3 UNIT 36 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 EXPLORING COMPUTER

More information

Ten Deadly Sins in Wireless Security

Ten Deadly Sins in Wireless Security Ten Deadly Sins in Wireless Security The emergence and popularity of wireless devices and wireless networks has provided a platform for real time communication and collaboration. This emergence has created

More information

Newcastle University Information Security Procedures Version 3

Newcastle University Information Security Procedures Version 3 Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations

More information

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction Policy: Title: Status: 1. Introduction ISP-S12 Network Management Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1.1. This information security policy document covers management,

More information

Data Network Security Policy

Data Network Security Policy Authors: Mike Smith Rod Makosch Network Manager Data Security Officer IM&T IM&T Version No : 1 Approval Date: March 2005 Approved by : John Aird Director of IM&T Review Date : 1 April 2006 Trust Ref: C7/2005

More information

The Ministry of Information & Communication Technology MICT

The Ministry of Information & Communication Technology MICT The Ministry of Information & Communication Technology MICT Document Reference: ISGSN2012-10-01-Ver 1.0 Published Date: March 2014 1 P a g e Table of Contents Table of Contents... 2 Definitions... 3 1.

More information

A Practical Approach to Network Vulnerability Assessment AN AUDITOR S PERSPECTIVE BRYAN MILLER, IT DIRECTOR JOHN KEILLOR, CPA, AUDIT PARTNER

A Practical Approach to Network Vulnerability Assessment AN AUDITOR S PERSPECTIVE BRYAN MILLER, IT DIRECTOR JOHN KEILLOR, CPA, AUDIT PARTNER A Practical Approach to Network Vulnerability Assessment AN AUDITOR S PERSPECTIVE BRYAN MILLER, IT DIRECTOR JOHN KEILLOR, CPA, AUDIT PARTNER 1 Agenda Audits Articles/Examples Classify Your Data IT Control

More information

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics SBA Cybersecurity for Small Businesses 1.1 Introduction Welcome to SBA s online training course: Cybersecurity for Small Businesses. SBA s Office of Entrepreneurship Education provides this self-paced

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT COMPUTER GAME PLATFORMS AND TECHNOLOGIES L/600/6610 LEVEL 3 UNIT 15 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 COMPUTER

More information

CHIS, Inc. Privacy General Guidelines

CHIS, Inc. Privacy General Guidelines CHIS, Inc. and HIPAA CHIS, Inc. provides services to healthcare facilities and uses certain protected health information (PHI) in connection with performing these services. Therefore, CHIS, Inc. is classified

More information

University of Pittsburgh Security Assessment Questionnaire (v1.5)

University of Pittsburgh Security Assessment Questionnaire (v1.5) Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.5) Directions and Instructions for completing this assessment The answers provided

More information

Client Update NFA Adopts Interpretive Notice Regarding Information Systems Security Programs

Client Update NFA Adopts Interpretive Notice Regarding Information Systems Security Programs 1 Client Update NFA Adopts Interpretive Notice Regarding Information Systems Security Programs NEW YORK Byungkwon Lim blim@debevoise.com Gary E. Murphy gemurphy@debevoise.com Michael J. Decker mdecker@debevoise.com

More information

Network & Information Security Policy

Network & Information Security Policy Policy Version: 2.1 Approved: 02/20/2015 Effective: 03/02/2015 Table of Contents I. Purpose................... 1 II. Scope.................... 1 III. Roles and Responsibilities............. 1 IV. Risk

More information

OCR LEVEL 2 CAMBRIDGE TECHNICAL

OCR LEVEL 2 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 2 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT DATABASE SYSTEMS R/601/3400 LEVEL 2 UNIT 20 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 DATABASE SYSTEMS R/601/3400 LEVEL

More information

Information Security Policy

Information Security Policy Information Security Policy Steve R. Hutchens, CISSP EDS, Global Leader, Homeland Security Agenda Security Architecture Threats and Vulnerabilities Design Considerations Information Security Policy Current

More information