Network and Security: Threats and Controls
VerifiedAdded on  2023/06/03
|10
|1781
|75
AI Summary
This article discusses the various threats to network and information security and the controls that can be implemented to prevent them. It covers accidental corruption, loss of intellectual property, software piracy, theft of equipment, website defacement, elevation of privilege, and fire/flood threats. The article provides a detailed description of each threat and the controls that can be used to prevent them. It also includes a bibliography of relevant research on the topic.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: NETWORK AND SECURITY
NETWORK AND SECURITY
Name of the Student:
Name of the University:
Author Note:
NETWORK AND SECURITY
Name of the Student:
Name of the University:
Author Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1NETWORK AND SECURITY
Threat Category Control Description Classification Type
Accidental
Corruption of
information
Proper shut down
of the system
The proper shut
down of the
system will help
to save the files
containing the
information in a
proper way.
administration prevent
Installation of the
anti virus.
The
implementation
of the antivirus
will protect the
data from the
attacks from the
malware.
product prevent
Keeping the
backup of
information
regularly.
Keeping the
backup on regular
basis will give a
chance for the
users to retrieve
the right
information in
case the data is
corrupted.
Administrative prevent
Security against
the disturbance of
the power.
The disturbance
in the supply of
the power can
cause the loss of
the data in the
system. The spark
can damage the
files and
information in the
system.
product prevent
Threat Category Control Description Classification Type
Loss of
intellectual
property
Securing the
rights of the
intellectual
property.
Securing the
rights of the
intellectual
property is
important as it
will control the
usage of the
information.
administrative Detect , prevent
and compensate
Proper monitoring
of the usage of
the intellectual
The usage of the
information is
needed to be
administrative detect
Threat Category Control Description Classification Type
Accidental
Corruption of
information
Proper shut down
of the system
The proper shut
down of the
system will help
to save the files
containing the
information in a
proper way.
administration prevent
Installation of the
anti virus.
The
implementation
of the antivirus
will protect the
data from the
attacks from the
malware.
product prevent
Keeping the
backup of
information
regularly.
Keeping the
backup on regular
basis will give a
chance for the
users to retrieve
the right
information in
case the data is
corrupted.
Administrative prevent
Security against
the disturbance of
the power.
The disturbance
in the supply of
the power can
cause the loss of
the data in the
system. The spark
can damage the
files and
information in the
system.
product prevent
Threat Category Control Description Classification Type
Loss of
intellectual
property
Securing the
rights of the
intellectual
property.
Securing the
rights of the
intellectual
property is
important as it
will control the
usage of the
information.
administrative Detect , prevent
and compensate
Proper monitoring
of the usage of
the intellectual
The usage of the
information is
needed to be
administrative detect
2NETWORK AND SECURITY
property. monitored so that
the proper usage
of the information
is done in a
proper way.
Giving proper
reference while
using the
information.
The information
from the
intellectual
property is
needed to be
acknowledge
when it is used for
the references.
administrative Prevent and
compensate
Application of the
data protection
act.
The impose of the
rules in the data
protection act is
needed to be
done so that the
copyright of the
intellectual
property is
maintained.
administrative prevent
Threat Category Control Description Classification Type
Software Piracy Clear software
policy statement.
The clarity in the
software policy
will help the
employees to
understand the
boundaries in
using the
software
products.
administrative Prevent and
detect
Following anti
piracy statement.
The employees in
the organization
should maintain
the anti piracy
policies in the
organization.
Administrative detect
Knowing the
terms of licenses
The renewal of
the licenses are
needed to be
done maintain the
routine.
product detect
Software
inventories.
Software
inventories are
needed to be
product detect
property. monitored so that
the proper usage
of the information
is done in a
proper way.
Giving proper
reference while
using the
information.
The information
from the
intellectual
property is
needed to be
acknowledge
when it is used for
the references.
administrative Prevent and
compensate
Application of the
data protection
act.
The impose of the
rules in the data
protection act is
needed to be
done so that the
copyright of the
intellectual
property is
maintained.
administrative prevent
Threat Category Control Description Classification Type
Software Piracy Clear software
policy statement.
The clarity in the
software policy
will help the
employees to
understand the
boundaries in
using the
software
products.
administrative Prevent and
detect
Following anti
piracy statement.
The employees in
the organization
should maintain
the anti piracy
policies in the
organization.
Administrative detect
Knowing the
terms of licenses
The renewal of
the licenses are
needed to be
done maintain the
routine.
product detect
Software
inventories.
Software
inventories are
needed to be
product detect
3NETWORK AND SECURITY
done in a proper
way.
