Computer Security Awareness
Synopsis
Using the framework of administrative physical and
logical security Computer Security Awareness explains contingency
planning and precautions against computer crime from the viewpoint
of mainframe computers and micros. A computer security checklist
is included.
Audience
This course is for anyone who uses computers.
Time
12 hours
Objectives
After completing Computer Security Awareness
the user should be able to:
- Classify computer security
into three types: administrative, physical, and logical
- Identify administrative security procedures
that occur during a job interview and at employee orientation
- Identify physical access and environmental
controls that secure a data center facility
- Define characteristics of access control
software as well as methods for protecting networks and microcomputers
from unauthorized logical access
- Describe the steps in computer security risk
analysis
- Explain the function of a Contingency Planning
Committee
- Identify preventive measures that guard computer
resources
Topics
Types of Security
Identifies three types of computer security.
- Administrative, Physical, and Logical
Why computer security is important. Three categories of computer
security.
Administrative Security
Describes the administrative steps which can increase
computer security.
- At the Interview
Five rules for administrative security identifiable during a job
interview.
- Orientation
Five practices that result in administrative security identifiable
at an orientation session.
Physical Security
Identifies threats to the data center building. Discusses
countermeasures to control entry to the computer area and modification
of the environment.
- Access Controls
Why access controls are important. Eight ways to control access
to a computer facility. A rule of thumb for the level of access
controls required.
- Environmental Controls
Why environmental controls are important. Five factors to consider
for environmental control of a computer facility.
Logical Security
Describes the characteristics of access control software
packages which protect programs and data from unauthorized changes.
Shows the threats to networks and data and the ways to protect them.
- Access Control Software
Purpose of an access control software package. Two characteristics
of an access control software package.
- Network Security
Definition of network and of intelligent and dumb terminals. Two
advantages and three risks of computer networks. Three methods
of encryption.
- Microcomputer Security
Two logical security problems similar for mainframes and micros.
Two logical security problems unique to microcomputers. One problem
unique to microcomputer program files.
Contingency Planning
Identifies the steps in a security risk analysis and
the components of a contingency plan for countermeasures.
- Risk Analysis
Definition and purpose of risk analysis. Four steps in the security
risk analysis process.
- On the Committee
Classification of disasters into four categories according to
severity. Four important factors that must be included in a contingency
plan.
Precautions
Details preventive measures that add to the success
of a security program. Covers laws regarding theft malicious mischief
and privacy and how they affect data processing operations.
- Legislation
Three types of computer crime. Three federal laws dealing with
data privacy. Five principles of data privacy.
- Administrative, Physical, and Logical
Four administrative, two physical, and two logical security precautions
that will protect the privacy of personal data.
- EDP Auditing
Definition of an EDP audit and an EDP auditor. Goals of an EDP
audit. Three methods EDP auditors use.
Security Checklist
Presents a checklist of questions to ask about computer
security. Allows the student to review the security of a fictitious
company.
- Administrative
- Physical
- Logical
- Contingency Planning
Return to the top of the page
>>
Return to the
description of Computers 101 Suite >>
|
