IT Security Risks: Assessment & Mitigation for Junior Staff, Assignments of Computer Science

You work as a trainee IT Security Specialist for a leading Security consultancy in Vietnam called FPT Information security FIS

Typology: Assignments

2019/2020

Uploaded on 09/07/2021

fg-hcm-le-vo-hong-ngoc
fg-hcm-le-vo-hong-ngoc 🇻🇳

4.8

(8)

4 documents

1 / 33

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
Assignment Brief 1 (RQF)
Higher National Certificate/Diploma in Computing
Student Name/ID Number:
Unit Number and Title:
Unit 5: Security
Academic Year:
2021 2022
Unit Assessor:
Van Ho
Assignment Title:
Security Presentation
Issue Date:
April 1st, 2021
Submission Date:
Internal Verifier Name:
Date:
Submission Format:
Format:
The submission is in the form of an individual written report. This should be written in a concise,
formal business style using single spacing and font size 12. You are required to make use of
headings, paragraphs and subsections as appropriate, and all work must be supported with research
and referenced using the Harvard referencing system. Please also provide a bibliography using the
Harvard referencing system.
Submission
Students are compulsory to submit the assignment in due date and in a way requested by the
Tutor.
The form of submission will be a soft copy posted on http://cms.greenwich.edu.vn/.
Remember to convert the word file into PDF file before the submission on CMS.
Note:
The individual Assignment must be your own work, and not copied by or from another student.
If you use ideas, quotes or data (such as diagrams) from books, journals or other sources, you
must reference your sources, using the Harvard style.
Make sure that you understand and follow the guidelines to avoid plagiarism. Failure to comply
this requirement will result in a failed assignment.
Unit Learning Outcomes:
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21

Partial preview of the text

Download IT Security Risks: Assessment & Mitigation for Junior Staff and more Assignments Computer Science in PDF only on Docsity!

Assignment Brief 1 (RQF)

Higher National Certificate/Diploma in Computing

Student Name/ID Number:

Unit Number and Title: Unit 5 : Security

Academic Year: 2021 – 2022

Unit Assessor: Van Ho

Assignment Title: Security Presentation

Issue Date: April 1 st, 2021

Submission Date:

Internal Verifier Name:

Date:

Submission Format:

Format:

● The submission is in the form of an individual written report. This should be written in a concise, formal business style using single spacing and font size 12. You are required to make use of headings, paragraphs and subsections as appropriate, and all work must be supported with research and referenced using the Harvard referencing system. Please also provide a bibliography using the Harvard referencing system.

Submission

● Students are compulsory to submit the assignment in due date and in a way requested by the Tutor. ● The form of submission will be a soft copy posted on http://cms.greenwich.edu.vn/. ● Remember to convert the word file into PDF file before the submission on CMS.

Note:

● The individual Assignment must be your own work, and not copied by or from another student. ● If you use ideas, quotes or data (such as diagrams) from books, journals or other sources, you must reference your sources, using the Harvard style. ● Make sure that you understand and follow the guidelines to avoid plagiarism. Failure to comply this requirement will result in a failed assignment.

Unit Learning Outcomes:

LO1 Assess risks to IT security.

LO 2 Describe IT security solutions.

Assignment Brief and Guidance:

Assignment scenario

You work as a trainee IT Security Specialist for a leading Security consultancy in Vietnam called FPT Information security FIS.

FIS works with medium sized companies in Vietnam, advising and implementing technical solutions to potential IT security risks. Most customers have outsourced their security concerns due to lacking the technical expertise in house. As part of your role, your manager Jonson has asked you to create an engaging presentation to help train junior staff members on the tools and techniques associated with identifying and assessing IT security risks together with the organizational policies to protect business critical data and equipment.

Tasks

In addition to your presentation, you should also provide a detailed report containing a technical review of the topics covered in the presentation.

Your presentation should:

 Identify the security threats FIS secure may face if they have a security breach. Give an example of a recently publicized security breach and discuss its consequences  Describe a variety of organizational procedures an organization can set up to reduce the effects to the business of a security breach.  Propose a method that FIS can use to prioritize the management of different types of risk  Discuss three benefits to FIS of implementing network monitoring system giving suitable reasons.  Investigate network security, identifying issues with firewalls and IDS incorrect configuration and show through examples how different techniques can be implemented to improve network security.  Investigate a ‘trusted network’ and through an analysis of positive and negative issues determine how it can be part of a security system used by FIS.

