Download SECURITY - ASSIGNMENT 1 and more Essays (university) Computer Science in PDF only on Docsity!
Higher Nationals in Computing
Unit 05: SECURITY
ASSIGNMENT 1
Assessor name: PHAN MINH TAM
Learner’s name: DANG AN THANH
ID: GCS
Class: GCS0805_PPT
Subject code: 1623
Assignment due: 2 9 / 1 1 / 2 0 2 0 Assignment submitted: 2 6 / 1 1 / 2 0 2 0
❒ Summative Feedback: ❒ Resubmission Feedback:
Grade: Assessor Signature: Date: Signature & Date:
ASSIGNMENT 1 BRIEF
Qualification BTEC Level 5 HND Diploma in Computing Unit number Unit 5: Security Assignment title Security Presentation Academic Year 2018 – 2019 Unit Tutor Issue date Submission date 26/11/ IV name and date Khoa Canh Nguyen, Michael Omar, Nhung 9th/01/ Submission Format The submission is in the form of two documents/files:
- A ten-minute Microsoft® PowerPoint® style presentation to be presented to your colleagues. The presentation can include links to performance data with additional speaker notes and a bibliography using the Harvard referencing system. The presentation slides for the findings should be submitted with speaker notes as one copy.
- A detailed report that provides more thorough, evaluated or critically reviewed technical information on all of the topics. You are required to make use of the font Calibri, Font size 12, Line spacing 1.5, Headings, P aragraphs , S ubsections and illustrations as appropriate, and all work must be supported with research and referenced using the Harvard referencing system. Unit Learning Outcomes
Pass Merit Distinction LO1 Assess risks to IT security LO1 & 2 D1. Investigate how a ‘trusted network’ may be part of an IT security solution P1 Identify types of security risks to organisations. P2 Describe organisational security procedures. M1 Propose a method to assess and treat IT security risks. LO2 Describe IT security solutions P3 Identify the potential impact to IT security of incorrect configuration of firewall policies and third-party VPNs. P4 Show, using an example for each, how implementing a DMZ, static IP and NAT in a network can improve Network Security. M2 Discuss three benefits to implement network monitoring systems with supporting reasons.
Table of Contents
- Unit 05: SECURITY..............................................................................................................................
- INTRODUCTION OF SECURITY.............................................................................................................
- P1 Identify types of security risks to organisations.............................................................................
- What are network security ?...........................................................................................................................
- Identify threats agents to organizations..........................................................................................................
- 2.1. Nation States.......................................................................................................................................
- by vandals and the general public)............................................................................................................. 2.2. Non-target specific (Ransomware, Worms, Trojans, Logic Bombs, Backdoors and Viruses perpetrated
- 2.3. Employees and Contractors.................................................................................................................
- List type of threats that organizations will face...............................................................................................
- 3.1. The Malware......................................................................................................................................
- 3.2. Social engineering attack.....................................................................................................................
- 3.3. SQL injected........................................................................................................................................
- 3.4. DdoS....................................................................................................................................................
- P2 Describe organisational security procedures.................................................................................
- What is the security procedures ?...................................................................................................................
- The purpose of security procedures................................................................................................................
- Anti-virus procedures......................................................................................................................................
- 3.1. Purpose of Anti-virus procedures........................................................................................................
- 3.2. Procedures of anti-virus procedures....................................................................................................
- Password Procedures......................................................................................................................................
- 4.1. Purpose of Password procedures........................................................................................................
- 4.2. Procedures..........................................................................................................................................
- Physical Security Procedures.........................................................................................................................
- 5.1. Purpose of Physical security procedures............................................................................................
- 5.2. Procedures........................................................................................................................................
- M1 Propose a method to assess and treat IT security risks. Security procedures..............................
- third-part VPNS................................................................................................................................ P3 Identify the potential impact to IT security of incorrect configuration of firewall policoes and
- What is Firewall ?..........................................................................................................................................
- 1.1. How does firewall work?...................................................................................................................
- 1.2. Advantages of firewall.......................................................................................................................
- 1.3. What are the impacts of incorrect firewall configurations?...............................................................
- What is a VPN and a third-party VPN?...........................................................................................................
- 2.1. What is Virtual Private Network ?....................................................................................................
- 2.2. Advantages of VPN............................................................................................................................
- 2.3. What are the impacts of incorrect VPN configurations?....................................................................
- Show with diagrams the example of how firewall works..............................................................................
- improve Network Security............................................................................................................... P4 Show, using an example for each, how implementing a DMZ, static IP and NAT in a network can
- DMZ...............................................................................................................................................................
- 1.1. What is DMZ ?...................................................................................................................................
- 1.2. How does it work ?............................................................................................................................
- 1.3. Advantages of DMZ..........................................................................................................................
- 1.4. Examples of DMZ...............................................................................................................................
- Static IP..........................................................................................................................................................
- 2.1. What is static IP ?..............................................................................................................................
