Network Security Report: Threat Classification and Controls

Verified

Added on 2021/09/19

AI Summary

This report provides a detailed analysis of various network security threats and the corresponding control measures. It categorizes threats such as accidental information corruption, unauthorized data access, and theft of information, classifying them based on their nature and potential impact. The report then outlines specific control descriptions, including network monitoring, access restrictions, data encryption, firewall configurations, and the use of antivirus and anti-malware software. These controls are classified into types like administrative, physical, and product-based measures. The report also covers topics like web application firewalls, intrusion detection systems, and incident response plans. Furthermore, the report highlights the importance of keeping software updated, securing servers, and implementing policies to prevent software piracy and equipment theft. The document concludes by emphasizing the significance of employee training, secure connections, and website monitoring tools to maintain robust network security. References to support the analysis are also provided.

Running Head: NETWORK SECURITY
NETWORK SECURITY
Name of the student:
Name of the university:
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1NETWORK SECURITY
Threat
Category
Control Description Classification Type
Accidental
corruption of
information
Network
monitoring
Network traffic
is monitored to
identify and
investigate fraud
data transfers
Administrative Prevent and
detect
Export control Unauthorized
access of
sensitive data is
restricted by
controlling
ability to paste,
copy and print
parts of
documents.
Physical and
Administrative
Prevent
Control of
physical media
Copy of
sensitive data to
unauthorized
devices is
prevented.
Physical Prevent
Perimeter
security
Sensitive data is
prevented from
Physical Prevent

2NETWORK SECURITY
leaving the
perimeter
Loss of
intellectual
property
Security of
proprietary
information
Access to
proprietary
information is
controlled
Administrative Prevent
Data security
and encryption
Data is
encrypted by
process of
cryptography
such that
unapproved
access is
prevented
Physical Prevent and
detect
Secure servers The servers
should be
secured by using
antivirus and
firewalls.
Product Prevent and
detect
Remind people
of access to
sensitive IP
People is
reminded
continuously to
protect sensitive
Administrative Prevent

3NETWORK SECURITY
IP.
Software piracy Firewall Source IP
address is
filtered for
access to
software that
prevents
software privacy
Product Prevent
Antivirus Ensures that
system does not
contain any
malware that
will facilitate
software piracy
Product Prevent
Policy to update
antivirus
Software should
be updated to
prevent software
piracy
Administrative Prevent
Web application
firewall
Identifies any
piracy in
software
Product Prevent and
detect
Plan to respond
to incidents
Plan that will
prepare to
Administrative Compensate

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4NETWORK SECURITY
respond to
software piracy
quickly
Theft of
information
(hacker)
Firewall Controls traffic
passing through
all network ports
Product Prevent
Anti-malware
software
Detects
malwares in the
network used by
hackers to steal
data
Product Prevent and
detect
Sensitive data
encryption
Sensitive data
stored in storage
device should be
encrypted so that
it becomes hard
to access even if
hacker gains
access to
network.
Administrative Prevent and
detect
Policy to keep
software updated
Processes and
procedures are
ensured that they
Administrative Prevent and
detect

5NETWORK SECURITY
are in place by
keeping all
software updated
Theft of
information
(employee)
Standard and
Limited user
account
Administrative
login Id and
password should
be given to
trusted
employees
Administrative Prevent
Overwrite
storage devices
before
discarding
Hard drives,
memory cards,
USB flash drives
and other storage
devices that
stored previous
personal
information
should be should
be either
destroyed
physically or
overwritten
before
Physical Prevent

6NETWORK SECURITY
discarding them.
Using secured
connection to
send sensitive
data
SSL/TLS
protocol ensures
that sensitive
data is send
securely such
that theft of
information by
employees is not
possible
Physical and
product
Prevent and
detect
Website
defacement
Sucuri tool Website
monitoring tool
that protects,
provides backup
and quality
performance
Product Prevent and
detect
IPVTec tool Online
monitoring tool
that detects
website
defacement
Product Detect
Visualping Website area
that wants to be
Product Detect and
prevent

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7NETWORK SECURITY
monitored can
be done by the
use of visual
ping.
WebOrion tool Monitoring
service that
offers content,
visual change
and integrity
monitoring
Product Prevent and
detect
Wachete tool Monitors entire
website or a
particular area
every 24 hours
Product Prevent
Theft of
equipment
Providing theft
indicator to each
equipment
This will give an
alarm when
equipment is
stolen.
Physical Detect
Keeping record
of all equipment
Recording
details of each
equipment will
help to identify
equipment that
Physical Detect and
prevent