This article discusses the network security policy for TIA Software Company, including password policies, firewall and antivirus software implementation, and regular security audits. It also explains the importance of network security and the common network security problems and their solutions.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
NETWORK SECURITY2 Question six Footprinting in network security Footprinting is also referred to as reconnaissance. It is a method of gathering information or data about computer systems. From a computer security, footprinting is the pre-attack phases i.e. those actions or tasks which are performed before the actual attack. The common tools used in footprinting are nslookup, Nmap, traceroute, neotrace, and Sam Spade. According to network engineers footprinting begins by first determining the objective and location of an intrusion. After this, information about the organization is then gathered using non-intrusive methods. Example an organization official website can provide information about their employees.Thisinformationcan then be used by an attackertogetherwith social engineering to reach the objective of the attack.Other information which can be obtained from footprinting includes organization e-mail addresses, phone numbers, organization procedures and policies, and the IP address. The common techniques which are used in footprinting include point of contact queries, WHOIS queries, World Wide Web spidering, network queries, ping sweeps, SNMP queries, DNS queries, operating system identification, the point of contact queries, and port scanning. Footprinting and crawling are used together to get information from the organization website. In addition, footprinting also helps to draw a network map for the targeted organization. It also helps to identify vulnerabilities which one can use to build database information of the organization. Also, footprinting helps in reducing an attack area thus concentrating particular targets only. Lastly, attackers use footprinting to get an overview of the security posture of an organizationlikesecurityconfigurationsanddetailsabouttheorganizationfirewall (IRISnetworksystems, n.d).
NETWORK SECURITY3 Tools used in footprinting One of the tools used in footprinting includes Sam Spade. This is a tool which is used to track down sources of e-mail spams. This tool was authored by Atkins steve in 1997. Some of the features which make Sam Spade a key footprinting security tool are advanced DNS, Search IP block which finds the IP block for an organization, Zone transfer which asks the DNS server information about an organization domain, scan addresses; a feature used to scan a range of IP addresses to look for open ports, and SMTP relay check; a feature used to check whether an email server knows about third party(Kahate, 2010). Nslookup is another footprinting tool. The tool is specifically used to query Domain Name System so as to obtain the domain name of a certain organization. It is also used for IP address mapping. WHOIS is another footprinting tool used for querying databases which store the registered users. The tool delivers database content in human-readable format. With WHOIS tool an attacker is able to get information about a registered domain like the domain owner contact and domain availability status of the organization. It also provides expiration and registration dates of the domain and the nameservers that the domain is using. Question seven How to block user computers from accessing the internet Most of the organizations spend a lot of time protecting their network. From definition network, security is the art of integrating the multiple layers of defenses in the organization network. Some of the reasons as to why network security is important are to protect the organization crucial assets such as computers. Second, is so as to comply with ethical and regulatory requirements(Kizza, 2005).
NETWORK SECURITY4 There are various ways one can do this; one way is blocking user computers from internet access. One of the methods which has been widely employed by most of the organizations is using internet access control tool. With this tool, one can block any website with ease. With the tool, one can also block a certain IP address from accessing the internet. The tool also contains an application blocker. One can also use a proxy server to block certain IP addresses from accessing the internet. Another method is navigating through the user computer control panel and under network and settings of the computer one can disable internet access capability of the user computer Creating web access security policy To create web access security policy starts by login into the SonicWall management interface. This followed by navigating in the security policies and then clicking the configure button. One then clicks add a new policy where add CFS policy window is displayed. This is followed by scrolling down the CFS Policy per IP address Range section and selecting enable policy per IP address Range check box. One then enters the IP address range and the last IP address to. This is then followed by selecting CFS policy to apply the IP address range in the CFS policy. Apply rules for windows services Windows services were initially known as NT services. This enables one to create long- running executable applications which run on their own sessions. The services can be started when computer boots. They can also be restarted and paused. To apply rules for windows services one needs to apply them via service control manager. In here a list of services are listed for each one of them with their status, description, and name. By double clinking a service it reveals its properties in detail. One can pause, delay start, and resume each service by right-
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
NETWORK SECURITY5 clicking and selecting the rule that one wishes to apply. Examples of windows services are background intelligent transfer service and active directory service. Allowing important programs with conditions One of the features with Microsoft based products is the ability to keep the organization information private. To allow certain programs with conditions one need to just click start then control panel, then clink system security and allow programs via windows firewall. One then continues to put conditions by selecting check boxes for the programs that one want to allow through the firewall. This is followed by using check boxes to indicate that kind of network which has the running program so as to get through. This is then followed by clicking ok so as to accept the settings. How to block remote users to the organization network Usually, remote users access the organization network via a virtual private network. They can also access organizational systems using the internet. An organization supports remote users by enabling remote user access feature. To disable remote users one need to open the browser of the computer hosting the system. One then continues to enter the administrator URL so as to open the Lync Server control panel. This is followed by clicking the external and federation access and then clinking the access edge configuration. One then opens the access edge configuration page and clinking edit access edge configuration. One then continues to disable remote user access of the organization and clearing the remote user access check box and lastly clicking commit button.
