Security Plan

trade protection Plan Scenario Widget W arho ingestion is a medium sized e-commerce company that supports 200 customers daily. The student has been hired to assist in the development of a new security policy. An assignment has been received to analyse the current profits of Widget Warehouse. The Widget Warehouse meshing is comprised of an intranet with 200 users, and a public Web server that processes the company e-commerce traffic. The internal network is logically divided into an learning technology (IT) department branch, an accounting branch, a customer supporter branch, a sales branch, and an inventory branch. pace 1 Create a angle of inclination of various attack intrudersa. The IT department for Widget Warehouse has a command actualizeing of security but they are very inexperienced with the various attacks an intruder squirt use to exploit their network resources. Create a list of various attacks intruders can use maliciously a get aheadst the Widget Warehouse network . Also, leave a brief description of possible attacks, including their purpose. Attack Name Attack interpretation Brute force attack This attack uses a specific character set (such as A-Z, 0-9) and computes the hash for every possible password made up of those characters. Eavesdropping When an assaulter is eavesdropping on our communications, it is referred to as sniffing or snooping. The ability of an eavesdropper to monitor the network is generally the biggest security problem that administrators face in an enterprise. Without strong encryption work that are based on cryptography, our selective information can be read by others as it traverses the network. Denial-of-Service Attack The denial-of-service attack prevents normal use of your calculator or network by valid users. After gaining access to the network the assailant can send invalid data to applications or network services, which causes abnormal marches or behaviour of the applications or services, attacker can flood a computer or the entire network with traffic until a shutd take occurs because of the overload, attacker can Block traffic, which may result in loss of access our network resources by the users. Data Modification After an attacker has read our data, the adjoining logical step is to alter it. An attacker can modify the data in the packet without the k straightawayledge of the sender or receiver. Even if we do non require undercoverity for all communications or we do not want any of the messages to be modified in transit. For example, if one is exchanging purchase requisitions, he does not want the items, amounts, or billing information to be modified. Identity Spoofing (IP Address Spoofing) Most networks and operating systems use the IP address of a computer to order a valid entity. In certain cases, it is possible for an IP address to be falsely assumed identity spoofing. An attacker might also use special programs to construct IP packets that appear to originate from valid a ddresses privileged the corporate intranet. After gaining access to the network with a valid IP address, the attacker can modify, reroute, or delete your data. Password-Based Attacks A common denominator of most operating system and network security plans is password-based access control. Thus the access rights to a computer and network resources are determined by the person, the user name and the password. Older applications do not always protect identity information as it is passed by dint of the network for validation. This might allow an eavesdropper to gain access to the network by posing as a valid user.Sniffer Attack A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunnelled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key. M an-in-the-Middle Attack The man-in-the-middle attack occurs when someone mingled with you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. For example, the attacker can re-route a data exchange. When computers are communicating at low levels of the network layer, the computers might not be able to determine with whom they are exchanging data. Trojan horses and worms Trojan horses are often associated with viruses which are they are dangerous programs that masquerade as benign programs. Step 2 Make a List of Security Requirementsa. One of the first travel in creating a security policy is assemblage the requirements for the company. Create a list of questions to ask the Widget Warehouse executives, in order to better understand their security requirements and business goals. 1. Widget Warehouse requirements a) What are the specifications required for the network operation? b) What access controls are needed to be applied on the users? c) Which departments are needed to be inter come toed? d) What are the login policies and to which outcome are they needed to be applied? (day, time range etc) e) A list of various applications which are required for the different branches? f) To what extent the policies are to be applied on the users? g) How group policies should be applied on the server which allows the users to access information? h) What are the policies to be implied on the web access? i) Specifications of level policies to all the users? j) What are the password policies needed to be applied on the users?Step 3 Identify Security Implementation Options a. Based on the questions, it is find that mission-critical information is passed between remote departments in the company over the LAN and the lucre. What security implementation could be used to keep this information out of unlicensed hands? Provide a brief explanation with each answer. Company will have the informatio n about(predicate) their employees, customers, products, sales, and financial status. Most of this information is now collected, processed and stored on electronic computers and transmitted across networks to other computers. Should confidential information