Threat Category Control Description Classification Type
Theft of
information(hacker)
Use of proper
anti virus.
The use of the
proper anti virus
will help the data
secured from the
hackers.
Product prevent
Use of firewall The use of
firewall will
prevent the entry
of the
unnecessary
traffics in the
organization
network.
Product prevent
Use of VPN Use of the virtual
private network
will help the
information to be
secured from the
outer world.
product Detect and
prevent
Following the
security
awareness.
The employees in
the organization
is needed to
follow the proper
security
guidelines.
administrative Detect and
prevent
Threat Category Control Description Classification Type
Theft of
information(employees)
Choosing the
right authority
for the access of
the data.
The authority of
accessing the
sensitive
information is
needed to be
given to the right
person.
Administrative Prevent and
detect
Using username
and password.
The important
information is
needed to be
protected
through the
application of
the username
and the
administrative Prevent and
detect
done in a proper
way.
Threat Category Control Description Classification Type
Theft of
information(hacker)
Use of proper
anti virus.
The use of the
proper anti virus
will help the data
secured from the
hackers.
Product prevent
Use of firewall The use of
firewall will
prevent the entry
of the
unnecessary
traffics in the
organization
network.
Product prevent
Use of VPN Use of the virtual
private network
will help the
information to be
secured from the
outer world.
product Detect and
prevent
Following the
security
awareness.
The employees in
the organization
is needed to
follow the proper
security
guidelines.
administrative Detect and
prevent
Threat Category Control Description Classification Type
Theft of
information(employees)
Choosing the
right authority
for the access of
the data.
The authority of
accessing the
sensitive
information is
needed to be
given to the right
person.
Administrative Prevent and
detect
Using username
and password.
The important
information is
needed to be
protected
through the
application of
the username
and the
administrative Prevent and
detect
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4NETWORK AND SECURITY
password. The
access of the
username and
password is
needed to be
restricted to the
certain group of
people and
higher authority.
Apart from that
the periodic
change in the
user name and
password is
needed to be
done.
Monitoring the
activities.
Proper
monitoring of
the activities of
the employees
with the system
will help to
prevent the
chances of the
breaching of the
data.
Administrative prevent
Proper
implementation
of the rules
The
implementation
of the rules and
regulations
regarding the
prevention of the
threats regarding
information
security will be
helpful in this
context. The
management of
the organization
is needed to
instruct the
employees to
follow those
rules and
regulations while
handling the
sensitive data
and information.
administrative Prevent and
compensate
password. The
access of the
username and
password is
needed to be
restricted to the
certain group of
people and
higher authority.
Apart from that
the periodic
change in the
user name and
password is
needed to be
done.
Monitoring the
activities.
Proper
monitoring of
the activities of
the employees
with the system
will help to
prevent the
chances of the
breaching of the
data.
Administrative prevent
Proper
implementation
of the rules
The
implementation
of the rules and
regulations
regarding the
prevention of the
threats regarding
information
security will be
helpful in this
context. The
management of
the organization
is needed to
instruct the
employees to
follow those
rules and
regulations while
handling the
sensitive data
and information.
administrative Prevent and
compensate
5NETWORK AND SECURITY
Threat Category Control Description Classification Type
Website
Defacement
Testing and the
audits of the
security
The hackers will
try to exploit the
vulnerabilities
through the
patched system.
However, proper
and regular
testing will
prevent these
threats.
Product and
administration
Prevention and
detection
Prevention of the
SQL injection
attacks.
The malicious SQL
instructions are
inserted into the
pre defined SQL
codes in order to
affect the
execution. The
prevention of the
SQL injection is
required in this
context.
product detection
Prevention of the
cross site
prevention
attacks.
Through the cross
scripting
technique the
attackers tries to
pass the malicious
code through the
form of the web
page. Prevention
of the cross
scripting can help
to prevent the
website
defacement.
Product Prevention and
detection
Use of the
defacement
detection and
monitoring tools.
There are tools
and techniques
for the monitoring
and the control of
the website
defacement. The
selection of the
tools is needed to
be done on the
basis of the
working and the
product Prevention and
detection.
Threat Category Control Description Classification Type
Website
Defacement
Testing and the
audits of the
security
The hackers will
try to exploit the
vulnerabilities
through the
patched system.
However, proper
and regular
testing will
prevent these
threats.
Product and
administration
Prevention and
detection
Prevention of the
SQL injection
attacks.
The malicious SQL
instructions are
inserted into the
pre defined SQL
codes in order to
affect the
execution. The
prevention of the
SQL injection is
required in this
context.
product detection
Prevention of the
cross site
prevention
attacks.
