Network Security Proposal Part 1 Cmit 320 Assignment

1226 words - 5 pages

I. Analysis and Planning
A. Vulnerability Assessment
Requirements
The security and availability of the school network plays a huge role in the success of those who attend it. In order to provide a secure network environment for the betterment of the students and faculty a vulnerability assessment needs to take place. This vulnerability assessment is used to find where the weaknesses are in a network in order to assist in the protection of the network.
Proposed Solution
I have researched different vulnerability scanners to find out which will meet our needs for the vulnerability assessment. Weaknesses that he scanner will be looking for will be unused online ports, any applications that need to be used, critical patches necessary, any default passwords, and any misconfigured items. There are options for both free vulnerability scanners and ones which need to be paid for. I propose the use of Microsoft Baseline Security Analyzer or MBSA in order to find the issues with the current network configuration.
Justification
I chose MBSA because it gives an in depth security analysis. MBSA, because it has to be activated on each computer revealing their vulnerabilities, is most useful in a setting such as this where there are not thousands of computers. This way we get an in depth understanding of the vulnerabilities. Another advantage is that due to being created by Microsoft there are many resources that can be used to find out how best to utilize the scanner.
B. Security Policy
Requirements
Security policies for networks define the policies required to secure the network. A security policy can be split into four parts regulations, procedures, baselines, and guidelines. A security policy needs to take into account network devices, data loss prevention, software on the network, and most importantly employee background checks and user education on security policies.
Proposed Solution
Network security policies should start with user education on security policy and employee background checks. Before employment employees should be screened to make sure there is not a history of bad behavior and in the onboarding process they should be educated on the policies of what they can and cannot do on the network. Make sure that these very same users only have access to what they need to access, use the concept of least privilege to only give people the minimum privileges to do their job. Students should not have access to the teachers grading application and teachers do not need to be able to log into the network equipment. Unused ports should also be turned off as they present a security risk that can be avoided. And unnecessary programs should not be allowed to be added onto the computers.
Justification
The reason for these policies is that unused portions of the network and unneeded programs open up holes in the defense of the network that are unnecessary as those items are not needed for people to complete their duties. This is the same reason for implementing the principle of least privilege as unnecessary privileges lead to unnecessary risk if that user either gets hacked or decides to damage the network.
C. Risk Management
Requirements
Risk management is the process of securing the network in such a way that if an attack occurred there would be minimal damage to the network. There needs to be a recovery process for what to do after an attack. Things to take into account are assets, loss, threat probability, threat vectors, countermeasures put in place, and risk management. There needs to be an identification of the value of assets within the network and a threat prioritization so that risk management can decide what needs to be done to reduce the amount of damage from an attack.
Proposed Solutions
Analysis of all of the assets on the network needs to be taken place. In addition computer backups need to be in place in the case of the loss of data so that recovery can occur. One must find the vectors of attack that can be used and must decide whether it is worth keeping certain items such as specific programs that have these vulnerabilities in them. Threat probability can be estimated to decide if something is worth the risk to keep on the network.
Justification
This is all necessary in order to manage the risk on a network as the only way to be completely safe is to cut off the network completely in which case it is useless. Threats will be present and attacks will occur but if the risk is managed well the damage to the availability of the network and loss of resources will be minimal.
D. Business Continuity Plan
Requirements
The Business Continuity Plan is put in place to make sure that the business is restored to its usual operation in as little time as possible after an attack. A BCP has five steps analysis, solution design, implementation, testing organizational acceptance, and maintenance. A BCP indentifies and prioritizes critical functions, calculates time for recovery from an attack, and identifies how to recover damaged assets.
Proposed Solutions
A business impact analysis needs to be put in place in order to analyze threats to assets, find mission critical functions and systems, and finds the maximum down time that the business can survive caused by an attack. The BCP also needs a disaster recovery plan that plans how to resume normal use of applications and data, plans to change to alternate processing sites in a disaster, and plans how to convert the original site back after the disaster is over.
Justification
Plans such as the BCP can help determine what needs to be done before and after a disaster that causes loss of assets and data. The BCP will have short term recovery plans to allow for business to continue temporarily and has plans on how to fully restore original operations after the disaster is over.
E. Access Controls
Requirements
Access controls need to be used in order to keep users from accessing items which they do not need to access or should not access. Users can cause a lot of damage accidentally or on purpose by misusing portions of the network. A proper set of access controls is necessary in order to keep the network safe.
Proposed Solutions
Access controls to implement are things like the principle of least privilege that was mentioned above. Users do not need to have access to portions of the network that they do not use for their job. Separation of duties works well with this principle because it means that there are only specific people who have the privileges to do each job, this way if one person is compromised and hacked there is only a limited amount that the hacker can do with that persons privileges. Job rotation should also be used so that people can be rotated through each job in order to provide more oversight if someone is doing something malicious.
Justification
These items are required in order to make sure that the least amount of damage is done to the network in the case of a rogue user or in the case a hacker is impersonating one of those users. Access controls keep the damage contained so that the network can be more easily brought back to normal operation after an attack and makes sure that no one person can bring down the entire network.

