Cyber Security Report: TIA Software Company Network Security Policies

Verified

Added on 2021/10/01

AI Summary

This report delves into various aspects of cyber security, commencing with an analysis of footprinting techniques and the tools used for information gathering, such as the Wayback Machine and Whois Footprinting. It then examines the role and different types of firewalls, including packet-filtering and next-generation firewalls, emphasizing their importance in network security. The report further investigates common network security problems, like external and internal threats and security breaches, offering potential solutions. It also underscores the significance of network security for business organizations, focusing on asset protection, regulatory compliance, and competitive advantage. Finally, the report concludes with a case study of TIA Software Company, proposing specific network security policies to protect users and computers from hackers.

1
Running head: CYBER SECURITY
Cyber Security
Student’s Name
School Affiliation

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

2
CYBER SECURITY
Table of Contents
1. Question 6...........................................................................................................................................2
2. Question 8...........................................................................................................................................4
3. Question 9...........................................................................................................................................6
4. Question 10.........................................................................................................................................8
5. References...........................................................................................................................................9

3
CYBER SECURITY
1. Question 6
a) Analyze and explain footprinting in network security. [5 Marks]
Footprinting refers to a process of assembling information concerning a given network set up,
normally with the intention of looking for techniques to get into the environment. Footprinting
can depict the system accountability as well as advancing the ease with which they can be
utilized. Footprinting is the technique by which intruders aim at an organization and deploy
remote access procedure to accumulate proprietary data significant to the firm’s Internet as well
as network processors (Moustafa and Slay, 2016). They also reach the firm’s profiles with the
aim of mapping out the focused firm’s security stance. Footprinting utilizes queries such as “who
is” method that generates the employee phone number, names as well as other data upon request
from the attacker. The areas intended by the hackers in a network includes Domain Name
Systems (DNS) as well as Internet Protocol (IP) so as to get the addresses, Firewall meant to
secure the system from outside intrusion and quick steps generally linked with corporate
acquisitions as well as successful broadcasting of this attained data on the Internet, mass media
as well as Intranets. When firms gain other companies, various information is produced that
become public data which are of focus to the attackers. In addition, footprinting is relevant to
systematically and structurally guarantee that all pieces of data are established and it must be
carried out appropriately and in a monitored fashion.
b) Evaluate how different tools (at least 3) can be used for footprinting with examples. [5
Marks]
Wayback machine – this one of the tools that are utilized to gather information on a past
version of the website. A web program produced by the archive of the internet that is capable of

4
CYBER SECURITY
taking snapshots of a website at a uniform interval and makes them present to anyone who is in
pursuit. By the use of Wayback, machine one can recover data that was posted to a website
earlier. When a website URL is an input into the Wayback Machine, the website will return a
various date showing when a site was archived with an asterisk close to every date on which a
modification was done (Xue, Huang, and Zhang, 2016). However, the internet archive does not
preserve exhaustive outcome on each website, the site does archive can cover all the way to as
early as 1996.
Whois Footprinting – it refers to the name of the protocol which is utilized to examine the
servers managed by Regional Internet Registries, that hold data about each resource, that is,
Internet Protocol address or Name of the Domain registered on the Internet. The data that can be
captured about a resource are like name of the owner of the company, address of the owner of
the company, phone number, Internet Protocol address range that a given Ip belongs to, contact
email, name servers as well as the name of the administrator (Han and Kim, 2015). The tool
obtains the correct internet registrars so as to find data on the owners of the aimed Internet
Protocol address as well as domain.
Email Footprinting – is deployed to control the delivery of the emails to the targeted recipient,
intruders track emails to collect information about an intended recipient so as to carry out a
social engineering as well as other attacks (Alipour, Al-Nashif, Satam, and Hariri, 2015). It aids
in getting the details of the recipients such as the Internet Protocol address of the recipient,
recipients’ geolocation, the email was delivered and viewed, checks whether or not the client
visited every link delivered to them, gains the browser and working framework details of the
recipients as well as the time consumed on viewing the emails.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

