IT Security Risks and Solutions: A Comprehensive Guide for Junior Staff, Assignments of Computer Security

You work as a trainee IT Security Specialist for a leading Security consultancy in Vietnam called FPT Information security FIS. FIS works with medium sized companies in Vietnam, advising and implementing technical solutions to potential IT security risks. Most customers have outsourced their security concerns due to lacking the technical expertise in house. As part of your role, your manager Jonson has asked you to create an engaging presentation to help train junior staff members on the tool

Typology: Assignments

2020/2021

Uploaded on 02/18/2021

nguyen-manh-tai
nguyen-manh-tai 🇻🇳

4.8

(20)

7 documents

1 / 37

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25

Partial preview of the text

Download IT Security Risks and Solutions: A Comprehensive Guide for Junior Staff and more Assignments Computer Security in PDF only on Docsity!

Higher Nationals in Computing

UNIT 05: SECURITY

ASSIGNMENT 1

Assessor name: PHAN MINH TAM

Learner’s name:

ID:

Class:

Subject code: 1623

Assignment due: Assignment submitted:

❒ Summative Feedback: ❒ Resubmission Feedback:

Grade: Assessor Signature: Date: Signature & Date:

ASSIGNMENT 1 BRIEF

Qualification BTEC Level 5 HND Diploma in Computing Unit number Unit 5: Security Assignment title Security Presentation Academic Year 2018 – 2019 Unit Tutor Issue date Submission date IV name and date Khoa Canh Nguyen, Michael Omar, Nhung 9th/01/ Submission Format The submission is in the form of two documents/files:

  1. A ten-minute Microsoft® PowerPoint® style presentation to be presented to your colleagues. The presentation can include links to performance data with additional speaker notes and a bibliography using the Harvard referencing system. The presentation slides for the findings should be submitted with speaker notes as one copy.
  2. A detailed report that provides more thorough, evaluated or critically reviewed technical information on all of the topics. You are required to make use of the font Calibri, Font size 12, Line spacing 1.5, Headings, P aragraphs , S ubsections and illustrations as appropriate, and all work must be supported with research and referenced using the Harvard referencing system. Unit Learning Outcomes LO1 Assess risks to IT security. LO2 Describe IT security solutions. Assignment Brief and Guidance You work as a trainee IT Security Specialist for a leading Security consultancy in Vietnam called FPT Information security FIS. FIS works with medium sized companies in Vietnam, advising and implementing technical solutions to

LO1 & 2 D1. Investigate how a ‘trusted network’ may be part of an IT security solution P1 Identify types of security risks to organisations. P2 Describe organisational security procedures. M1 Propose a method to assess and treat IT security risks. LO2 Describe IT security solutions P3 Identify the potential impact to IT security of incorrect configuration of firewall policies and third-party VPNs. P4 Show, using an example for each, how implementing a DMZ, static IP and NAT in a network can improve Network Security. M2 Discuss three benefits to implement network monitoring systems with supporting reasons.

Contents

  • Unit 05: Security ASSIGNMENT 1............................................................................................................................
  • P1 Identify types of security risks............................................................................................................................ - 1.What is the information................................................................................................................................... - 1.1 Information Security.................................................................................................................................. - 1.2 Information security important:................................................................................................................ - 1.3 who is responsible for information security:............................................................................................. - 2. Type of security risks to organization :............................................................................................................ - 3. Some of the security risks that organization face..........................................................................................
  • P2 : Describe organisational security procedures.................................................................................................. - 1. Security Procedure........................................................................................................................................ - 2. A mature security program will require the following policies and procedures:........................................... - 2.1 Acceptable Use Policy (AUP).................................................................................................................... - 2.2 Access Control Policy (ACP)..................................................................................................................... - 2.3 Change Management Policy.................................................................................................................... - 2.4Information Security Policy....................................................................................................................... - 2.5 Incident Response (IR) Policy................................................................................................................... - 2.6 Remote Access Policy.............................................................................................................................. - 2.7 Email/Communication Policy................................................................................................................... - 2.8 Disaster Recovery Policy.......................................................................................................................... - 2.9 Business Continuity Plan (BCP)................................................................................................................
  • VPNs...................................................................................................................................................................... P3: Identify the potential impact to IT security of incorrect configuration of firewall policies and third party - 1. What is a firewall?......................................................................................................................................... - 1.1 firewall is.................................................................................................................................................. - 1.2 Firewall activity........................................................................................................................................ - 1.3 Why firewalls are needed........................................................................................................................ - 1.4 Configuration Mistakes:........................................................................................................................... - 2. Ransomware?................................................................................................................................................ - 2.2 Where does ransomware come from?.................................................................................................... - 2.3 How does ransomware work?................................................................................................................. - 3.VPN:................................................................................................................................................................ - 3.1 WHAT IS VPN?......................................................................................................................................... - 3.2 VPN Service Records And Stores User Data.............................................................................................

