IT Security Management: Digital Forensics and Network Design
VerifiedAdded on 2023/06/10
|20
|5768
|442
AI Summary
This project analyzes digital forensic case investigation, network designing, and security solutions for a new start-up company. Learn about authentication and authorization mechanisms, intrusion detection systems, and more.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
IT SECURITY MANAGEMENT
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Table of Contents
Introduction..............................................................................................................................2
Task -1 Digital Forensics.........................................................................................................2
1. Case Study Description.................................................................................................2
2. Virtual Disk Image........................................................................................................3
Task - 2 Network Design..........................................................................................................5
1. Network Topology.........................................................................................................6
2. Security Assumptions and Challenges........................................................................9
3. Authentication and Authorisation Mechanisms.........................................................9
4. Key Management Issues.............................................................................................11
5. IDS................................................................................................................................13
6. Security Issues.............................................................................................................14
7. Measure the ROI on Security.....................................................................................15
8. Security Breach...........................................................................................................16
Conclusion...............................................................................................................................16
References...............................................................................................................................17
1
Introduction..............................................................................................................................2
Task -1 Digital Forensics.........................................................................................................2
1. Case Study Description.................................................................................................2
2. Virtual Disk Image........................................................................................................3
Task - 2 Network Design..........................................................................................................5
1. Network Topology.........................................................................................................6
2. Security Assumptions and Challenges........................................................................9
3. Authentication and Authorisation Mechanisms.........................................................9
4. Key Management Issues.............................................................................................11
5. IDS................................................................................................................................13
6. Security Issues.............................................................................................................14
7. Measure the ROI on Security.....................................................................................15
8. Security Breach...........................................................................................................16
Conclusion...............................................................................................................................16
References...............................................................................................................................17
1
Introduction
This projects aims to analyse the digital forensic case investigation, which involves
network designing and security solutions for a new start-up company. This company
basically is a small medium enterprise and this company owned by Luton. Using E-
government model, in production and accounting records, Luton decided to encounter many
anomalies. This company has investigator and employed for digital forensics. So, investigator
needs to evaluate determine any form of malicious activities that take place in the network.
Provide prevention for the malware with the company system. All this will be analysed and
discussed in detail. The digital forensic tool needs to be analysed and discussed in detail.
Also the network security for this company will be analysed and discussed in detail. Further,
analysing the authentication and authorization mechanisms will be done. Key management
issues will be analysed and discussed. Measures on ROI security will be measured and
discussed in detail. Finally, the security breaches will be identified.
Task -1 Digital Forensics
1. Case Study Description
The new start-up company is a small medium enterprise and this company is owned
by Luton. In production and accounting records, Luton decided to encounter many anomalies,
using E-government model. Basically, this company begins with system check for the log
files, then it determines various suspicious entries along with various IP addresses. These
information is transferred outside the company with the help of firewall. The enterprise
system is also received and has encountered many complaints from the customers. It included
that a strange message is often displayed in the processing time and sometimes it leads to
redirect to the payment pages but it does not look relevant. So, this company faces hard
situation for ensuring uncompromised computer system in terms of enterprise’s system. This
company also contains investigator and is employed for digital forensic. Thus, the
investigator must perform evaluation of malicious activities that occur in the network. It
provides prevention for those malware with the company system.
2
This projects aims to analyse the digital forensic case investigation, which involves
network designing and security solutions for a new start-up company. This company
basically is a small medium enterprise and this company owned by Luton. Using E-
government model, in production and accounting records, Luton decided to encounter many
anomalies. This company has investigator and employed for digital forensics. So, investigator
needs to evaluate determine any form of malicious activities that take place in the network.
Provide prevention for the malware with the company system. All this will be analysed and
discussed in detail. The digital forensic tool needs to be analysed and discussed in detail.
Also the network security for this company will be analysed and discussed in detail. Further,
analysing the authentication and authorization mechanisms will be done. Key management
issues will be analysed and discussed. Measures on ROI security will be measured and
discussed in detail. Finally, the security breaches will be identified.
Task -1 Digital Forensics
1. Case Study Description
The new start-up company is a small medium enterprise and this company is owned
by Luton. In production and accounting records, Luton decided to encounter many anomalies,
using E-government model. Basically, this company begins with system check for the log
files, then it determines various suspicious entries along with various IP addresses. These
information is transferred outside the company with the help of firewall. The enterprise
system is also received and has encountered many complaints from the customers. It included
that a strange message is often displayed in the processing time and sometimes it leads to
redirect to the payment pages but it does not look relevant. So, this company faces hard
situation for ensuring uncompromised computer system in terms of enterprise’s system. This
company also contains investigator and is employed for digital forensic. Thus, the
investigator must perform evaluation of malicious activities that occur in the network. It
provides prevention for those malware with the company system.
2
2. Virtual Disk Image
Here, we will create the virtual disk images by using Magic ISO software. This software is
used to provide effective virtual disk image file. It also makes back-up copies of the disk
image files. To create the Virtual disk it follows the below steps.
First, open Magic ISO software.
Click File New Disk Image 2.24 MB.
It is illustrated in the below figure.
This process opens the new disk image file and renames the file as Disk File, as shown
below.
3
Here, we will create the virtual disk images by using Magic ISO software. This software is
used to provide effective virtual disk image file. It also makes back-up copies of the disk
image files. To create the Virtual disk it follows the below steps.
First, open Magic ISO software.
Click File New Disk Image 2.24 MB.
It is illustrated in the below figure.
This process opens the new disk image file and renames the file as Disk File, as shown
below.
3
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Next, add the image file for disk images by clicking on add files and choose the relevant
images for the disk image. It is illustrated in the below figure.
The added files are shown below.
4
images for the disk image. It is illustrated in the below figure.
The added files are shown below.
4
The created disk file contains hash values, images and case description file. Once the files are
successfully added, save the disk image file, as shown below.
Finally, virtual disk image file is created successfully.
Task - 2 Network Design
Here, we will design an enterprise network for an ANOJ-Software. This is considered as
software house and it is a start-up Software Company. This company decided to design their
enterprise network because this company sensitive data are hacked. So, this company decided
to use the cutting edge security solutions for a network. The proposed network needs to be
justified. The proposed network should satisfy the following requirements such as,
5
successfully added, save the disk image file, as shown below.
Finally, virtual disk image file is created successfully.
Task - 2 Network Design
Here, we will design an enterprise network for an ANOJ-Software. This is considered as
software house and it is a start-up Software Company. This company decided to design their
enterprise network because this company sensitive data are hacked. So, this company decided
to use the cutting edge security solutions for a network. The proposed network needs to be
justified. The proposed network should satisfy the following requirements such as,
5
Use internal email server
Use two web servers. One for external users and another for the internal users.