5
CYBER SECURITY
2. Question 8
a) Explain the main function of the firewall in network security. Analyze different kinds of
the firewall in brief. [5 Marks]
Firewall is an essential component of the network of a firm and acts a significant part in
protecting and securing it while network security it is the technique of handling external as well
as internal attacks to the network system of the company. The firewall, in general, possesses two
network interfaces which include one to secure the external part of the network and the other for
internal side (Han, Gopalakrishnan and Lee, 2015). Its main aim is to manage what traffic is
permitted to transmit from one side to another. At most fundamental level, firewalls can lock
traffic aimed at specific Internet Protocol addresses and ports of the server. Basically, firms set
up their firewall to permit incoming flow to port 80, that is accepted port for utilization by web
administrators. This permits visitors to gain corporate website, for instance, but untrusted jam
spared for other port the access would not be granted. A firm employee who has correct
credentials like a username, as well as a password, would be permitted to access through a
protected connection, generally a virtual private connection. The firewall blocks malicious
softwares meaning it has the capacity to lock potential viruses, Trojan horses as well as malware
from attacking the system of the network. In particular, Trojan horses are the deadlier because
they link themselves to documents and when these files are transferred they cause damage to
computer systems and reveal the private information to web administrators being hosted by
attackers. Firewall offer protection against harms incorporating denial of service (DOS) threats.
The DOS threats take place when an attacker attempts to barrage a corporate website with a pool
of traffic, which brings the web administrator down and permits the attacker to gain access and
then the attacker might be able to reach other resources of the network.

6
CYBER SECURITY
There different kinds of firewall which include the following:
i) Packet-Filtering Firewalls – it essentially forms a checkpoint at a traffic switch as well as
the router. It carries a simple check of information packets getting via the router
examining the information like the source and destination of Internet Protocol, number of
the port as well as the type of the packet.
ii) Circuit-Level Gateways – it is meant to confirm or prohibit traffic without utilizing
important computing resources, the circuit-level gateway operates by approving the
transfer control protocol handshake.
iii) Stateful Inspection Firewalls – these firewalls link both TCP handshake as well as packet
examination technology approval to form a level of security.
iv) Proxy Firewalls – they function at the application layer to verify incoming jam between
your connection and traffic origin. It also performs broad-layer packet examinations,
verifying the real contents of data packet to proof that it comprises no malware.
v) Next generation Firewalls – this contains properties such as broad-packet examination,
surface-level packet assessment as well as TCP handshake tests. It can also incorporate
innovations like intrusion prevention frameworks function automatically to curb threats
against network.
b) Evaluate and explain the selection criteria of a next-generation firewall in details [10
Marks]
The following are the features to be considered in the Next-Generation Firewall:
i) Zone-based policy control – with the zone-based protection, the admin can link similar
interfaces and deploy the same rules to them, instead of writing the similar rule in every
interface.

7
CYBER SECURITY
ii) Default deny rules – the solution should not permit access from LAN to the connection,
and block access from the WAN.
iii) Bandwidth management – bandwidth management abilities should permit controllers to
assign sure and minimum bandwidth to operations, and prioritize traffic across interfaces
of all firewalls.
iv) Connection Limiting – this provides an additional layer to attack connections via the
firewall through Access Control Police. This property can be utilized to check Denial-of-
Service (DOS) terms or the transfer to particular kinds of malware that spread by starting
connections to non-constant addresses at a basically high rate.
v) SSL control -the firewall should possess the capacity to offer visibility into handshake of
SSL intervals and a technique by forming rules to control the identification of the SSL
connections.
3. Question 9
a) Evaluate the common network security problems and their solutions. [5 Marks]
External and Internal threats – attacks from any machine network comes from external as well
as internal entities. The external attacks incorporate the unauthorized access by intruders like
virus attack, hackers among others. Internal attacks include exploitation of the network
connection by its clients aware or unaware. Internal attacks come in because of malicious
activities and ignorance of the clients of the device network (Pathan, 2016). For instance, an
individual can leave the device unattended showing it to others who have no authority to access
the details. Again, internal attacks can be an individual streaming and fetching files from the
internet that leads in a malware attack. The above problem can be solved by observing the
following in a network system:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

8
CYBER SECURITY
The server is the primary point of information getting in and leaving the network, it should be
kept up to date and always patched and also utilize reputed firewalls that maintain invaders away
from the network. Deploy a software that generates the log of entire operations on the network,
the firewall offers a list of softwares trying to reach the external entities through the server. You
need to review these logs timely to analyze if any software has abnormal behavior, thereby
examining if the computer or server in the network is under attack for these logs aid in
identifying the weird client activity. The server requires a strong anti-malware which can be
gotten from the internet for free or you purchase for a suite that consists of anti-malware as well
as a firewall.
Deploy the encryption software to minimize the theft of data, for instance, SecureZip is software
that permits you to encrypt as well as compressing the outgoing packets of data. Ensure that all
the operating systems being used in every device are updated to minimize the vulnerabilities as
the working framework engineers establish and patch each weakness in the operating system.
Recheck the peripheral on your device such as scanners, printers as well as photocopiers on the
network by ensuring they are not reachable from the internet and this is obtained by positioning
them behind a firewall.
Security Breaches – this takes place when the network is accessed by individuals with no
authority and steal information, install viruses, compromise programs, stealing of hardware and
password leakage or hacking. This can be resolved by guaranteeing the hardware is protected
every time and utilization of secure, encrypted passwords and ensure passwords are different at
various levels of privacy.
c) Analyze and explain why network security problems are crucial for any business
organization. [5 Marks]

