Comprehensive Report: Web Browsing Policy and 4Phones System Security

Verified

Added on 2019/10/18

AI Summary

This report delves into the intricacies of web browsing policies and the security aspects of the 4Phones system. It begins by outlining permissible and prohibited online activities, including the use of plugins, cookies, and downloads, while also addressing personal use limitations. The report then analyzes potential threats to the 4Phones system, focusing on its IT infrastructure, including server, client, and network management. It highlights risks associated with the increasing sophistication of security threats, the importance of user privacy, and the need for effective infrastructure management. Furthermore, the report details the security controls implemented, such as virtual environments and automated disk encryption, and emphasizes the significance of user training and application analysis. It also provides a preventive maintenance checklist and discusses various monitoring tools and procedures, including real-time network monitoring, risk review procedures, and management review processes. Finally, the report addresses the concept of an "independent" security audit, explaining its benefits in identifying infrastructure problems and providing transparent product evaluations, with references to relevant literature.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Web Browsing Policy

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Task 2 :
Part 1.
1) Plug-ins can do
1.1 Activex can do
1.2 Java can do
1.3 Javascript can do
2) Prohibited sites cannot do
3) Cookies can do
4) Downloads can do ( using security)
5) Personal use web browsing can do (when work & culture is not effected)
5.1 Online banking can do
5.2 Online purchasing can do
5.3 Online selling can do
5.3.a Online advertising can do ( with few restrictions)
5.3.b Online soliciting cannot do
5.3.c If they dont harm society or person at any level then according to that basis they are permitted
or restricted.
6) Changing browser setting cannot do
7) Browser patches can do
8) Using secure sites can do
9) Browser parasites cannot do
10) Using private data cannot do
11) Using web links can do
12) Home page configuration can do

Task 3 :
Threats to the 4Phones system
As we see that when any type of business rise and evolve, then they need to develop their already
existing system as well as need to upgrade their system. As 4phones system size increases then it
makes sure that it will run in an effective manner. To get this it is very important to know about the
component used in the making of 4phones system IT infrastructure and always keep an eye on those
component /tools availability and their performance.
1) 4phones system mainly designed to manage the servers, client and other tools to control the
system in a proper way. Topology mainly depend upon operational management product. 4Phones
system mainly uses 3-tier system topology where system configuration, management of servers and
client seperately.
This is mainly used for largescale system which is managed centrally. In this two lan are used for
web-based admin view of the 4phones system.
2) There are different types of information system and 4phones system have all of them. Like
following picture shows the various level of organization.

3) 4phones system uses many graphical user interface , applications and mobile web browser for
interaction of user with their system. While it is very easy to monitor IT infrastructure manually like
the small infrastructure of the network, at the same time keep an eye on large infrastructure is a
more costly and time-consuming process. Due to this, there are so many IT infrastructure
monitoring tools developed to help with monitoring large infrastructure with facilities like error
reporting, automatic performance checking, and alert notifications.
4phones system risks
1) The increasing growth of information system security threats and attacks nowadays demands a
new critical infrastructure which has control and command system. In current time selecting the
best monitoring tools became very tough. Considering your own requirements before going for one
is always the best choice for the user.
2) Most of the system component want to use the applications in a different way so that they can
easily do their work with more accuracy and security. Infrastructure management covers security
risk areas like network management, system management, and storage management.
3) When human interact with system then there is a high level of privacy concern among the
users.due to this these 4phones system assured their users that information is shared with others
only after their permissions. Companies which rely more on human interaction with system often
face these mistakes: Sometimes they use these things to answer meaningless questions.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4phones security control
1) 4phones IT infrastructure is shielded virtual environment which provides encryption support due
to which it makes the virtual server more protected than its previous one. So yes it can manage the
security risks.
2) Its infrastructure now consists with automated disk encryption as well as capacities to replace all
the nonshielded virtual servers into the shielded virtual server which provide more security to the IT
infrastructure.
3) I would like to implement 4phone systems with upgraded solution so it can analyze the currently
existing applications and also the needs of a new applications which is important to the company.
4) User training is important when any enterprise develop or upgarde their system to make it more
user friendly for the future.
5) yes, analysis of user requirement in development of 4phones system applications.
6) Because,by doing this they easily find out what new applications and other related things are
required to sure that the new features of the company fully supports the current and future
requirements of the end user.
Preventive maintainance checklist
1) The design of 4phones system IT Infrastructure mainly depends upon the present and future
demands of the business to ensure the development of the company by implementing the right
technology. So there are mainy checklist for preventive measures taken by the company to remove
the security threats. Virtualized infrastructure of any system needs a very specific type of
monitoring.
2) Preventive maintainance of 4phone system maintains, analyze, and control the performance of
4phones applications according to the user requirements. It covers from server admin to the end
user and everything which connect all the IT infrastructure for good and bad purpose at the same
time. So regular update on daily basis of preventive measures make 4phones more secure and user
friendly.
Monitor system tools and procedure
1) An effective approach of 4phones system towards real-time network monitoring increases the
awareness about any network situation and alert for upcoming threats. So re-evaluation of security
makes 4phones system more aware about current security risks.
2) In 4phones system there is risk review procedure which is highly distributed scalable monitoring
applications for 4phones system IT infrastructure. It provides a high quality review of network
infrastructure management and network monitoring application.
3) Management review process is a model for enabling 4phones applications more easy and user-
friendly on-demand or services which they have continuously released with less effort and
interaction with the service provider.

