IT Security: Risk Management Report - Semester 1, University Name

Verified

Added on 2020/02/19

AI Summary

This report delves into the critical aspects of IT security and risk management, focusing on protecting network devices from various threats. The report begins by outlining the essential steps required to determine the necessary network devices for an organization, considering factors such as existing infrastructure, budgetary constraints, and application requirements. It then transitions to the crucial topic of countermeasures, detailing several methods to secure the network. These methods include protecting against SQL injections, implementing strong password policies, deploying anti-phishing software, educating employees on security best practices, encrypting sensitive data, enabling security ports, installing antivirus software, utilizing tools to detect and prevent threats like Trojan horses, and implementing firewalls. The report references several key sources to support its findings, providing a comprehensive overview of IT security practices.

Running head: IT SECURITY: RISK MANAGEMENT
IT Security: Risk Management
Name of the Student
Name of the University
Author’s note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
IT SECURITY: RISK MANAGEMENT
Table of Contents
Answer 1..............................................................................................................................2
Answer 2..............................................................................................................................3
References............................................................................................................................5

2
IT SECURITY: RISK MANAGEMENT
Answer 1:
The goals of the organization need to be found out to determine the required network
devices. The capability of the network needs to be determined. The design of the network will
be based on the availability of application and the budget of the organization. The network
devices required by an organization can be found out by following certain steps.
 The present infrastructure of the network needs to be determined.
 The existing limitations of the organization need to be determined. Any kind of physical
constraint needs to be taken into account.
 The number of networked devices needs to be found out.
 The type of network applications and the bandwidth need about the users need to be
identified (Kim & Feamster, 2013).
 The total amount of money that the organization can invest behind the network devices
need to be planned and a proper budget needs to be calculated.
 In case of any change in the technological infrastructure there will be different needs for
the networking of the organization.
 Selection of vendors must be done on the basis of implementation of local area as well as
wide area network.
 Decisions regarding the cables used for networking needs to taken. There are certain
choices like coaxial cable, optical fiber, twisted pair cable or it can also be a wireless
network (Hecht, 2015).
 Addressing protocols need to be determined and understood clearly for proper
functioning of the network. The MAC address needs to be understood and selected.

3
IT SECURITY: RISK MANAGEMENT
Answer 2
Several countermeasures can be taken in order to protect the network devices of the
organization. They are as follows:
 The SQL injections must be protected and the databases connections should have
fewer privileges.
 Strong passwords must be set to protect the system.
 Anti phishing software must be deployed to detect and prevent any type of
phishing attack.
 Social engineering needs to be curtailed through the training of employees and
making them aware of the security policies and password policies. Information
must be classified under several categories.
 Encryption is a strong security measure that can be taken in order to protect the
network of the organization in a secured manner (Stallings & Tahiliani, 2014).
 The security ports of a large network need to be enabled.
 Antivirus software can also be installed in all the devices from protecting against
any virus or malware attacks.
 Ethereal tools can be used to detect Trojan horse attack in the activities of the
network.
 The organization can also use tools to protect them from any type of spam.
 The overflow of buffer can be prevented in order to protect the organizational
network. This can be done by disabling the stack execution and adopting efficient
techniques.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4
IT SECURITY: RISK MANAGEMENT
 The patches in the network need to be managed by verifying and testing.
 Implementation of firewall can be considered to be one of the best methods of
securing the network of an organization (Perlman, Kaufman & Speciner, 2016). It
can detect and prevent the entry of any harmful traffic.

5
IT SECURITY: RISK MANAGEMENT
References
Stallings, W., & Tahiliani, M. P. (2014). Cryptography and network security: principles and
practice (Vol. 6). London: Pearson.
Perlman, R., Kaufman, C., & Speciner, M. (2016). Network security: private communication in
a public world. Pearson Education India.
Kim, H., & Feamster, N. (2013). Improving network management with software defined
networking. IEEE Communications Magazine, 51(2), 114-119.
Hecht, J. (2015). Understanding fiber optics. Jeff Hecht.