- 2.2. Example of Static IP...........................................................................................................................
- 2.3. Advantages of static IP......................................................................................................................
- NAT................................................................................................................................................................
- 3.1. What is NAT ?....................................................................................................................................
- 3.2. How does it work ?............................................................................................................................
- 3.3. Advantages of NAT...........................................................................................................................
- 3.4. Examples of NAT................................................................................................................................
- M2 Discuss three benefits to implement network monitoring systems with supporting reasons......
- Monitoring network devices..........................................................................................................................
- Networks alerts.............................................................................................................................................
- Network reporting.........................................................................................................................................
- The benefits of using a network monitoring system for and organization are next:.....................................
- 4.1.Discovery of Devices...........................................................................................................................
- 4.2.Cost Saving.........................................................................................................................................
- 4.3.Indentify security threats...................................................................................................................
- D1 Investigate how a trusted network may be part of an IT security solutions.................................
- REFERENCES.....................................................................................................................................
- Figure 1 Security...................................................................................................................................................... List of Figures
- Figure 2 Network security threats...........................................................................................................................
- Figure 3 Malware.....................................................................................................................................................
- Figure 4 SQL injected...............................................................................................................................................
- Figure 5 Ddos...........................................................................................................................................................
- Figure 6 Anti-virus procedure..................................................................................................................................
- Figure 7 Password Procedure................................................................................................................................
- Figure 8 Physical Security Procedure.....................................................................................................................
- Figure 9 Octave Process.........................................................................................................................................
- Figure 10 Firewall..................................................................................................................................................
- Figure 11 VPN........................................................................................................................................................
- Figure 12 Diagram.................................................................................................................................................
- Figure 13 DMZ.......................................................................................................................................................
- Figure 14 Example of DMZ.....................................................................................................................................
- Figure 15 Static IP..................................................................................................................................................
- Figure 16 Example of Static IP...............................................................................................................................
- Figure 17 NAT........................................................................................................................................................
- Figure 18 Discovery of Devices..............................................................................................................................
- Figure 19 Indentify Security threats......................................................................................................................
ASSIGNMENT 1 ANSWERS
INTRODUCTION OF SECURITY
The security measure was first implemented for computers in 1960 when the internet or networks was not yet to worry about. Many companies of that time were focused on a physical measure to protect their computer-implemented the password from the people with some knowledge of how the computers work. This report presenting in an IT organization Octave method to assess the IT security risks, the impact of the IT organization of incorrect Firewall and third party VPNS configuration, benefits and reasons of network monitoring systems also presenting the improvement of the network security using DMZ, static IP and NAT and then the explanation of Risk Assessment and Risk Management of an Organization, the impact of the Organization after a SWOT evaluation of an internal audit and then implementation of policy and describe the recovery plan measure with the hierarchy structure of the organization and their role. Vasile-Daniel Alupoae Security. Figure 1 Security P1 Identify types of security risks to organisations. P a g e | 1
2.1. Nation States
- Those companies that operate in certain sectors, e.g. telecoms, oil & gas, mining, power generation, national infrastructure etc., may find themselves a target for foreign nations either to disrupt operations now, or to give that nation a future hold in times of adversity.
- We have heard many examples of this from the alleged Russian interference with the US Presidential elections, to Sony claiming that North Korea had been responsible for their sites being hacked in 2014 and more recently the concerns about Huawei providing 5G networks because of the possibility of them passing information to the Chinese government. 2.2. Non-target specific (Ransomware, Worms, Trojans, Logic Bombs, Backdoors and Viruses perpetrated by vandals and the general public).
- There are so many times that companies have said to me “Oh we’re not going to be a target for hackers because….” But the number of random attacks that are going on every day is so vast (there are no accurate statistics on this to share here) that every and any organisation can become a victim.
- The most famous example of a non-target specific attack is the WannaCry ransomware incident that affected over 200,000 computers in 150 countries. In the UK it shut down the NHS for several days. And, of course, there is the bored teenager in a loft somewhere just trolling the internet to find a weak link. 2.3. Employees and Contractors
- Machines and software programmes are quite good at protecting against malware, unless it is a Zero-day virus. It is humans that are often the weakest link in the security system, either maliciously or accidentally.
- Common mistakes such as sending an email to the wrong person happen but usually we realise the mistake quickly and are able to rectify the situation. Simple measures such as password protecting files can also help to mitigate the effects of such mistakes.
- However unfortunately there are also disgruntled people out there who purposefully harm organisations from the inside. Recently Morrisons supermarket faced a case where a disgruntled internal auditor downloaded payroll and other HR personal data and published it on the internet. The ex-employee was convicted and sent to prison, but Morrisons was also P a g e | 3
fined because it did not have the proper technical and organisational measures in place to prevent this act (note that Morrisons is currently appealing against the fine).
