





























Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
You work as a trainee IT Security Specialist for a leading Security consultancy in Vietnam called FPT Information security FIS. FIS works with medium sized companies in Vietnam, advising and implementing technical solutions to potential IT security risks. Most customers have outsourced their security concerns due to lacking the technical expertise in house. As part of your role, your manager Jonson has asked you to create an engaging presentation to help train junior staff members on the tool
Typology: Assignments
1 / 37
This page cannot be seen from the preview
Don't miss anything!






























Grade: Assessor Signature: Date: Signature & Date:
Qualification BTEC Level 5 HND Diploma in Computing Unit number Unit 5: Security Assignment title Security Presentation Academic Year 2018 – 2019 Unit Tutor Issue date Submission date IV name and date Khoa Canh Nguyen, Michael Omar, Nhung 9th/01/ Submission Format The submission is in the form of two documents/files:
LO1 & 2 D1. Investigate how a ‘trusted network’ may be part of an IT security solution P1 Identify types of security risks to organisations. P2 Describe organisational security procedures. M1 Propose a method to assess and treat IT security risks. LO2 Describe IT security solutions P3 Identify the potential impact to IT security of incorrect configuration of firewall policies and third-party VPNs. P4 Show, using an example for each, how implementing a DMZ, static IP and NAT in a network can improve Network Security. M2 Discuss three benefits to implement network monitoring systems with supporting reasons.
1.2 Information security important: -Defending data against violence. -Shield it from misunderstood ricks. -Prohibit unauthorized human entry. -Helped recovery. 1.3 who is responsible for information security: When an organisation's knowledge is safe, it completes certain essential tasks: It will evaluate its properties and the threats posed by threat agents to those properties. Discovers the flaws and how to exploit them. It periodically assesses and updates the security policies to ensure that its information is properly
secured.
Risks are potentials of danger that leverage an asset weakness that can cause harm or failure to the assets. There is a risk that corrupt property developers may gain access to GANT members' personal information and take serious action against them or their properties. This may result in a severe breach of security when an unauthorized individual obtained access to the members' files and other usernames and passwords. The second danger is that anyone who isn't interested in the life of the toads will ruin the habitat of the Natterjack toad. Finally, the third danger is that anyone (unauthorized person) could gain access to the GANT website code and change the message to offensive information for those interested in preserving its existence and nature.
3. SOME OF THE SECURITY RISKS THAT ORGANIZATION FACE. These days, companies face an ever-evolving environment of danger. Threats like Meltdown and Spectre emerge on short notice, as the news has shown us, and from user endpoints to server racks affect the hardware and software in use everyday. Organizations are searching for ways to plan themselves for these almost inevitable happenings. The roundtable security expert d.discusses key security patterns they are studying, how to minimize risks, and what effective businesses are doing to prevent security issues. Assessing security threats is just the beginning of a journey to being prepared in some shape or fashion to deal with an assault on the infrastructure of your business. The advice is varied and there are some cross-areas but in the end of System Administrator, IT Pro, CISO, and CIO must follow an approach that works for their organization. What works for one company may not be the best approach for another, but the ideas discussed in this discussion that help spark off the strategies you follow within your business to
tackle the challenges you face every day. P2 : DESCRIBE ORGANISATIONAL SECURITY PROCEDURES.
