Brandon Ward Multi-Layered Security Plan NT2580: Introduction to Information Security 2/22/2014 DeVon Carter One of the most susceptible assets to any company is its email system. Email is a critical communications tool for any business and is also a prime canal for malicious code. Emails, while in transit are in plain text, meaning anyone who has access to the network will be able to read any email sent, received and stored. Implementing a variety of security technologies will assist us in preventing such code from infecting our network. I would implement firewalls, cryptography, antispyware, antivirus, and content filtering.
Case Study Week 1 Katherine Vega DeVry University SEC 280 Ahmed Azam November 4, 2012 Ping Sweeps and Port scans are related programs or tools, called network probes, which allows a person to not only gain access to online computers, but also to determine what services are being run on them furthermore to get an edge on compromising information. This network probes aren’t inherently malicious on their own as they are used by network administrators for the aforementioned diagnostics, however in the wrong hands they could pose a security threat. This is not meant to cause fear but to bring about awareness to computer users. As the programs are most commonly used for network diagnostic and determining other network problems. To begin
This helps with secure VPN and Internet traffic through the ASA 5510 VPN Router. The VPN is able to locate in a specific area where the malicious attack is coming from and which employee has done it. There is remote access to the Patton-Fuller network but it is secure and only personal that has been authorized accesses it.
Derek Brunson CISM 3330-03 Plug IT In 6 Discussion Questions 1. | Why is it so important for you to protect your information assets? Can you assume that your organization's MIS department will do it for you? It is important to protect your information assets by behavioral actions and computer-based actions. I can assume that my organization MIS department will do it for me because they would identify issues and problems and promote to employees how to protect their assets that might be vulnerable to theft in the outside world.
Without such a tool in place an attacker will use the unpatched device or software to gain access and manipulate the network how they please. 2. Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers – establishing and ensuring that proper security configurations are always in use on your operating system will keep new devices safe from outside attacks. Updating these configurations on a regular basis will also ensure that all devices connected to the system are properly secure and not an open back door for unauthorized entry. Always conduct updates and implementation of configurations on a secure channel to avoid channel sniffing.
Two basic approaches are used in deliberate attacks on computer systems: data tampering and programming attack. Data tampering is a common means of attack that refers to an attack when someone enters false, fabricated or fraudulent data into a computer or changes or deletes existing data. This is the method often used by insiders and fraudsters and is extremely serious because it may not be detected. Programming attacks are popular with computer criminals that use programming techniques to modify other computer programs. For these types of crimes, programming skill and knowledge of the targeted systems are needed.
A SYN flood is characterized by the brute force transmission of requests for access to the target network, with the aim of overwhelming its capacity to receive them. 2. Computerized information is so tightly bound within the fabric of our society that its trustworthiness and availability has to be assured in order for our basic social functions to operate properly. 3. There is general agreement about what legitimately constitutes the right set of actions to deter hostile activity in cyberspace.
Network Management has to do with a number of things including security, but mostly network hardware and connectivity or cabling. Storage Management will involve keeping up with daily backups and securing the company’s information across the network, including management of email services and data management. In Closing, Investments in infrastructure management have the largest single impact on an organizations revenue. That being said, it’s vitally important for companies to have a forward thinking plan for the future of their business with clearly defined goals and a yearly budget that allows for changes in technology and a means to train its workforce. References: (n.d.).
BUSINESS CONTINUITY The purpose of a business continuity plan is to counteract interruptions to business activities and to protect critical business processes from the effects of major and long term failures of information systems or physical disaster to the work place and to resume a normal working fashion in a timely manner. A business continuity management process will be established to minimize the impact on Department of Homeland Security and recover from loss of information and physical assets to an with the use of preventive and recovery
Increased frequency of backups and replication to better mirror data and enabling a more seamless failover to redundant data centers. And access to business applications from anywhere and any devices to ensure business continuity. Designing for availability is about anticipating, detecting, and automatically resolving hardware or software failures before they result in service errors, event faults, or data corruption, thereby minimizing downtime. The technology part of the solution requires multiple routes to application services and data. The operational part of the solution is to use only tested, proven processes to support the application throughout its entire lifecycle.