BCS IT User Syllabus IT Security for Users Level 2. Version 1.0



Similar documents
Internet tools and techniques at this level will be defined as advanced because:

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Infocomm Sec rity is incomplete without U Be aware,

Cyber Security Awareness

Course: Information Security Management in e-governance

Cyber Security Awareness

Desktop and Laptop Security Policy

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

How To Manage A Network Safely

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange

Information Security. Louis Morgan, CISSP Information Security Officer

Student Tech Security Training. ITS Security Office

Countering and reducing ICT security risks 1. Physical and environmental risks

NC DPH: Computer Security Basic Awareness Training

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics

Common Cyber Threats. Common cyber threats include:

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two Information Security in Universities

INFORMATION SECURITY FOR YOUR AGENCY

Section 12 MUST BE COMPLETED BY: 4/22

STANDARD ON CONTROLS AGAINST MALICIOUS CODE

Business Internet Banking / Cash Management Fraud Prevention Best Practices

Information Incident Management Policy

A Quick Reference Guide for Internet and Computer Security

Business ebanking Fraud Prevention Best Practices

HIPAA Security Training Manual

Protecting personally identifiable information: What data is at risk and what you can do about it

How to stay safe online

COMPUTER-INTERNET SECURITY. How am I vulnerable?

10 Quick Tips to Mobile Security

Saheel KHOYRATTY. Partner Technology Advisor

NOS for IT User and Application Specialist. IT Security (ESKITU04) November 2014 V1.0

ABERDARE COMMUNITY SCHOOL

Acceptable Use of ICT Policy For Staff

SUBJECT: Effective Date Policy Number Security of Mobile Computing, Data Storage, and Communication Devices

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

ICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Principles of ICT Systems and Data Security

TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS. Corporate Account Takeover & Information Security Awareness

Guide to INFORMATION SECURITY FOR THE HEALTH CARE SECTOR

Information Security

The Ministry of Information & Communication Technology MICT

Top tips for improved network security

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Promoting Network Security (A Service Provider Perspective)

An Introduction on How to Better Protect Your Computer and Sensitive Data

How To Protect Decd Information From Harm

Networked Systems Security

Data Access Request Service

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

Integrated Protection for Systems. João Batista Territory Manager

Chapter 11 Manage Computing Securely, Safely and Ethically. Discovering Computers Your Interactive Guide to the Digital World

OCR LEVEL 3 CAMBRIDGE TECHNICAL

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

System Security Policy Management: Advanced Audit Tasks

Kenmore State High School Student Laptop Charter

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World

Computer Security Maintenance Information and Self-Check Activities

Preparing Your Personal Computer to Connect to the VPN

Corporate Account Takeover & Information Security Awareness. Customer Training

Cyber Liability Insurance Data Security, Privacy and Multimedia Protection

LAW OFFICE SECURITY for Small Firms and Sole Practitioners. Prepared by Andrew Mason, Scott Phelps & Mason, Saskatoon Saskatchewan

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Version: 2.0. Effective From: 28/11/2014

DATA AND PAYMENT SECURITY PART 1

Stable and Secure Network Infrastructure Benchmarks

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.

Marlon R Clarke, Ph. D., CISSP, CISM Director Network Operations and Services, NSU

COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING

Cyber Liability Insurance Data Security, Privacy and Multimedia Protection

Guideline on Wireless Security

Transcription:

BCS IT User Syllabus IT for Users Level 2 Version 1.0 June 2009

ITS2.1 System Performance ITS2.1.1 Unwanted messages ITS2.1.2 Malicious ITS2.1.1.1 ITS2.1.1.2 ITS2.1.2.1 ITS2.1.2.2 ITS2.1.2.3 ITS2.1.2.4 ITS2.1.2.5 Be able to describe how unwanted email and other messages, or 'spam', can be received on the computer Use and manage anti-spam software to protect the computer from the risk of unwanted messages Be able to describe what malicious are and how they can enter the computer: viruses, worms, trojans, spyware, adware, rogue diallers Know how to gain protection from malicious : do not open email attachments from unknown users, treat messages, files, software and attachments from unknown sources with caution Be able to describe how anti-virus software can protect hardware, software and data Configure and use anti-virus and anti-spyware software to protect the computer from the risk of malicious Be able to update anti-virus software, and know how often this should be done ITS2.1.3 Infiltration ITS2.1.3.1 Know what a hacker is and describe how a hacker can attempt to infiltrate the computer ITS2.1.3.2 ITS2.1.3.3 Be able to describe how a firewall can protect the computer against the risk of infiltration Adjust firewall settings to minimise security risk ITS2.1.4 Hoaxes ITS2.1.4.1 Be able to describe what hoaxes are, and how to check whether a received message is a hoax: virus hoaxes, chain letters, scams, false alarms, misunderstandings, scares ITS2.1.5 Software ITS2.1.5.1 Be able to describe how setting up and using security software can further protect the computer from Internet threats such as malicious web pages, zero day exploits, driveby downloads ITS2.1.5.2 ITS2.1.5.3 ITS2.1.5.4 Be able to describe how security software patches and updates can protect software Know how to download security software patches and updates Be aware of the threats to software and data when downloading software from the Internet Copyright BCS 2009 Page 2 of 5

