Free Essay

Unit 2 Assignment 2: Vulnerability of a Cryptosystem

In: Computers and Technology

Submitted By Rideout421
Words 1643
Pages 7
Unit 2 Assignment 2: Vulnerability of a Cryptosystem
09-27-2014
ITT Technical Institute

Unit 2 Assignment 2: Vulnerability of a Cryptosystem This assignment gives us a job at a University as a Security analyst. One of the first things that was placed on our plate as a responsibility was getting the cryptosystem up to date. A high risk vulnerability has been identified and they have asked me to make recommendations on how to remedy the situation. There is a few websites that I have been advised to read as they may assist in my decision making process. After reading further I have been asked a large number of questions. I am planning to read up so I know about the cryptosystem then go into answering the provided questions. When we think about MD5 hashing we have to consider the hash and its long history of collisions on the network. When we were doing the practice labs in class the other night we say a number of student using the MD5 hashing and getting the same hash out of different text documents. This is not a good sign that this is the best type of hashing algorithm to use. I would advised using the latest greatest out with a known history of being secure. Asking if the threat is significant is an easy question to answer. Any organizations documentation at some level needs to be protected so it is not used in the wrong way. Yes, of course the cryptosystem being vulnerable is something that needs to be addresses right away. Modifying the hardware and software to provide a more secure hashing algorithm is on the top of the list. I need to continue doing research to find the best solution available for a price point that is reasonable for our university. When we think about how easy a system is to exploit I don’t think of a system being exploited as easy. I think of it like the attacker has some need for what you have and will work to find a way into your system to get it for free. On the other hand he could be a former employee that you let go and he has some revenge to unleash on your network. There is not system that is uncrack able. No matter how secure you think you are you have no 100% secure connection when you’re online. Once you connect to that NIC your computer is vulnerable in some way. Granted there are some very nice improvements that have been implemented over the years to give you a good bit of confidence that you’re secure. I know people in my own circle and I know my skills. Nothing is full proof when you think about networking and systems that are online. The next question is another one of those that I just want to say “really?” When doing a google search of this question I found a website SECTOOLS.ORG with the same emblem as NMAP that shows the top 125 types of network security tools software’s that are available for free. I did not say you had to pay I said free. It’s amazing all the things that are available online for free download that users have no idea that they have the same access as we do to just go download them. I mean come on its not like we have some kind of secret key code to get to these sites. We just browse to the web page the same way they could. Yes the cryptosystem is still usable however if there is a better cryptosystem out there that can be implemented for a minimal cost to the university then we should get our system updated. After all you did hire me on to determine the best way to reduce system vulnerability. I would feel much more comfortable managing a network with a more secure hashing algorithm like PGP or SHA1. The cost to redesign the infrastructure is something that is in my mind. I will assure you that the solution I come forward with will be economical. Please allow me some more time to get all my documentation ready for my proposal meeting. The ease of replacement is something I am working on determining. I have to see how much the hardware cost for one. I then have to see how many systems are currently using the MD5. Once I have that survey in front of me I am going to have to begin to think of how to push this new type of hashing algorithm across the network. I have to be honest I have not done this before but with the right amount of time for me to research this and working with fellow colleagues of mine I will be able to do this. There is nothing that cannot be learned and mastered with dedication to your craft. The exploit at our university was caught by internet storm cloud. So yes it has been released that is what brought all this attention to our school. They immediately went on