Professional Documents
Culture Documents
Perform a study on the IT department, how it works, and the information security operations. The project report should address the following queries. 1. What kind of services do they offer? Web Application Development ( developing and maintaining web services for their clients. 2. What is the security model adopted by the organization? Economic Co-operation and Development's (OECD) Guidelines Multi Level Policy Recommended by DoD . Availability - Prevention of loss of access to resources and data
Integrity Prevention of unauthorized modification of data Access permissions are defined through an access control matrix and through a partial ordering of security levels-BLP Model
Security policies prevent information flowing downwards from a high security level to a low security level.
The company is using OSI Model and using IP as network layer protocol
Network Topology STAR Topology All sites connected through a central site.
Name Resolution Naming systems in the network. Address messages with the process-id. Identify processes on remote systems by < hostname, identifier > pair. Domain name service -- specifies the naming structure of the hosts, as well as name to address resolution ( internet
Routing Static Routing Adding static route to a remote network. No dynamic routing is used.
Users aware of multiplicity of machines Access to remote resources similar to access to local resources Data Migration transfer data by transferring entire file, or transferring only those portions of the file necessary for the immediate task Computation Migration transfer the computation, rather than the data, across the system
4. Have they developed a security system on their own or was it outsourced? Why? Outsourced.Due to huge salary of security experts. 5. Which security concepts (if any) appear to be missing from the organization? Authenticity The identification and assurance of the origin of information Physical Security(mainly vulnerable for tailgating) Vulnerable for official Engineering attacks
6. Prepare a report on the various IT security issues that the organization comes across? Disgruntled employees : Stupid theories of Project Managers, creating frustrated employees. A very serious issue. Inside hacker Tailgating Purchase Manager has not given permission for buying security devices like dom camera , Bio-Metric devices etc.Chance for Inside affiliate Malicious activities Technically unaware Mangers are not giving permissions for applying strict policies and overriding the security policies for the ease of use.
7. How is it dealt with? They fired the disgruntled employee and reported police about the tailgating incident.
8. What are the physical, logical and operations security measures adopted by the organization? RFID, CCTV, strong datacenter Deep packet inspection, statefull inspection, digital signatures, multi factorial authentications, packet logger 9. List out the threats, risks and vulnerabilities the organization faced Earlier
Web surfing by employees(porn sites, social engineering sites, malware sites etc) Caused threat infection inside the company. Data theft.
at present.
Criminal hackers may attack . Increasing number of disgruntled employees 10.List out their plans to overcome it? IT team is planning to introduce more strong security policies and focusing on physical security and Logging of all lan and wan activities. 11.What are the various levels of identification, authentication and authorizations followed in the organization?
Identification
A user name, account no and digital signature Authentication Password,One time password,Acees cards(RFID, not Bi-metric) Authorization
12.Do they follow any cryptographic techniques? Explain. Public key cryptography It uses one key encryption and another key for decrypotion One key is designed as public and is open to public and another key is private key Hashing It uses a mathematical transformation to irreversibly encrypt information. Eg: MD5 13.Perform cost-benefits analysis on the amount spent on information security. 14.Has there been an occurrence of any computer crime in the organization? If any, how did the organization deal with it? Comment on whether it was the apt way for dealing with the crime. An, employee sent the project details to another company using Image steganography .(Hiding datas on an image as noise) .An independent forensic examiner figured it out and management fired the employee Comments The Management should educate the employees about cyber laws. And should enquire about the reasons behind these crimes. 15.What has the organization done in response to the above crimes? management fired the employee 16.With reference to the IT Act of India and the US Federal Computer Crime Laws, list out the punishments for the above crimes. 6 years of imprisonment 17.What are the tools and techniques to determine the culprits?
The forensic examiner used caine live forensic operating system E-mail tracker technology and reverse steganography. 18.Are there security controls that you would expect to be there but are not? Yes, since the company is trying for ISO 27001 certification, all the security devices are there like, Deep packet inspection firewall, statefull inspection firewalls, strong passwords, encryption, access control. But stupid Management is not maintaing the policies .