Requirement Proposal for Defense-Contracting field Organization
VerifiedAdded on 2023/03/30
|7
|1340
|427
AI Summary
This requirement proposal provides solutions for resolving issues related to web traffic and sensitive emails in defense-contracting organizations. It discusses the importance of encryption and suggests remedies to ensure secure transmission of data. The proposal also includes cost estimations for implementing the solutions.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: REQUIREMENT PROPOSAL
Requirement Proposal for Defense-Contracting field Organization
Name of the Student
Name of the University
Author Note
Requirement Proposal for Defense-Contracting field Organization
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1REQUIREMENT PROPOSAL
Table of Contents
Introduction................................................................................................................................2
Remedies for resolving the following issues:........................................................................2
a) Web traffic to and from the server in plain text.............................................................2
b) Some sensitive emails also being sent outside of organizations that are not encrypted 3
Costs for resolving the solutions............................................................................................4
Conclusion..................................................................................................................................5
References..................................................................................................................................6
Table of Contents
Introduction................................................................................................................................2
Remedies for resolving the following issues:........................................................................2
a) Web traffic to and from the server in plain text.............................................................2
b) Some sensitive emails also being sent outside of organizations that are not encrypted 3
Costs for resolving the solutions............................................................................................4
Conclusion..................................................................................................................................5
References..................................................................................................................................6
2REQUIREMENT PROPOSAL
Introduction
The concept of defence contracting organizations are the ones that either work as a
business organization or even as an individual to provide specific products and services to the
government-aided military or intelligence departments. There are several ranges of security
statements that organizations like these need to follow. The scales are to ensure the most
secured services or products to the military and intelligence departments as these require to
be as confidential as possible (Zhou & Gu, 2016, pp. 2308-2314). Even then, the case study
has provided the information that there have been several stages about the issues that need to
be resolved. The steps are required in case this defence-contracting organization provides
services. The following report would thus, propose possible solutions to the problems and
also analyze the problem with identifying the costs for the issues to be resolved.
Remedies for resolving the following issues:
a) Web traffic to and from the server in plain text
An example about occurrences of an incident in an organization delivered the web
traffic data to and from the server in plain text. The event could be a massive problem if the
hackers gain access over the network servers by intercepting in the network with the help of
packet sniffers through this plain text. This would provide a vast security vulnerability to the
server as the hackers can look into the network interfaces without being connected to the
servers and can even have access to the host computers. Now packet sniffers are readily
available as a free service like the software application Wireshark. This can boost this issue
as the "pcap" for capturing the packets in Wireshark. It would be much easier if the data is
available in plain text.
For this, a remedial can be proposed to the organization with the enhanced security
about the protection of sensitive information regarding the securing of the generated web
Introduction
The concept of defence contracting organizations are the ones that either work as a
business organization or even as an individual to provide specific products and services to the
government-aided military or intelligence departments. There are several ranges of security
statements that organizations like these need to follow. The scales are to ensure the most
secured services or products to the military and intelligence departments as these require to
be as confidential as possible (Zhou & Gu, 2016, pp. 2308-2314). Even then, the case study
has provided the information that there have been several stages about the issues that need to
be resolved. The steps are required in case this defence-contracting organization provides
services. The following report would thus, propose possible solutions to the problems and
also analyze the problem with identifying the costs for the issues to be resolved.
Remedies for resolving the following issues:
a) Web traffic to and from the server in plain text
An example about occurrences of an incident in an organization delivered the web
traffic data to and from the server in plain text. The event could be a massive problem if the
hackers gain access over the network servers by intercepting in the network with the help of
packet sniffers through this plain text. This would provide a vast security vulnerability to the
server as the hackers can look into the network interfaces without being connected to the
servers and can even have access to the host computers. Now packet sniffers are readily
available as a free service like the software application Wireshark. This can boost this issue
as the "pcap" for capturing the packets in Wireshark. It would be much easier if the data is
available in plain text.
For this, a remedial can be proposed to the organization with the enhanced security
about the protection of sensitive information regarding the securing of the generated web
3REQUIREMENT PROPOSAL
traffic and in-transit information. This can be done with the help of the ‘https’ modes. The
https models usually send the data and receive the data through two separate channels at the
same time. It will be even better if the sending and receiving of the data can be done by using
Port 443 (Shubh & Sharma, 2016, pp. 569-579). This is because using a port 443 will ensure
that the transaction of data is encrypted. Without proper encryption, the data can never be
transmitted. The server would request for the encryption of data, and this will generate the
handshake mechanism for the sending and receiving of the request. For the encryption mode
request, from the side of the organization, it would be better is ClientHello application is used
(Hossain et al., 2018, pp. 83-108). This will provide a baseline before the handshake
procedure in the https begins. With this, the information or the data would be adequately
encrypted, and only after that, it would be transmitted.
Along with this, an SSL certificate will be generated within the transmission process.