NETWORK SECURITY6 Question eight Functions of a firewall A firewall is a protective barrier between an organization cyber world and its network. When an organization is connected to the internet, the organization is a potential target to some of the cyber threats like keyloggers, hackers, and Trojans. When one using the internet they are simply receiving and sending packets of information. This is where the role of the firewall comes into play. A firewall is specifically used to filter and block data packets. It helps in preventing hackers from accessing the organization network(Krawetz, 2014). Firewalls are categorized into two which are hardware and software types of firewalls. A hardware firewall can be a router which is placed between the organization network and the World Wide Web. A software firewall is installed in the organization server thus filtering and deflecting the incoming attacks. It is also used in hiding ports. There different kinds of firewalls. One kind of firewall is the proxy server. This a type of firewall which is used to check all the incoming messages. It is also used to hide the true network address of the organization. Another type of firewall is the circuit level gateway. This is a kind of firewall used for UDP and TCP connection. Another kind of firewall is the packet filter. This is a type of firewall which to check the data packet entering or leaving an organization network. Another type of firewall is the application gateway. These type of firewall which acts as a gateway. Other functions of the firewall are closing down a port completely. There also used to block certain IP addresses and at the same time open certain IP addresses. There also used to keep ports closed of an organization network. They also allow encrypted communication with designated users from the outside world. Firewalls are also used to mitigate the spread of
NETWORK SECURITY7 malware, keyloggers, or viruses which have sneaked past the organization router and onto to the organization network. It is also used to block the outgoing connections from the router. Selection criteria of the next generation firewall in details Next Generation Firewall Next generation Firewall work by filtering internet and network traffic which has to be based in the traffic or the application types using certain ports. NGFW blend some standard firewall features with what lots of people refer to as quality of service functionalities so as to provide a deeper inspection. NGFW firewall is specifically designed to combine capabilities of the first generation firewalls and the network intrusion prevention systems commonly known as IPS. They also add features like SSH and SSL inspection. NGFW also have reputation-based malware filtering and active directoryintegration support. Question nine The common network security problems and their solutions Most of the organizations suffer from numerous network security issues without even realizing them. One of the major issues is that some of these issues go unsolved. The first problem is the issue of an unknown asset in an organization network. This is a common problem in most of the organization which results in lack of securing the asset. The easiest solution to this problem is conducting a review of all the network devices on the organization network. This also helps in identifying the various platforms in which they run on. By doing so one is able to determine the best way to prevent an attack on the asset. One is able to perform a security update. The second issue is the abuse of the user accounts. According to the business review which was done by Harvard in 2016. It reviewed that 60 percent of all network attacks are
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
NETWORK SECURITY8 carried out by insiders. In here users intentionally leak and at the same time misuses their account privileges(Knipp, 2002).One of the solution to minimize this risks is by to have organization policies in place. Example if an organization uses POLP (Policy of Least Privilege) when it comes to user accounts it helps in limiting that limiting what a user can do with their accounts. In addition with POLP, a user is just restricted on doing only those things in which they are employed to do. The third issue is the issue of unpatched security weaknesses. In here attackers stick to known exploits i.e. they use the common or old weaknesses to carry out an attack on the organization system(Krawetz, 2014). To prevent an organization can maintain a very strict schedule for keeping with network security patches. An organization can also gradually change operating systems and programs. The last issue is the lack of defense in depth and not having enough IT security management. Solution to this is building up a dedicated IT staff in the organization. This allows the organization to access a full team of experienced cyber-professionals who are able to deal with