about businesses customers or finances or new product delineate fall into the hands of a competitor, such a breach of security could lead to lost business, law suits or even bankruptcy of the business. Protecting confidential information is a business requirement, and in many cases also an ethical and legal requirement. In the company one department is needed to access the information of another department. We should maintain a firewall to the server. And we have to give the access between the departments where it is required.AuthorizationAuthorization addresses the question what can you do? It is the process that governs the resources and operations that the documented client is permitted to access. Resources include files, da tabases, tables, rows, and so on, together with system-level resources such as registry keys and configuration data. Operations include performing transactions such as buy a product, transferring money from one account to another, or increasing a customers credit rating.Virtual Private Network VPNOne of the most important solutions to viruses and hackers threats is VPN 4 that makes the network between companies and users secured it is also authenticated and encrypted for security. VPNs provide the ability for two offices to communicate with each other in such a way that it looks like theyre directly connected over a private leased line. Basically, a VPN is a private network that uses a public network usually the Internet to connect remote sites or users together. Instead of victimization a dedicated, real world connection such as leased line, a VPN 11 uses virtual connections routed through the Internet from the companys private network to the remote site or employee.IPSecIPSec 3 i s defined as a set of standards that verifies, authenticates, and encrypts data at the IP packet level. It is used to provide data security for network transmissions. IPSec is a suite of protocols that allows secure, encrypted communication between two computers over an unsecured network. It has two goals to protect IP packets, and to provide a defense against network attacks.Step 4 Create a Description of the Security Wheel a. The Widget Warehouse executives do not completely understand the continual process of security. They appear to be under the impression that once a security policy is implemented it will be sufficient for an elongated period of time. Create a description of the security wheel and discuss the benefits of such a model. Sol The network security wheel is a methodology of how the network security of an enterprise is maintained. Here the notion of wheel is a depiction that says that network security is a continuous process. In other words, in order to keep the whe el rolling have a continual security policy, the security engineers in an enterprise should always maintain four steps Step Name Step Description 1. Secure We have to secure our networks. This is the step where we implement our security solutions in the enterprise. Firewalls, authentication, encryption are included in this step 2. Monitor This is the step where we monitor our security solutions implemented in the previous step. We should monitor if a security breach exists. We can think about IDS or IPS in this stage. This step can also be used to validate our security solutions. 3. Test This is the step where the security engineers/specialists try to break their own security solutions. We can think of this step as penetration testers kind of job. 4. Improve This step is a continuation of the previous step. Once we find a breach or something that hinders employees productivity, then we can improve it here. This step may also be a good place to change our security policies.Step 5 P assive Monitoring a. The management of Widget Warehouse wishes to see some of the available options in security monitoring. As the consultant, suggest that a passive monitoring scheme may be an option they should pursue. Write a description of passive monitoring that is to be presented to Widget Warehouse management. Sol Security monitoring focuses on the activities and condition of network traffic and network hosts. Activity monitoring is primarily performed to assess policy compliance, identify non-compliance with the institutions policies, and identify intrusions and support an strong intrusion response. Because activity monitoring is typically an operational procedure performed over time, it is capable of providing continual assurance. Through passive monitoring, a security admin can gain a thorough understanding of the networks topology what services are available, what operating systems are in use, and what vulnerabilities may be exposed on the network. Much of this data can be gathered in an automated, non-intrusive manner through the use of standard tools,Step 6 Explain Using a Security insurance policy a. Explain to the IT Department how using a security policy can provide advantages to the company as a way to secure sensitive information. 1. ontogeny a security policy. By using a security policy, we can achieve confidentiality, integrity and availability over the network. The security policy addresses constraints on functions and emanate among them, constraints on access by external systems and adversaries including programs and access to data by the users of different branches. Information will be protected against unauthorised access. By using access control lists and password policies, certain important data can be protected from unauthorised users. All breaches of Information Security, actual or suspected, can be reported and investigated. Retaining confidential and proprietary information. Securing applications Assuring standardiz ation and consistency At the network level, we can minimise the spread and impact of harmful worms and viruses. rail line requirements for the availability of information and information systems will be met.