Security Perimeter for ICT Networks
Added on 2023-01-06
28 Pages6020 Words52 Views
|
|
|
Design and Implement a
Security Perimeter for
ICT Networks
Security Perimeter for
ICT Networks
Assessment 1
Question 1
1. Computer Viruses
PC infections have been in the news recently for organizational security threats they have posed
this year. These occur in a global range of infectious attacks, but diseases can pose a significant
threat to small groups (Salman, Khalaf, and Abdulsahib, 2019). Diseases can damage your data
and destroy important information, negatively affecting your daily activities. Even under the
most favorable conditions, infections can be eliminated from the hard drive. All in all, it's
important to encourage employees not to open an email or hook up a link they don't see.
2. Software Vulnerabilities Pose Network Security Risks
When a security update comes in the middle of a busy day, it's easy to get out of it and forget to
return it later. However, if your scheduling doesn't update as normally as you should, you could
be putting your organization at risk. It is inevitable that programs can return to an entire
organization where no one can work. It could cause a site to crash and be aware that it is down, it
could lose customers.
3. Hackers
We often think of network security threats as living on our PCs. However, PC programmers can
do terrible damage from anywhere. When programmers break into your framework, they have a
free rein. They can capture records, access specific data, or discover property tactics that your
competitors and the world can see. Programmers can be on the other side of the planet, but with
the chance that they do not value the security of your organization, they should not be deceived.
4. Employees Can Breach Security without Realizing It
In fact, even the most reliable employees can be a safety threat to your organization. It’s not
unintentional, but a lack of training in security best practices can put your organization in a weak
position (Iskandar, Virma and Ahmar, 2019). Make sure your employees see how best to secure
your organization, whether it's through instructions on sharing secure documents or maintaining
a collection of sites they shouldn't visit in the organization aged.
Question 1
1. Computer Viruses
PC infections have been in the news recently for organizational security threats they have posed
this year. These occur in a global range of infectious attacks, but diseases can pose a significant
threat to small groups (Salman, Khalaf, and Abdulsahib, 2019). Diseases can damage your data
and destroy important information, negatively affecting your daily activities. Even under the
most favorable conditions, infections can be eliminated from the hard drive. All in all, it's
important to encourage employees not to open an email or hook up a link they don't see.
2. Software Vulnerabilities Pose Network Security Risks
When a security update comes in the middle of a busy day, it's easy to get out of it and forget to
return it later. However, if your scheduling doesn't update as normally as you should, you could
be putting your organization at risk. It is inevitable that programs can return to an entire
organization where no one can work. It could cause a site to crash and be aware that it is down, it
could lose customers.
3. Hackers
We often think of network security threats as living on our PCs. However, PC programmers can
do terrible damage from anywhere. When programmers break into your framework, they have a
free rein. They can capture records, access specific data, or discover property tactics that your
competitors and the world can see. Programmers can be on the other side of the planet, but with
the chance that they do not value the security of your organization, they should not be deceived.
4. Employees Can Breach Security without Realizing It
In fact, even the most reliable employees can be a safety threat to your organization. It’s not
unintentional, but a lack of training in security best practices can put your organization in a weak
position (Iskandar, Virma and Ahmar, 2019). Make sure your employees see how best to secure
your organization, whether it's through instructions on sharing secure documents or maintaining
a collection of sites they shouldn't visit in the organization aged.
5. Abuse of user account privileges
According to information cited by the Harvard Business Review, for the period of 2016 “60% of
all attacks were carried out by professionals”. Whether it's innocent errors (unintentionally
sending information to an inappropriate email address or losing a working device), intentional
harassment and misuse of registration benefits or fraud wholesale as a result of a phishing
attempt or other social planning attacks that contract user account information, people within
your company are talking about one of the biggest security issues you will have.