ITS2.2 System and Information and Integrity ITS2.3 Access to Information Sources ITS2.2.1 Information ITS2.1.5.5 ITS2.2.1.1 Know and use the methods available to protect software and data when downloading software from the Internet Be able to describe how information can be at risk from theft, from ITS2.2.1.2 Be able to describe how malicious and hackers can threaten information and system security ITS2.2.2 Networks ITS2.2.2.1 Be able to describe how unsecured s can make information accessible to others ITS2.2.2.2 Know how to ensure that unencrypted confidential information is not sent across an unsecured ITS2.2.2.3 Know how to ensure that a wireless is not accessible to other users ITS2.2.2.4 Be able to describe how a proxy server can protect computers on a ITS2.2.2.5 Be able to adjust internet security settings to prevent the risk of access to the by other users ITS2.2.2.6 Be able to describe how access controls can minimise the security risk to systems and data on s ITS2.2.2.7 Be able to describe the security risks when using default passwords and settings on s, computers and ITS2.2.3 Confidentiality ITS2.3.1 Identity/Authentication ITS2.2.3.1 ITS2.2.3.2 ITS2.2.3.3 ITS2.3.1.1 ITS2.3.1.2 ITS2.3.1.3 Use access controls to keep data confidential Know that it is important to respect the confidentiality of any accessible information Know that the computer should not be left unattended without logging off or locking it, to prevent the risk of to data Be able to describe how an individual user name limits access to relevant levels of information when logging onto a computer Be able to describe how passwords and PIN numbers help to protect information from the risk of Be able to describe what makes a password strong or weak Copyright BCS 2009 Page 3 of 5

ITS2.3.1.4 Be able to describe why passwords/pin numbers should be changed regularly ITS2.3.1.5 Be able to describe why passwords/pin numbers should not be shared with others or written down ITS2.3.1.6 Be able to manage passwords/pin numbers: change regularly, select strong passwords ITS2.3.2 Identify theft ITS2.3.2.1 Be able to describe phishing ITS2.3.2.2 Know how to avoid being affected by phishing ITS2.3.2.3 Be able to describe identity theft ITS2.3.2.4 Know how to avoid being affected by identity theft ITS2.3.2.5 Be able to describe the threat to information security associated with an online identity or profile ITS2.3.2.6 Know steps that can be taken to keep a personal identity secure: whether to use a real name or a pseudonym, what an avatar is and how this can protect a personal identity ITS2.3.2.7 Be aware of how to keep personal information secure within an online profile: what information to include, who should be given access to this information, when to withhold personal information ITS2.3.2.8 Avoid inappropriate disclosure of information ITS2.3.3 Bluetooth ITS2.3.3.1 Be able to describe what Bluetooth connectivity is, and why information on Bluetooth devices is vulnerable to ITS2.3.4 Portable Devices ITS2.3.3.2 ITS2.3.4.1 ITS2.3.4.2 ITS2.3.4.3 Be able to adjust Bluetooth settings to prevent the risk of unauthorised access to a Bluetooth device by others Be able to describe why portable devices are vulnerable to loss or theft: laptop, notebook, PDA, mobile phone, multimedia player Be able to describe why USB and other removable storage devices are vulnerable to loss or theft of valuable and confidential information Be able to describe how information stored on USB and other removable devices can be protected: passwords, safe and secure storage Copyright BCS 2009 Page 4 of 5

ITS2.4 Guidelines and Procedures ITS2.5 Data ITS2.4.1 ITS2.4.1.1 Know and apply the guidelines and procedures for the secure use of IT set by employers or organisations ITS2.4.1.2 Know the legal requirements within security procedures for organisations ITS2.4.1.3 Know who to approach if unsure of a security procedure to follow ITS2.4.1.4 Know how to use products to ensure information security within organisations ITS2.4.1.5 Understand and carry out relevant IT security checks ITS2.4.1.6 Know how to report IT security threats or breaches ITS 2.4.2 Privacy ITS2.4.2.1 Understand and follow the privacy policy within an organisation ITS2.5.1 ITS2.5.1.1 Be able to describe ways to prevent physical data theft like: locking computer and hardware using a security cable ITS2.5.1.2 Be able to describe how different access levels can protect data on a ITS2.5.1.3 Be able to describe how the use of risk assessment can help to minimise common security risks ITS2.5.2 Backups ITS2.5.2.1 Be able to describe the possible consequences of accidental file deletion: on a personal computer, on a ITS2.5.2.2 ITS2.5.2.3 ITS2.5.2.4 ITS2.5.2.5 Be aware of the consequences of data corruption Be aware of the consequences of computer malfunction and subsequent system and file loss Select and use effective back up procedures for data, and know the importance of doing so Be able to describe the importance of having a secure, off-site backup copy of data ITS2.5.2.6 Select and use effective back up procedures for systems, and know the importance of doing so ITS2.5.3 Storage ITS2.5.3.1 Know how to store data safely and ITS2.5.3.2 ITS2.5.3.3 securely Be aware that it is important to control access to software, to ensure it is not accessed by unauthorised users Know how to store software safely Copyright BCS 2009 Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information