Download Assignment 1 Security P&M and more Study Guides, Projects, Research Network security in PDF only on Docsity!
1 | P a g e
ASSIGNMENT 1 FRONT SHEET
Grading grid Qualification BTEC Level 5 HND Diploma in Computing Unit number and title Unit 05: Security Submission date Date Received 1st submission Re-submission Date Date Received 2nd submission Student Name Pham Van Long Student ID BHAF Class PBIT17101 Assessor name Le Van Thuan Student declaration I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that making a false declaration is a form of malpractice. Student’s signature
Long
P1 P2 P3 P4 M1 M2 D
2 | P a g e
❒ Summative Feedback: ❒ Resubmission Feedback:
Grade: Assessor Signature: Date: Signature & Date:
M2 Discuss three benefits to implement network monitoring systems with supporting reasons.
- INTRODUCTION OF SECURITY Table of Contents
- P1 Identify types of security risks to organisations.
- What is network security?
- What is security risk?
- Identify threats agents to organizations
- 3.1. Nation States...................................................................................................................
- perpetrated by vandals and the general public). 3.2. Non-target specific (Ransomware, Worms, Trojans, Logic Bombs, Backdoors and Viruses
- 3.3. Employees and Contractors
- List type of threats that organizations will face
- 4.1. The Malware
- 4.2. Social engineering attack
- 4.3. SQL injected
- 4.4. DdoS
- An example of a recently publicized security breach
- P2. Organisational security procedures.
- What is the security procedures?
- The purpose of security procedures
- Anti-virus procedures
- 3.1. Purpose of Anti-virus procedures
- 3 2 Procedures of anti-virus procedures
- Password Procedures...........................................................................................................
- 4.1. Purpose of Password procedures
- 4 2 Procedures
- 5 Physical Security Procedures
- 5 .1. Purpose of Physical security procedures 4 | P a g e
- 5 2 Procedures
- third-part VPNS. P3 Identify the potential impact to IT security of incorrect configuration of firewall policoes and
- What is Firewall?
- 1.1. How does firewall work?
- 1.2. Advantages of firewall
- 1.3. What are the impacts of incorrect firewall configurations?
- What is a VPN and a third-party VPN?
- 2.1. What is Virtual Private Network?
- 2.2. Advantages of VPN
- 2.3. What are the impacts of incorrect VPN configurations?
- 3.Show with diagrams the example of how firewall works.......................................................
- can improve Network Security. P4 Show, using an example for each, how implementing a DMZ, static IP and NAT in a network
- DMZ
- 1.1.What is DMZ ?..................................................................................................................
- 1.2.How does it work?
- 1.3. Advantages of DMZ
- 1.4. Examples of DMZ
- Static IP
- 2.1. What is static IP?
- 2.2. Example of Static IP
- 2.3. Advantages of static IP
- NAT
- 3.1.What is NAT ?...................................................................................................................
- 3.2.How does it work? 5 | P a g e
- 3.3. Advantages of NAT..........................................................................................................
- 3.4.Examples of NAT
- M1 Propose a method to assess and treat IT security risks. Security procedures.
- Discuss methods required to assess it security threat? E.g. Monitoring tools
- 1.1. What is a security risk assessment?
- 1.2. Importance of regular IT security assessments
- 1.3. What is a cyber risk (IT risk) definition
- 1.4. IT risk assessment components and formula............................................................
- 1.5. The risk equation
- 1.6. How to perform a security risk assessment
- 1.7. E.g. Monitoring tools
- What are the current weakness or threat of the organization?
- What tools will you propose to treat the IT security risk?
- List some of the networking monitoring devices and discuss each.
- Why do you need to monitor network?
- The benefits of using a network monitoring system for and organization are next:
- 3.1.Discovery of Devices
- 3.2.Cost Saving
- 3.3.Indentify security threats.................................................................................................
- D1 Investigate how a trusted network may be part of an IT security solutions
- Discuss and explain what are trusted network
- Give brief details with an example on how trusted network use.
- How can it be a solution in IT security
- ❖ Picture of the presentation 6 | P a g e
- REFERENCES
- Picture 1 Security Table of Pictures
- Picture 2 Network security threats
- Picture 3 The Malware
- Picture 4 Trojans
- Picture 5 Spyware
- Picture 6 Adware............................................................................................................................
- Picture 7 Rootkits
- Picture 8 Ransomware
- Picture 9 Worms
- Picture 10 Keyloggers
- Picture 11 SQL injected
- Picture 12 DdoS..............................................................................................................................
- Picture 13 Biometric data
- Picture 14 Anti-virus procedure.....................................................................................................
- Picture 15 Password Procedure
- Picture 16 Physical Security Procedure
- Picture 17 Firewall
- Picture 18 VPN
- Picture 19 Diagram Firewall work
- Picture 20 DMZ
- Picture 21 Example of DMZ
- Picture 22 Static IP
- Picture 23 Example of Static IP 7 | P a g e
- Picture 24 NAT
- Picture 25 Document the Results
- Picture 26 Activity Log Analysis — XpoLog
- Picture 27 Protecting apps and data – Imperva
- Picture 28 Penetration Behavior Testing – Metasploit
- Picture 29 Prevent phishing attacks - Hoxhunt
- Picture 30 The OCTAVE method
- Picture 31 SolarWinds Network Performance Monitor
- Picture 32 Datadog Network Monitoring
- Picture 33 ManageEngine OpManager..........................................................................................
- Picture 34 Paessler PRTG Network Monitor
- Picture 35 Auvik
- Picture 36 Site24x7 Network Monitoring
- Picture 37 Atera
- Picture 38 Discovery of Devices
- Picture 39 Indentify Security threats
- Picture 40 Picture of the presentation
- Picture 41 Picture of the presentation
- Picture 42 Picture of the presentation
- Picture 43 Picture of the presentation
- Picture 44 Picture of the presentation
- Picture 45 Picture of the presentation
- Picture 46 Picture of the presentation
- Picture 47 Picture of the presentation
- Picture 48 Picture of the presentation
- Picture 49 Picture of the presentation
- Picture 50 Picture of the presentation
- Picture 51 Picture of the presentation
- Picture 52 Picture of the presentation
- Picture 53 Picture of the presentation
- Picture 54 Picture of the presentation 8 | P a g e
- Picture 55 Picture of the presentation
- Picture 56 Picture of the presentation
- Picture 57 Picture of the presentation
- Picture 58 Picture of the presentation
- Picture 59 Picture of the presentation
- Picture 60 Picture of the presentation
- Picture 61 Picture of the presentation
- Picture 62 Picture of the presentation
- Picture 63 Picture of the presentation
- Picture 64 Picture of the presentation
- Picture 65 Picture of the presentation
- Picture 66 Picture of the presentation
- Picture 67 Picture of the presentation
- Picture 68 Picture of the presentation
- Picture 69 Picture of the presentation
- Picture 70 Picture of the presentation
- Picture 71 Picture of the presentation
- Picture 72 Picture of the presentation
- Picture 73 Picture of the presentation
- Picture 74 Picture of the presentation
- Picture 75 Picture of the presentation
- Picture 76 Picture of the presentation
- Picture 77 Picture of the presentation
- Picture 78 Picture of the presentation
- Picture 79 Picture of the presentation
- Picture 80 Picture of the presentation
- Picture 81 Picture of the presentation
- Picture 82 Picture of the presentation
10 | P a g e P1 Identify types of security risks to organisations.
1. What is network security?
Network security is a broad term that covers a multitude of technologies, devices and processes. In its simplest term, it is a set of rules and configurations designed to protect the integrity, confidentiality and accessibility of computer networks and data using both software and hardware technologies. Every organization, regardless of size, industry or infrastructure, requires a degree of network security solutions in place to protect it from the ever-growing landscape of cyber threats in the wild today. Today's network architecture is complex and is faced with a threat environment that is always changing and attackers that are always trying to find and exploit vulnerabilities. These vulnerabilities can exist in a broad number of areas, including devices, data, applications, users and locations. For this reason, there are many network security management tools and applications in use today that address individual threats and exploits and also regulatory noncompliance. When just a few minutes of downtime can cause widespread disruption and massive damage to an organization's bottom line and reputation, it is essential that these protection measures are in place. Picture 2 Network security threats
11 | P a g e
2. What is security risk?
A computer security risk is really anything on your computer that may damage or steal your data or allow someone else to access your computer, without your knowledge or consent. There are a lot of different things that can create a computer risk, including malware, a general term used to describe many types of bad software. We commonly think of computer viruses, but, there are several types of bad software that can create a computer security risk, including viruses, worms, ransomware, spyware, and Trojan horses. Misconfiguration of computer products as well as unsafe computing habits also pose risks.
3. Identify threats agents to organizations
3 .1. Nation States Those companies that operate in certain sectors, e.g. telecoms, oil & gas, mining, power generation, national infrastructure etc., may find themselves a target for foreign nations either to disrupt operations now, or to give that nation a future hold in times of adversity. We have heard many examples of this from the alleged Russian interference with the US Presidential elections, to Sony claiming that North Korea had been responsible for their sites being hacked in 2014 and more recently the concerns about Huawei providing 5G networks because of the possibility of them passing information to the Chinese government. 3 .2. Non-target specific (Ransomware, Worms, Trojans, Logic Bombs, Backdoors and Viruses perpetrated by vandals and the general public). There are so many times that companies have said to me “Oh we’re not going to be a target for hackers because….” But the number of random attacks that are going on every day is so vast (there are no accurate statistics on this to share here) that every and any organisation can become a victim. The most famous example of a non-target specific attack is the WannaCry ransomware incident that affected over 200,000 computers in 150 countries. In the UK it shut down the NHS for several days. And, of course, there is the bored teenager in a loft somewhere just trolling the internet to find a weak link.
13 | P a g e Picture 3 The Malware 4.1.1. Trojans A Trojan (or Trojan Horse) disguises itself as legitimate software with the purpose of tricking you into executing malicious software on your computer. Picture 4 Trojans
14 | P a g e 4.1.2. Spyware Spyware invades your computer and attempts to steal your personal information such as credit card or banking information, web browsing data, and passwords to various accounts. Picture 5 Spyware 4.1.3. Adware Adware is unwanted software that displays advertisements on your screen. Adware collects personal information from you to serve you with more personalized ads.
16 | P a g e 4.1.5. Ransomware Ransomware is designed to encrypt your files and block access to them until a ransom is paid. Picture 8 Ransomware 4.1.6. Worms A worm replicates itself by infecting other computers that are on the same network. They’re designed to consume bandwidth and interrupt networks.
17 | P a g e Picture 9 Worms 4.1.7. Keyloggers Keyloggers keep track of your keystrokes on your keyboard and record them on a log. This information is used to gain unauthorized access to your accounts. Picture 10 Keyloggers
19 | P a g e 4 .4. DdoS A denial of service attack (DoS attack - short for Denial of Service) or a distributed denial of service attack (DDoS attack - short for Distributed Denial of Service) is an attempt to get people to User cannot use the resources of a computer. Although the means, motives, and targets of a denial of service attack can vary, generally it involves coordination, malicious attempts of one person or more people to a site, or the network cannot use, interrupt, or slow down the system significantly for the average user, by overloading the system's resources. The perpetrators of denial of service attacks often target typical websites or servers such as banks, credit card payment gateways and even DNS root servers. One common attack method is often associated with saturating a target machine with external communications requests, to the point that it cannot respond to legitimate traffic, or respond too slowly. In general terms, DoS attacks are complemented by forcing the target machine to restart or by consuming all its resources to the point that it does not provide service, or obstructs communication between the user and the crash. multiply. Picture 12 DdoS
5. An example of a recently publicized security breach
❖ Antheus Tecnologia Biometric Data Breach:
20 | P a g e
- The Story: In March 2020, SafetyDetectives —a pro bono team of security researchers— revealed a breach in the data of Antheus Tecnologia, a Brazilian biometric solutions company. The company had left sensitive information, including data on 76,000 fingerprints, exposed on an unsecured server. The server didn't store direct scans of fingerprints, but binary code that hackers could use to recreate them, with potentially disastrous consequences. Picture 13 Biometric data
- How the Breach Happened As we mentioned, the company neglected to password protect a database on the cloud or properly encrypt it. This is almost certainly the result of human error on the part of IT staff.
- What Data Was Exposed Per Biometric Update: "The vulnerable server contained roughly 16 gigabytes of data, with 81.5 million records also including administrator login information, employee telephone numbers, email addresses, and company emails." Antheus Tecnologia responded to the report by insisting that the exposed fingerprints belonged to their team or were in the public domain. However, they also claimed that the data was hashed, which was not the case.
- The Lesson for Businesses