Question 2
The primary purpose of a network security policy is to educate delegates and employees about
the needs of securing different resources. These assets require different structures, including
passwords, documents, or even servers (Omar and Abdelaziz, 2020). These policies also
establish rules for acquiring, designing and evaluating PC frameworks and networks. What
organizations should consider when formulating an organization security strategy include; what
do you have in the group that other people need? What circles, information or data structures are
critical to your association? What would prevent your organization from functioning? Responses
to these surveys identify a wide range of network resources. These include basic information
basics, basic applications, individual information, mutual group stock collection, personal email,
and web worker. Organizational security provisions must consider all elements that govern your
organization. The staff, however, the final messengers, and whoever has classified information
about your organizations. Employees are seen as a potential threat in security strategies.
However, these policies must be implemented so that employees remain ready to complete their
duties without undue disruption to safety efforts.
Steps in network security policy:
Identifying risks
Make sure the policy conforms to legal requirements
Level of security should be equal to level of risk
Including staff in policy development
Question 3
A. What do you mean by penetration testing techniques?
According to information cited by the Harvard Business Review, for the period of 2016 “60% of
all attacks were carried out by professionals”. Whether it's innocent errors (unintentionally
sending information to an inappropriate email address or losing a working device), intentional
harassment and misuse of registration benefits or fraud wholesale as a result of a phishing
attempt or other social planning attacks that contract user account information, people within
your company are talking about one of the biggest security issues you will have.
Question 2
The primary purpose of a network security policy is to educate delegates and employees about
the needs of securing different resources. These assets require different structures, including
passwords, documents, or even servers (Omar and Abdelaziz, 2020). These policies also
establish rules for acquiring, designing and evaluating PC frameworks and networks. What
organizations should consider when formulating an organization security strategy include; what
do you have in the group that other people need? What circles, information or data structures are
critical to your association? What would prevent your organization from functioning? Responses
to these surveys identify a wide range of network resources. These include basic information
basics, basic applications, individual information, mutual group stock collection, personal email,
and web worker. Organizational security provisions must consider all elements that govern your
organization. The staff, however, the final messengers, and whoever has classified information
about your organizations. Employees are seen as a potential threat in security strategies.
However, these policies must be implemented so that employees remain ready to complete their
duties without undue disruption to safety efforts.
Steps in network security policy:
Identifying risks
Make sure the policy conforms to legal requirements
Level of security should be equal to level of risk
Including staff in policy development
Question 3
A. What do you mean by penetration testing techniques?
A penetration test, also known as a pen test, is a reconstructed digital attack against your PC
framework to find out for usable vulnerabilities. For web application security, the access test is
usually used to extend a web application firewall (WAF).
Penetration testing is intended to conduct a security check before being attacked by an attacker.
Infiltration test tools generate qualified attack settings to detect and test security holes that may
require acquired records, bargain certificates, authorized innovation, truly identifiable data (PII) ,
cardholder information, personal data, guaranteed welfare, information emancipation or other
harmful business products.
Penetration testing techniques are the methods or ways through which penetration can be
practiced by hackers or backend servers.
B. What is the importance of penetration testing in terms of network security?
Penetration testing is a basic cycle that should be performed regularly in all companies to ensure
the structure of the body. The requirement to conduct an entrance exam changes as directed by
organizations as they all work differently.
One of the most important benefits of a pen testing or penetration testing is that it gives you the
blueprint for working with risk factors in an organized and unique way (Rusere and Ngassam,
2020). In this test, the extent of the weaknesses detected in the target climate and in addition to
the associated risk factors is determined. From the outset, continuity is treated with the highest
risk and then with the lowest risk.
Penetration testing allows security department to think about an organization's current situation
and examine possible current focuses. It gives us a reasonable idea of the whole security
framework and gives us the assurance that the design framework that the leaders followed is
appropriate within the organization.
C. Explain Network Auditing
Networks are dynamic entities; they grow, shrink, change and divide themselves continuously.
Network administrators cannot expect to be fully influenced by this circle. Customers include
tools and sometimes even new equipment for the foundation of the organization. Worse, this is
not the first time a client has installed the programs he needs without contacting the server.
framework to find out for usable vulnerabilities. For web application security, the access test is
usually used to extend a web application firewall (WAF).