Use internal CVS server and it only grants the internal access.
Also, use the anonymous CVS server for remote teams to download the source
code.
1. Network Topology
Network Diagrams are basics for guaranteeing you have an entire comprehension of how
your network topology is interconnected and can give you an overhead perspective of what’s
going ahead in the system. Commonly, it will enable you to imagine where your foundation
is missing and what should be overhauled/supplanted.
Having a legitimately recorded schematic of your whole system and associations can
likewise guarantee you can investigate issues in a deliberate request when they emerge. A
portion of these product bundles even naturally refreshes your system topology, then outlines
new gadgets included or expelled from the system, which truly eliminates by physically
removing them.
With their ability for demonstrating how arrange parts collaborate, organize, the outlines can
fill an assortment of needs, including the following:
Arranging the structure of a home or expert system.
Organizing updates to a current system.
Detailing and investigating system issues.
To follow PCI or different prerequisites.
As documentation for outside correspondence, on boarding, and so forth.
To monitor parts that send important data to a seller for a RFP (ask for proposition)
without unveiling private data.
Pitching a system proposition to monetary partners.
Proposing abnormal state, syslog framework changes.
Remembering the final goal for outlining and constructing the highly anchored
arrangement, numerous elements should be considered. For instance, host’s topology and
position within an organization, equipment determining, then programming innovations as
well as the careful arrangement of each segment.
Topology and Architecture
The basic development in outlining this system is to characterize the topology of the
system. Topology is considered as physical and sensible system format. On the physical side,
6
Use two web servers. One for external users and another for the internal users.
Use internal CVS server and it only grants the internal access.
Also, use the anonymous CVS server for remote teams to download the source
code.
1. Network Topology
Network Diagrams are basics for guaranteeing you have an entire comprehension of how
your network topology is interconnected and can give you an overhead perspective of what’s
going ahead in the system. Commonly, it will enable you to imagine where your foundation
is missing and what should be overhauled/supplanted.
Having a legitimately recorded schematic of your whole system and associations can
likewise guarantee you can investigate issues in a deliberate request when they emerge. A
portion of these product bundles even naturally refreshes your system topology, then outlines
new gadgets included or expelled from the system, which truly eliminates by physically
removing them.
With their ability for demonstrating how arrange parts collaborate, organize, the outlines can
fill an assortment of needs, including the following:
Arranging the structure of a home or expert system.
Organizing updates to a current system.
Detailing and investigating system issues.
To follow PCI or different prerequisites.
As documentation for outside correspondence, on boarding, and so forth.
To monitor parts that send important data to a seller for a RFP (ask for proposition)
without unveiling private data.
Pitching a system proposition to monetary partners.
Proposing abnormal state, syslog framework changes.
Remembering the final goal for outlining and constructing the highly anchored
arrangement, numerous elements should be considered. For instance, host’s topology and
position within an organization, equipment determining, then programming innovations as
well as the careful arrangement of each segment.
Topology and Architecture
The basic development in outlining this system is to characterize the topology of the
system. Topology is considered as physical and sensible system format. On the physical side,
6
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
one must ensure circulation to the workplaces or near structures where the presence of client
exists. For the servers, we should give network which includes the intranet, for the internet,
especially for the other organizational areas, then the remote clients who are interfacing via
phone lines etc. Consideration of intelligent topology is essential.
Example: To outline a sensible topology, the Virtual LANs (VLANs) as well as the
Virtual Private Networks (VPNs) has significant adaptability. The proposed network
topology diagram for ANOJ Software Company is shown below (Lucidchart, 2018).
Figure: Network topology architecture
Intrusion Detection Systems
This section focuses on Network Intrusion Detection Systems (NIDS) and how they it
can be utilized in our LAN for distinguishing bothersome actions. Various specialists
incorporates the IDS as the major aspect of basic components to anchor any system. The
system IDS could caution the framework chairman for assaulting on the arrangement
progressively with investigation on the activity related to the wire, and for creating cautions if
suspicious exercises are distinguished. NIDS could be a consistent PC running IDS
programming, for example, the freeware Snort, a machine compose gadget running restrictive
programming, or even a particular card worked in to a switch or other arrange component as
Cisco are presented. The host based intrusion recognition. For instance, free or business
7
exists. For the servers, we should give network which includes the intranet, for the internet,
especially for the other organizational areas, then the remote clients who are interfacing via
phone lines etc. Consideration of intelligent topology is essential.
Example: To outline a sensible topology, the Virtual LANs (VLANs) as well as the
Virtual Private Networks (VPNs) has significant adaptability. The proposed network
topology diagram for ANOJ Software Company is shown below (Lucidchart, 2018).
Figure: Network topology architecture
Intrusion Detection Systems
This section focuses on Network Intrusion Detection Systems (NIDS) and how they it
can be utilized in our LAN for distinguishing bothersome actions. Various specialists
incorporates the IDS as the major aspect of basic components to anchor any system. The
system IDS could caution the framework chairman for assaulting on the arrangement
progressively with investigation on the activity related to the wire, and for creating cautions if
suspicious exercises are distinguished. NIDS could be a consistent PC running IDS
programming, for example, the freeware Snort, a machine compose gadget running restrictive
programming, or even a particular card worked in to a switch or other arrange component as
Cisco are presented. The host based intrusion recognition. For instance, free or business
7
forms of Tripwire, or various types of proactive log observing programming, are
subsequently exceedingly, outside the extent of this paper (SearchSecurity, 2018).
Firewall
Firewall is a device that is introduced among inside system of the organization along
with what so ever the system contains. It intends forwarding some parcels as well as the other
channels. For example, the firewall might channel each single that approaches the bundle
bound for the particular host or a particular server like, HTTP or it might be utilized for
denying accessing for a specific host or administration in an organization. In the system, any
associated image portrays the establishment of firewall.
Working Architecture
The firewall is designed appropriately, its framework on one of its side is shielded from
the frameworks on its opposite side. The firewalls in most of the parts of the channel
movement are seen two techniques:
Firewall could permit the any movement with the exception that is limited. It is based
on the firewall type used, the source, then the goal addresses, and ports.
Firewall could deny any type of activity which don’t meet specific criteria referring to
the system layer where the firewall works.
The type of criteria utilized for deciding whether the activity should be allowed
differs beginning with a single kind and next to the other one.
The firewall could be concerned of the activity types or with the goal locations as well
as the ports.
The firewall could similarly use the complicated principles with respect to examining
the application information for deciding whether the movement should be permitted.