network security related issues. Why network security is crucial to an organization Network security is very important as it helps in protecting organization information and data. With network security, an organization is able to keep its information and data secure and safe. It also helps in minimizing the risk of organization failure. Second, network security helps in protecting the computer systems from harmful spyware and viruses like Trojan horse. This malware can lead to computer failure and denial of services by organization clients or users. Third, network security is used to increase the organization network performance. With network security, an organization experiences less downtime and to have fewer network disasters which in turn helps in boosting organization profits. Forth, with network security, an organization is
NETWORK SECURITY9 able to comply with regulatory and ethical responsibilities. In here an organization is able to develop procedures and policies to protect clients’ sensitive data. Lastly, since we live in a world which is digital raises the need for network security. With network security, an organization is able to protect its secret. Network security prevents legal and finesramificationsandtheoveralllossofbusiness.Also,networksecuritypreventsan organization external interruption of its activities. One is also able to segment their network with ease(Perez, 2017). Question 10 Network Security Policy A network security is a set of rules and procedures that outlines how data is accessed. Security policies also define the needs of protecting what is critical in an organization. Policies also define rules for computer users and system administrators and also outline consequences for unauthorized usage behavior. TIA Software Company is a client-centric organization. The organization captures its business value from its customer’s feedback. Network security polices of the organization is in line with its mission. One of the policies enforced by the organization is how its clients assess the organization website. From its policies, the organization clients have to assess the organization website via a valid email address. The organization has clearly outlined password policies. To protect my network the following policies and procedures will be in place. First, all the default network device passwords will be disabled; all then guest accounts will be renamed. Second, passwords construction will apply to all networked devices. All passwords must be at least twelve characters which must be a combination of mixed numbers, special characters, and a
NETWORK SECURITY10 mix of letters. Password must not include guessable data like personal information such as date of birth, users’ employees’ number, phone numbers, and their locations. User privileged accounts like the system administrators which are used in conjunction with the windows services ought to be changed after every 60 days by enforcing group policies. All remote access to the organization network has to be denied and disabled. In case any user password, network device password, and system administrator password are suspected to have been compromised, all the passwords will be changed promptly. In case the system administrator leaves the organization, then all the passwords and system settings will be changed promptly (Frye, 2011). All network policies will be listed in a formal document as shown by example below Table 1: Network security policy document sample for my network Policy title:Password changing policy Version: Pwd o1/2018 Issuer:IT manager Objective:To protect the organization network Approved by:Organization CEO More about the policy System and network device change password policy: Network device password, and system administrator password is suspected to have been compromised, all the passwords will be changed promptly Date:10thNovember 2018 Responsible officerfor implementation Organization IT Manager, System administrator and the network engineer References Date of Issue:10/11/2018Date of ReviewNo Review Yet
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
NETWORK SECURITY11 Frye, D. W. (2011).Network security policies and procedures by Douglas W Frye .New York: Springer. IRISnetworksystems. (n.d).5 network security risks your company might not be aware of. Retrieved from IRIS: https://www.irisns.com/5-network-security-risks-company-might- aware/ Kahate, A. (2010).Cryptography and Network Security.Carlifornia: McGraw-Hill Education. Kizza, J. M. (2005).Computer Network Security by Joseph Migga Kizza .MA Springer Science+Business Media, Inc. Knipp, E. &. (2002).Managing Cisco network security.Rockland: MA: Syngress. . Krawetz, N. (2014).Introduction to network security by Neal Krawetz(3rd ed.). Boston: Springer Press. Laet, G. D., & Schauwers, G. (2015).Network security fundamentals.New York: Indianapolis Press. Perez, A. (2017).Network security.Chicago: Springer .