Methods to Secure a Network and Control Fraud in Online Transactions
Added on 2022-12-20
21 Pages5218 Words63 Views
Running head: INFORMATION TECHNOLOGY SECURITY
Information Technology Security
[Name of the Student]
[Name of the University]
[Author note]
Information Technology Security
[Name of the Student]
[Name of the University]
[Author note]
INFORMATION TECHNOLOGY SECURITY1
Question 1:
The TIA software is one of the global IT organization which is associated with providing
of different IT related services throughout the entire world. Besides this the organization has also
been associated with expanding its business along with the consequences and for this reason they
are having the will of expanding their new office in Auckland so as to meet the business needs
mostly faced in the Trans-Tasman region.
However while connecting the Auckland Local Network with the global network certain
issues were faced. The problems which were faced by the organization has been listed below:
Non-response of the servers very often
The files which were sometimes shared were also seen to corrupted
Limited access is provided to the network access as well as to the email services which
runs in the servers.
There are number of way by which it is possible to secure a network. Protecting the
system is seen to challenging but still it is critical. In the section provided below few methods
have been described by which the company would be capable of protecting its assets from
different kind of vulnerabilities.
1. Use of firewalls along with monitoring its performance: firewall is generally considered
to be set of software or hardware which is designed with an aim of blocking any kind of
unauthorized access to the computers or networks. So firewall can be defied as a set of
rules which are associated with controlling the incoming and the outgoing traffic of the
network.
Question 1:
The TIA software is one of the global IT organization which is associated with providing
of different IT related services throughout the entire world. Besides this the organization has also
been associated with expanding its business along with the consequences and for this reason they
are having the will of expanding their new office in Auckland so as to meet the business needs
mostly faced in the Trans-Tasman region.
However while connecting the Auckland Local Network with the global network certain
issues were faced. The problems which were faced by the organization has been listed below:
Non-response of the servers very often
The files which were sometimes shared were also seen to corrupted
Limited access is provided to the network access as well as to the email services which
runs in the servers.
There are number of way by which it is possible to secure a network. Protecting the
system is seen to challenging but still it is critical. In the section provided below few methods
have been described by which the company would be capable of protecting its assets from
different kind of vulnerabilities.
1. Use of firewalls along with monitoring its performance: firewall is generally considered
to be set of software or hardware which is designed with an aim of blocking any kind of
unauthorized access to the computers or networks. So firewall can be defied as a set of
rules which are associated with controlling the incoming and the outgoing traffic of the
network.
INFORMATION TECHNOLOGY SECURITY2
2. Updating of the passwords on a regular basis: Along with the usage of complicated
passwords or usage of different password combinations it is also very essential to make
sure that the passwords are being changed on a regular basis so as to ensure an added
security. Passwords are to be changed in a regular time interval such as quarterly but the
more often it is the more it is better.
3. Maintenance of the Anti-virus software: Regular updates of the antivirus needs to be
done in case if not done then the chances of facing the risk increases. The reason behind
this is that the hacker is always associated finding out of ways of cracking into the system
so as to infect it with a virus. It is very critical to stay ahead and use the latest version of
the antivirus software.
4. Creation of VPN or Virtual private network: The VPNs are mostly created for the
purpose of providing a more secure connection between the remote computers and the
other computers or servers. These type of networks are essentially and only available to
those and the equipment which are associated with the system and this in turn is
associated with drastic reduction of the likelihood of getting hacked. Encryption of the
data along with authentication of the identity are very important for securing the VPN. It
is very important to review the documentation of the server and the VPN so as to be sure
about the protocols which are the strongest for the encryption and authentication.
Besides all this there exists the multi-authentication which are seen to be very important
for securing the methods related to identity authentication. It is also a good idea to make
use of the firewall which is associated with separating the VPN network from rest of the
network.
2. Updating of the passwords on a regular basis: Along with the usage of complicated
passwords or usage of different password combinations it is also very essential to make
sure that the passwords are being changed on a regular basis so as to ensure an added
security. Passwords are to be changed in a regular time interval such as quarterly but the
more often it is the more it is better.