the search for the top security engineers in the world. Knowing my long standing reputation and recommendations from a few other companies I have setup they contacted me to work this vulnerability for their university. When we think about the likely hood of an exploit we go back to the same scenario as explained up above. Students that were dropped or faculty that was recently let go for reasons they don’t understand. They could easily become upset with the university and take it upon themselves to attack the schools data. This is why system access is shut down for both as soon as they are not part of our institution any longer. These are the worst kind of people to upset when it comes to exploiting a system because they have been on it before and may know some of the interworking’s of the network infrastructure. I would like to believe that there is enough knowledge about the penalties of exploiting systems that an exploit would not be conducted. With our current solution in place with the MD5 there could with enough work easily be an attack and exploit made on the system. I know that Internet Storm cloud does not just have professionals looking there to keep their systems up to spec. I can bet that there is crackers looking to see those and exploit systems for fame in there hacking community’s online. Results of a hacking exploit on a school could have ramifications just as some major corporations or banks would have. Schools have all kinds of personality identifiable information from students as well as employees. I believe more from students. Applications for loans and scholarships as for a whole lot of information these days. The school system is used by current attendees and alumni as well as all the staff that works at the school. I know it’s really nice being able to go log on at FCC and see all my grades from when I attended. Most schools especially Universities have internal libraries of information like ebscohost and other commonly known information sites that cannot be accessed without going through the schools redirect portal. Attacks happen on all systems at random times. How we prevent the attackers from getting what there not supposed to have is what is important. Systems being attacked is not what makes them UN trustworthy. Systems being penetrated from that attack is what makes them un-trustworthy. The technical audience would be the staff I am working with. The knowledge that we need is a good understanding of how to keep the system up and running smoothly. I want to have a company that is not worried about the IT and more worried about the day to day. We are the backbone of keeping this university connected to the information out on the web. The less they know about what we do and the more focused they are on getting students enrolled and teaching the better. We want the board members to know that the reason the system is still not breached is because were here constantly monitoring the system internals in the back ground. Information for a non-technical audience would be in the documentation that they are looking at when signing up. There would be rules and regulations that each person whether faculty of student must abide by while being on the university’s systems. I would implement a log on script to provide these acceptable use policies before any one on the network is allowed to logon to the system. They must click the ok icon on the screen with a mouse or by hitting enter on the keyboard to accept the policy’s set before them on the screen. If they do not they will not be able to log in to the schools system.
References
Cisco, S. (2009, January 15). MD5 Hashes May Allow for Certificate Spoofing. Cisco. Retrieved September 27, 2014, from http://www.cisco.com/c/en/us/support/docs/csr/cisco-sr-20090115-md5.html
Dougherty, C. (2008, December 31). Vulnerability Note VU#836068. - MD5 vulnerable to collision attacks. Retrieved September 26, 2014, from http://www.kb.cert.org/vuls/id/836068
Microsoft, W. (2008, December 30). Microsoft Security Advisory 961509. Microsoft Security Advisory 961509. Retrieved September 26, 2014, from http://technet.microsoft.com/library/security/961509
Security, T. (2014, March 26). Vulnerability exploitation tools – SecTools Top Network Security Tools. Vulnerability exploitation tools – SecTools Top Network Security Tools. Retrieved September 27, 2014, from http://sectools.org/tag/sploits/
Sotirov, A., Stevens, M., Appelbaum, J., Lenstra, A., Molnar, D., Osvik, D. A., et al. (2008, December 30). MD5 considered harmful today. MD5 considered harmful today. Retrieved September 27, 2014, from http://www.win.tue.nl/hashclash/rogue-ca/…...