Through the cross
scripting
technique the
attackers tries to
pass the malicious
code through the
form of the web
page. Prevention
of the cross
scripting can help
to prevent the
website
defacement.
Product Prevention and
detection
Use of the
defacement
detection and
monitoring tools.
There are tools
and techniques
for the monitoring
and the control of
the website
defacement. The
selection of the
tools is needed to
be done on the
basis of the
working and the
product Prevention and
detection.
6NETWORK AND SECURITY
type of the
website.
Threat Category Control Description Classification Type
Theft of
equipment
Implementation
of the proper
monitoring
system.
The
implementation
of the proper
monitoring
system will help
to keep the track
of the
equipments.
Administrative Prevention,
detection and
compensate
Keeping the
records of the
system.
Keeping the track
and count of the
equipments is
important.
Administrative Prevention and
compensate
Tagging the
system.
All the
equipments are
needed to be
tagged in order to
keep the list in
proper way.
Administrative prevention
Tracking of the
system.
Each equipment
are needed to be
tracked on regular
basis.
Administrative prevention
Threat Category Control Description Classification Type
Viruses, Worms,
Trojan Horses
Usage of anti virus
software.
The usage of the
anti virus
software will help
to prevent the
attacks from the
virus and Trojan
horse.
Product Prevention ,
detection and
monitoring
Usage of firewall. The use of the
firewall will
prevent the
unnecessary
traffics to enter
into the system.
product Prevention ,
detection and
monitoring
Increasing the
awareness among
the users.
The users are
needed to be
aware about the
importance of
maintaining the
administration Prevention and
detection
type of the
website.
Threat Category Control Description Classification Type
Theft of
equipment
Implementation
of the proper
monitoring
system.
The
implementation
of the proper
monitoring
system will help
to keep the track
of the
equipments.
Administrative Prevention,
detection and
compensate
Keeping the
records of the
system.
Keeping the track
and count of the
equipments is
important.
Administrative Prevention and
compensate
Tagging the
system.
All the
equipments are
needed to be
tagged in order to
keep the list in
proper way.
Administrative prevention
Tracking of the
system.
Each equipment
are needed to be
tracked on regular
basis.
Administrative prevention
Threat Category Control Description Classification Type
Viruses, Worms,
Trojan Horses
Usage of anti virus
software.
The usage of the
anti virus
software will help
to prevent the
attacks from the
virus and Trojan
horse.
Product Prevention ,
detection and
monitoring
Usage of firewall. The use of the
firewall will
prevent the
unnecessary
traffics to enter
into the system.
product Prevention ,
detection and
monitoring
Increasing the
awareness among
the users.
The users are
needed to be
aware about the
importance of
maintaining the
administration Prevention and
detection
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7NETWORK AND SECURITY
security
guidelines while
using the system.
Usage of the
updated software
patches.
The updated
patches of the
software has extra
features to
prevent the new
attacks. The
organizations
should use the
updated patches
of the software.
products Prevention and
detection
Threat Category Control Description Classification Type
Elevation of
privilege
SID filtering SID filtering is the
main way for the
prevention of the
elevation of the
privilege.
product prevention
Prevention of the
privilege account
escalations.
Privili8age access
management will
help to delegate
the directory
services.
administration Prevention and
detection
Local
administrator
password
solutions.
Assigning the local
administrative
password would
be helpful in this
context. This will
prevent the
unauthorized use
of the account.
administration prevention
Monitoring for
creeps and
exploits.
Privilege accounts
are the main
target for the
escalations. In this
case proper
monitoring would
be helpful.
administrative Prevention and
detection
Threat Category Control Description Classification Type
Fire/flood Off site backup The offline backup
of the cloud
storage in needed
to be dome. So
that the data can
be use even if the
administrative Prevention and
compensate
security
guidelines while
using the system.
Usage of the
updated software
patches.
The updated
patches of the
software has extra
features to
prevent the new
attacks. The
organizations
should use the
updated patches
of the software.
products Prevention and
detection
Threat Category Control Description Classification Type
Elevation of
privilege
SID filtering SID filtering is the
main way for the
prevention of the
elevation of the
privilege.
product prevention
Prevention of the
privilege account
escalations.
Privili8age access
management will
help to delegate
the directory
services.
administration Prevention and
detection
Local
administrator
password
solutions.
Assigning the local
administrative
password would
be helpful in this
context. This will
prevent the
unauthorized use
of the account.
administration prevention
Monitoring for
creeps and
exploits.
