SECURITY - ASSIGNMENT2, Assignments of Network security

dsadasdsadsadsa dsa dsa dsad sadsadsad as dsasa

Typology: Assignments

2020/2021

Uploaded on 07/04/2021

jun_pham
jun_pham 🇻🇳

4

(1)

31 documents

1 / 20

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
NETWORK SECURITY
PROGRAM TITLE: SECURITY
UNIT TITLE: Unit 05: Security
ASSIGNMENT NUMBER: 2
ASSIGNMENT NAME: EMC CLOUD SOLUTIONS
SUBMISSION DATE: ……………………………………….
DATE RECEIVED: …………………………………………….
TUTORIAL LECTURER: ……………………………………
WORD COUNT: ……………………………………………..
STUDENT NAME: NGO VAN HUY
STUDENT ID: BKC18400
MOBILE NUMBER: 0383930441
ASSIGNMENT 1
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14

Partial preview of the text

Download SECURITY - ASSIGNMENT2 and more Assignments Network security in PDF only on Docsity!

PROGRAM TITLE: SECURITY

UNIT TITLE: Unit 05: Security ASSIGNMENT NUMBER: 2 ASSIGNMENT NAME: EMC CLOUD SOLUTIONS SUBMISSION DATE: ………………………………………. DATE RECEIVED: ……………………………………………. TUTORIAL LECTURER: …………………………………… WORD COUNT: …………………………………………….. STUDENT NAME: NGO VAN HUY STUDENT ID: BKC MOBILE NUMBER: 0383930441

Summative Feedback: Internal verification: Contents

Malware infections Due to the high volume of data stored on the cloud, which requires an internet connection to store this data, anybody using cloud services is potentially at risk of cyberattacks. An increasingly common threat is Distributed Denial of Service (DDoS) attacks, whereby hackers send unprecedented volumes of traffic to a web- based application, thereby crashing the servers. Legal/compliance issues With increasing legislation on data protection, from GDPR in Europe to HIPAA for healthcare, staying compliant is becoming more difficult. Companies must have steadfast rules governing who can access what data and what they can do with it. With cloud computing’s easy access to data on a large scale, it can be difficult to keep track of who can access this information. II. Describe organisational security procedures. Organizations can have as many policies as they like, covering anything that’s relevant to their business processes. But to help you get started, here are five policies that every organization must have. 2.1. Remote access The days of 9-to-5 office work were over even before COVID-19 – and many organizations will continue to allow employees to work remotely when life as normal resumes. That will not only mean that employees use work computers but may also use their phones to check their work emails outside of business hours or while traveling.

This is great for productivity and flexibility, but it also creates security concerns. Remote workers don’t have the privilege of the organization’s physical and network security provisions, so they need to be instructed on what they can do to prevent breaches. 2.2. Password creation Pretty much everyone uses passwords at home and at work to access secure information, so you’d think we’d all have the hang of it by now. Unfortunately, that’s not the case. Hacked passwords are among the most common causes of data breaches, and it’s hardly a surprise when people set weak passwords such as ‘123456’ and ‘Password’. Organizations should mitigate this threat by creating a password policy that outlines specific instructions for creating passwords. The received wisdom about passwords is that they should be a combination of at least eight letters, numbers, and special characters. However, this doesn’t always guarantee a strong password, as employees are still susceptible to easily guessable phrases such as ‘Password#1’. 2.3. Password management Strong passwords only work if their integrity remains intact. If you leave them written down, share them, or select ‘remember this password’ on a public computer, you risk them falling into the wrong hands. The same is true if you use the same password on multiple accounts. Let’s say a criminal hacker breaks into a database and finds the credentials for your personal email account. If they can work out where you work (which they have a good chance of through a Google, Facebook, or LinkedIn search), they’ll probably try that password on your work email and other work-related accounts. It’s therefore essential that organizations include a policy that instructs employees not to share passwords, write them down or use them on multiple accounts. 2.4. Portable media Cybercriminals can easily infect an organization’s systems by planting malware on a removable device and then plugging it into a company computer. Many organizations counteract this threat by banning removable devices and relying on email or the Cloud to transfer information. This might not be viable for you, but there should always be safeguards in place. For example, you might set limits on who can use removable devices or create a rule instructing employees to scan devices before use. 2.5. Acceptable use Organizations should never expect employees to spend 100% of their time at work doing work-related activities because everyone needs a break now and then.

