Auditoría informática para prevención de ataques informáticos aplicado a los docentes de la Universidad “Laica Eloy Alfaro de Manabí” extensión el Carmen.

Abstract

In order to identify failures, dangers or vulnerabilities that could jeopardize the proper functioning of teachers' computer equipment, the planned activity consisted of conducting a computer audit of the teaching staff of the Universidad Laica Eloy Alfaro de Manabí extension in El Carmen. Prior to the audit, the corresponding theoretical and bibliographical research and its implementation were completed. The main findings were used to develop guidelines based on the Magerit methodology and to support the development of content related to computer auditing at the software level. Research continued on data collection approaches, strategies and tactics to support the implementation of the audit, such as interview and survey to obtain verifiable data on the status of IT assets. A risk estimation table was implemented to distinguish the level of vulnerability each estimated asset is at. Each asset was tabulated with its risk percentage, where it was possible to specify the different eventualities they present, for which a methodology based on "Magerit" risk analysis and management was used. It could be noted that there are several vulnerabilities within the computer security of teachers, although there are teachers who are able to mediate the situation, there is another part that ignores much about the situation, among the main results obtained were noted the lack of knowledge about the risks that can cause having personal data exposed on the internet, as well as the danger of not having a firewall to help combat attacks on the network. The main assets of teachers that are used as work tools tend to be the most vulnerable to infection or computer attacks due to all the uses that are given such as surfing the web, uploading and downloading files that interact with computer assets.