It would help in the establishment of a trusted permission allocation between the sender and
the receiver. The trusted SSL certificate would provide the decryption key for the receiver to
understand the encrypted data.
This method can get past the Wireshark interceptions as the traversal path for the
sending and receiving of data will never be the same. Besides, the data will not be transmitted
at all in the first place if they are not encrypted.
b) Some sensitive emails also being sent outside of organizations that are not encrypted
Defense Contracting organizations need to handle a lot of emails that must be
encrypted as they mostly comprise of the government-aided intelligence and military data.
This requires high-security encryptions methods to be adopted so that in no way the
conversation can be intercepted by any unauthorized hacker (Diogenes, Shinder & Shinder,
2016). The following can be a remedial measure so that these confidential and sensitive
traffic and in-transit information. This can be done with the help of the ‘https’ modes. The
https models usually send the data and receive the data through two separate channels at the
same time. It will be even better if the sending and receiving of the data can be done by using
Port 443 (Shubh & Sharma, 2016, pp. 569-579). This is because using a port 443 will ensure
that the transaction of data is encrypted. Without proper encryption, the data can never be
transmitted. The server would request for the encryption of data, and this will generate the
handshake mechanism for the sending and receiving of the request. For the encryption mode
request, from the side of the organization, it would be better is ClientHello application is used
(Hossain et al., 2018, pp. 83-108). This will provide a baseline before the handshake
procedure in the https begins. With this, the information or the data would be adequately
encrypted, and only after that, it would be transmitted.
Along with this, an SSL certificate will be generated within the transmission process.
It would help in the establishment of a trusted permission allocation between the sender and
the receiver. The trusted SSL certificate would provide the decryption key for the receiver to
understand the encrypted data.
This method can get past the Wireshark interceptions as the traversal path for the
sending and receiving of data will never be the same. Besides, the data will not be transmitted
at all in the first place if they are not encrypted.
b) Some sensitive emails also being sent outside of organizations that are not encrypted
Defense Contracting organizations need to handle a lot of emails that must be
encrypted as they mostly comprise of the government-aided intelligence and military data.
This requires high-security encryptions methods to be adopted so that in no way the
conversation can be intercepted by any unauthorized hacker (Diogenes, Shinder & Shinder,
2016). The following can be a remedial measure so that these confidential and sensitive
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4REQUIREMENT PROPOSAL
emails can be saved from being sent without encryption. This procedure will be applicable
for ensuring the encryption of the emails sent via Outlook 365. It will also provide the email
encryptions for people using non-Office 365 email services like Gmail and other services:
1. In the case of Office 365, OME capabilities need to be enhanced more by
establishing the assurance of using Azure Rights Management services. If the
OME system leverages the Azure RMS features, the emails are protected well
enough with the incorporations of Encryptions and Access Controls. However,
for this, the Azure RMS must be activated with the tenant of the organization
(Diogenes & Shinder, 2018). In-Office 365, this service is activated
automatically, but in other email services, these need to activate manually. For
the manual activations, the Microsoft 365 admin centre and the Azure portal
can be used.
2. OME configuration must be verified for Exchange Online Powershell. This
will ascertain how the Office 365 tenant can be appropriately configured using
the specific syntax for running the Get-IRMConfiguration cmdlet. The
encryption messages would always be ensured (Bhardwaj & Goundar, 2017,
pp. 8-15). Without encryption of these emails, they would not be sent to the
receiver with the utility of the specifications as mentioned above.
Costs for resolving the solutions
As per the situation in the first case, the webserver SSL certificate would cost $249
per year to $599 per year. They also come with a 128/256-bit encryption https model with a
warranty with the total cost of $100,000 to $500,000 (O’Brien et al., 2018, pp. 734-751).
As per the situation in the second case for the enabling of Azure Rights Management,
the total cost that will be used would be $2 per month throughout the channels. The payment
emails can be saved from being sent without encryption. This procedure will be applicable
for ensuring the encryption of the emails sent via Outlook 365. It will also provide the email
encryptions for people using non-Office 365 email services like Gmail and other services:
1. In the case of Office 365, OME capabilities need to be enhanced more by
establishing the assurance of using Azure Rights Management services. If the
OME system leverages the Azure RMS features, the emails are protected well
enough with the incorporations of Encryptions and Access Controls. However,
for this, the Azure RMS must be activated with the tenant of the organization
(Diogenes & Shinder, 2018). In-Office 365, this service is activated
automatically, but in other email services, these need to activate manually. For
the manual activations, the Microsoft 365 admin centre and the Azure portal
can be used.
2. OME configuration must be verified for Exchange Online Powershell. This
will ascertain how the Office 365 tenant can be appropriately configured using
the specific syntax for running the Get-IRMConfiguration cmdlet. The
encryption messages would always be ensured (Bhardwaj & Goundar, 2017,
pp. 8-15). Without encryption of these emails, they would not be sent to the
receiver with the utility of the specifications as mentioned above.