4) 4Phones system risk analysis helps in monitoring the performance of the system applications
between various type of IoT resources across the internet in real time. It helps the network
administrator to troubleshoot and find out the delay network, data loss, as well as network
performance. By doing this 4phones system easily find out what new threats and its solution for
their end user.
what is meant by and “independent” security audit? Give at least two reasons why an
independent security benchmarks can be useful”
Independent security audit to keep all the program in track as well as decrease the tension of formal
audits of the system. It helps in fulfilling an important role to make sure that all the procedures and
policies are follow according to the business standards and legislation or not. To make audit
impartial it is necessary to involve people who is independent from the specific business enterprise.
By discussing the basic requirements and problems of the current technology with the user, the
engineer can easily plan the quality infrastructure design of this software. Due to which they
benefitted both technically and financially to the industry.
Reasons why using an independent security benchmark can be useful
Independent security check accurately identify problems in the infrastructure without doing any
partiality. It provides solid proofs of product effectiveness. To make their products more transparent
to their vendors and customers it is very necessary to opt independent security benchmark. This
method offers best results. On the product level, the quality is measured by its reliability and
durability. Perceived quality is also termed as the quality impression which consists of robustness,
finish, comfort and the overall functionality of the infrastructure.
References
N. Anerousis, An architecture for building scaleable, Web-based management services, Journal of
Network and Systems Management, Vol. 7, No. 1, pp. 73-104, March 1999.
Dierx, Peter (30 March 2016). "A Beginner's Guide to npm — the Node Package Manager".
sitepoint. Retrieved 22 July 2016.
Cisco Systems, " Simple Network Management Protocol", Internetworking Technologies
Handbook, Chpt 56, 1992–2006
T. Berners-Lee, R. Cailliau, J. Groff, and B. Pollermann, World-Wide Web: The Information
Universe, Electronic Networking, Vol. 1, No. 2, pp. 52-58, Spring 1992
S. Kaisler, F. Armour, J. A. Espinosa, and W. Money, (2013) “Big data: issues and challenges
moving forward,” in Proceedings of the IEEE 46th Annual Hawaii International Conference on
System Sciences (HICSS '13), pp. 995–1004
3.K. Fatema et al., “A Survey of Cloud Monitoring Tools: Taxonomy, Capabilities and
Objectives,”J. Parallel and Distributed Computing, vol. 74, no. 10, 2014, pp. 2918–2933.
N. Anerousis, An architecture for building scaleable, Web-based management services, Journal of
Network and Systems Management, Vol. 7, No. 1, pp. 73-104, March 1999.

J. Kowall and W. Cappelli, Magic Quadrant for Application Performance Monitoring, Gartner,
Oct.2014
Jindal, Kriti (9 February 2016)."Introducing Server management tools".Nano Server Blog.
Microsoft.
Cisco Systems, " Simple Network Management Protocol", Internetworking Technologies
Handbook, Chpt 56, 1992–2006
T. Berners-Lee, R. Cailliau, J. Groff, and B. Pollermann, World-Wide Web: The Information
Universe, Electronic Networking, Vol. 1, No. 2, pp. 52-58, Spring 1992
R. Talpade, G. Kim, and S. Khurana, “NOMAD: traffic-based network monitoring framework for
anomaly detection,” IEEE International Symposium on Computers and Communications vol. 9,
Morristown, NJ, August 2002.
L. Chang, W.L. Chan, J. Chang, P. Ting, M. Netrakanti, “A network status monitoring system using
personal computer,” presented at IEEE Global Telecommunications Conference, August 2002.