Your detailed report should include a summary of your presentation as well as additional, evaluated or

critically reviewed technical notes on all of the expected topics.

Contents

  • Assignment Brief 1 (RQF)
    • Higher National Certificate/Diploma in Computing
  • P1.IDENTIFY TYPES OF SECURITY RISKS TO ORGANISATIONS
      1. What is the security? ...................................................................................................
      1. What is security risk? .................................................................................................
      1. Types of security risks: ...............................................................................................
      • 3.1 Malware: ...............................................................................................................
      • 3.2 Password Theft: .....................................................................................................
      • 3.3 Traffic Interception: ...............................................................................................
      • 3.4 Phishing Attacks: ...................................................................................................
      • 3.5 DDos: ...................................................................................................................
      • 3.6 Cross Site Attack: ..................................................................................................
      • 3.7 Zero-Day Exploits:
      • 3.8 SQL Injection:
      • 3.9 Social Engineering:
      • 3.10 MitN Attack:
      • 3.11 Ransomeware:
      • 3.12 Cryptojacking:
      • 3.13 Water Hole Attack:
      • 3.14 Drive-By Attack:
      • 3.15 Trojan Virus:
  • P2 DESCRIBE ORGANISATIONAL SECURITY PROCEDURES.
      1. Security procedures:
      1. Process to protect network security for businesses:
      • 2.1 Protect computers and electronic devices of the business:
      • 2.2 Protecting business data and customer information:
      • 2.3 Improve employee knowledge:
  • and IDS.............................................................................................................................................. P3 Identify the potential impact to IT security of incorrect configuration of firewall policies
      1. Definition – Policy – Usage – Advantaged of Firewall
      1. Firewall to Network Security
      1. Diagrams the example of how firewall works
      1. IDS and Usage
      1. Threat-risk of firewall and IDS incorrect configuration to the network
  • IP AND NAT IN A NETWORK CAN IMPROVE NETWORK SECURITY. P4 SHOW, USING AN EXAMPLE FOR EACH, HOW IMPLEMENTING A DMZ, STATIC

1. DMZ: ....................................................................................................................... 26

2. Static IP: .................................................................................................................. 28 3. NAT: ..................................................................................................................... 29

M2 Discuss three benefits to implement network monitoring systems with supporting reasons: ................................................................................................................ Error! Bookmark not defined.

D1 Investigate how a ‘trusted network’ may be part of an IT security solution: ................ Error! Bookmark not defined.

3. Types of security risks: 3.1 Malware: + It’s been around since the internet’s inception and continues to remain a consistent problem. Malware is when an unwanted piece of programming or software install itself on a target system, causing unusual behavior. This ranges from denying access to programs, deleting files, stealing information, and spreading itself to other systems

3.2 Password Theft:

  • A common conclusion when you log in to an account, only to find your password changed and details lost. The reality is an unwanted third party managed to steal or guess your password and has since run amok with the information. It’s far worse for an enterprise, which may lose sensitive data.

3.3 Traffic Interception:

  • Also known as “eavesdropping”, traffic interception occurs when a third-party “listens” to info sent between a user and host. The kind of information stolen varies based on traffic but is often used to take log-ins or valuable data.

3.4 Phishing Attacks:

  • Phishing scams are an older attack method and rely on social engineering to achieve its goal. Typically, an end user receives a message or email which requests sensitive data, such as a password. Sometimes, the phishing message appears official, using legitimate appearing addresses and media. This compels an individual to click on links and accidentally give away sensitive information.

3.7 Zero-Day Exploits:

  • Occurring after the discovery of a “zero-day vulnerability,” an exploit is a targeted attack against a system, network, or software. This attack takes advantage of an overlooked security problem, looking to cause unusual behavior, damage data, and steal information

3.8 SQL Injection:

  • An SQL attack is essentially data manipulation, implemented to access information which isn’t meant to be available. Essentially, malicious third parties manipulate SQL “queries” (the typical string of code request sent to a service or server) to retrieve sensitive info.

3.9 Social Engineering:

  • Similar to phishing, social engineering is the umbrella method for attempting to deceive users into giving away sensitive details. This can occur on any platform, and malicious parties will often go to great lengths to accomplish their goals, such as utilizing social-media info.