Penetration testing is intended to conduct a security check before being attacked by an attacker.
Infiltration test tools generate qualified attack settings to detect and test security holes that may
require acquired records, bargain certificates, authorized innovation, truly identifiable data (PII) ,
cardholder information, personal data, guaranteed welfare, information emancipation or other
harmful business products.
Penetration testing techniques are the methods or ways through which penetration can be
practiced by hackers or backend servers.
B. What is the importance of penetration testing in terms of network security?
Penetration testing is a basic cycle that should be performed regularly in all companies to ensure
the structure of the body. The requirement to conduct an entrance exam changes as directed by
organizations as they all work differently.
One of the most important benefits of a pen testing or penetration testing is that it gives you the
blueprint for working with risk factors in an organized and unique way (Rusere and Ngassam,
2020). In this test, the extent of the weaknesses detected in the target climate and in addition to
the associated risk factors is determined. From the outset, continuity is treated with the highest
risk and then with the lowest risk.
Penetration testing allows security department to think about an organization's current situation
and examine possible current focuses. It gives us a reasonable idea of the whole security
framework and gives us the assurance that the design framework that the leaders followed is
appropriate within the organization.
C. Explain Network Auditing
Networks are dynamic entities; they grow, shrink, change and divide themselves continuously.
Network administrators cannot expect to be fully influenced by this circle. Customers include
tools and sometimes even new equipment for the foundation of the organization. Worse, this is
not the first time a client has installed the programs he needs without contacting the server.
These exercises can have a significant impact on network security. To explain this, a leader
needs to run a custom group that evaluates and screens for any progress to the pre-determined
mark.
Network auditing is a process in which your organization plans for both programming and
equipment. The circle can be awful when done physically, but fortunately some tools can help
mechanize a large part of the circle. The director must identify the tools and equipment
associated with the organization. A routine security check can identify a robbery; some
customers may choose some affordable storage at their workplace that is more likely to be used
at home.
Question 4
A. Software perimeter solution
Software perimeter solution allows IT managers to deploy on-premises or over-the-cloud
deployments by linking remote access of representatives to cloud and on-premises applications
while maintaining sensitive information within the hierarchical group. It has been shown to block
all types of organizational attacks, including DDoS, Man-in-the-Middle, Server Question and
Advanced Persistent Risk.
Implementing Software perimeter solution allows associations to restrict network access and
access to organized frameworks. Accessibility depends on the usability model, which means that
all devices and characters must be checked before being accepted into the group.
A software-defined perimeter (SDP) is a way to hide Internet-connected infrastructure (servers,
routers, etc.) so that it cannot be seen by external groups and attackers, however whether it is
enabled on premises or in the cloud (Ramadan and Hefnawi, 2019). The goal of the SDP
approach is to bring the organization together in terms of programming rather than equipment.
An organization that basically uses SDP hangs a little bit of instability on its staff and another
framework so that no one can see it from an outside perspective; however, approved customers
can now access the platform.
A software-defined perimeter forms a virtual boundary around organizational resources at the
organizational level, not at the application level. This separates it from accessibility-based
controls that limit user benefits but allow access to a large group. Another key difference is that
needs to run a custom group that evaluates and screens for any progress to the pre-determined
mark.
Network auditing is a process in which your organization plans for both programming and
equipment. The circle can be awful when done physically, but fortunately some tools can help
mechanize a large part of the circle. The director must identify the tools and equipment
associated with the organization. A routine security check can identify a robbery; some
customers may choose some affordable storage at their workplace that is more likely to be used
at home.
Question 4
A. Software perimeter solution
Software perimeter solution allows IT managers to deploy on-premises or over-the-cloud
deployments by linking remote access of representatives to cloud and on-premises applications
while maintaining sensitive information within the hierarchical group. It has been shown to block
all types of organizational attacks, including DDoS, Man-in-the-Middle, Server Question and
Advanced Persistent Risk.
Implementing Software perimeter solution allows associations to restrict network access and
access to organized frameworks. Accessibility depends on the usability model, which means that
all devices and characters must be checked before being accepted into the group.