1.2 Information security important: -Defending data against violence. -Shield it from misunderstood ricks. -Prohibit unauthorized human entry. -Helped recovery. 1.3 who is responsible for information security: When an organisation's knowledge is safe, it completes certain essential tasks: It will evaluate its properties and the threats posed by threat agents to those properties. Discovers the flaws and how to exploit them. It periodically assesses and updates the security policies to ensure that its information is properly

secured.

  • Bottom-up approach: large information management activities are performed from the organization's lower levels upwards.
  • This strategy has one main advantage: Bottom-level workers have the technological skills to understand how knowledge can be protected.
  • Top-down strategy begins at the organization's highest levels and works its way down.
  • In order to make the program effective, a protection strategy implemented by top executives needs the backing.
  • Chief Information Security Officer (CISO): assists in the creation and execution of the security plan;
  • Human firewall: defines the role of each employee in implementing the security. 2. TYPE OF SECURITY RISKS TO ORGANIZATION : Threats are something that could actually harm an organisation, network and IT

Risks are potentials of danger that leverage an asset weakness that can cause harm or failure to the assets. There is a risk that corrupt property developers may gain access to GANT members' personal information and take serious action against them or their properties. This may result in a severe breach of security when an unauthorized individual obtained access to the members' files and other usernames and passwords. The second danger is that anyone who isn't interested in the life of the toads will ruin the habitat of the Natterjack toad. Finally, the third danger is that anyone (unauthorized person) could gain access to the GANT website code and change the message to offensive information for those interested in preserving its existence and nature.

3. SOME OF THE SECURITY RISKS THAT ORGANIZATION FACE. These days, companies face an ever-evolving environment of danger. Threats like Meltdown and Spectre emerge on short notice, as the news has shown us, and from user endpoints to server racks affect the hardware and software in use everyday. Organizations are searching for ways to plan themselves for these almost inevitable happenings. The roundtable security expert d.discusses key security patterns they are studying, how to minimize risks, and what effective businesses are doing to prevent security issues. Assessing security threats is just the beginning of a journey to being prepared in some shape or fashion to deal with an assault on the infrastructure of your business. The advice is varied and there are some cross-areas but in the end of System Administrator, IT Pro, CISO, and CIO must follow an approach that works for their organization. What works for one company may not be the best approach for another, but the ideas discussed in this discussion that help spark off the strategies you follow within your business to

tackle the challenges you face every day. P2 : DESCRIBE ORGANISATIONAL SECURITY PROCEDURES.

1. SECURITY PROCEDURE A security procedure is a set sequence of the activities required for performing a particular security task or function. Procedures are typically organized as a series of steps to be followed as a consistent and repeated process or cycle to achieve an end result. Once adopted, security protocols include a series of acts established to conduct security affairs of the company which will facilitate planning, process auditing, and process improvement.Procedures provide a starting point for implementing the stability needed to reduce inconsistency in security procedures, improving security control within the organization. Reducing uncertainty is also a smart way to reduce duplication, boost productivity and increasing the performance of safety departments. To share the best rehearsals, we will develop passwords, antivirus programming, firewalls, encryption programming, threat and safety knowledge in data security techniques and industry standards. 2. A MATURE SECURITY PROGRAM WILL REQUIRE THE FOLLOWING POLICIES AND PROCEDURES: 2.1 Acceptable Use Policy (AUP) An AUP stipulates the limitations and protocols that an individual may have to adhere to use organizational IT assets to access the corporate network or the internet. Onboarding new employees is a common practice. They are given an AUP to read and register before a Network ID is provided. It is recommended that the departments of Government, defence, legal and human resource review what is included in this regulation. You will find an example at SANS