Demilitarized Zone (DMZ)
DMZ is fundamentally executed to anchor an inner system from collaboration with and
misuse and access by outside hubs and systems. DMZ can be a legitimate sub-organize, or a
physical system going about as a safe extension between an interior and outside system. A
DMZ organize has constrained access to the inward system, and the greater part of its
correspondence is filtered on a firewall before being exchanged inside. In the event that an
assailant plans to break or assault an association's system, a fruitful endeavour will just
outcome in the trade off of the DMZ arrange - not the center system behind it. DMZ is
viewed as more secure, more secure than a firewall, and can likewise fill in as an
intermediary server.
8
subsequently exceedingly, outside the extent of this paper (SearchSecurity, 2018).
Firewall
Firewall is a device that is introduced among inside system of the organization along
with what so ever the system contains. It intends forwarding some parcels as well as the other
channels. For example, the firewall might channel each single that approaches the bundle
bound for the particular host or a particular server like, HTTP or it might be utilized for
denying accessing for a specific host or administration in an organization. In the system, any
associated image portrays the establishment of firewall.
Working Architecture
The firewall is designed appropriately, its framework on one of its side is shielded from
the frameworks on its opposite side. The firewalls in most of the parts of the channel
movement are seen two techniques:
Firewall could permit the any movement with the exception that is limited. It is based
on the firewall type used, the source, then the goal addresses, and ports.
Firewall could deny any type of activity which don’t meet specific criteria referring to
the system layer where the firewall works.
The type of criteria utilized for deciding whether the activity should be allowed
differs beginning with a single kind and next to the other one.
The firewall could be concerned of the activity types or with the goal locations as well
as the ports.
The firewall could similarly use the complicated principles with respect to examining
the application information for deciding whether the movement should be permitted.
Demilitarized Zone (DMZ)
DMZ is fundamentally executed to anchor an inner system from collaboration with and
misuse and access by outside hubs and systems. DMZ can be a legitimate sub-organize, or a
physical system going about as a safe extension between an interior and outside system. A
DMZ organize has constrained access to the inward system, and the greater part of its
correspondence is filtered on a firewall before being exchanged inside. In the event that an
assailant plans to break or assault an association's system, a fruitful endeavour will just
outcome in the trade off of the DMZ arrange - not the center system behind it. DMZ is
viewed as more secure, more secure than a firewall, and can likewise fill in as an
intermediary server.
8
2. Security Assumptions and Challenges
The security problems that are present in the little to medium scrutinized LAN set for a
business or other foundation are inspected, and identifies a part of the procedures that are
accepted from the system architect’s point of view (Pkware.com, 2018). If the is no similarity
among the systems, a part of the commonplace complexities are looked by the organize
fashioner who incorporates the following:
From the internet propelled attacks, the systems are secured.
Internet confronting web, the DNS and the mail servers are secured.
Causing threat from the traded off frameworks, then counteracting the inside
propelled threats.
The securing of assets like, client databases, monetary records, exchange privileged
insights, etc.
For the executives to securely manage the arrangement, a structure is built.
For logging and intrusion recognition, frameworks are provided.
Prior to the commencement of procedure outlining, a security arrangement should be
set up. If not it must be refreshed so that the objectives of the organization can be identified.
Then, a sensible assessment of threats are managed, and the asset ID (labour, equipment, and
spending plan) which are accessible must be made. The process can begin, as the strategy for
organization security and accessible assets is identified.
3. Authentication and Authorisation Mechanisms
Authentication Mechanisms
When it is needed that the server should know who is taking their data, in such case
authentication is used by the server.
When any of the customer requires realizing that, the server refers to a framework and
when it acknowledges, then in such case, the customer use the Confirmation.
In Authentication, either client or the PC are required for personality demonstration
i.e., either for the customer or for the server.
As a rule, confirmation by a server contains the use of client name and password. For
validating various methods could be through like, voice acknowledgment, cards,
retina filters and the fingerprints.
From the customer verification rule, contains the server providing endorsement to the
customer where they are confided in the outsider. Example, Verisign or Thawte states
9
The security problems that are present in the little to medium scrutinized LAN set for a
business or other foundation are inspected, and identifies a part of the procedures that are
accepted from the system architect’s point of view (Pkware.com, 2018). If the is no similarity
among the systems, a part of the commonplace complexities are looked by the organize
fashioner who incorporates the following:
From the internet propelled attacks, the systems are secured.
Internet confronting web, the DNS and the mail servers are secured.
Causing threat from the traded off frameworks, then counteracting the inside
propelled threats.
The securing of assets like, client databases, monetary records, exchange privileged
insights, etc.
For the executives to securely manage the arrangement, a structure is built.
For logging and intrusion recognition, frameworks are provided.
Prior to the commencement of procedure outlining, a security arrangement should be
set up. If not it must be refreshed so that the objectives of the organization can be identified.
Then, a sensible assessment of threats are managed, and the asset ID (labour, equipment, and
spending plan) which are accessible must be made. The process can begin, as the strategy for
organization security and accessible assets is identified.
3. Authentication and Authorisation Mechanisms
Authentication Mechanisms
When it is needed that the server should know who is taking their data, in such case
authentication is used by the server.
When any of the customer requires realizing that, the server refers to a framework and
when it acknowledges, then in such case, the customer use the Confirmation.
In Authentication, either client or the PC are required for personality demonstration
i.e., either for the customer or for the server.
As a rule, confirmation by a server contains the use of client name and password. For
validating various methods could be through like, voice acknowledgment, cards,
retina filters and the fingerprints.
From the customer verification rule, contains the server providing endorsement to the
customer where they are confided in the outsider. Example, Verisign or Thawte states
9
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
which the server contains place with the element, like the bank that the customer
anticipates.
What type of tasks an individual could perform or what documents the person could
access cannot be figured out by confirmation. Authentication just recognizes and
assesses about the details of the individual and their framework.
User Authentication
User Validity-The popularly identified Authentication process refers to the Log-in ID.
Furthermore, the Password-based Access Log-in which recognizes an individual to the
framework with a concern on the end goal for acquiring to get it. The important use of
Personal Computer login strategy refers to validate the PC client’s personality or PC
programming endeavouring to know about the administration of PCs. The other mainstream
of Authentication process refers to IP Filtering or IP confirmation. Such a procedure is
considered as the parcel channel which dissects the bundles of TCP/IP. Web Cookie is
another procedure of client Authentication that could be helpful for the server for perceiving
the already confirmed clients. Web Proxy is another approach to validate. The confirmation
framework likewise plays out the same cryptographic process on the test and looks at its
outcome to the reaction from the customer. On the off chance that they coordinate, the
Authentication framework has checked that the client has the right watchword (InfoSec
Resources, 2018).