A software-defined perimeter (SDP) is a way to hide Internet-connected infrastructure (servers,
routers, etc.) so that it cannot be seen by external groups and attackers, however whether it is
enabled on premises or in the cloud (Ramadan and Hefnawi, 2019). The goal of the SDP
approach is to bring the organization together in terms of programming rather than equipment.
An organization that basically uses SDP hangs a little bit of instability on its staff and another
framework so that no one can see it from an outside perspective; however, approved customers
can now access the platform.
A software-defined perimeter forms a virtual boundary around organizational resources at the
organizational level, not at the application level. This separates it from accessibility-based
controls that limit user benefits but allow access to a large group. Another key difference is that
SDP identifies devices directly as a user character. The Cloud Security Alliance first came up
with the idea of SDP.
B. Hardware Perimeter solution
Because the drawbacks of software-based perimeters are centered on their inefficient network
position, a hardware solution is the safest alternative. The edges of the equipment are located just
behind the switch, so all information packets from the web must go through your monitor before
you reach internal drivers.
Most of these solutions include far more advanced controls than simple web filtering and basic
data scanning. Like most advances in IT, the latest hardware perimeters is based on “visual”
capabilities that analyze big data to detect malware and cyber attacks that rely on sporadic
exercises instead of spyware. be solely dependent on tactical diseases and aggressive vectors.
Another advantage of hardware perimeters is that they are generally functional. There is no
compelling reason to point out whether the response-enabled workstation collapses after these
devices are running for security all day, every day. The main disadvantage of this type of
accommodation is the level of observation and maintenance it requires. Hardware perimeters are
incredibly incredible, and managing them is no easy task.
Question 5
Computers, networks, and other IT processes create documents that track system operations,
called audit trail reports or logs. The review of these documents is log analysis which is used by
organizations to help manage a range of risks which comply with regulatory regulations.
Network computers, software, operating systems, and configurable or smart devices typically
build records. They consist of several messages that are organized and stored sequentially on a
disc, in folders, or like a log collector in a program.
Analysts need to insure that a full set of communications are comprised of the logs and presented
according to meaning. To prevent misunderstanding to have cohesiveness, log components
should be normalized, using the same language or words. For example, "alert" may be used by
one device while another uses "important." Making sure the terminology and data types are
compatible would help to promote interpretation and minimize error (Angelo, 2019).
with the idea of SDP.
B. Hardware Perimeter solution
Because the drawbacks of software-based perimeters are centered on their inefficient network
position, a hardware solution is the safest alternative. The edges of the equipment are located just
behind the switch, so all information packets from the web must go through your monitor before
you reach internal drivers.
Most of these solutions include far more advanced controls than simple web filtering and basic
data scanning. Like most advances in IT, the latest hardware perimeters is based on “visual”
capabilities that analyze big data to detect malware and cyber attacks that rely on sporadic
exercises instead of spyware. be solely dependent on tactical diseases and aggressive vectors.
Another advantage of hardware perimeters is that they are generally functional. There is no
compelling reason to point out whether the response-enabled workstation collapses after these
devices are running for security all day, every day. The main disadvantage of this type of
accommodation is the level of observation and maintenance it requires. Hardware perimeters are
incredibly incredible, and managing them is no easy task.
Question 5
Computers, networks, and other IT processes create documents that track system operations,
called audit trail reports or logs. The review of these documents is log analysis which is used by
organizations to help manage a range of risks which comply with regulatory regulations.
Network computers, software, operating systems, and configurable or smart devices typically
build records. They consist of several messages that are organized and stored sequentially on a
disc, in folders, or like a log collector in a program.
Analysts need to insure that a full set of communications are comprised of the logs and presented
according to meaning. To prevent misunderstanding to have cohesiveness, log components
should be normalized, using the same language or words. For example, "alert" may be used by
one device while another uses "important." Making sure the terminology and data types are
compatible would help to promote interpretation and minimize error (Angelo, 2019).
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents