Passwords, encryption, anti-malware and firewalls
Secure passwords
The purpose of a password is to verify who a user is. Without knowing the password, you cannot use a user ID to sign into a network.
Unfortunately, many people have user IDs and passwords for many different situations so they do not easily remember them. They then choose simple, easy to remember passwords or use the same password for many situations.
Ideally, a secure password should be one that is not easy to guess, and that requires at least eight characters, including at least one uppercase letter, one number and one special character. This reduces the chances of someone easily working out what the password is. For example:
鈥渃0Mput!ng鈥 is harder to guess than 鈥渃omputing鈥
Additionally, the longer the password, the harder it is to work out:
鈥渃0Mput3r$c!encE鈥 is harder to guess than 鈥渃omputing鈥
Encryption
Encryption is the process of disguising data so that it cannot be understood. Even if a hacker gains access to encrypted data, they will not be able to understand it.
Network managers usually encrypt data which is to be stored or transmitted on a network.
To learn more about encryption, see the study guide.
Anti-malware
Anti-malware has three purposes:
- to detect malwareSoftware that is designed to cause harm or damage to a computer. This includes viruses that might damage files, adware that causes pop-ups, and spyware that collects and shares login details. that has been installed
- to prevent malware from being installed
- to remove malware from the system
Anti-malware includes anti-virus software, anti-phishing tools and anti-spyware software. It works by scanning through all the files on a computer and checking them against a list (known as definitions) of known malware.
The main problem with anti-malware is that it is reactive - it can only detect, prevent and remove known malware. When new malware is introduced, anti-malware has to be updated to take account of the new threats. The longer the gap before anti-malware is updated, the less protection it offers.
Firewalls
A firewall is a tool that monitors traffic going into and out of a computer or network, and either allows the traffic to pass through or blocks it.
The decision to allow or block is based on rules, known as the firewall policy. For example, some programs, such as email clients and web browsers have legitimate cause to send a transmissionsThe sending of data from point A to point B.. These programs are known and the firewall policy allows their communications. However, any transmissions that are not sent from or to known - and allowed - sources are blocked.
Firewalls can be hardwareThe physical parts of a computer system, eg a graphics card, hard disk drive or CD drive. or software-based. Hardware firewalls tend to be more expensive, but are more effective.