like leaving the front door of your house open and unlocked. This is because high- speed Internet connections have the following features: o A constant IP - Make it easy for an intruder who has discovered your computer on the internet to find you again and again. o High-Speed Access - Means that the intruder can work much faster when trying to break into your computer. o Always active connection - means that your computer is vulnerable every time when it is connected to the internet. Defending yourself with a Personal Firewall So now you have an idea of how you are vulnerable every time when you are online on a high-speed Internet connection, compared to an ordinary 56Kbps connection. What you now need to know is how you can defend yourself against the threat posed by this type of connection A Personal firewall is important when o You surf the internet at home using an 'always on' broadband connection o You connect to the internet via a public Wifi network in a park, cafe or airport o You run a home network which needs to be kept isolated from the internet o You wish to be kept informed when any program on your computer attempts to connect to the internet o Most Personal Firewalls are highly configurable so you can easily create security policies to suit your individual needs

2. Virtual private network (VPN) A VPN (virtual private network) is the easiest and most effective way for people to protect their internet traffic and keep their identities private online. As you connect to a secure VPN server, your internet traffic goes through an encrypted tunnel that nobody can see into , including hackers, governments, and your internet service provider.

Consumers use VPNs to keep their online activity private and ensure access to sites and services that might otherwise be restricted. Companies use VPNs to connect far-flung employees as if they were all using the same local network at a central office, but with fewer benefits for individuals than a personal VPN.

3. How improper firewalls and VPNs impact the EMC company? EMC is a well-reputed cloud solution provider. EMC cloud solution Company provides SAAS, PAAS, LAAS to their customers. EMC company is doing transactions with external countries when doing those transactions firewalls and VPNs are the two software that is very important to install. Because when doing transactions through networks some unauthorized accesses can be attacked to the network system, not only that some other private networks also can attack the network system. When it gets attacked by other accesses, they can get important information about EMC company, especially by the competitors. If the competitors EMC company get the details about the company it’s a huge risk to the company to prevent these kinds of risks the firewalls are very important to install. And if there are improper firewalls also, we have to face these risks. The other reason was the existence of improper VPNs it’s the other problem that arises when doing online transactions because when we doing online transactions without using proper VPNs sometimes there might have web traffic, snooping and interference by these web traffics transactions can’t do properly it may

 Advantages of Static IPs o It’s good for creating Computer servers o It makes it easier for geolocation o It’s also better for dedicated services o Disadvantages of static IPs  Disadvantages of Static IPs o The static IP address could be a security risk o Static IPs are preferred for hosting servers o The process to set a static IP is complex

3. NAT (Network Address Translation) To access the Internet, one public IP address is needed, but we can use a private IP address in our private network. The idea of NAT is to allow multiple devices to access the Internet through a single public address. To achieve this, the translation of a private IP address to a public IP address is required. Network Address Translation (NAT) is a process in which one or more local IP address is translated into one or more Global IP address and vice versa in order to provide Internet access to the local hosts. Also, it does the translation of port numbers i.e. masks the port number of the host with another port number, in the packet that will be routed to the destination. It then makes the corresponding entries of IP address and port number in the NAT table. NAT generally operates on a router or firewall.

Inside local address – An IP address that is assigned to a host on the Inside (local) network. The address is probably not an IP address assigned by the service provider i.e., these are private IP addresses. This is the inside host seen from the inside network.  Inside global address – IP address that represents one or more inside local IP addresses to the outside world. This is the inside host as seen from the outside network.  Outside local address – This is the actual IP address of the destination host in the local network after translation.  Outside global address – This is the outside host as seen from the outside network. It is the IP address of the outside destination host before translation. Network Address Translation (NAT) Types – There are 3 ways to configure NAT:

1. Static NAT – In this, a single unregistered (Private) IP address is mapped with a legally registered (Public) IP address i.e one-to-one mapping between local and global address. This is generally used for Web hosting. These are not used in organizations as there are many devices that will need Internet access and to provide Internet access, a public IP address is needed. Suppose, if there are 3000 devices that need access to the Internet, the organization has to buy 3000 public addresses that will be very costly. 2. Dynamic NAT – In this type of NAT, an unregistered IP address is translated into a registered (Public) IP address from a pool of public IP addresses. If the IP address of the pool is not free, then the packet will be dropped as only a fixed number of private IP addresses can be translated to public addresses. Suppose, if there is a pool of 2 public IP addresses then only 2 private IP addresses can be translated at a given time. If 3rd private IP address wants to

bottlenecks proactively helps in identifying issues at the initial stage. Efficient proactive monitoring can prevent network downtime or failures.  Network monitoring is generally carried out through software applications and tools. Network monitoring services are broadly used to detect whether a given Web server is operative and connected properly to networks worldwide. Many servers that make this job provide a more complete visualization of both the Internet and networks.  And there many benefits to Network monitoring system the main three benefits are:  Protecting your network against attackers: The network monitoring system identifies distrustful traffic, thereby authorizing owners to act fast. A network monitoring service is able to provide a broad overview of an SMB’s entire IT infrastructure so that nothing is misused. Today, exploits are more sophisticated and advanced and are able to target a system in a diversity of ways. Monitoring antivirus and firewall solutions separately firewalls solutions separately may leave security gaps.  Keeping Informed without in house staff : A network monitoring service will send warnings and information to an SMB owner as issues arise. Otherwise, an SMB may need to either effort to their network security themselves or hire a full-time IT employee- Which could be very costly. Data breaches can be more harmful and more expensive the longer they go without being noticed.  Optimizing and monitoring your network : Many small business owners are expected to rapid growth. This growth cannot be possible if parts of their IT infrastructure are over-loaded or slowed. Network monitoring services will map out the infrastructure of a small business, showing an SMB owner area of development and any issues that currently need to be addressed. IV. LO3 Review mechanisms to control organizational IT security.

