THE MWALIMU NYERERE MEMORIAL ACADEMY

KARUME COMPUS ZANZIBAR

DEPARTMENT OF INFORMATION AND COMMUNICATION TECHNOLOGY (ICT)

NTA LEVEL 6: ORDINARY DEPLOMA IN INFORMATION AND

COMMUNICATION TECHNOLOGY (ICT)

CODE NUMBER: ITT 06104

SUBJECT NAME: SYSTEM ADMINISTRATION AND SECURITY

NATURE OF ASSIGNMENT: GROUP ASSIGMENT

QUESTION: Explain the various techniques and approaches used to

secure computer systems (prevention, detection, recovery etc)

A computer system is a basic, complete and functional hardware and software setup with

everything needed to implement computing performance. The various technique and approaches

used to secure computer system (privation, detection, and recovery) are the following:

Keep up with system and software security updates.

While software and security updates can often seem like an annoyance, it really is important to

stay on top of them. Aside from adding extra features, they often cover security holes. This

means the provider of the operating system (OS) or software has found vulnerabilities which

give hackers the opportunity to compromise the program or even your entire computer.

Enable a firewall.

A firewall acts as a barrier between your computer or network and the internet. It effectively

closes the computer ports that prevent communication with your device. This protects your

computer by stopping threats from entering the system and spreading between devices. It can

also help prevent your data leaving your computer.

Adjust your browser settings.

Most browsers have options that enable you to adjust the level of privacy and security while you

browse. These can help lower the risk of malware infections reaching your computer and

malicious hackers attacking your device. Some browsers even enable you to tell websites not to

track your movements by blocking cookies.

Install antivirus and anti spyware software.

Any machine connected to the internet is inherently vulnerable to viruses and other threats,

including malware, ransom ware and Trojan attacks. Antivirus software isn’t a completely

foolproof option but it can definitely help. There are free options out there, but they’re limited,
and besides, the paid programs won’t set you back a whole lot. Bit defender, is a popular option

that I recommend. For alternatives take a look at this data backed comparison of antivirus.

Password protects your software and locks your device.

Most web-connected software that you install on your system requires login credentials. The

most important thing here is not to use the same password across all applications. This makes it

far too easy for someone to hack into all of your accounts and possibly steal your identity.

Encrypt your data.

Whether your computer houses your life’s work or a load of files with sentimental value like

photos and videos, it’s likely worth protecting that information. One way to ensure it doesn’t fall

into the wrong hands is to encrypt your data. Encrypted data will require resources to decrypt it;

this alone might be enough to deter a hacker from pursuing action.

Use a virtual private network.

A Virtual Private Network (VPN) is an excellent way to step up your security, especially when

browsing online. While using a VPN, all of your internet traffic is encrypted and tunneled

through an intermediary server in a separate location. This masks your IP, replacing it with a

different one, so that your ISP can no longer monitor your activity.

Security Policy.

The first objective in developing a prevention strategy is to determine must be protected and
document these in a formal policy. The policy must define the responsibilities of the
organization, the employees and management. It should also fix responsibility for
implementation, enforcement, audit and review. Additionally, the policy must be clear, concise,
coherent and consistent in order to be understood. Without clear understanding, the policy will
be poorly implemented and subsequent enforcement, audit and review will be ineffective. Once
management endorses a completed policy, the organization needs to be made aware of its
requirements.

Security Awareness.

Security awareness is a process that educates employees on the importance of security, the use of

security measures, reporting procedures for security violations, and their responsibilities as

outlined in the information security policy. Security awareness programs should be utilized for

this purpose. The program should be a continuous process that maintains an awareness level for

all employees. The program should be designed to address organization wide issues as well as

more focused specialized training needs. The program should stress teamwork and the

importance of active participation.

Access Controls.

Access is the manner by which the user utilizes the information systems to get information.

Naturally all users should not have the ability to access all systems and its information. Access

should be restricted and granted on a need to know basis. To manage this access we establish

user accounts by issuing identifiers, authentication methods to verify these identifiers and

authorization rules that limit access to resources.

REFERENCE

Paul van Oorschot, Computer Security and the Internet: Tools and Jewels (2020, Springer).
Personal use copy freely available on author's web site.
Wenliang Du, Computer Security: A Hands-on Approach (2017, self-published). Updated May
2019.

Stallings and Brown, Computer Security: Principles and Practice, 3/e (2014, Prentice Hall).

Gollmann, Computer Security, 3/e (2011, Wiley).

Smith, Elementary Information Security (2011, Jones & Bartlett Learning).

Stamp, Information Security: Principles and Practice, 2/e (2011, Wiley).

Goodrich and Tamassia, Introduction to Computer Security (2010, Addison-Wesley).

Smith and Marchesini, the Craft of System Security (2007, Addison-Wesley).

Pfleeger and Pfleeger, Security in Computing, 4/e (2007, Prentice Hall).