Download Assessing and Mitigating IT Security Risks and more Exercises Computer Security in PDF only on Docsity!
Security
ASM
ASSIGNMENT 1 FRONT SHEET
Qualification BTEC Level 5 HND Diploma in Computing
Unit number and title Unit 5: Security
Submission date Date Received 1st submission
Re-submission Date Date Received 2nd submission
Student Name Student ID
Class Assessor name
Student declaration
I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that
making a false declaration is a form of malpractice.
Student’s signature
Grading grid
P1 P2 P3 P4 M1 M2 D
Assignment Brief 1 (RQF) Higher National Certificate/Diploma in Computing Student Name/ID Number: Unit Number and Title: Unit 5: Security Academic Year: 2021 – 2022 Unit Assessor: Van Ho Assignment Title: Security Presentation Issue Date: April 1st, 2021 Submission Date: Internal Verifier Name: Date:
Submission Format: Format: ● The submission is in the form of an individual written report. This should be written in a concise, formal business style using single spacing and font size 12. You are required to make use of headings, paragraphs and subsections as appropriate, and all work must be supported with research and referenced using the Harvard referencing system. Please also provide a bibliography using the Harvard referencing system. Submission
● Students are compulsory to submit the assignment in due date and in a way requested by the Tutor. ● The form of submission will be a soft copy posted on http://cms.greenwich.edu.vn/. ● Remember to convert the word file into PDF file before the submission on CMS.
Note:
● The individual Assignment must be your own work, and not copied by or from another student. ● If you use ideas, quotes or data (such as diagrams) from books, journals or other sources, you must
reference your sources, using the Harvard style. ● Make sure that you understand and follow the guidelines to avoid plagiarism. Failure to comply this requirement will result in a failed assignment.
Unit Learning Outcomes:
LO1 Assess risks to IT security. LO2 Describe IT security solutions. Assignment Brief and Guidance: Assignment scenario You work as a trainee IT Security Specialist for a leading Security consultancy in Vietnam called FPT Information security FIS. FIS works with medium sized companies in Vietnam, advising and implementing technical solutions to potential IT security risks. Most customers have outsourced their security concerns due to lacking the technical expertise in house. As part of your role, your manager Jonson has asked you to create an engaging presentation to help train junior staff members on the tools and techniques associated with identifying and assessing IT security risks together with the organizational policies to protect business critical data and equipment. Tasks In addition to your presentation, you should also provide a detailed report containing a technical review of the topics covered in the presentation. Your presentation should:
Identify the security threats FIS secure may face if they have a security breach. Give an example
of a recently publicized security breach and discuss its consequences
Describe a variety of organizational procedures an organization can set up to reduce the effects
to the business of a security breach.
Propose a method that FIS can use to prioritize the management of different types of risk
Discuss three benefits to FIS of implementing network monitoring system giving suitable
reasons.
Investigate network security, identifying issues with firewalls and IDS incorrect configuration
and show through examples how different techniques can be implemented to improve network
security.
Investigate a ‘trusted network’ and through an analysis of positive and negative issues determine
how it can be part of a security system used by FIS.
Your detailed report should include a summary of your presentation as well as additional, evaluated or critically reviewed technical notes on all of the expected topics.
Learning Outcomes and Assessment Criteria (Assignment 1): Learning Outcome Pass Merit Distinction LO1 P1 Identify types of security threat to organisations. Give an example of a recently publicized security breach and discuss its consequences. P2 Describe at least 3 organisational security procedures.
M1 Propose a method to assess and treat IT security risks.
D1 Investigate how a ‘trusted network’ may be part of an IT security solution.
LO 2 P3 Identify the potential impact to IT security of incorrect configuration of firewall policies and IDS. P4 Show, using an example for each, how implementing a DMZ, static IP and NAT in a network can improve Network Security.
M2 Discuss three benefits to implement network monitoring systems with supporting reasons.
Table of Contents
I. Introduction
In this document we will talk
about types of security risks to
organisations, describe
organizational security
procedure, Identify the potential
impact to IT security of
incorrect
configuration of firewall
policies and third-party VPNs
and Show, using an example for
each,
how implementing a DMZ,
static IP and NAT in a network
can improve Network Security.
In this document we will talk about types of security risks to organisations, describe
organizational security procedure, Identify the potential impact to IT security of incorrect
configuration of firewall policies and third-party VPNs and Show, using an example for each,
how implementing a DMZ, static IP and NAT in a network can improve Network Security.
II. Identify types of security risks to organisations......................................................................................
1. Viruses.............................................................................................................................................
A computer virus is a type of computer program that, when executed, replicates itself by
modifying other computer programs and inserting its own code. When this replication succeeds,
the affected areas are then said to be "infected" with a computer virus. Virus writers use social
engineering deceptions and exploit detailed knowledge of security vulnerabilities to initially
infect systems and to spread the virus. The vast majority of viruses target systems running
Microsoft Windows, employing a variety of mechanisms to infect new hosts, and often using
complex anti-detection/stealth strategies to evade antivirus software. Motives for creating viruses
can include seeking profit (e.g., with ransomware), desire to send a political message, personal
amusement, to demonstrate that a vulnerability exists in software, for sabotage and denial of
service, or simply because they wish to explore cybersecurity issues, artificial life and
evolutionary algorithms
4. Rootkit.............................................................................................................................................