Similar Documents

Premium Essay

Unit 2: Calculate the Window of Vulnerability

...A vulnerability is “a flaw in an information technology product that could allow violations of security policy”. (L., 2000) A vulnerability or weakness in a system or network can come about in many different ways such as poor coding, poorly configured access controls, weak security implementations or a basic design flaw. In the scenario there was no date given but it did state the server software manufacturer detected a hole the previous day and a patch will be ready in three days. The LAN administrator will need at least a week to download and test the patch, in which he’ll test the effectiveness of the patch. Once the LAN Admin is satisfied with the patch he will deploy the patch to the SMB Server and any other machines that may be in use on the network. In this case the Window of vulnerability is roughly 11 days from detection to patch implementation. Depending on the severity of the breach and size of the company they may or may not release a public statement in which it would only jeopardize bad publicity. During the time of vulnerability the word about the security breach can spread rather fast and many attacks may follow. Once the patch has been installed the company may then again go public stating the breach has corrected and there are no vulnerabilities. Bibliography L., W. A. (2000, December). Windows of vulnerability: A case study analysis. Retrieved from http://www.cs.umd.edu: http://www.cs.umd.edu/~waa/pubs/Windows_of_Vulnerability.pdf...

Words: 252 - Pages: 2

Free Essay

Unit 2 Assignment 2

...NT2580 Unit 2 Assignment 2 10/1/13 1. The five vulnerabilities that exist for this LAN based workgroup are 2755801, 2501696, 2588513 2639658, 2659883. 2. Yes, the vulnerability that involves privilege elevation is 2639658 (Vulnerability in TrueType Font Parsing), but it is not a high priority. 3. 2719662 Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Apply the Microsoft Fix it solution that blocks the attack vector for this vulnerability. Disable Sidebar in Group Policy. Disable the Sidebar in the system registry. 2737111 Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Disable WebReady document view for Exchange. 2755801 Solution: Workaround refers to a setting or configuration change that would help block known attack vectors before you apply the update. Prevent Adobe Flash Player from running. Prevent Adobe Flash Player from running on Internet Explorer 10 through Group Policy on Windows 8 and Windows Server 2012. Prevent Adobe Flash Player from running in Office 2010 on Windows 8 and Windows Server 2012. Prevent ActiveX controls from running in Office 2007 and Office 2010. Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active......

Words: 257 - Pages: 2

Premium Essay

Is456 Unit 2 Assignment 2

...Vulnerability of a Cryptosystem The assignment asks that the student portray a newly hired IT person at a University. It is told to you by a supervisor that the University cryptosystem and would like research done on the vulnerability. Once the research is complete, come up with things that the University should do to handle the problem. The University used the Message-Digest algorithm 5 (MD5) in most of the areas at the University. It provides the hashes to check for file integrity of downloaded files by using MD5 based certificates that have been approved by and internal Certificate Authority. The University uses Cisco ASA firewall devices that create and sign digital certificates that authenticate the users and the systems. In addition, the default setting for the Cisco ASA devices in the MD5. It was discovered back in 2008 that the MD5 based systems have a problem; there is the feasibility of collision attacks. This means that attackers could generate extra digital certificates with different content but have the same digital signature as the original certificate. This basically means that if an attacker can get a hold of a digital certificate, they might be able to gain access to information by creating a replica of the certificate but adding different information or contents to it. According to the research, the likeliness of this vulnerability is very little due to the fact that most attackers do not know how to obtain rogue certificates. There......

Words: 380 - Pages: 2

Free Essay

Nt1230 Unit 2 Assignment 2

...1. What does RAID stand for? Short for redundant array of independent or (inexpensive) disks. It’s a category of disk drives that employ two or more drives in combination for fault tolerance performance. http://www.webopedia.com/TERM/R/RAID.html 2. When would you use RAID? When trying to survive a drive loss without data loss and in many cases without any downtime. http://steadfast.net/blog/index.php/general/almost-everything-you-need-to-know-about-raid 3. Define the following types of RAID: a. RAID 0- (known as a stripe or striped volume) splits data evenly across two or more disks (striped) without parity information for speed. http://en.wikipedia.org/wiki/Standard_RAID_levels b. RAID 1- an exact copy (or mirror) of a set of data on two disks. http://en.wikipedia.org/wiki/Standard_RAID_levels c. RAID 5- (block-level striping with distributed parity) distributes parity along with the data and requires that all devices but one be present to operate. http://en.wikipedia.org/wiki/RAID#RAID_5 d. RAID 6- (block-level striping with double distributed parity) provides a fault tolerance up to two failed drives. http://en.wikipedia.org/wiki/RAID#RAID_6 4. Why is RAID 0 of any use if it offers no redundancy? It can be used to improve performance through concurrent access and/or create large logical disks out of multiple physical disks. 5. Why do you think that RAID 1 can be the most expensive? Why would people utilize it if it’s so costly? Raid 1 is the most......

Words: 384 - Pages: 2

Free Essay

Unit 2 Assignment 2

...Unit 1 Research Paper 1 Injectable Tissue Engineering Brand Zae GS1140 Injectable Tissue Engineering Introduction Every year more than700,000 Americans undergo a form of joint replacement surgery. The procedure-in which a knee or a hip is replaced with an artificial implant-is highly invasive, and many patients delay said surgery for as long as they can. A doctor by the name of Jennifer Elisseeff , a biomedical engineer at Johns Hopkins University, hopes to change that with a simple and quick procedure that does away with surgery entirely. Dr. Elisseeff and her colleagues have developed a way to inject joints with specially designed mixtures of polymers, cells, and growth stimulators that solidify and form healthy tissue. This form of technology can eliminate the need for many expensive and dangerous surgeries. Surgeries involving muscle development, the cardio vascular system, and even limb repair after a traumatic incident. This form of technology can improve our health care system dramatically and open new windows of opportunity for new forms of medicine. Even the possibility for new cures for diseases that we currently fight every day such as cancer and possibly even HIV, eliminating the need for long and expensive treatments. As well as repairing worn or damaged tissue, this form of engineering can also be used in the future for growing new organs or limbs to replace old damaged or missing ones. If a patient is in need of a new......