1. Discuss risk assessment procedures  Risk means a dark situation that we will face in the future. These risks may occur due to the results of mankind. Most of the risks can happen to the organization due to the faults of the workers in the organization so as an owner of the organization the owner should assess the risks  Risk assessment means the term used to the overall process for identity and analysis the hazards and risk that going to occur to the company or organization, Analysis and evaluate the risk associated with that hazard. So, by identifying and analyzing the risk we have to determine the appropriate or control the risk when the hazards cannot be eliminated. We can identify certain kinds of risks through looking at our workplace by identify the things, situation, process, etc. That may Couse harm to the people. After we identify the risk to avoid this risk from the organization when this determination is made, we can next decide what measures should be there or in the organization to effectively eliminate or control the harm happening to the organization.

2. Explain data protection processes and regulations as applicable to an organization.  Any company or organization has a lot of important data. So when that data is leaked to a competitor, it is possible that the company or organization will inevitably be attacked. So, data protection a must in every organization.  These are some of the used full information that reputed companies have:  The type of customers they have  Number of customers they have  Banking information  Information about the assets  So, these kinds of information got leaked from the business or organization that may occur a huge risk to that organization. So, there are many ways to protect these kinds of important data they are:  Fixing CCTV cameras  Employee monitoring system 3. Summarization of ISO 31000 risk management law. 1. What is the law?  An organization or company to maintain operations needs to comply with the regulations and laws. So what is the law? Law means a certain kind of imperative to be taken by the head of the organization to minimize errors, frauds, and related problems among employees working in the organization.  Implementing laws is a difficult task that is done by the CEO of the company because he should know how to implement suitable laws for the workers. When the low get high some employee might not work properly or when there are fewer laws also the worker might not properly. Forget the work done by the workers the CEO must think from his perspective, the company’s perspective, and the employee’s perspective then he can continue his organization or the company peacefully without any mistakes, frauds, and federations.  Every CEO is looking to reduce the risks that coming towards his organization for that he should implement lows and regulations continuously but there are guidelines when implementing lows for the risks, that guidelines when are in ISO 31000 – 2018 2. Summarization of ISO 31000: 2018 related to EMC company  The ISO 31000: 2018 is consisting of risk management guidelines, providing principles and frameworks to manage risks in EMC company. When the CEO of the EMC company is following those ISO 31000: 2018 law it easy to handle the EMC company. Because all the guidelines and frameworks are in it. Any business-like small scale and large-scale business or companies can use this ISO 31000: 2018 law.  By using this ISO 31000: 2018 law can help the EMC company to increase the likely hood of achieving objectives. And can easily identify the strength and weaknesses of the EMC company. These things are involved in the vision and mission of the EMC company. However, ISO 31000: 2018 act cannot be used for certification purposes. But it provides guidance for internal and external audit programs

 The special feature of IT security audits system has, it can identify the vulnerable points and problem areas easily. The IT system is a vast one with several components including hardware, software, data and procedures but the IT security system can find out the vulnerable areas easily. From the IT security system, we can check weather our hardware or software tools are configured properly and working properly. And security audits are retracing the security incidents or the dangerous situation that company faced in the past from the previous that might have exposed our security weak points. The other main thing that is done by the audit was the focus on the carrying out tests in terms of network weaknesses, operating system, access control and security applications

7. How IT security aligned with organization policy?  Company policies and procedures are the basis of a strong security plan. Once the company policies and procedures have been advanced or updated with the company staff's help, your organization’s security basis will be more current, sound, and in compliance.  Companies cybersecurity experts:  Cooperate with your organization to grow the strategies for successfully communicating policies, standards, and procedures for measuring good security practices and agreements  Provide current management of the company policies, procedures, and standards to safeguard those documents are kept current and relevant. **V. LO4 Manage organizational security