1. SECURITY PROCEDURE A security procedure is a set sequence of the activities required for performing a particular security task or function. Procedures are typically organized as a series of steps to be followed as a consistent and repeated process or cycle to achieve an end result. Once adopted, security protocols include a series of acts established to conduct security affairs of the company which will facilitate planning, process auditing, and process improvement.Procedures provide a starting point for implementing the stability needed to reduce inconsistency in security procedures, improving security control within the organization. Reducing uncertainty is also a smart way to reduce duplication, boost productivity and increasing the performance of safety departments. To share the best rehearsals, we will develop passwords, antivirus programming, firewalls, encryption programming, threat and safety knowledge in data security techniques and industry standards. 2. A MATURE SECURITY PROGRAM WILL REQUIRE THE FOLLOWING POLICIES AND PROCEDURES: 2.1 Acceptable Use Policy (AUP) An AUP stipulates the limitations and protocols that an individual may have to adhere to use organizational IT assets to access the corporate network or the internet. Onboarding new employees is a common practice. They are given an AUP to read and register before a Network ID is provided. It is recommended that the departments of Government, defence, legal and human resource review what is included in this regulation. You will find an example at SANS
company information and the security of IT properties. The state of Illinois is a prime example of a downloadable network security programme. 2.5 Incident Response (IR) Policy. The incident prevention strategy provides a systematic guide to how the company treats an incident and discusses the organizational impacts. It is the one software the CISOs are hoping they never have to use. Nonetheless, the aim of this document is to clarify how to treat an incident with respect to mitigating the harm to business operations, customers and the time and cost of recovery. Carnegie Mellon University provides an example of a high-level IR system and SANS provides a clear strategy for data breaches. 2.6 Remote Access Policy The Remote Access Policy is a document that outlines and explains effective ways of connecting to an entity's internal networks remotely. I have also seen this framework include addendums with instructions for the use of BYOD resources. For organizations that have dispersed networks with the potential to reach unsafe network locations, such as the local coffee house or unmanaged home networks, this policy is important. SANS is a case in point of a remote access system. 2.7 Email/Communication Policy An email policy for an company is a document used to explain routinely how workers will use the corporation's preferred electronic communication medium. I've seen this idea commented on by email, blogs, social media and chat platforms. The primary purpose of this policy is to provide guidelines to employees about what is deemed to be the acceptable and improper use of any corporate communications technology. At SANS there's one example of an email policy. 2.8 Disaster Recovery Policy An enterprise's disaster recovery plan will usually include input from cybersecurity and IT
departments, and will be implemented as part of the wider business continuity strategy. The CISO and the personnel are expected to manage an incident by the accident response process. It will trigger the Business Continuity Plan when the accident has a major business effect. SANS is a case in point of a disaster recovery plan. 2.9 Business Continuity Plan (BCP) The BCP will coordinate efforts across the organization and use the disaster recovery plan to restore hardware, applications and data that are considered essential for continuity of business. BCP's are unique to every business as they describe how the organization will operate in an emergency situation. FEMA and Kapnick provide two examples of BCP's that companies can use to build their own. P3: IDENTIFY THE POTENTIAL IMPACT TO IT SECURITY OF INCORRECT CONFIGURATION OF FIREWALL POLICIES AND THIRD PARTY VPNS.
1. WHAT IS A FIREWALL? 1.1 firewall is A network security system that can be based on hardware or software and that uses rules for traffic management that goes in and out. Firewalls act as a firewall between secured and vulnerable networks. It controls the access to network services using an active control model. That is, network access is allowed only for traffic that conforms to the policy defined in the firewall, and all other traffic is refused. Every computer connected to the Internet requires a firewall that helps to monitor what is allowed on the network, and what is allowed out. It is important to have such a "gatekeeper" to monitor what happens for two reasons: First, any networked computer usually links permanently to the Internet. Second, every online computer has its own digital signature, called
Firewalls use rules or exceptions that work well to rid themselves of bad connections. Typically this approach is performed in the background, so users can't see or need any interaction. 1.3 Why firewalls are needed The Internet has brought great benefits to humanity, it is one of the leading contributors to the rapid development of the world, and it can be argued that the Internet has brought people closer together. The threat of computer network vulnerabilities is enormous because of such comprehensive connectivity. It is the ability to attack computer networks, data recovery attacks, intrusion attacks to paralyze the entire mainframe program, attacks to modify the database ... Facing These threats, the maintenance of computer network security, are becoming more urgent and serious than ever before. The prospect of attacks is more complex, more dangerous than ever. There are many security measures for computer networks, such as using resources management tools and services, building network access accounts that require passwords ... But this only includes one of those options. As part of the computer network, there are several ways to breach the network until the computer network vandals penetrate deeper into the network. Therefore, it is important to have the resources to prevent unauthorized access of the network from outside the network, which is the source of the Firewall creation. A firewall will screen dangerous traffic on the internet including hackers, worms and other viruses until they can cause problems with the device. Firewalls can also help one computer to prevent attacks on other computers without realizing it. For computers that are still connected to the Internet, the use of a firewall is essential, as is the case with a broadband connection or DSL / ADSL link.
The firewall consists of at least two network interfaces: public and private, a shared internet connection interface, the party can be accessed by anyone, a private interface is the side containing the protected data. A firewall may have several different interfaces depending on the number of divisions. Each port has its own set of security rules that determine what form of traffic from both public and private networks can bypass. A firewall can do other things as well, with many benefits and drawbacks. Firewalls are often used by network administrators as a VPN gateway, authentication server, or DNS server. But the more services that work on the same server, the greater the risk, as with any other network. Therefore, not all companies can operate Firewalls. 1.4 Configuration Mistakes: Even if the firewall is working on your network and has all the latest vulnerability fixes, if the firewall configuration settings create conflicts, it can still cause problems. For some situations, this can lead to inefficiencies on your organization's network and firewalls provide less security in others. Dynamic routing, for example, is an installation that has long been considered a bad idea to allow because it leads to a lack of control that reduces protection. But some businesses leave it and build a gap in their security against firewalls. Getting a poorly built firewall is like filling the moat of a sand castle and putting the key to the main entrance in a key right next to the entrance - you just make the attacker simpler while Waste of time, energy and effort for your "protection" measures.