RELATED

network and security homework 1 - george mason university - assignment

657 words - 3 pages MIS 320 – 004 HW Assignment #1 1. As related to networking, what are protocols? In short, network protocols are the rules for communications between them. The long definition is Network protocols are formal standards and policies comprised of rules, procedures and formats that define communication between two or more devices over a network. 2. What are the two parts of a MAC address? The two parts of the mac address are, Organizational

Assignment 1 question and answer for part 1 - SEMO - Question and answer

2294 words - 10 pages Southeast Missouri State University, MK555 Assignment 1 60 POINTS (UG)/ 47.5 POINTS (G) 1. How does technology change traditional marketing? Describe the important Internet properties that affect marketing. b) What are the key elements of Web 2.0? c) What are the key elements of Web 3.0? As a consumer who is in control, what would you like to see for the future Web 3.0? Over the period technology has changed the way marketing is done as reaching

business proposal for marketing class - marketing 320 - assignment

2427 words - 10 pages that I can create a personalized product development plan that suits the requirements of your company. Sincerely, Claire Yang 1 Business Proposal for Listerine The Baby Mouth Wash Address: 28 Westahmpton Way Richmond, Virginia, 23173 Cell.: (804) 928-8017 Email.: Caire.yang@richmond.edu 2 Table of Contents I. Executive Summary ............................................................................................... 3 Introductory Statement

Marketing Metrics and Pricing Decision - S.P.Jain School of Global Management - Assignment Part 1

1769 words - 8 pages MMPD – SBR2: Group 4 (Amit, Priyanka, Rubi, Olivia) Question 1: What should a customer be willing to pay for one of Curled Metal Incorporated’s (CMI) new cushion pads? What factors are relevant in calculating willingness to pay in this situation? Please come to class with a specific monetary estimate of customer value in this situation. With respect to 11.5-inch cushion pad, a customer should be willing to pay a bit more for one of CMI’s new

International Organisations Essay - International Organisations UTS - Essay

4008 words - 17 pages ) 11 Global Convergence 407; Kamrul Hossain ‘The Challenge and Prospect of Security Council Reform’ (2010) 7 Regent Journal of International Law 299.] [5: Anna Spain ‘The U.N. Security Council’s Duty to Decide’ (2013) 4 Harvard National Security Journal 320.] Part 1 – The Need for Reform The Need to Reflect the Evolving Geopolitical Realities of the Political Climate The underrepresented geopolitical structure in the UNSC has persisted with the

Identifying threat and vulnerability - St.cloud state university - Assignment1

1700 words - 7 pages Assignment #1- Assessment Worksheet 15 Points Assignment #1 Identifying Threats and Vulnerabilities in an IT Infrastructure Introduction The task of identifying risks in an IT environment can become overwhelming. Once your mind starts asking “what if...?” about one IT area, you quickly begin to grasp how many vulnerabilities exist across the IT spectrum. It may seem impossible to systematically search for risks across the whole IT

ITSS 4370 - Assignment 3 - Process Framework - UTD/ITSS 4370 - Assignment

881 words - 4 pages ITSS 4370 Assignment 3: Process Framework PCI DSS As a consumer of any company, the most basic and expected capability in completing a transaction is that the seller be able to keep the consumer’s credit card and cardholder information secure and confidential. The Payment Card Industry Data Security Standard (PCI DSS) was developed and created in 2004 by the major credit card issuers Visa, MasterCard, Discover and American Express just for this

comparative essay on ext4 and nfts file system - university of westminster - essay

407 words - 2 pages 6ELEN013W Operating Systems and Drivers Coursework 1 – File Systems Weighting: 25% Submission via TurnItIn under Blackboard. The work must be entirely your own. Any material from other authors must be correctly referenced in accordance with University regulations. Referencing entire paragraphs or paraphrasing them (i.e. rewriting them in your own words) is not acceptable. Use of references should support your argument, not be your argument.  Any

Business Development - Business Plan Of ISP Company

5286 words - 22 pages Xxx s.r.o. and prepare proposal how to formulate new Business Plan. Xxx is my key customer for Data business.1.3. Data collection methods and information sourcesThis assignment has been elaborated using the relevant information sources and methods, including above all:Sources:Discussion with departments of XxxInternetMethods and procedures:Collecting relevant data and factsInterviews, email and telephone communication and deduction for

BUS 221 Assignment BUS 221 Assignment - ISU - Essay

919 words - 4 pages Abby Markowski April 24, 2019 Chapter 10 Assignment 1. Read the article Cybersecurity for Small Business. Compare the security tips provided in the article to the safeguards described in Chapter 10. What new tips did you learn from the article? The security tips provided in the article to the safeguards described in Chapter 10 are similar at the fact that companies should employ best practices on payment cards. Using these smart cards would

Advantages and Disadvantages of Networking - South University - Assignment

2848 words - 12 pages Albert Simmons WEEK 1 DISCUSSION Advantages and Disadvantages of Networks In this assignment, you will distinguish between the advantages and disadvantages of using computing networks. You will also get familiarized with the terms associated with networks. Provide a detailed description of situations in which the use of networks benefited you as well as situations where the use of networks was a disadvantage. Share at least one situation for

Network Research within industries - Network - Essay

1491 words - 6 pages company plans on the network design to last at least 4 years. The hubs, switches and routers should be easy to install, use and manage. 5.4 Security Requirements: Protecting the network is always a top priority and must be dealt with seriously. Securing the network from unauthorised access and use can be done in several ways. 1. Stopping staff from installing any software that’s not approved from the IT staff and programs that may allow staff or anyone

Accounting 3&4 Chapter 10 Exercise Solutions - WLC - Solution

3490 words - 14 pages Reporting Period: it is not part of the expense figure, but actually an asset – a future economic benefit. d General Journal General Ledger Subsidiary Ledger Date Details Debit $ Credit $ Debit $ Credit $ June 30 Rent Expense 2 700 Prepaid Rent Expense 2 700 e General Ledger Prepaid Rent Expense (A) Date Cross-reference Amount $ Date Cross-reference Amount $ Aug. 31 Bank 1 500 June 30 Rent Expense 2 700 Feb. 28 Bank 1 800 Balance 600 3 300 3 300

group assignment for semester 2, 2018 - university of adelaide - assignment

730 words - 3 pages Assignment Advance Funds Management (M) Semester 2, 2018 Assignment Brief: Your 3-member Mutual Funds Analysis team has recently been hired to (i) Create an Australian Equity Active fund, (ii) Analyse a US bond fund, (iii) Create an Australian/US multi-asset (Equities and Bonds only)class fund. Requirements: 1. Create and Active Australian Equity fund Each team will create an active Australian equity fund. This portfolio will have a tracking

International Management Report - "JIO" - ANU - Assignment

2991 words - 12 pages service provider in Australia, Optus have committed on an investment of AUD 1 bn to expand and improve their 4G services across Australia. Vodafone also have announced an investment of around AUD 2 bn to increase the coverage and capacity of their mobile network. 71,572 1,21,147 1,75,076 0 20,000 40,000 60,000 80,000 1,00,000 1,20,000 1,40,000 1,60,000 1,80,000 2,00,000 2015 2016 2017 Mobile Internet Consumption Mobile Handset Internet