  1. Suitability of the tools used in the polices**  Security policy is a set of rules and procedures the employees have to follow regarding the security of assets and resources of the organization (Paloaltonetworks.com, 2019). Appropriate security policy allows maintaining tight security within the organization. The purpose of a security policy is the conservation of confidentiality, integrity, and availability of systems and information used by an organization’s members. This is based on the CIA triad,  Confidentiality contains the safety of resources from unauthorized units.  Integrity guarantees the alteration of resources is handled in a definite and authorized manner  Availability is a state of the system where approved users have constant access to said resources. 1. SECURITY POLICY  General The organization preserves a secure network infrastructure through the following reckoned policies in order to protect the integrity and confidentiality of customer and organization data and moderate the risk of a security problem. The persistence of this policy is to create the rules for IT security and to communicate the controls necessary for a secure network infrastructure. The network security

policy will provide the practical mechanisms to support the Organization's complete set of security policies.  Approved Staff Systems Manager should present writing in advance with the consultation of IT staff in forming and managing accounts which are both system and user. Authorized persons are only allowed to access and maintain application systems, network devices (routers, firewalls, servers and etc.), operating systems, and other information objects. The network manager must approve the creation of user and privilege accounts like system administrator or security administrator. A quarterly basis review should be done on Privilege accounts. After 60 days or less, if the user and privilege accounts are inactive, they will be disabled.  Creating passwords When creating a password following guidelines should be considered,  Password must include at least 8 characters.  Password should be consisting of letters, numbers, special characters and upper or lowercase characters.  Password should not include guessable words or personal data like birthdays, phone numbers and etc.  Login conditions  If the login credentials are repeated five times to login will be considered as unauthorized access and the login portal will be locked for an hour or until the IT staff resets the password.  All the user name and passwords related to user accounts and privilege accounts should be changed in every 90 days period of time. If not, the portal will be locked.  When an employee leaves the organization the IT staff must change the password or disable the account.  Firewalls  Firewalls are one of the most significant mechanisms of the Organization’s security strategy. Internet networks and other unsafe networks must be separated from the organization network with the use of a firewall.  Firewalls should provide secure administrative access with administration access limited, if probable, to only networks where administration connections would be likely to initiate.  Unnecessary service and application should be prohibited using the firewall. The organization should use 'hardened' systems for firewall platforms, or appliances.  Modifications to firewall rules must be recorded and the records must identify the administrator performing the modification and when the modification occurred.  Firewall must keep records of rejected traffic.  Data breach measures  Files and folders should be designated and confidential using password when sharing on drives.

Backup plan Backup plan of the organization should be a very effective one. Employees should be trained for daily, monthly or weekly backup procedures. Apart from the server in the work site there should backup server in a geographical location which has less tendency for destruction due to natural disasters.  Handling sensitive information Sensitive information should be handled carefully. If demolishing them they should be in such a manner that they can’t be recovered. And they should be stored with password protection  ‘Creditors, directors, employees, government and its agencies, owners / shareholders, suppliers, unions, and the other parties the business draws its resources’ are the main branches of any organization. Discuss the role of these groups to implement security audit recommendations for the organization. Security audit is understanding the vulnerabilities in the current security plan to create a much better plan than the present one. Performing a proper security audit can improve the defense system of the organization. According to Eitan Katz (2017), security audit can be performed in 5 steps.  Outline Your Audit Firstly, the auditor has to list out the assets of the organization which mostly comprise of computer equipment, customer data and other important documents. After listing the security parameters should be defined which allows to differentiate assets into two sectors as assets which need audit and which do not. Because it is not very reasonable to audit all assets.  Outline Your Threats Next the list of threats should be defined. Threats can be of negligent human errors, malware and logical attack, password insecurities and natural disasters. Along with considering the threats the auditor has to look for how these can affect the organization’s performance.  Evaluate Existing Security Performance Now the auditor must look into the present security structure and evaluate it. Here the security structure must be tested with simulating conditions and check for loop holes. It is better to allow an external company to do this task because the internal staff can sometimes pretend that there’s no any issues.  Ranking (Risk Scoring) In this step all the threats are ranked according to their priority. the risks with higher threats are ranked in upper levels whereas minor threats are ranked in lower levels. Also when ranking some factors like history of the organization, current trends in security sector and rules and regulations should be considered.  Prepare Security measures Finally, after observation done in the previous steps the auditor can suggest and formulate security measures. Such measures that can be taken are educating the employees regarding the security threats the organization is facing and will face in future, tighten passwords, provide access controls like fingerprint and smartcard, email related protection, more improved backup plans and constant monitoring of the network. VI. References

https://www.fortinet.com/resources/cyberglossary/what-is-dmz https://study.com/academy/lesson/trusted-network-solutions-environment- technologies.html https://www.manageengine.com/network-monitoring/basics-of-network- monitoring.html https://cheekymunkey.co.uk/what-is-an-it-security-audit/ https://www.myassignmenthelp.net/sample-assignment/unit-5-security https://www.urgenthomework.com/sample-homework/emc-cloud-solutions-unit- 5-security