3. Maintenance of the Anti-virus software: Regular updates of the antivirus needs to be
done in case if not done then the chances of facing the risk increases. The reason behind
this is that the hacker is always associated finding out of ways of cracking into the system
so as to infect it with a virus. It is very critical to stay ahead and use the latest version of
the antivirus software.
4. Creation of VPN or Virtual private network: The VPNs are mostly created for the
purpose of providing a more secure connection between the remote computers and the
other computers or servers. These type of networks are essentially and only available to
those and the equipment which are associated with the system and this in turn is
associated with drastic reduction of the likelihood of getting hacked. Encryption of the
data along with authentication of the identity are very important for securing the VPN. It
is very important to review the documentation of the server and the VPN so as to be sure
about the protocols which are the strongest for the encryption and authentication.
Besides all this there exists the multi-authentication which are seen to be very important
for securing the methods related to identity authentication. It is also a good idea to make
use of the firewall which is associated with separating the VPN network from rest of the
network.
INFORMATION TECHNOLOGY SECURITY3
5. Active managing of the user access privileges: A significant amount of security threat is
imposed because of the inappropriate user-privileges so it is suggested not to overlook
the process of managing the access of the employees to the data which are critical in
nature. Besides this whenever an employee is associated with changing their jobs it must
be must be necessarily made sure by the IT department that they are notified regarding
the access privileges which can be modified so as to make the duties well fitted in the
new positions.
6. Inactive accounts are to be cleared up: Hackers are seen to be associated with the usage
of the inactive accounts which were once assigned to the contractors or to the formal
employees for the purpose of gaining access and for disguising the activities. So software
are to be used in order to clean up the inactive accounts present in the large networks
along with many users.
Question 2:
IDS OR Intrusion detection system:
The intrusion detection system or the IDS generally refers to the system which is seen to
be associated with monitoring the network or the traffic for the purpose of detecting any kind of
suspicious activities or alerts related to the issues whenever an suspicious activity is detected.
There exists some IDS whose primary function is associated with including the anomaly
detection and alerting whereas some of IDS are there which are having the capability of taking
certain actions whenever any kind of anomalous traffic or malicious activity is detected and this
actions mainly includes the blocking of the traffic sent from any kind of suspicious IP addresses.
5. Active managing of the user access privileges: A significant amount of security threat is
imposed because of the inappropriate user-privileges so it is suggested not to overlook
the process of managing the access of the employees to the data which are critical in
nature. Besides this whenever an employee is associated with changing their jobs it must
be must be necessarily made sure by the IT department that they are notified regarding
the access privileges which can be modified so as to make the duties well fitted in the
new positions.
6. Inactive accounts are to be cleared up: Hackers are seen to be associated with the usage
of the inactive accounts which were once assigned to the contractors or to the formal
employees for the purpose of gaining access and for disguising the activities. So software
are to be used in order to clean up the inactive accounts present in the large networks
along with many users.
Question 2:
IDS OR Intrusion detection system:
The intrusion detection system or the IDS generally refers to the system which is seen to
be associated with monitoring the network or the traffic for the purpose of detecting any kind of
suspicious activities or alerts related to the issues whenever an suspicious activity is detected.
There exists some IDS whose primary function is associated with including the anomaly
detection and alerting whereas some of IDS are there which are having the capability of taking
certain actions whenever any kind of anomalous traffic or malicious activity is detected and this
actions mainly includes the blocking of the traffic sent from any kind of suspicious IP addresses.
INFORMATION TECHNOLOGY SECURITY4
Scams and Frauds on Online Transaction
Identified
Scam and
Fraud
Definition
Identity Theft This is payment fraud which is quite common and is associated with
including an imposter who would be associated with obtaining of the key
details related to the personally identifiable information so as to use then in
fraudulent purchases by usage of the internet.
Triangulation: This is the type of fraud method which generally refers to the implication of
the fact that there is an existence of three different participants while
purchasing an order which includes the unsuspecting customer, a fake
online store and the stolen data. So whenever a customer is associated with
moving towards purchasing the fake merchant would be immediately
associated with stealing the card details of the customer. The main aim of
the fraudster in this type of fraud is the gathering of the data and cancelling
the payment after the details of the card are received.
