Advanced System and Network Security | Assignment
Added on -2020-03-16
| 18 pages| 4395 words| 360 views
Trusted by 2+ million users,
1000+ happy students everyday
Showing pages 1 to 4 of 18 pages
Running head: Advanced System and Network Security1Advanced System and Network SecurityNameAffiliate Institution
Running head: Advanced System and Network Security2Table of ContentsQuestion 1........................................................................................................................................3Question 2........................................................................................................................................5Question 3........................................................................................................................................8Question 4......................................................................................................................................10Question 5......................................................................................................................................13Question 6......................................................................................................................................14References......................................................................................................................................16
Running head: Advanced System and Network Security3Question 1Outline a security architecture for the distributed environment shown below, where userswish to access enterprise services from various remote locations such as home, airport andother branch offices.a) Analyze the security threats that can arise in such an environment. State any assumptionsthat you are making.SolutionPhysical threatsUsing distributed environment such as cloud computing is not an assurance that denial of serviceattacks cannot occur. When you work from a different location apart from the office, there areother external factors that ca lead to denial of service, they include pets, children who candestroy, hide or interfere with your work station at home. There doesn’t exist a solution to thistype of DOS unless if the organization issues devices like iPhone that supports feature such as“find my iPhone”. (Stewart, Chapple & Gibson, 2012). Cloud computing cannot totally prevent critical information from being transferred to devicesthat are not appropriately secured. To stop this, some extra controls need to be put in place.Use of emails by employees working remotely has enhanced loss of critical and confidential dataover time. In this particular generation, nobody really wants to utilize the secured browserbecause of its unfriendly interface. Sometimes the system admin forgets that employees workingoffline still have access to the data in their inboxes even after data center lock down in case of anattack.Sometimes the devices that the employees are using when working offline have the capability tobe wiped remotely. When this happens some of the crucial personal data that the employee hadstored there will be deleted permanently. (Wang, 2010).b) Specify the types of security services that would be needed to counteract this securitythreats and what type of security mechanisms could support these services.Solution
Running head: Advanced System and Network Security4Securing Multiple DevicesSecurity of the devices the remote employee is using is very critical. These devices are veryvulnerable as they can easily get lost or stolen and sensitive data could land in to the wrongperson if not well handled. (Zia, Zomaya, Varadharajan & Mao, 2013).The following are some of the ways to enable employees to work securely remotely. It is important to always use enhanced security software in the end devices used by the remoteemployees as malicious software that steals data always get in to the devices via emails andwhen browsing. It is recommended to use applications and interfaces provided by the cloud vendor. This ensurethat security of data is of high level since the vendor has implemented features to encrypt datawhile being transmitted from the remote servers to the organization’s intranet. (Morana &UcedaVelez, 2011).Implementing virtual private network can help keep the connections and internet secured. VPNprovided by a third party vendor would have implemented all the security patches that arerequire to continuously check the network for any malicious activity. The company should always make sure that strict procedures on data access, usability andmodification have been clearly stated to the employees opting to work remotely. Theorganization should clearly outline who have access to the data center and clearly defines theprotocols to be used during this access. (Shostack, 2014).Detection of packet sniffers to identify if hackers have had root access to the computer system.Packet sniffers are normally used by hackers to gather information transmitted by anorganization through the internet. It is important to train employees on the characteristics of a denial of service attacks. If this is notdone, hackers are very cunning and can trick these employees into revealing their logincredentials.If an employee account gets compromised it is important to immediately block that account fromfurther access, that is, suspend the account until further notice. This will stop data loss ormodification. (In Chang, In Ramachandran, In Walters & In Wills, 2017).
Found this document preview useful?
You are reading a preview
Upload your documents to download
or
Become a Desklib member to get accesss
Paid Plans
Free Plan
Single Unlock
Monthly Plan
Yearly Plan