company information and the security of IT properties. The state of Illinois is a prime example of a downloadable network security programme. 2.5 Incident Response (IR) Policy. The incident prevention strategy provides a systematic guide to how the company treats an incident and discusses the organizational impacts. It is the one software the CISOs are hoping they never have to use. Nonetheless, the aim of this document is to clarify how to treat an incident with respect to mitigating the harm to business operations, customers and the time and cost of recovery. Carnegie Mellon University provides an example of a high-level IR system and SANS provides a clear strategy for data breaches. 2.6 Remote Access Policy The Remote Access Policy is a document that outlines and explains effective ways of connecting to an entity's internal networks remotely. I have also seen this framework include addendums with instructions for the use of BYOD resources. For organizations that have dispersed networks with the potential to reach unsafe network locations, such as the local coffee house or unmanaged home networks, this policy is important. SANS is a case in point of a remote access system. 2.7 Email/Communication Policy An email policy for an company is a document used to explain routinely how workers will use the corporation's preferred electronic communication medium. I've seen this idea commented on by email, blogs, social media and chat platforms. The primary purpose of this policy is to provide guidelines to employees about what is deemed to be the acceptable and improper use of any corporate communications technology. At SANS there's one example of an email policy. 2.8 Disaster Recovery Policy An enterprise's disaster recovery plan will usually include input from cybersecurity and IT

departments, and will be implemented as part of the wider business continuity strategy. The CISO and the personnel are expected to manage an incident by the accident response process. It will trigger the Business Continuity Plan when the accident has a major business effect. SANS is a case in point of a disaster recovery plan. 2.9 Business Continuity Plan (BCP) The BCP will coordinate efforts across the organization and use the disaster recovery plan to restore hardware, applications and data that are considered essential for continuity of business. BCP's are unique to every business as they describe how the organization will operate in an emergency situation. FEMA and Kapnick provide two examples of BCP's that companies can use to build their own. P3: IDENTIFY THE POTENTIAL IMPACT TO IT SECURITY OF INCORRECT CONFIGURATION OF FIREWALL POLICIES AND THIRD PARTY VPNS.

1. WHAT IS A FIREWALL? 1.1 firewall is A network security system that can be based on hardware or software and that uses rules for traffic management that goes in and out. Firewalls act as a firewall between secured and vulnerable networks. It controls the access to network services using an active control model. That is, network access is allowed only for traffic that conforms to the policy defined in the firewall, and all other traffic is refused. Every computer connected to the Internet requires a firewall that helps to monitor what is allowed on the network, and what is allowed out. It is important to have such a "gatekeeper" to monitor what happens for two reasons: First, any networked computer usually links permanently to the Internet. Second, every online computer has its own digital signature, called

Firewalls use rules or exceptions that work well to rid themselves of bad connections. Typically this approach is performed in the background, so users can't see or need any interaction. 1.3 Why firewalls are needed The Internet has brought great benefits to humanity, it is one of the leading contributors to the rapid development of the world, and it can be argued that the Internet has brought people closer together. The threat of computer network vulnerabilities is enormous because of such comprehensive connectivity. It is the ability to attack computer networks, data recovery attacks, intrusion attacks to paralyze the entire mainframe program, attacks to modify the database ... Facing These threats, the maintenance of computer network security, are becoming more urgent and serious than ever before. The prospect of attacks is more complex, more dangerous than ever. There are many security measures for computer networks, such as using resources management tools and services, building network access accounts that require passwords ... But this only includes one of those options. As part of the computer network, there are several ways to breach the network until the computer network vandals penetrate deeper into the network. Therefore, it is important to have the resources to prevent unauthorized access of the network from outside the network, which is the source of the Firewall creation. A firewall will screen dangerous traffic on the internet including hackers, worms and other viruses until they can cause problems with the device. Firewalls can also help one computer to prevent attacks on other computers without realizing it. For computers that are still connected to the Internet, the use of a firewall is essential, as is the case with a broadband connection or DSL / ADSL link.

The firewall consists of at least two network interfaces: public and private, a shared internet connection interface, the party can be accessed by anyone, a private interface is the side containing the protected data. A firewall may have several different interfaces depending on the number of divisions. Each port has its own set of security rules that determine what form of traffic from both public and private networks can bypass. A firewall can do other things as well, with many benefits and drawbacks. Firewalls are often used by network administrators as a VPN gateway, authentication server, or DNS server. But the more services that work on the same server, the greater the risk, as with any other network. Therefore, not all companies can operate Firewalls. 1.4 Configuration Mistakes: Even if the firewall is working on your network and has all the latest vulnerability fixes, if the firewall configuration settings create conflicts, it can still cause problems. For some situations, this can lead to inefficiencies on your organization's network and firewalls provide less security in others. Dynamic routing, for example, is an installation that has long been considered a bad idea to allow because it leads to a lack of control that reduces protection. But some businesses leave it and build a gap in their security against firewalls. Getting a poorly built firewall is like filling the moat of a sand castle and putting the key to the main entrance in a key right next to the entrance - you just make the attacker simpler while Waste of time, energy and effort for your "protection" measures.