Authorization Mechanisms
The authorization is referred as a procedure using which the server takes decision
whether the customer contains any authorization for utilizing the asset or have access
to the document.
Typically, authorization is combined with confirmation so that the server contains
some idea about the customer who asks for it.
A sort of verification is needed for Authorization might change; the passwords could
be needed whenever required.
Whenever required, there exists no authorization; any client could use the asset or
they can access the record just with a request. on the Internet, most of the pages
doesn’t need any verification or Authorization.
User Authorization
The Resource Access Permission-Authorization characterizes clients' consents as far as
access to computerized assets and degree of its utilization. In the Access Management
System, the authorization is allowed to the effectively confirm clients as per their rights on
10
anticipates.
What type of tasks an individual could perform or what documents the person could
access cannot be figured out by confirmation. Authentication just recognizes and
assesses about the details of the individual and their framework.
User Authentication
User Validity-The popularly identified Authentication process refers to the Log-in ID.
Furthermore, the Password-based Access Log-in which recognizes an individual to the
framework with a concern on the end goal for acquiring to get it. The important use of
Personal Computer login strategy refers to validate the PC client’s personality or PC
programming endeavouring to know about the administration of PCs. The other mainstream
of Authentication process refers to IP Filtering or IP confirmation. Such a procedure is
considered as the parcel channel which dissects the bundles of TCP/IP. Web Cookie is
another procedure of client Authentication that could be helpful for the server for perceiving
the already confirmed clients. Web Proxy is another approach to validate. The confirmation
framework likewise plays out the same cryptographic process on the test and looks at its
outcome to the reaction from the customer. On the off chance that they coordinate, the
Authentication framework has checked that the client has the right watchword (InfoSec
Resources, 2018).
Authorization Mechanisms
The authorization is referred as a procedure using which the server takes decision
whether the customer contains any authorization for utilizing the asset or have access
to the document.
Typically, authorization is combined with confirmation so that the server contains
some idea about the customer who asks for it.
A sort of verification is needed for Authorization might change; the passwords could
be needed whenever required.
Whenever required, there exists no authorization; any client could use the asset or
they can access the record just with a request. on the Internet, most of the pages
doesn’t need any verification or Authorization.
User Authorization
The Resource Access Permission-Authorization characterizes clients' consents as far as
access to computerized assets and degree of its utilization. In the Access Management
System, the authorization is allowed to the effectively confirm clients as per their rights on
10
data accessible. Additionally, authorization directs the obligation problems doled out for
various staff associated with advancement of a computerized storehouse/library and their
separate experts regarding expansion, erasure, altering and transferring of records into a
computerized gathering. Authorization refers to testing when compared to Authentication,
particularly to the appropriated computerized content suppliers. There are standard access
control models are listed below (Bu.edu, 2018).
a. Discretionary Access Control (DAC) - In a DAC Model, get to is represented by the
entrance rights allowed to the client or on the other hand client gatherings. An
association/executive/maker can distinguish an arrangement of activities and allocate
them to a protest and to an arrangement of clients.
b. Mandatory Access Control (MAC) - In MAC, the information proprietor has
restricted opportunity to settle on get to control. Data is arranged into various classes
and every classification is appointed a specific security level.
c. Role Based Access Control (RBAC) - RBAC is a generally utilized - and prevailing -
get to control display, and most get to control security items accessible in the market
today depend on this model since its destinations are compositional.
4. Key Management Issues
Due to the concern for guaranteeing the client information or for securing the
competitive innovations, various organizations alter their components just to exchange the
information using the Internet. Thus, there exists a number of interesting points during the
enhancement of information security exchange methodology, as follows:
User Authentication – FTP utilizes clear content passwords, which debilitates
security as there are possibilities that anyone could get the secret word which is
used, for gaining admittance to information.
The remote framework distinguishing proof confirmation for avoiding the capturing
of parcels by the framework.
Data protection (through encryption) with the goal that no transitional framework
could use the information.
Data security for averting change for the information, during its travel.
Preservation of information arrange. Distinctive working frameworks may store
information in diverse arrangements. When this is the case, it is attractive to have a
11
various staff associated with advancement of a computerized storehouse/library and their
separate experts regarding expansion, erasure, altering and transferring of records into a
computerized gathering. Authorization refers to testing when compared to Authentication,
particularly to the appropriated computerized content suppliers. There are standard access
control models are listed below (Bu.edu, 2018).
a. Discretionary Access Control (DAC) - In a DAC Model, get to is represented by the
entrance rights allowed to the client or on the other hand client gatherings. An
association/executive/maker can distinguish an arrangement of activities and allocate
them to a protest and to an arrangement of clients.
b. Mandatory Access Control (MAC) - In MAC, the information proprietor has
restricted opportunity to settle on get to control. Data is arranged into various classes
and every classification is appointed a specific security level.
c. Role Based Access Control (RBAC) - RBAC is a generally utilized - and prevailing -
get to control display, and most get to control security items accessible in the market
today depend on this model since its destinations are compositional.
4. Key Management Issues
Due to the concern for guaranteeing the client information or for securing the
competitive innovations, various organizations alter their components just to exchange the
information using the Internet. Thus, there exists a number of interesting points during the
enhancement of information security exchange methodology, as follows:
User Authentication – FTP utilizes clear content passwords, which debilitates
security as there are possibilities that anyone could get the secret word which is
used, for gaining admittance to information.
The remote framework distinguishing proof confirmation for avoiding the capturing
of parcels by the framework.
Data protection (through encryption) with the goal that no transitional framework
could use the information.
Data security for averting change for the information, during its travel.
Preservation of information arrange. Distinctive working frameworks may store
information in diverse arrangements. When this is the case, it is attractive to have a
11
characterized exchange design. FTP has generally completed a great job to perform
information exchange among the frameworks.
Utilization ease. An instrument that requires additional means or isn't anything but
complex for utilizing which will urge the clients to opt any other methods which
might not safeguard the coveted security during rushing time.
The collection of components are as follow- Particular encryption, IPsec, FTP over
Transport Layer Security (TLS), Virtual Private Networks, SFTP (Secure Shell File Transfer
Program), and then the FTP over Secure Shell (SSH). Every single system contains
contentions both for and against it. Thus, nobody could announce answer for all the issues.
In several stages, SFTP is generally accessible and it makes sure to take care of the
anchoring problem relate to client's secret key, then it allows information encryption which is
trusted. SSH (which SFTP utilizes as the validation and tool for transporting the information)
additionally confirms the server included the key trading. SSH keys are kept secretly and
needs outside acknowledgment on, initially use or exchange via substitute method. As SFTP
only utilizes the solitary TCP link with trade, the two summons and information won’t have
any problem related to firewalls which could contain by the FTP. Shockingly, the SFTP does
not generally safeguard the record design when distinctive working frameworks are included.