Clean Fraud The clean fraud is very difficult to detect along with being prevented and
the reason behind this is that the fraudster is seen to be associated with
using the real time data for the purpose of committing the different kind of
cybercrimes. Whereas the friendly frauds are seen to be associated with
hiding behind the fake identities of the data which has been stolen. In
addition to this the hackers are seen to be associated with the usage of clean
frauds and the reason is they are having a greater deal of knowledge related
Scams and Frauds on Online Transaction
Identified
Scam and
Fraud
Definition
Identity Theft This is payment fraud which is quite common and is associated with
including an imposter who would be associated with obtaining of the key
details related to the personally identifiable information so as to use then in
fraudulent purchases by usage of the internet.
Triangulation: This is the type of fraud method which generally refers to the implication of
the fact that there is an existence of three different participants while
purchasing an order which includes the unsuspecting customer, a fake
online store and the stolen data. So whenever a customer is associated with
moving towards purchasing the fake merchant would be immediately
associated with stealing the card details of the customer. The main aim of
the fraudster in this type of fraud is the gathering of the data and cancelling
the payment after the details of the card are received.
Clean Fraud The clean fraud is very difficult to detect along with being prevented and
the reason behind this is that the fraudster is seen to be associated with
using the real time data for the purpose of committing the different kind of
cybercrimes. Whereas the friendly frauds are seen to be associated with
hiding behind the fake identities of the data which has been stolen. In
addition to this the hackers are seen to be associated with the usage of clean
frauds and the reason is they are having a greater deal of knowledge related
INFORMATION TECHNOLOGY SECURITY5
to the cardholders and the details of the credit card and for this reason they
utilize the real-time customer data so as to fool the system. This type of
fraud is associated with making this look legitimate by stealing of all the
necessary real data.
Friendly Fraud This is the fraud which is considered to be friendly which seems to happen
when the customers are associated with making digital purchase by making
use of the credit cards which is followed by contacting the issuer of the
credit card so as to claim an dispute of the charge. These type of situation
would be responsible for making the customers to contact the issuer so as to
claim that the item is not delivered, the item was returned but they did not
received the refund or they do not remember that they have purchased the
product by making use of their credit card and their credit card has been
compromised.
Amongst all this chargebacks not all of them are fraudulent because the
claim many times can be true as well.
Methods of Controlling the Fraud:
Eliminating the online frauds or scam is very difficult and for this reason there are different
security measures which can be implemented so as to reduce the frauds and scams and this
includes the following:
Constant running of the security checks by usage of the antivirus along with installing the
necessary firewalls as well so as to provide protection to the network from any kind of
penetration attack
The passwords that are used should be strong
to the cardholders and the details of the credit card and for this reason they
utilize the real-time customer data so as to fool the system. This type of
fraud is associated with making this look legitimate by stealing of all the
necessary real data.
Friendly Fraud This is the fraud which is considered to be friendly which seems to happen
when the customers are associated with making digital purchase by making
use of the credit cards which is followed by contacting the issuer of the
credit card so as to claim an dispute of the charge. These type of situation
would be responsible for making the customers to contact the issuer so as to
claim that the item is not delivered, the item was returned but they did not
received the refund or they do not remember that they have purchased the
product by making use of their credit card and their credit card has been
compromised.
Amongst all this chargebacks not all of them are fraudulent because the
claim many times can be true as well.
Methods of Controlling the Fraud:
Eliminating the online frauds or scam is very difficult and for this reason there are different
security measures which can be implemented so as to reduce the frauds and scams and this
includes the following:
Constant running of the security checks by usage of the antivirus along with installing the
necessary firewalls as well so as to provide protection to the network from any kind of
penetration attack
The passwords that are used should be strong
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Manage Network and Data Integritylg...
|62
|2549
|302
Creating a Company Culture for Security - Security steps and methods for an organizationlg...
|4
|534
|193
Network and Security: Threats and Controlslg...
|10
|1781
|75
Computer Criminals, IoT, CRM and Communication Methods for Organizationslg...
|10
|3100
|491
Information Systems and IT Solutions: Theories, Support Systems, Globalisation, Digital Infrastructure, and Riskslg...
|10
|2642
|259
VPN Technologies and Securitylg...
|9
|2031
|99