3. List type of threats that organizations will face 3.1. The Malware
- Malware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server, client, or computer network (by contrast, software that causes unintentional harm due to some deficiency is typically described as a software bug). A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, wiper and scareware.
- Programs are also considered malware if they secretly act against the interests of the computer user. For example, at one point Sony music Compact discs silently installed a rootkit on purchasers' computers with the intention of preventing illicit copying, but which also reported on users' listening habits, and unintentionally created extra security vulnerabilities.
- Some malware such as : computer virus, worm, spyware…… Figure 3 Malware 3.2. Social engineering attack
- In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. This differs from social P a g e | 4
service attack (DDoS attack - short for Distributed Denial of Service) is an attempt to get people to User cannot use the resources of a computer. Although the means, motives, and targets of a denial of service attack can vary, generally it involves coordination, malicious attempts of one person or more people to a site, or the network cannot use, interrupt, or slow down the system significantly for the average user, by overloading the system's resources. The perpetrators of denial of service attacks often target typical websites or servers such as banks, credit card payment gateways and even DNS root servers.
- One common attack method is often associated with saturating a target machine with external communications requests, to the point that it cannot respond to legitimate traffic, or respond too slowly. In general terms, DoS attacks are complemented by forcing the target machine to restart or by consuming all its resources to the point that it does not provide service, or obstructs communication between the user and the crash. multiply. Figure 5 Ddos **P2 Describe organisational security procedures.
- What is the security procedures?** P a g e | 6
- Security procedures are detailed step-by-step instructions on how to implement, enable, or enforce security controls as enumerated from your organization’s security policies. Security procedures should cover the multitude of hardware and software components supporting your business processes as well as any security related business processes themselves (e.g. onboarding of a new employee and assignment of access privileges). 2. The purpose of security procedures
- The purpose of security procedures is to ensure consistency in the implementation of a security control or execution of a security relevant business process. They are to be followed each time the control needs to be implemented or the security relevant business process followed. Here is an analogy. As part of every aircraft flight, the pilot will follow a pre-flight checklist. Why do they do this? Simply put, they do it to ensure that the aircraft is ready to fly and to do everything possible to ensure a safe flight. Although pilots may have flown thousands of hours, they still follow the checklist. Following the checklist ensures consistency of behavior each and every time. Even though they may have executed the checklist hundreds of times, there is risk in relying on memory to execute the checklist as there could be some distraction that causes them to forget or overlook a critical step. 3. Anti-virus procedures 3.1. Purpose of Anti-virus procedures
- The primary purpose of the anti-virus solution or software is to guard against malicious software or scripts by blocking or quarantining this software that is identified, and alerting administrators that such action has taken place. The solution would detect and report on different types of malicious software that may be introduced or attempted to be installed on the systems and network, including endpoints such as mobile devices, desktops, laptops, servers, etc. 3.2. Procedures of anti-virus procedures
- Anti-virus software is mandatory.
- Any system which is geographically located on a University of Otago campus or remotely connected to a University of Otago campus must have up-to-date antivirus software installed P a g e | 7
passwords to access College information systems. 4.2. Procedures
- The successful adoption of a password procedure depends on the ability of the organization to enforce it. Some school boards/authorities have sophisticated technologies that can provide substantial automation and support for a large number of users. Others may have limited resources and will need to develop a procedure that is manageable in a more manual fashion. It is important to realize that regardless of which category the school board/authority falls into, password procedures are still a requirement for effective security management. When creating a password procedure, it is important to consider elements that can be enforced through software security settings and those which must be enforced through education of the users. Items such as the minimum length of a password and expiry cycle for passwords are typically set through system software. Issues that would be linked to user education include not having passwords displayed on sticky notes and not sharing passwords. Another important consideration when developing a password procedure is password retention. Even with the best procedures in place, passwords will be shared or otherwise become known over time, weakening security, so it is necessary to change them on a regular basis. Most systems allow the system administrator to set a parameter which causes passwords to expire and requires them to be reset by the user. This parameter is typically set for anywhere from 30 days to 90 days, depending on the number of users, level of risk, and manageability of the procedure. Password expiry does add some additional workload for technical staff as users often forget their new passwords and need support to change them. It is also wise to force a password reset the first time a user logs in to any system. P a g e | 9
Figure 7 Password Procedure
5. Physical Security Procedures 5.1. Purpose of Physical security procedures
- The purpose of the Physical Security procedures is to:
+ establish the rules for granting, control, monitoring, and removal of physical access to office
premises;
+ to identify sensitive areas within the organization; and
+ to define and restrict access to the same.
5.2. Procedures
- Physical access to the server rooms/areas shall completely be controlled and servers shall be kept in the server racks under lock and key.
- Access to the servers shall be restricted only to designated Systems and Operations Personnel. Besides them, if any other person wants to work on the servers from the development area then he/she shall be able to connect to the servers only through Remote Desktop Connection with a Restricted User Account.
- Critical backup media shall be kept in a fireproof off-site location in a vault. P a g e | 10