A rootkit is a collection of computer software, typically malicious, designed to enable access to a
computer or an area of its software that is not otherwise allowed (for example, to an
unauthorized user) and often masks its existence or the existence of other software. The term
rootkit is a concatenation of "root" (the traditional name of the privileged account on Unix-like
operating systems) and the word "kit" (which refers to the software components that implement
the tool). The term "rootkit" has negative connotations through its association with malware.
Rootkit installation can be automated, or an attacker can install it after having obtained root or
Administrator access. Obtaining this access is a result of direct attack on a system, i.e. exploiting
a known vulnerability (such as privilege escalation) or a password (obtained by cracking or
social engineering tactics like "phishing"). Once installed, it becomes possible to hide the
intrusion as well as to maintain privileged access. The key is the root or administrator access.
Full control over a system means that existing software can be modified, including software that
might otherwise be used to detect or circumvent it
5. Spyware.........................................................................................................................................
Spyware is a software that aims to gather information about a person or organization, sometimes
without their knowledge, and send such information to another entity without the consumer's
consent. Furthermore, spyware asserts control over a device without the consumer's knowledge,
sending confidential information to another entity with the consumer's consent, through cookies.
6. Adware..........................................................................................................................................
Adware, or advertising-supported software, is software that generates revenue for its developer
by automatically generating online advertisements in the user interface of the software or on a
screen presented to the user during the installation process. The software may generate two types
of revenue: one is for the display of the advertisement and another on a "pay-per-click" basis, if
the user clicks on the advertisement. The software may implement advertisements in a variety of
ways, including a static box display, a banner display, full screen, a video, pop-up ad or in some
other form.
other condition is met. This technique can be used by a virus or worm to gain momentum and
spread before being noticed.
Some viruses attack their host
systems on specific dates, such
as Friday the 13th or April
Fools'
Day. Trojans and other
computer viruses that activate
on certain dates are often called
"time
bombs".
To be considered a logic bomb,
the payload should be unwanted
and unknown to the user of the
software. As an example, trial
programs with code that
disables certain functionality
after a set
time are not normally regarded
as logic bombs.
Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fools'
Day. Trojans and other computer viruses that activate on certain dates are often called "time
bombs". To be considered a logic bomb, the payload should be unwanted and unknown to the
user of the software. As an example, trial programs with code that disables certain functionality
after a set time are not normally regarded as logic bombs.
9. Back doors.....................................................................................................................................
A backdoor is a typically covert method of bypassing normal authentication or encryption in a
computer, product, embedded device (e.g. a home router), or its embodiment (e.g. part of a
cryptosystem, algorithm, chipset, or even a "homunculus computer" —a tiny computer-within-a-
computer such as that found in Intel's AMT technology).[1][2] Backdoors are most often used
for securing remote access to a computer, or obtaining access to plaintext in cryptographic
systems. From there it may be used to gain access to privileged information like passwords,
corrupt or delete data on hard drives, or transfer information within autoschediastic networks. A
backdoor may take the form of a hidden part of a program, a separate program (e.g. Back Orifice
may subvert the system through a rootkit), code in the firmware of the hardware, or parts of an
operating system such as Windows. Trojan horses can be used to create vulnerabilities in a
device. A Trojan horse may appear to be an entirely legitimate program, but when executed, it
changed by the user. Some
debugging features can also act
as backdoors if they are not
removed
in the release version.
Many systems that store information within the cloud fail to create accurate security measures. If
many systems are connected within the cloud, hackers can gain access to all other platforms
through the most vulnerable system. Default passwords (or other default credentials) can
function as backdoors if they are not changed by the user. Some debugging features can also act
as backdoors if they are not removed in the release version.
10.Zombie and botnet
In computing, a zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse program and can be used to perform malicious tasks of one sort or another under remote direction. Botnets of zombie computers are often used to spread e-mail spam and launch denial-of-service attacks (DOS attacks). Most owners of "zombie" computers are unaware that their system is being used in this way. Because the owner tends to be unaware, these computers are metaphorically compared to fictional zombies. A coordinated DDoS attack by multiple botnet machines also resembles a "zombie horde attack", as depicted in fictional zombie films.
A botnet is a number of Internet-connected devices, each of which is running one or more bots.
Botnets can be used to perform distributed denial-of-service attack (DDoS attack), steal data,
send spam, and allows the attacker to access the device and its connection. The owner can
control the botnet using command and control (C&C) software. The word "botnet" is a
combination of the words "robot" and "network". The term is usually used with a negative or
malicious connotation.
III. How to prevent security risks..............................................................................................................
1. Install Anti-Virus/Malware Software.............................................................................................
This tip may go without saying, and I almost just casually mentioned it in my opening paragraph.
However, I have seen many computers—especially home computers—that don’t have anti-
virus/malware protection. This protection is a must-have first step in keeping you computer virus
free.