Information Assurance Report: Securing Navy Networks and Data Breaches

Verified

Added on 2022/10/11

AI Summary

This report focuses on the critical need for information assurance within the U.S. Navy's network infrastructure, particularly concerning the security of internal and external networks used by suppliers. The report highlights the vulnerabilities present in unsecured networks, emphasizing the potential for data breaches, loss of data integrity, and leakage of sensitive information. It identifies various vulnerabilities including hardware, software, network, physical, and organizational vulnerabilities. It also discusses the importance of securing the network to meet evaluation assurance level 4+ (EAL 4+) to prevent threats. The report suggests strategies to overcome these issues, such as gathering information on network assets and providing proper IT security management. The report also cites several references related to network intrusion detection and security.

Running head: REPORT ON INFORMATION ASSURANCE
REPORT ON INFORMATION ASSURANCE
Name of the Student:
Name of the University:
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1REPORT ON INFORMATION ASSURANCE
Table of Contents
Discussion..................................................................................................................................2
References..................................................................................................................................5

2REPORT ON INFORMATION ASSURANCE
Discussion
Internal network and external networks of Department of Defence suppliers within
U.S. Navy is not secured. These networks need to be secured by acquisition department.
Insecure network means data breach can occur anytime. Many threats are faced for an
insecure networks within the navy. Data integrity can be lost with insecure networks. Top
secret information of U.S. Navy can be leaked through this data breach. All information
related to navy like details of every members of the navy and all other stuffs can be leaked
through data breach. Privacy of all details of the navy can be at risk. Data needs to be
protected with a secured network in the navy or else security breach can occur.
The vulnerabilities may de defines one kind of attack surface that are mainly
performed by the attacker in the network system to exploit the overall network system. It
relates the type of network design as well as the implementation of the network, construction,
operation and also the maintenance of the overall network system that will effect on the
overall system security policies as well as the management of the whole network system.
The vulnerabilities of the network design are such as –
Hardware Vulnerability: The hardware vulnerability refers to the flaws that are related to
the hardware issues of the network system such as extreme amount of humidity, dust as well
as the storing of hardware without protection.
Software Vulnerability: The software vulnerability refers to the flaws inside the designing
technique of the networking system including the wrong testing as well as lack of audit of the
assets in time based which helps to lead the software vulnerability.

3REPORT ON INFORMATION ASSURANCE
Network Vulnerability: This kind of vulnerability happens because of the use of exposed
network connections, the network architecture without protection as well as weak type of
communication channel.
Physical Vulnerability: As because this network system is located in the coastal areas so
that it arises the power supply which are not stable due to this location issues. At that cases,
this kind of vulnerability happens.
Organization Vulnerability: This kind of vulnerability happens due to misuse of security
tools as well as audit rules and also flaws in the case of administrative activities.
Point of failure is the potential risk which can be flawed in design, configuration and
implementation of a system or a circuit in which a single fault can cause the overall system to
stop operating. Failure in the part of the network within the navy can hamper the entire
network of the navy. Departments within the navy need access to UNIX-based design plotters
and Windows laser printers. The captain who is in charge of this project and his staff
members require wireless private network (VPN). Failure in any part of the network within
the system will prevent accessing these design plotters, laser printers and VPN.
Data of the navy need to be protected from data breach. For networks shared by
several departments in the navy, network security helps in keeping the information safe from
attackers. High quality network helps in reducing risk of attack. The network needs to be
secured and must meet evaluation assurance level 4+ (EAL 4+). Any fault in the network can
create possibility of threats such as data breach. Data integrity and confidentiality should be
maintained as any data breach within the network in the navy can result in leakage of very
important and secret data of the navy. Details of important stuffs and members of the navy
can be leaked from such attacks. Security vulnerabilities like memory safety bugs can be
obtained from insecure networks in the system. These bugs could provide network attackers

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4REPORT ON INFORMATION ASSURANCE
total control of the system. Data integrity can be lost from these bugs within the network
system of the bug.
There is only the process of overcoming that is required to resolve the networking
system related issues.
Gather information on assets on the network – It needs to identify all the devices as well as
the platforms related to the networking system because it helps to understand which of the
platforms is more important for the security needs. Because the unnecessary platforms of the
system can exploit the overall the networking design.
Provide proper IT security management – Most of the times, it has been seen that there is
enough amount of cyber security solution in the organization but no enough amount of
human being to control these solutions. So, it needs to gather all enough amount of workforce
for creating the IT security management.

5REPORT ON INFORMATION ASSURANCE
References
Chung, C. J., Khatkar, P., Xing, T., Lee, J., & Huang, D. (2013). NICE: Network intrusion
detection and countermeasure selection in virtual network systems. IEEE transactions
on dependable and secure computing, 10(4), 198-211.
Howard, T., & da Cruz, J. D. A. (2017). „A Cybervulnerability Assessment of the US Navy
in the 21st Century. Center for International Maritime Security January, 31.
Velasco, L., Castro, A., King, D., Gerstel, O., Casellas, R., & Lopez, V. (2014). In-operation
network planning. IEEE Communications Magazine, 52(1), 52-60.
Yao, G., Bi, J., & Guo, L. (2013, October). On the cascading failures of multi-controllers in
software defined networks. In 2013 21st IEEE International Conference on Network
Protocols (ICNP) (pp. 1-2). IEEE.