Words: 427 - Pages: 2

Premium Essay

Unit 5 Assignment 2

...Procedure Guide | Unit 5 Assignment 3 | | [Type the author name] | 5/1/2014 | | This document outlines the required steps to follow, inorder to properly scan the necessary hardware (servers and workstations) in the Ken 7 Windows Limited Domain for security vulnerabilities. 1) Acquire and install MBSA •Download MBSA. Download MBSA from the MBSA home page, and then install it to the default directory. •Updates for MBSA. If both the computer you will be scanning and the computer with MBSA installed have Internet access, the latest security catalog (.cab file), authentication files, and WUA installer files will be automatically downloaded, if needed. If either the target computer or the computer with MBSA installed does not have Internet access, download the following files and place them in the C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\MBSA\2.0\Cache\ directory on the computer that is performing the scan. 2) Scan computers Run MBSA and clear the Check for security updates check box when performing the scan. Using the Graphical Interface Tool The following procedure describes how to use the MBSA GUI tool. To use the MBSA GUI tool to scan for updates and patches 1. On the Programs menu, click Microsoft Baseline Security Analyzer. 2. Click Scan a computer. 3. Make sure that the following options are not selected, and then click Start scan. * Check for Windows administrative vulnerabilities * Check......

Words: 487 - Pages: 2

Free Essay

Unit 2 Assignment Nt1430

...Unit 2 Assignment NAME NT1430 DATE 1. What is the utility that can be used to copy a file, including text and executable program (binary) files? cp 2. Which of the following Linux utilities lists the names of files in a single directory? ls 3. What command displays the last 10 lines of a file? -tail What command displays the first 10 lines of a file? -head 4. What is a Process? What Utility provides communication between processes where output of one process provide input for another? 1.) A process is the execution of a command by Linux. They have the ability to communicate with eachother. 2.) | (Pipe) 5. Which of the following utilities do you use to determine the list of users logged on to a specific terminal? who command 6. What does the command pwd do? What does the cd command do? 1.) Prints the working directory. 2.) Changes from the current directory to another working directory. 7. In terms of file or directory permissions, what does U-G-O stand for? What are the 3 permission that can be given to a file or directory? 1.) User: owner of the file, Group: changes group permissions, Other: anyone who isn’t an owner of a file or in a group. 2.) read, write, execute 8. In terms of permissions, what does 777 mean? It means everyone has permission to read, write and execute a file. 9. What does the command chmod do? What happens when I use it with the following? chmod 755 myfile 1.) It modifies the access...

Words: 529 - Pages: 3

Premium Essay

Nt1210 Unit 2 Assignment 2

...Joseph V. Stewart NT1210 Unit 2 Assignment 2 Computer Basics Review 1. C. Datacom 2. B. Bob’s incoming email server 3. B. The call uses only digital electrical signals, D. The call represents short sounds as a unique set of bits 4. C. The call uses both analog and digital electrical signals, E. The call represents each spoken word as a unique set of bits. 5. D. A choice for the number of frames per second 6. B. Use an incoming video server 7. D. None of the answers is correct 8. B. The web browser asks for the one object identified by the web address, and the web server automatically sends the rest of the objects to the browser. 9. A. A website typically contains many web objects, C. A web page typically contains many web objects, D. A website typically contains many web pages. 10. C. The operating system on the PC, D. The PC’s NIC 11. A. 16 HTTP GET request messages with 16 matching HTTP GET reply messages 12. A. Web browsers 13. A. http 14. C. Node 15. B. Cable, D. Switch 16. D. SMB Network 17. A. Router 18. D. The Internet 19. A. Internet service provider 20. B. Any ISP’s network Key Terms Computer Networking-the stuff that works together Computer network-the process of the stuff working together Application-a function on any kind of computer or electronic device that is useful to the user, which can give the user a reason to want to own and use the device Email-electronic......