Costs for resolving the solutions
As per the situation in the first case, the webserver SSL certificate would cost $249
per year to $599 per year. They also come with a 128/256-bit encryption https model with a
warranty with the total cost of $100,000 to $500,000 (O’Brien et al., 2018, pp. 734-751).
As per the situation in the second case for the enabling of Azure Rights Management,
the total cost that will be used would be $2 per month throughout the channels. The payment
5REQUIREMENT PROPOSAL
and installation procedure can be directly available from Microsoft (Charlebois-Laprade et
al., 2017).
Conclusion
Therefore, in the end, as per the report above identified, the defence contractors
should take care of the encryption modes as it is the most critical priority for the defence
contractors. This is because the organization primarily deals with the government aided
military and intelligence agencies. In these organizations, security is the most important
aspect and therefore, any discrepancy in the security or negligence cannot be considered from
the end of the defence contracting agencies. The two above mentioned cases clearly describe
how hackers can take advantage of these vulnerabilities to hack into the messages and
network information that should have been encrypted. In retaliation, the proper way of
handling the situation and providing remedial measures with cost estimations are also
supplied as above.
and installation procedure can be directly available from Microsoft (Charlebois-Laprade et
al., 2017).
Conclusion
Therefore, in the end, as per the report above identified, the defence contractors
should take care of the encryption modes as it is the most critical priority for the defence
contractors. This is because the organization primarily deals with the government aided
military and intelligence agencies. In these organizations, security is the most important
aspect and therefore, any discrepancy in the security or negligence cannot be considered from
the end of the defence contracting agencies. The two above mentioned cases clearly describe
how hackers can take advantage of these vulnerabilities to hack into the messages and
network information that should have been encrypted. In retaliation, the proper way of
handling the situation and providing remedial measures with cost estimations are also
supplied as above.
6REQUIREMENT PROPOSAL
References
Bhardwaj, A., & Goundar, S. (2017). Security challenges for cloud-based email
infrastructure. Network Security, 2017(11), pp. 8-15.
Charlebois-Laprade, N., Zabourdaev, E., Brunet, D., Wilson, B., Farran, M., Ng, K., ... &
Cathcart, S. (2017). Azure Rights Management for SharePoint. In Expert Office
365 (pp. 165-191). Apress, Berkeley, CA.
Diogenes, Y., & Shinder, T. (2018). Microsoft Azure Security Center. Microsoft Press.
Diogenes, Y., Shinder, T., & Shinder, D. (2016). Microsoft Azure Security Infrastructure.
Microsoft Press.
Hossain, M. S., Paul, A., Islam, M. H., & Atiquzzaman, M. (2018). Survey of the Protection
Mechanisms to the SSL-based Session Hijacking Attacks. Network Protocols &
Algorithms, 10(1), pp. 83-108.
O’Brien, P., WH Young, S., Arlitsch, K., & Benedict, K. (2018). Protecting privacy on the
web: A study of HTTPS and Google Analytics implementation in academic library
websites. Online Information Review, 42(6), pp. 734-751.
Shubh, T., & Sharma, S. (2016). Man-in-the-middle-attack prevention using HTTPS and
SSL. Int J Comput Sci Mobile Comput, 5(6), pp. 569-579.
Zhou, P., & Gu, X. (2016). HTTPAS: active authentication against HTTPS man-in-the-
middle attacks. IET Communications, 10(17), pp. 2308-2314.
References
Bhardwaj, A., & Goundar, S. (2017). Security challenges for cloud-based email
infrastructure. Network Security, 2017(11), pp. 8-15.
Charlebois-Laprade, N., Zabourdaev, E., Brunet, D., Wilson, B., Farran, M., Ng, K., ... &
Cathcart, S. (2017). Azure Rights Management for SharePoint. In Expert Office
365 (pp. 165-191). Apress, Berkeley, CA.
Diogenes, Y., & Shinder, T. (2018). Microsoft Azure Security Center. Microsoft Press.
Diogenes, Y., Shinder, T., & Shinder, D. (2016). Microsoft Azure Security Infrastructure.
Microsoft Press.
Hossain, M. S., Paul, A., Islam, M. H., & Atiquzzaman, M. (2018). Survey of the Protection
Mechanisms to the SSL-based Session Hijacking Attacks. Network Protocols &
Algorithms, 10(1), pp. 83-108.
O’Brien, P., WH Young, S., Arlitsch, K., & Benedict, K. (2018). Protecting privacy on the
web: A study of HTTPS and Google Analytics implementation in academic library
websites. Online Information Review, 42(6), pp. 734-751.
Shubh, T., & Sharma, S. (2016). Man-in-the-middle-attack prevention using HTTPS and
SSL. Int J Comput Sci Mobile Comput, 5(6), pp. 569-579.
Zhou, P., & Gu, X. (2016). HTTPAS: active authentication against HTTPS man-in-the-
middle attacks. IET Communications, 10(17), pp. 2308-2314.
1 out of 7
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.