3.10 MitN Attack:

  • A Man-in-the-Middle attack occurs when a third-party hijacks a session between client and host. The hacker generally cloaks itself with a spoofed IP address, disconnects the client, and requests information from the client. For example, attempting to log-in to a bank session would allow a MITM attack to hijack user info related to their bank account.

3.11 Ransomeware:

  • A nasty variant of malware, ransomware installs itself on a user system or network. Once installed, it prevents access to functionalities (in part or whole) until a “ransom” is paid to third parties.
  • Generally used to target organizations, water hole attacks occur when a group infects websites a particular organization frequently uses. The goal – much like a cross-site attack
  • is to load a malicious payload from the infected sites.

3.14 Drive-By Attack:

  • In a drive-by-attack, malicious code is delivered onto a system or device. The distinction, however, is that no action is needed on the user end, where typically they need to click a link or download an executable.

3.15 Trojan Virus:

  • Trojan malware attempts to deliver its payload by disguising itself as legitimate software. One technique used was an “alert” a user’s system was compromised by malware, recommending a scan, whereby the scan actually delivered the malware.

P2 DESCRIBE ORGANISATIONAL SECURITY PROCEDURES.

1. Security procedures: + Security procedures are detailed step-by-step instructions on how to implement, enable, or enforce security controls as enumerated from your organization's security policies. Security procedures should cover the multitude of hardware and software components supporting your business processes as well as any security related business processes themselves (e.g. onboarding of a new employee and assignment of access privileges. 2. Process to protect network security for businesses: 2.1 Protect computers and electronic devices of the business:  Update software to the latest version: Older software often contains many security holes. These vulnerabilities are the loopholes for hackers to exploit and break into the network. To minimize the risk of attack from hackers, software developers researched and updated vulnerability patches to new version software. After updating the new version, enterprises can operate without worrying about hackers watching.

 Data encryption is backed up on the cloud: Most businesses today back up data on a cloud computing platform. However, do not be so subjective. Enterprises should ask administrators to encrypt important files. This helps businesses not have to depend too much on the security of cloud computing and still use it with peace of mind.

 Use SSL certificate & HTTPS protocol to protect website security: Customer information on the website can be easily stolen if the business does not use any security measures. The best way to protect is to use SSL certificates and HTTPS protocol on the website. This ensures customer information is encrypted as it travels from their servers to the business computers.

 Improved security for user passwords: Passwords are very vulnerable to hacking. If the password is weak, hackers can find it and break into the system in just a few minutes.

2.3 Improve employee knowledge:  The human factor is extremely important in enterprise security process. Therefore, it is very important to train employees on cyber security awareness. However, in order to avoid training situation that differs from reality, enterprises need to develop training programs suitable to the roles of each employee. For non-IT staff, the training scope should only revolve around basic knowledge. With IT staff, make sure they are proficient with advanced knowledge and tasks.

A firewall is a network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules. Its purpose is to establish a barrier between your internal network and incoming traffic from external sources (such as the internet) in order to block malicious traffic like viruses and hackers. Firewalls can be software, hardware or cloud based, each of which has its own unique advantages and disadvantages.

Policy of Firewall:

A firewall policy dictates how firewalls should handle network traffic for specific IP addresses andaddress ranges, protocols, applications, and content types (Ex: active content) based on the organization’s information security policies. Firewall policy should be documented in the system security plan and frequently maintained and updated as new attack classes and vulnerabilities occur or as the organization changes network app needs.

These are some types of Firewall Policies:

 Policies Based on IP Addresses and Protocols  Policies Based on Application  Policies Based on User Identity  Policies Based on Network Activity Usage of Firewall:

Usage of Firewall:

There are 7 usage of firewall:

 Prevents the Passage of Unwanted Content  Prevents Unauthorized Remote Access  Prevents Indecent Content  Guarantees Security Based on Protocol and IP Address  Protects Seamless Operations in Enterprises  Protects Conversations and Coordination Contents  Prevents Destructive Content from Online Videos and Games  A firewall is a cybersecurity tool that protects systems when operating on the internet. With so much malicious content being floated across the web of the internet, it is very important to keep the systems secure. It doesn’t matter in which form firewalls exist, only that they protect the systems effectively.

Advantaged of Firewall:

  1. Monitor Traffic.

A major responsibility of a firewall is to monitor the traffic passing through it. Whatever the information traveling through a network is in the form of packets. Firewall inspects each of these packets for any hazardous threats. If any chance the firewall happens to find them it will immediately block them.

  1. Protection against Trojans