Initially the SFTP convention was determined as a twofold document get to convention.
Despite the fact that a content exchange component was included later corrections of the
determination, not all usage bolster it, especially the most prevalent (OpenSSH). The
convention too gives a system to subjective document qualities to be passed on the record
open summon, however this isn't very utilized. The SSH people group has permitted the draft
determination to terminate as it was felt that the gathering didn't have the fundamental
mastery to institutionalize a document get to convention. While there are numerous
executions accessible, not every one of them will refresh the convention level that they
bolster on the off chance that they do not feel that their showcase contains utilization for it.
This technique gives adequate usefulness to numerous clients in spite of the fact that the
client may need to analysis to manage content document design transformation issues.
At its most fundamental, record exchange innovation is just a component to transport a
document starting with one framework then onto the next framework over a system. A safe
record exchange adds security highlights to this vehicle, for example, encoding the document
to save its privacy and honesty. This counteracts spies on the systems between the
frameworks from getting to the record substance and perusing or altering them. Secure
document exchange additionally includes a type of dependable conveyance, regardless of
12
information exchange among the frameworks.
Utilization ease. An instrument that requires additional means or isn't anything but
complex for utilizing which will urge the clients to opt any other methods which
might not safeguard the coveted security during rushing time.
The collection of components are as follow- Particular encryption, IPsec, FTP over
Transport Layer Security (TLS), Virtual Private Networks, SFTP (Secure Shell File Transfer
Program), and then the FTP over Secure Shell (SSH). Every single system contains
contentions both for and against it. Thus, nobody could announce answer for all the issues.
In several stages, SFTP is generally accessible and it makes sure to take care of the
anchoring problem relate to client's secret key, then it allows information encryption which is
trusted. SSH (which SFTP utilizes as the validation and tool for transporting the information)
additionally confirms the server included the key trading. SSH keys are kept secretly and
needs outside acknowledgment on, initially use or exchange via substitute method. As SFTP
only utilizes the solitary TCP link with trade, the two summons and information won’t have
any problem related to firewalls which could contain by the FTP. Shockingly, the SFTP does
not generally safeguard the record design when distinctive working frameworks are included.
Initially the SFTP convention was determined as a twofold document get to convention.
Despite the fact that a content exchange component was included later corrections of the
determination, not all usage bolster it, especially the most prevalent (OpenSSH). The
convention too gives a system to subjective document qualities to be passed on the record
open summon, however this isn't very utilized. The SSH people group has permitted the draft
determination to terminate as it was felt that the gathering didn't have the fundamental
mastery to institutionalize a document get to convention. While there are numerous
executions accessible, not every one of them will refresh the convention level that they
bolster on the off chance that they do not feel that their showcase contains utilization for it.
This technique gives adequate usefulness to numerous clients in spite of the fact that the
client may need to analysis to manage content document design transformation issues.
At its most fundamental, record exchange innovation is just a component to transport a
document starting with one framework then onto the next framework over a system. A safe
record exchange adds security highlights to this vehicle, for example, encoding the document
to save its privacy and honesty. This counteracts spies on the systems between the
frameworks from getting to the record substance and perusing or altering them. Secure
document exchange additionally includes a type of dependable conveyance, regardless of
12
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
whether it's simply given by TCP/IP traditions. Most secure record exchanges depend on
standard conventions, for example, the Secure File Transfer Protocol (SFTP) or secure
duplicate (SCP). Makes record exchanges befuddling that there are a few different ways to
give security. The most advanced compose is known as overseen record exchange (MFT),
and it mixes it up of administration, reviewing, computerization, security and unwavering
quality highlights to anchor document exchanges (Sans.org, 2018).
5. IDS
An intrusion detection system (IDS) is referred as a framework which screens the
organize movement, for any suspicious action and when such action is found the problem is
alarmed. While abnormality identification and announcing is the essential capacity, some
intrusion detection systems are equipped to take activities during any malicious activity or
when there strange movement identified, along with blocking movement which is sent from
the suspicious IP addresses (www.alienvault.com, 2018).
Especially, IDS checks any action that is suspicious and circumstance which might be
due to the consequence of any kind of infection, worm or the program. It is completed by
finding any intrusion marks or the marks of assault which are known and describes various
worms or infections, by following typical changes that contrast from the consistent
framework action.
IDS covers the extensive item types, which creates final product for recognizing the
intrusions. The arrangement of IDS could have less expensive shareware or uninhibitedly
conveyed open source programs, for a significantly expensive and arrangement of safe
merchant programming. Moreover, few IDSs contain both the programming applications, the
equipment and sensor gadgets that are introduced at various emphasis with the system
(SearchSecurity, 2018).
Here, we are introduced the Snort. A Snort refers to an open source organize interruption
identification framework, that is equipped to perform constant activity investigation as well
as signing parcel on the IP systems. It can do investigation of convention, seeking or
coordinating content and could be used to identify any type of assaults and tests. For instance,
support floods, secrecy port outputs, CGI attacks, SMB tests, OS finger printing endeavours
etc.
13
standard conventions, for example, the Secure File Transfer Protocol (SFTP) or secure
duplicate (SCP). Makes record exchanges befuddling that there are a few different ways to
give security. The most advanced compose is known as overseen record exchange (MFT),
and it mixes it up of administration, reviewing, computerization, security and unwavering
quality highlights to anchor document exchanges (Sans.org, 2018).
5. IDS
An intrusion detection system (IDS) is referred as a framework which screens the
organize movement, for any suspicious action and when such action is found the problem is
alarmed. While abnormality identification and announcing is the essential capacity, some
intrusion detection systems are equipped to take activities during any malicious activity or
when there strange movement identified, along with blocking movement which is sent from
the suspicious IP addresses (www.alienvault.com, 2018).
Especially, IDS checks any action that is suspicious and circumstance which might be
due to the consequence of any kind of infection, worm or the program. It is completed by
finding any intrusion marks or the marks of assault which are known and describes various
worms or infections, by following typical changes that contrast from the consistent
framework action.
IDS covers the extensive item types, which creates final product for recognizing the
intrusions. The arrangement of IDS could have less expensive shareware or uninhibitedly
conveyed open source programs, for a significantly expensive and arrangement of safe
merchant programming. Moreover, few IDSs contain both the programming applications, the
equipment and sensor gadgets that are introduced at various emphasis with the system
(SearchSecurity, 2018).