Privilege accounts
are the main
target for the
escalations. In this
case proper
monitoring would
be helpful.
administrative Prevention and
detection
Threat Category Control Description Classification Type
Fire/flood Off site backup The offline backup
of the cloud
storage in needed
to be dome. So
that the data can
be use even if the
administrative Prevention and
compensate
8NETWORK AND SECURITY
information
stored in the
cloud get
breached.
Use of the
external drive
The data can be
stored and
backup can be
taken through the
use of the
external drive.
product compensate
Proper online
backup
Proper backup of
the data is
needed to be
stored online. So
that the data can
be retrieved from
the online source
even if the system
is affected badly.
Administrative compensate
Maintenance of
the system
The maintenance
of the system is
important. So that
the equipment
can be safe and
any glitches in the
system can get
notices in early
stage.
Administrative Detection and
prevention
information
stored in the
cloud get
breached.
Use of the
external drive
The data can be
stored and
backup can be
taken through the
use of the
external drive.
product compensate
Proper online
backup
Proper backup of
the data is
needed to be
stored online. So
that the data can
be retrieved from
the online source
even if the system
is affected badly.
Administrative compensate
Maintenance of
the system
The maintenance
of the system is
important. So that
the equipment
can be safe and
any glitches in the
system can get
notices in early
stage.
Administrative Detection and
prevention
9NETWORK AND SECURITY
Bibliography
Chandra, J.V., Challa, N. and Hussain, M.A., 2014. Data and information storage security from advanced
persistent attack in cloud computing. International Journal of Applied Engineering Research, 9(20),
pp.7755-7768.
Gordon, W.J., Fairhall, A. and Landman, A., 2017. Threats to Information Security—Public Health
Implications. New England Journal of Medicine, 377(8), pp.707-709.
Haager, J., Sandwith, C., Terrano, J. and Saripalli, P., Topia Tech Inc, 2018. Systems and methods for
security hardening of data in transit and at rest via segmentation, shuffling and multi-key encryption.
U.S. Patent 9,990,502.
Jakimoski, K., 2016. Security techniques for data protection in cloud computing. International Journal of
Grid and Distributed Computing, 9(1), pp.49-56.
Ramachandran, M. and Chang, V., 2016. Towards performance evaluation of cloud service providers for
cloud data security. International Journal of Information Management, 36(4), pp.618-625.
Redlich, R.M. and Nemzow, M.A., Digital Doors Inc, 2017. Digital information infrastructure and method
for security designated data and with granular data stores. U.S. Patent 9,734,169.
Rittinghouse, J.W. and Ransome, J.F., 2016. Cloud computing: implementation, management, and
security. CRC press.
Safa, N.S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N.A. and Herawan, T., 2015. Information
security conscious care behaviour formation in organizations. Computers & Security, 53, pp.65-78.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance model in
organizations. Computers & Security, 56, pp.70-82.
Xu, L., Jiang, C., Wang, J., Yuan, J. and Ren, Y., 2014. Information security in big data: privacy and data
mining. IEEE Access, 2, pp.1149-1176.
Bibliography
Chandra, J.V., Challa, N. and Hussain, M.A., 2014. Data and information storage security from advanced
persistent attack in cloud computing. International Journal of Applied Engineering Research, 9(20),
pp.7755-7768.
Gordon, W.J., Fairhall, A. and Landman, A., 2017. Threats to Information Security—Public Health
Implications. New England Journal of Medicine, 377(8), pp.707-709.
Haager, J., Sandwith, C., Terrano, J. and Saripalli, P., Topia Tech Inc, 2018. Systems and methods for
security hardening of data in transit and at rest via segmentation, shuffling and multi-key encryption.
U.S. Patent 9,990,502.
Jakimoski, K., 2016. Security techniques for data protection in cloud computing. International Journal of
Grid and Distributed Computing, 9(1), pp.49-56.
Ramachandran, M. and Chang, V., 2016. Towards performance evaluation of cloud service providers for
cloud data security. International Journal of Information Management, 36(4), pp.618-625.
Redlich, R.M. and Nemzow, M.A., Digital Doors Inc, 2017. Digital information infrastructure and method
for security designated data and with granular data stores. U.S. Patent 9,734,169.
Rittinghouse, J.W. and Ransome, J.F., 2016. Cloud computing: implementation, management, and
security. CRC press.
Safa, N.S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N.A. and Herawan, T., 2015. Information
security conscious care behaviour formation in organizations. Computers & Security, 53, pp.65-78.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance model in
organizations. Computers & Security, 56, pp.70-82.
Xu, L., Jiang, C., Wang, J., Yuan, J. and Ren, Y., 2014. Information security in big data: privacy and data
mining. IEEE Access, 2, pp.1149-1176.
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.