9
CYBER SECURITY
To secure the assets of the company – an organization by facing the network security problems
identifies the need for protecting computers as well as computer networks. The assets here refer
to data that is kept in the device network, that is crucial and of high value as the visible assets of
the firm. The device and network security is involved with protection, integrity as well as safe
access to private details and also entails the accessibility of data in a meaningful way.
To adhere to Regulatory needs and Ethical Responsibilities – it is a role of any company to
create procedures and rules handling the security needs of each organization. These regulations
act for the safety and protection of every firm and are compulsory for any firm operating on
computers.
For competitive benefit – creating an effective framework for networks will give the company a
competitive edge. In the scene of Internet e-commerce, financial services, as well as network
security, assumes crucial significance. If the network is protected the clients would avail the
operations of banking over the internet.
4. Question 10
Analyze the scenario of TIA Software Company and create your own network security policies
to protect network users and computers from hackers. [10 Marks]
Network policies govern how connection should be established and set to streamline operations
of the users in normal conditions and directs how to respond during the instance of intrusion. The
following highlights the imposition of rules measures of every term of network security to
safeguard information as well as systems:
The network administrator login key should be modified to a highly complicated password and
kept in a cabinet with limited access.

10
CYBER SECURITY
Only the certified staffs have the authority to access as well as maintaining applications,
architectures, network elements, working frameworks among others.
The authorized users should inform the network administrator before creating general accounts
as well as privileged accounts like system admin.
Privileged accounts are subjected to frequent review to ensure they are genuine and should be
disabled in case of prolonged inactivity.
The users should not utilize the computerized technology to carry out unacceptable operations
such as intentional copyright duplication, program license duplication, plagiarism, fraud, forgery
as well as impersonation.
The users should be allowed to access internet with intention of visiting prohibited sites that
contains the unlawful materials such as pornographic or harmful information.
The user should not to gain access of the computer resources with no authority from the
organization.
Users in an organization should not be allowed come in with their external drives that can infect
the computers of the firm with viruses among dangerous components.
The staff or users of the network should not use the electronic mail of the organization in
publishing or posting their items.
The users should not dispose the crucial information of the organization to the public like
financial statement for security purposes.
When an administrator of the system leaves the company, entire passwords which the admin had
access to must be modified immediately.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

11
CYBER SECURITY
The firm is entitled to sign DNA to every worker about exposing the information of the deployed
computers in the perimeter.
The organization must regularly apply patches as well as protection updates as produced by
developers.
Internet access rules incorporate automatically locking entire websites established as incorrect
for the firm user.
In the situation of dedicated administrator access, a program firewall should be positioned
between the user who is a remote and committed server to conceal the identity of the
administrator.

12
CYBER SECURITY
5. References
Moustafa, N., & Slay, J. (2016). The evaluation of Network Anomaly Detection Systems:
Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99
dataset. Information Security Journal: A Global Perspective, 25(1-3), 18-31.
Alipour, H., Al-Nashif, Y. B., Satam, P., & Hariri, S. (2015). Wireless anomaly detection based
on IEEE 802.11 behavior analysis. IEEE transactions on information forensics and
security, 10(10), 2158-2170.
Han, B., Gopalakrishnan, V., Ji, L., & Lee, S. (2015). Network function virtualization:
Challenges and opportunities for innovations. IEEE Communications Magazine, 53(2),
90-97.
Pathan, A. S. K. (Ed.). (2016). Security of self-organizing networks: MANET, WSN, WMN,
VANET. CRC press.
Han, J., Ha, M., & Kim, D. (2015, October). Practical security analysis for the constrained node
networks: Focusing on the DTLS protocol. In the Internet of Things (IoT), 2015 5th
International Conference on the (pp. 22-29). IEEE.
Xue, N., Huang, X., & Zhang, J. (2016, August). S2Net: a security framework for software-
defined intelligent building networks. In Trustcom/BigDataSE/I SPA, 2016 IEEE (pp.
654-661). IEEE.