Tuesday, 18 March 2025

Making ventoy. T-level

 Making a ventoy 

This is how we made a ventoy. This is the video that we used to help us: https://www.youtube.com/watch?v=-7APoZzNPyU 

  

  1. *Important brfore begining*

  2. Before starting, you need to make sure that secure boot is not on. To turn this of, enter bios and turn of the secure boot. if this is not done, you will not be able to boot the ventoy.


  4. 1. Using rufus, you need to format it. This is done by first selecting a non-bootable device. This will remove anything on it so you need to make sure anything that you want to be kept is backed up on to another device otherwise it will be gone.  


  1. 2. You then need to install all the iso files that you want to put on it. You can get the files from the websites of the one that you want to use (e.g. archlinux.org) 


  1. 3. You then want to download the ventoy from https://www.ventoy.net/en/download.html 


  1. 4. When everything is downloaded, you want to open the ventoy folder and select the file that is called Ventoy2Disk.  


  1. 5. Once it has opened, you want to select the medium that you want the ventoy to be installed on and press install. Accept the pop ups that come up. One of the options will be to format the drive so make sure that there is nothing of importance stored on there.  


  1. 6. After it has installed, check if it needs to update, and if it does, carry it out. If not, then carry on.  


  1. 7. You will then want to import all the ISO files that you will want to use onto the drive.  


  1. 8. Once the iso’s have pasted to the usb stick, you will then need to restart the computer and then load into bios  


  1. 9. When in bios you then need to change the boot sequence so that the USB will be the first thing to boot then save your changes and exit bios  


  1. 10. Once you leave the bios, it should boot to the ventoy 

 

Original problems faced  

  • . The usb stick might not have been properly formatted, not letting it to boot  

  • . I did not need to extract the file onto the usb due to it not being properly formatted. 

at No comments:

Monday, 10 March 2025

Confidentiality, integrity and availabiltiy (CIA)

 Confidentiality, integrity, and availability 

Confidentiality 

Ensures that only authorised parties with sufficient privileges may view the information 

Integrity 

Ensures that the data stored on devices is correct and no unauthorised persons or malicious software has altered it.  

Availability 

Ensures network resources are readily accessible to authorised users  

 

 

Importance of maintaining CIA: 

  • Maintaining compliance  

  • Maintains trust with internal/external stakeholders  

  • Promotes positive brand image  

  • Avoids security risks and unauthorised access  

Some of the consequences are: 

  • Financial  

  • Regulatory fines  

  • Refunds/compensation payments  

  • Loss of earnings  

  • Legal  

  • Lawsuits  

  • Termination of contract 

  • Reputational 

  • Loss of clients  

  • Damage to brand  

 

Layers of security 

  • Organisational procedures  

  • People  

  • Physical  

 

Elements of security 

  • Communications  

  • Hardware  

  • Software  

 

Identification, authentication, authorisation, and accountability (IAAA) 

Purpose  

  • IAAA is used to help support confidentiality, integrity, and availability (CIA) security concept  

  • They are a set of primary concepts that aid in understanding computer and network security as well as access control  

Functionality 

  • Identification and authentication are a way of identifying a user 

  • Authorisation is the process that determines whether the user has the authority to carry out a specific task 

  • Accounting keeps track of the activities that are performed 

 

Access control list 

This is when you control who has access to what information. For example, in school, a student would have fewer computing privileges than a teacher or the IT manager. This ensures that the data stored by the organisation is accessible to the correct people.  

 

Confidentiality  

Layers of security that would be applied on something on software would include things like, encryption, passwords, firewalls, and 2FA. These are things that only you should have access to, like you having the encryption key, or you having a secure but rememberable password to you. It is best to have multiple ways of accessing it making it harder for 3rd parties from gaining access to it. Another type of security is a physical way. This could be by keeping important documents in a safe for example where you only have the key, instead of storing them online. You could also go more extreme by having cameras looking upon them, fences, or even security guards.  

 

 

Integrity 

In an organisation, integrity can be shown when understanding who has access to what type of data. This would be when you give certain permissions and restrictions to each type of account on the network. For example, in an organisation, a manager would have a greater access to data of multiple people than an employee due to the varying tasks that each type of person would need to carry out. The organisation would also have other procedures, like a firewall, to prevent an unauthorised user from gaining access to information that they shouldn't. Some of the physical restrictions that would be in place would be things like keeping access to the main server room to a minimum, for example, who has access to the key to enter the room. Another example would be keeping the data on an account that only someone like the IT department has access to.  

Availability 

This is the concept of authorised users have access to systems when they need it. Say an employees would have access to their office within the hours that they are designated to work, but they can access work on the cloud from any point. Or the IT team could have access to their department at any point encase they have to fix a cyber-attack over the weekend say. These restrictions would ensure that the organisation would know who has access to something at any point, making it easier to track problems when/if the occur. Other examples could include varying people requesting data. Say if an employee is requesting data on another person, the administrator could reject that request due to it breaking the data protection act, but if a manager is requesting that data and it is a valid reason, then that permission can be granted

at No comments:
Subscribe to: Comments (Atom)

Making an ethernet cable

  Making ethernet cables   1. Cut the piece of cable that you need from what you have using the cable wire cutting tool   2. You then need t...

  • Making ventoy. T-level
      M aking a ventoy   This is how we made a ventoy . This is the video that we used to help us: https://www.youtube.com/watch?v=-7APoZzNPyU ...
  • Project planning for our VR tour project
      Smart objectives for VR project   S – Making a virtual tour of the IT department of the college .     M – Setting a time span for certain...
  • the roles of criminal laws
      The role of criminal law, industry standards and professional codes of conduct in digital context   If you breach the health and safety ac...