Words: 483 - Pages: 2

Premium Essay

Unit 2 Research Assignment

...Unit 2 Assignment: Research 1. What are the variable naming rules of Visual Basic, Python, and Java? * Visual Basic requires you to use a letter as your first character. You are unable to use spaces, periods, exclamation marks, and other special characters within the name, consisting of: @, &, $, #. The name also can’t exceed 255 characters. You can’t repeat the same names within the same level of scope. There’s also a few other minor rules to follow as well. * Python allows you to use either a letter or underscore character as the first character in a line. You can use an unlimited amount of letter, numbers, or underscore characters following that. Python is also case sensitive and therefore makes upper and lower case characters important. Any digit number will work including and between the numbers 0 through 9. * Java can use Unicode letters, digits, and two special characters such as an underscore and dollar sign. Java is also case sensitive. A variable’s name can be any legal identifier. The length of a variable name can also be any number. The beginning variable can consist of either letters or underscore characters. White space isn’t permitted, special characters aren’t allowed, and digits cannot be used at the start. Subsequent characters are able to be letters, digits, dollar signs, or underscore characters. Finally, variable names must not be a keyword or reserved word. 2. List three similarities and differences between the three......

Words: 337 - Pages: 2

Free Essay

Unit 2 Assignment 1

...January 6, 2015 January 6, 2015 Todd Eppes NT1310 Todd Eppes NT1310 Service Provider types Unit 2 Assignment 1 Service Provider types Unit 2 Assignment 1 Todd Eppes January 1, 2015 NT1310 Unit 2 Assignment 1 Service Provider Types RBOCS stands for Regional Bell operating company. It was one of the United States regional telephone companies that were created as a result of the breakup of AT&T. They are allowed to compete for long distance telephone traffic under certain circumstances. RBOCs are generally in competition for digital data and internet traffic with wireless service providers and cable TV companies. ILEC is short for incumbent local exchange carrier. IT is a telephone company that was providing local service when the Telecommunications Act of 1996 was enacted. They are in contradistinction to CLEC. GTE was the second largest ILEC after “The Baby Bells” but has since been absorbed into Verizon. CLEC stands for competitive local exchange carrier. IT is a telecommunications provider company competing with other, already established carriers. CLECs have evolved from the competitive access providers that began to offer private line and special access services in competition with the ILECs beginning in 1985. MSO is short for multiple-system operator. This is an operator of multiple cable or direct-broadcast satellite television systems. Though in the strictest sense any cable company that serves multiple communities is......

Words: 274 - Pages: 2

Premium Essay

Unit 2 Assignment 1

...10/ 1/ 2014 NT2580 Unit 2 assignment 1 The workgroup consists of three primary workgroups, which contain group membership lists of users within the Active Directory infrastructure that currently exists on the SMB Server that is located within the confines of the LAN structure. The security breach, which is defined as any event that results in a violation of any of the CIA (confidentiality, integrity, availability) security principles, was caused by the SMB server being accessed by an unauthorized user due to a security hole that was detected by the server software manufacturer the previous day. The security patch will not be available until possible as long as three days, but hopefully within that timeframe. In addition, the LAN administrator needs at least one week (minimum) to download, test, and install the patch. To calculate the Window of Vulnerability (WoV) for this security breach, the following timeline will be used as a guideline to determine the basis for calculation: First it is important to understand the variables considered in this timeline formula. The WoV is the period within which defensive measures are reduced, compromised, or lacking. The WoV covers a timeline from the moment vulnerability is discovered and identified by the vendor. It also includes the time taken to create, publish, and finally apply a fix to the vulnerability. It is also important to explore the device(s) that were targeted by the attack. In this instance, being the SMB server within...

Words: 286 - Pages: 2

Premium Essay

Unit F2 Assignment 2

...Unit F2 Assignment 2 Filing systems 1. Why are filing systems essential when giving a thorough consultation to customers and completing their personal documentation? It will give a positive impression to clients and look more professional It is vital in maintain client confidentiality To build client trust in order that clients will feel safe giving you their personal information The salon will be more organised as client records will be easy to access 2. List the various methods of recording customer details and explain their importance. * Computer systems – Keeps client records safe and secure on the computer system. Professional and up to date records can be recorded. * Filing cabinets – Having a lockable and up to date filing system ensures that client records can be located easily. Can also be used as a back-up to the computer system. * Record cards – Individual client cards that are kept up to date are easy way of recording information whilst the client is with you. 3. What are the key points to consider when completing confidential documentation? * Follow Data protection Act. * Complete document and store away, do not leave lying around * Make sure it is legible * When gaining sensitive information from client ensure it is in a private area, away from other clients/staff 4. What principles will ensure that a filing system works efficiently and maintains confidentiality? *  Situated in a convenient......