Here, we are introduced the Snort. A Snort refers to an open source organize interruption
identification framework, that is equipped to perform constant activity investigation as well
as signing parcel on the IP systems. It can do investigation of convention, seeking or
coordinating content and could be used to identify any type of assaults and tests. For instance,
support floods, secrecy port outputs, CGI attacks, SMB tests, OS finger printing endeavours
etc.
13
6. Security Issues
As per late examinations, security is the greatest test confronting little and medium-sized
organizations. Regularly changing security dangers from both inside and outside the business
system can seriously hinder the business tasks, influencing productivity and consumer
loyalty. What's more, little and medium-sized organizations must agree to new directions and
laws made to ensure shopper protection and secure electronic data.
Security Issue No. 1: Worms and Viruses. The computer worms and infections
remains as most widely recognized security risk, with 75 percent of little and
medium-sized organizations influenced by no less than one infection in the most
recent year. Worms and infections can devastatingly affect the business congruity and
gainfulness. More quick witted, more damaging strains are spreading speedily than
any other time, contaminating whole workplaces in a flash. Cleaning the
contaminated PCs takes no longer, and the procedure regularly results in lost requests,
debased databases, and furious clients. As the organizations battle to secure their
Personal Computers using latest working framework patches and antivirus
programming, the new infections can infiltrate their protection whenever required
(Medium, 2018). In the interim, workers spread infections along with spyware by
accidentally entering the pernicious Websites, then downloading or opening email
connections which contains untrustworthy files or materials. Such assaults are
inadvertently welcomed into the organization, however it could result is huge
budgetary disasters. Security frameworks must identify and repulse worms, infections,
and spyware at all the areas in the system.
Security Issue No. 2: Information Theft Information robbery is lucrative.
Programmers break into business systems to take MasterCard or standardized savings
numbers for benefit. Little and medium-sized organizations are viewed as a less
demanding focus than the substantial enterprises. Securing the border of the system is
a decent start, yet it isn't sufficient, since numerous data robberies are helped by a
confided insider. For example, a representative or temporary worker. Data robbery
can be expensive to little and medium-sized organizations, since they depend on
fulfilled clients and a decent notoriety to help develop their business. Organizations
that don't satisfactorily ensure their data could confront negative reputation,
government fines, or even lawsuits (Bittlingmeier and King, 2018).
14
As per late examinations, security is the greatest test confronting little and medium-sized
organizations. Regularly changing security dangers from both inside and outside the business
system can seriously hinder the business tasks, influencing productivity and consumer
loyalty. What's more, little and medium-sized organizations must agree to new directions and
laws made to ensure shopper protection and secure electronic data.
Security Issue No. 1: Worms and Viruses. The computer worms and infections
remains as most widely recognized security risk, with 75 percent of little and
medium-sized organizations influenced by no less than one infection in the most
recent year. Worms and infections can devastatingly affect the business congruity and
gainfulness. More quick witted, more damaging strains are spreading speedily than
any other time, contaminating whole workplaces in a flash. Cleaning the
contaminated PCs takes no longer, and the procedure regularly results in lost requests,
debased databases, and furious clients. As the organizations battle to secure their
Personal Computers using latest working framework patches and antivirus
programming, the new infections can infiltrate their protection whenever required
(Medium, 2018). In the interim, workers spread infections along with spyware by
accidentally entering the pernicious Websites, then downloading or opening email
connections which contains untrustworthy files or materials. Such assaults are
inadvertently welcomed into the organization, however it could result is huge
budgetary disasters. Security frameworks must identify and repulse worms, infections,
and spyware at all the areas in the system.
Security Issue No. 2: Information Theft Information robbery is lucrative.
Programmers break into business systems to take MasterCard or standardized savings
numbers for benefit. Little and medium-sized organizations are viewed as a less
demanding focus than the substantial enterprises. Securing the border of the system is
a decent start, yet it isn't sufficient, since numerous data robberies are helped by a
confided insider. For example, a representative or temporary worker. Data robbery
can be expensive to little and medium-sized organizations, since they depend on
fulfilled clients and a decent notoriety to help develop their business. Organizations
that don't satisfactorily ensure their data could confront negative reputation,
government fines, or even lawsuits (Bittlingmeier and King, 2018).
14
Security Issue No. 3: Business Availability Computer worms and infections are not
by any means the only danger to the business accessibility. Refusal of-benefit (DoS)
assaults can close down Websites and online business activities by sending extensive
volumes of movement to a basic system component and making it come up short or to
be unable process. However, the outcomes are awful: information and requests are
lost and the client demands are not replied (Cisco.com, 2018).
Security Issue No. 4: Security Legislation Aside from these security dangers, new
laws and directions necessitate that little and medium-sized organizations ensure the
protection and trustworthiness of the data endowed to them.
7. Measure the ROI on Security
In the world of finance, capital assumption must be estimated for its viability in
producing benefit for the association. This is the place the return on investment (ROI)
estimation comes in, for the assessment of a venture. For a venture to be legitimized it should
express in quantitative terms, why it needs to happen (Helpsystems.com, 2018). The
proposition with the most productivity potential generally wins; which is the reason
cybersecurity recommendations frequently lose except if there was a noteworthy occasion.
The run of the mill degree of profitability estimation resembles as follows:
Gain from the investment –Investment Cost
ROI = ____________________________________________
Investment Cost
For instance,
Gain from investment is $50000 and cost of investment is 30,000.
$50000 - $30,000
ROI = __________________________ = 0.666
$30,000
This straightforward calculation idea applies to each venture, including security. The
quality of a venture is typically estimated by the conviction and size of return it will give.
Does this same rationale apply to cybersecurity, well yes and no? Profit for security
speculation (ROSI) has some subtlety to it (Kohen, 2018).
Security is complicated, in that a speculation does not give expanded incomes, but rather
it provides reserve funds among the certain digital attack. Security specialists call this disaster
expectation, while in business and financial aspects, disaster counteractive action will fall
15
by any means the only danger to the business accessibility. Refusal of-benefit (DoS)
assaults can close down Websites and online business activities by sending extensive
volumes of movement to a basic system component and making it come up short or to
be unable process. However, the outcomes are awful: information and requests are
lost and the client demands are not replied (Cisco.com, 2018).
Security Issue No. 4: Security Legislation Aside from these security dangers, new
laws and directions necessitate that little and medium-sized organizations ensure the
protection and trustworthiness of the data endowed to them.
7. Measure the ROI on Security
In the world of finance, capital assumption must be estimated for its viability in
producing benefit for the association. This is the place the return on investment (ROI)
estimation comes in, for the assessment of a venture. For a venture to be legitimized it should
express in quantitative terms, why it needs to happen (Helpsystems.com, 2018). The
proposition with the most productivity potential generally wins; which is the reason
cybersecurity recommendations frequently lose except if there was a noteworthy occasion.
