Просмотр содержимого документа
«Практическое занятие "Безопасность и оптимальные методы защиты информации".»
ПРАКТИЧЕСКОЕ ЗАНЯТИЕ.
Тема занятия
Безопасность и оптимальные методы защиты информации.
Цели занятия
Совершенствование навыков чтения вслух и про себя.
Пополнение словарного запаса.
Совершенствование грамматических навыков.
ЗАДАНИЯ К ПРАКТИЧЕСКИМ ЗАНЯТИЯМ, КОТОРЫЕ НУЖНО ВЫПОЛНИТЬ СТУДЕНТАМ
I.Выполнение задания на повторение темы предыдущего урока.
Записи в тетради.
attained ideal
based on various policies
if properly configured
hardware or software based firewalls
products are designed to detect
response is defined
assessed security requirement
compromised system
is favored
compromised resources are detected
can be defined
can be implemented
permanently connected to the internet
advanced persistent threats
organized response
cyber crime could be traced
automated detection system
II.Выполнение упражнений по теме урока.
1.Чтение информации на русском языке и знакомство со схемами.
III.Работа с текстом на английском языке «Оптимальные методы защиты информации».
Methods to Protect Information
Computer data is prone both to loss due to malfunction (неисправность) or destruction of equipment, and to theft. Protection methods include the use of hardware and devices, as well as specialized technical tools with software.
Unauthorized access to information
A better understanding of data leakage channels (каналы утечки данных) is a key factor in successful combating against unauthorized access and interception (перехват) of data.
Integrated circuits (встроенные схемы) in computers produce high-frequency(высоко-частотный) fluctuations(колебания) in voltage (напряжение) and current( ток). Oscillations (колебания) are transmitted by wire and can be transformed into a perceivable form (воспринимаемый) . They also can be intercepted (перехвачены) by special devices integrated in computers or monitors in order to capture (захватить) information that is displayed on the monitor or entered from the keyboard. The data can be also captured when transmitted over external communication channels, for example, over telephone lines. Interception devices are detected with the help of special equipment.
Methods of protection
There are several groups of protection methods, including:
Obstacle (препятствие) to the alleged intruder (предполагаемый нарушитель) through physical and software means.
Management or influence (влияние) on the elements of a protected system.
Masking or data transformation with the use of cryptographic methods.
Regulation or the development of legislation (разработка законодательства) and a set of measures (комплекс мер) aimed at encouraging proper behavior of users working with databases.
Enforcement (соблюдение) or creation of conditions (условия) under which a user will be forced to comply with ( соответствовать) the rules for handling data (обработка данных) .
Encouragement (создание) or buildup (построение)of an environment that motivates users to act properly.
Each method is implemented (применяется) through various means. Organizational and technical means are the main ones.
Organizational means of protection
The development of organizational means should be within the competence of the security service. Most often, security experts:
Develop internal documentation that specifies (определяет) rules for working with computer equipment and confidential information.
Provide briefing (инструктаж) and periodic inspections of the staff; initiate ( начать, запускать) the signing of additional agreements to employment contracts which outline (излагают) responsibilities for the disclosure (обнаружение) or misuse of work-related information.
Delimit (разграничение) responsibilities to avoid situations in which one employee has at the disposal the most important data files; organize work with common workflow applications (приложение рабочего процесса) and ensure that critical files are stored on network drives.
Integrate software products that protect data from copying or destruction by any user, including top management of the company.
Develop the system recovery plans (план восстановления) in case of failures due to any reason.
Начало формы
Конец формы
Technical means of protection
The group of technical means combines hardware and software means. Here are the main ones:
Regular backup (регулярное резервное копирование) and remote storage of the most important data files in the computer system
Duplication (размножение) and backup of all network subsystems that are important for data security
Possibility to reallocate (перераспределять)network resources in case of the malfunctions of individual elements
Possibility to use backup power supply systems (резервнаясхемаэлектропитания)
Ensuring safety from fire or water damage
Installation of advanced (передовой, современный)products that protect databases and other information from unauthorized access.
The complex of technical measures includes measures which make computer network facilities physically unavailable, for example, equipment of rooms with cameras and signaling.
Authentication and identification
Identification and authentication are used to prevent unauthorized access to information.
Identification – is the assignment of a unique name or image to a user who interacts with information. Authentication is a set of methods used to verify the user's match with the authorized image.
Authentication and identification are intended to provide or deny access to data. Authenticity (подлинность) is established in three ways: by a program, by an apparatus, or by a man. Apart from a person being an object of authentication, it can extend to hardware (computer, monitor and carriers) or data. Setting a password is the easiest method of protection.
1. Выписатьподчеркнутыесловаивыражения.
2. Вставьтепредлоги.
1 A better understanding ---data leakage channels (каналы утечки данных) is a key factor ---successful combating ---unauthorized access and interception (перехват) ---data.
2 Oscillations (колебания) are transmitted ---wire and can be transformed ---a perceivable form (воспринимаемый) .
3 They also can be intercepted (перехвачены) ---special devices integrated ---computers or monitors ---order ---capture (захватить) information that is displayed ---the monitor or entered ---the keyboard.
4 Management or influence (влияние) ---the elements ---a protected system.
5 A set of measures (комплекс мер) aimed ---encouraging proper behavior ---users working ---databases.
6 Enforcement (соблюдение) or creation ---conditions (условия) --- which a user will be forced to comply ---( соответствовать) the rules ---handling data (обработка данных) .
7 Each method is implemented (применяется) ----various means.
8 The development of organizational means should be ---the competence of the security service.
9
Конец формы
--- --- a person being an object of authentication, it can extend --- hardware (computer, monitor and carriers) or data.
3.Переведите на английский язык.
Высокочастотные колебания в напряжении и токе передаются через провод.
Данные колебания могут быть преобразованы в воспринимаемую форму.
Информацию можно передавать через внешние коммуникационные каналы.
Физические и программные методы могут обеспечивать препятствия для предполагаемого нарушителя.
Современное оборудование и приборы защищают информацию от кражи и перехвата.
Определите правила для работы с компьютерным оборудованием, проведите инструктаж с работниками , изложите обязанности, связанные с обнаружением или злоупотреблением информации, относящейся к работе.
Develop internal documentation that specifies (определяет) rules for working with computer equipment and confidential information.
Provide briefing (инструктаж) and periodic inspections of the staff; initiate ( начать, запускать) the signing of additional agreements to employment contracts which outline (излагают) responsibilities for the disclosure (обнаружение) or misuse of work-related information.