Words: 298 - Pages: 2

Free Essay

Unit 2 Assignment 2

...Asimo Unit 2 assignment 2 | AbstractASIMO is a humanoid Robot that was built to genuinely help people. Linda Vaughn | Asimo Unit 2 assignment 2 | AbstractASIMO is a humanoid Robot that was built to genuinely help people. Linda Vaughn | Linda Vaughn GS1145T 10/3/2015 Why Create ASIMO? ASIMO is humanoid robot created to duplicate human motion and genuinely help people. ASIMO took more than two decades of persistent study, research, trial and error before achieving a humanoid robot. ASIMO's design, development and operation rely on many different disciplines including Mathematics, Physics, Anatomy, Engineering and Computer Science. In 1986 Honda engineer’s set out to create a walking humanoid robot early models (E1, E2, and E3) focused on developing legs that could simulate the walk of a human. Models (E4, E5, and E6) focused on developing walk stabilization and climbing stairs. Then the head, arms and body were added to improve balance. Hondas first robot P1 was rather rugged standing at 6’2 and weighing at 386lbs. P2 had a more friendly design. P3 model was more compact standing at 5’2 and weighing 287lbs. ASIMO can run, walk on uneven slopes and surfaces turn smoothly and reach and grab for objects. ASIMO can also comprehend and respond to simple voice commands. It can also recognize the face of a selective group of individuals using camera eyes. It can also map environment and register stationary objects and can avoid moving objects as it moves......

Words: 598 - Pages: 3

Premium Essay

Unit 5 Assignment 2

...Unit 5 Assignment 2 Ethernet Local Area Networks Review PT1210 Introduction to Networking Christopher B. Young ITT Tech – Tempe Campus Instructor: Mr. Larry Douglas Oct 16, 2015 1.C | 11.C | 2.D | 12.C | 3.B | 13.C | 4.A | 14.A | 5.B | 15.A | 6.E | 16.A | 7.D | 17.D | 8.A | 18.C | 9.A | 19.B | 10.A | 20.C | Ethernet LAN: A collection of devices including user devices, LAN switches, routers, old hubs and cables all of which use IEEE Ethernet standards at the physical and data link layers so that the devices can send Ethernet frames to each other 802.3: The name of the original IEEE Ethernet standard as well as the overall base name of all IEEE Ethernet LAN working committees Fast Ethernet: The informal name for one particular Ethernet standard originally defined formally as 803.3u which was the first Ethernet Standard to surpass the original 10-Mbps speed to run at 100 Mbps. Gigabit Ethernet: The informal name for one particular Ethernet standard defined formally in 802.3z(for fiber) and 802.3ab(for UTP) with a speed of 1 Gbps Autonegotiation: A process defined by the IEEE so that nodes on the same etherent link can exchange messages for the purpose of choosing the best speed and duplex option that both nodes support Ethernet Frame: The bytes of data that flow in an Ethernet LAN which begins with the Ethernet header followed by data and ends with the Ethernet trailer. Ethernet LANs deliver Ethernet frames from one Etherent device to......

Words: 327 - Pages: 2

Premium Essay

Unit 2 Assignment 2

...Unit 2 assignment 2 Legislation- Human rights act- an act of parliament of the UK- the royal assent for this act was received the 9th of November 1998 with a commencement in 2000. It is an act to give further effect to rights and freedoms guaranteed under the European convention on human rights. Rights: -Right to life -Freedom from torture and inhuman or degrading treatment -Right to liberty and security -Freedom from slavery and forced labour -Right to a fair trial -No punishment without law -Respect for your private and family life, home and correspondence -Freedom of thought, belief and religion -Freedom of expression -Freedom of assembly and association -Right to marry and start a family -Protection from discrimination in respect of these rights and freedoms -Right to peaceful enjoyment of your property -Right to education -Right to participate in free elections This act promotes anti discriminatory practice in a way that it gives everyone the rights they deserve which can’t be taken away from anyone, therefore everyone is equal in what they can do. Data protection act- The data protection act defines UK laws on processing data on identifiable living people. It covers any data which can identify a person such as address, name, Humber, email, information is to be used fairly and lawfully. It is only used for limited specific purposes and in a way that is relevant, adequate and excessive. This promotes anti discriminatory practice as it helps protect......

Words: 4206 - Pages: 17

הזמנות שלי | 5pcs Dental Adhesive Composite Cement Porcelain Teeth Silicone Brush Pen Grey | Beste Ergebnisse