The run of the mill degree of profitability estimation resembles as follows:
Gain from the investment –Investment Cost
ROI = ____________________________________________
Investment Cost
For instance,
Gain from investment is $50000 and cost of investment is 30,000.
$50000 - $30,000
ROI = __________________________ = 0.666
$30,000
This straightforward calculation idea applies to each venture, including security. The
quality of a venture is typically estimated by the conviction and size of return it will give.
Does this same rationale apply to cybersecurity, well yes and no? Profit for security
speculation (ROSI) has some subtlety to it (Kohen, 2018).
Security is complicated, in that a speculation does not give expanded incomes, but rather
it provides reserve funds among the certain digital attack. Security specialists call this disaster
expectation, while in business and financial aspects, disaster counteractive action will fall
15
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
under the classification of chance cost. Supervisors and official discuss the opportunity cost
to assess the estimation of one venture choice against another. On the off chance that one
venture gives prompt payback yet in the long pull costs the organization more than another
chance, at that point they won't run with the fleeting alternative. Expanded incomes should
not be the desire when using the resources in cybersecurity. Rather safeguarding of capital
and resources is the thing that should not be out of ordinary. Prior to investigating the count,
it is critical to comprehend the factors of hazard appraisal (Incident Response Consortium,
2018).
8. Security Breach
The cases of inconceivably expensive representative caused information breaks differ.
While some came about because of disappointed representatives' longing to undermine their
boss, others were as pure as solicitations for specialized help.
People can be hazardous. In any case, security experts can comprehend their own
particular part in overseeing representative dangers. By review gadget misfortune as
inescapable, gadget encryption and observing can diminish the danger of losing information
in an auto or home break in. Thus, more quick witted strategies and direction on looking for
technical support, the transmission of information, and whaling dangers can decrease your
odds of honest slip-ups (Process.com, 2018).
By perceiving people as a presumable purpose of disappointment in security, those in
IT can bring their arrangements, specialized protects, and observing procedures up to speed.
Human blunder is unavoidable. In any case, the correct state of mind and activity can
guarantee you're not subject to expensive fines or open shame.
IT leads need to comprehend the distinction between record respectability checking
and other programming that can present hazard and the ones that can moderate dangers. In
case you're consistently managing a worker with special access and criminal purpose, some
record uprightness observing arrangements can empower criminal movement by permitting
review trails to be killed or changed.
Your association needs propelled devices for a culture of responsibility and aggregate
oversight. By giving resources into specialist based record uprightness checking with
inevitable review logs, you can comprehend the wellspring of each move made on your
system continuously.
16
to assess the estimation of one venture choice against another. On the off chance that one
venture gives prompt payback yet in the long pull costs the organization more than another
chance, at that point they won't run with the fleeting alternative. Expanded incomes should
not be the desire when using the resources in cybersecurity. Rather safeguarding of capital
and resources is the thing that should not be out of ordinary. Prior to investigating the count,
it is critical to comprehend the factors of hazard appraisal (Incident Response Consortium,
2018).
8. Security Breach
The cases of inconceivably expensive representative caused information breaks differ.
While some came about because of disappointed representatives' longing to undermine their
boss, others were as pure as solicitations for specialized help.
People can be hazardous. In any case, security experts can comprehend their own
particular part in overseeing representative dangers. By review gadget misfortune as
inescapable, gadget encryption and observing can diminish the danger of losing information
in an auto or home break in. Thus, more quick witted strategies and direction on looking for
technical support, the transmission of information, and whaling dangers can decrease your
odds of honest slip-ups (Process.com, 2018).
By perceiving people as a presumable purpose of disappointment in security, those in
IT can bring their arrangements, specialized protects, and observing procedures up to speed.
Human blunder is unavoidable. In any case, the correct state of mind and activity can
guarantee you're not subject to expensive fines or open shame.
IT leads need to comprehend the distinction between record respectability checking
and other programming that can present hazard and the ones that can moderate dangers. In
case you're consistently managing a worker with special access and criminal purpose, some
record uprightness observing arrangements can empower criminal movement by permitting
review trails to be killed or changed.
Your association needs propelled devices for a culture of responsibility and aggregate
oversight. By giving resources into specialist based record uprightness checking with
inevitable review logs, you can comprehend the wellspring of each move made on your
system continuously.
16
Conclusion
This project has successfully analysed the digital forensic case investigation, network
design and its security solutions for a new start-up company. This company basically is a
small medium enterprise and this company owned by Luton. The Luton was decided to
encounter many anomalies in the production of records and accounting using, E-government
model. This company has investigator and employed for the digital forensics. So, in the
network the investigators need to determine any kind of malicious activities that generally
take place Provide prevention from malware with the company system. All this is analysed
and discussed in detail. The digital forensic tool are analysed and discussed in detail. Also the
network security for this company are analysed and discussed in detail. Further, analysing the
authentication and authorization mechanisms are done. Key management issues are analysed
and discussed. Measures on ROI security are measured and discussed in detail. Finally, the
security breaches are identified successfully to provide the security for this company.
References
Bittlingmeier, D. and King, T. (2018). Understanding the Basic Security Concepts of
Network and System Devices | CompTIA Security+ Exam: Devices, Media, and Topology
Security | Pearson IT Certification. [online] Pearsonitcertification.com. Available at:
http://www.pearsonitcertification.com/articles/article.aspx?p=31562&seqNum=2 [Accessed
28 Aug. 2018].
Bu.edu. (2018). Understanding Authentication, Authorization, and Encryption : TechWeb :
Boston University. [online] Available at:
https://www.bu.edu/tech/about/security-resources/bestpractice/auth/ [Accessed 28 Aug.
2018].
Cisco.com. (2018). Top Five Security Issues for Small and Medium-Sized Businesses.
[online] Available at:
17
This project has successfully analysed the digital forensic case investigation, network
design and its security solutions for a new start-up company. This company basically is a
small medium enterprise and this company owned by Luton. The Luton was decided to
encounter many anomalies in the production of records and accounting using, E-government
model. This company has investigator and employed for the digital forensics. So, in the
network the investigators need to determine any kind of malicious activities that generally
take place Provide prevention from malware with the company system. All this is analysed
and discussed in detail. The digital forensic tool are analysed and discussed in detail. Also the
network security for this company are analysed and discussed in detail. Further, analysing the
authentication and authorization mechanisms are done. Key management issues are analysed
and discussed. Measures on ROI security are measured and discussed in detail. Finally, the
security breaches are identified successfully to provide the security for this company.
References
Bittlingmeier, D. and King, T. (2018). Understanding the Basic Security Concepts of
Network and System Devices | CompTIA Security+ Exam: Devices, Media, and Topology
Security | Pearson IT Certification. [online] Pearsonitcertification.com. Available at:
http://www.pearsonitcertification.com/articles/article.aspx?p=31562&seqNum=2 [Accessed
28 Aug. 2018].
Bu.edu. (2018). Understanding Authentication, Authorization, and Encryption : TechWeb :
Boston University. [online] Available at:
https://www.bu.edu/tech/about/security-resources/bestpractice/auth/ [Accessed 28 Aug.
2018].
Cisco.com. (2018). Top Five Security Issues for Small and Medium-Sized Businesses.
[online] Available at:
17
https://www.cisco.com/web/IN/solutions/smb/files/net_implementation_white_paper0900aec
d804606fc.pdf [Accessed 28 Aug. 2018].
Helpsystems.com. (2018). 6 Ways to Calculate ROI from your Network Monitoring
Investment. [online] Available at: https://www.helpsystems.com/resources/guides/6-ways-
calculate-returns-your-network-monitoring-investment [Accessed 28 Aug. 2018].
Incident Response Consortium. (2018). How to Measure the Return On Investment (ROI) in
Your CyberSecurity Environment | Incident Response Consortium. [online] Available at:
https://www.incidentresponse.com/how-to-measure-the-return-on-investment-roi-in-your-
cybersecurity-environment/ [Accessed 28 Aug. 2018].
InfoSec Resources. (2018). Network Design: Firewall, IDS/IPS. [online] Available at:
https://resources.infosecinstitute.com/network-design-firewall-idsips/#gref [Accessed 28
Aug. 2018].
Kohen, I. (2018). How to calculate your return on security investments. [online] CSO Online.
Available at: https://www.csoonline.com/article/3229887/security/how-to-calculate-your-
return-on-security-investments.html [Accessed 28 Aug. 2018].
Lucidchart. (2018). What is a Network Diagram. [online] Available at:
https://www.lucidchart.com/pages/network-diagram [Accessed 28 Aug. 2018].
Medium. (2018). Learn to securely share files on the blockchain with IPFS!. [online]
Available at: https://medium.com/@mycoralhealth/learn-to-securely-share-files-on-the-
blockchain-with-ipfs-219ee47df54c [Accessed 28 Aug. 2018].
Pkware.com. (2018). Secure Data Exchange | Smartcrypt | PKWARE. [online] Available at:
https://www.pkware.com/solutions/solutions-by-use-case/secure-data-exchange [Accessed 28
Aug. 2018].
Process.com. (2018). A Comparison of Secure File Transfer Mechanisms. [online] Available
at: http://www.process.com/resources/ssh/comparison_secure_file_xfer.pdf [Accessed 28
Aug. 2018].
Sans.org. (2018). Designing a Secure Local Area Network. [online] Available at:
https://www.sans.org/reading-room/whitepapers/bestprac/designing-secure-local-area-
network-853 [Accessed 28 Aug. 2018].
18
d804606fc.pdf [Accessed 28 Aug. 2018].
Helpsystems.com. (2018). 6 Ways to Calculate ROI from your Network Monitoring
Investment. [online] Available at: https://www.helpsystems.com/resources/guides/6-ways-
calculate-returns-your-network-monitoring-investment [Accessed 28 Aug. 2018].
Incident Response Consortium. (2018). How to Measure the Return On Investment (ROI) in
Your CyberSecurity Environment | Incident Response Consortium. [online] Available at:
https://www.incidentresponse.com/how-to-measure-the-return-on-investment-roi-in-your-
cybersecurity-environment/ [Accessed 28 Aug. 2018].
InfoSec Resources. (2018). Network Design: Firewall, IDS/IPS. [online] Available at:
https://resources.infosecinstitute.com/network-design-firewall-idsips/#gref [Accessed 28
Aug. 2018].
Kohen, I. (2018). How to calculate your return on security investments. [online] CSO Online.
Available at: https://www.csoonline.com/article/3229887/security/how-to-calculate-your-
return-on-security-investments.html [Accessed 28 Aug. 2018].
Lucidchart. (2018). What is a Network Diagram. [online] Available at:
https://www.lucidchart.com/pages/network-diagram [Accessed 28 Aug. 2018].
Medium. (2018). Learn to securely share files on the blockchain with IPFS!. [online]
Available at: https://medium.com/@mycoralhealth/learn-to-securely-share-files-on-the-
blockchain-with-ipfs-219ee47df54c [Accessed 28 Aug. 2018].
Pkware.com. (2018). Secure Data Exchange | Smartcrypt | PKWARE. [online] Available at:
https://www.pkware.com/solutions/solutions-by-use-case/secure-data-exchange [Accessed 28
Aug. 2018].
Process.com. (2018). A Comparison of Secure File Transfer Mechanisms. [online] Available
at: http://www.process.com/resources/ssh/comparison_secure_file_xfer.pdf [Accessed 28
Aug. 2018].
Sans.org. (2018). Designing a Secure Local Area Network. [online] Available at:
https://www.sans.org/reading-room/whitepapers/bestprac/designing-secure-local-area-
network-853 [Accessed 28 Aug. 2018].
18
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
SearchSecurity. (2018). Choosing secure file transfer products for your enterprise. [online]
Available at: https://searchsecurity.techtarget.com/feature/Choosing-secure-file-transfer-
products-for-your-enterprise [Accessed 28 Aug. 2018].
SearchSecurity. (2018). What is intrusion detection system (IDS)? - Definition from
WhatIs.com. [online] Available at: https://searchsecurity.techtarget.com/definition/intrusion-
detection-system [Accessed 28 Aug. 2018].
www.alienvault.com. (2018). Intrusion Detection Techniques: Methods & Best Practices.
[online] Available at: https://www.alienvault.com/blogs/security-essentials/intrusion-
detection-techniques-methods-best-practices [Accessed 28 Aug. 2018].
19
Available at: https://searchsecurity.techtarget.com/feature/Choosing-secure-file-transfer-
products-for-your-enterprise [Accessed 28 Aug. 2018].
SearchSecurity. (2018). What is intrusion detection system (IDS)? - Definition from
WhatIs.com. [online] Available at: https://searchsecurity.techtarget.com/definition/intrusion-
detection-system [Accessed 28 Aug. 2018].
www.alienvault.com. (2018). Intrusion Detection Techniques: Methods & Best Practices.
[online] Available at: https://www.alienvault.com/blogs/security-essentials/intrusion-
detection-techniques-methods-best-practices [Accessed 28 Aug. 2018].
19
1 out of 20
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.