CLO2A 

TOTAL /40

DEPARTMENT OF INFORMATION AND COMMUNICATION TECHNOLOGY

COURSEWORK ASSESSMENT (SESSION : JUNE 2020)

DFT 20083 : SECURITY BASIC & IT PROFESSIONAL

REPORT : SECURITY TROUBLESHOOTING AND SOLUTION

LECTURER NAME : PUAN SHAFINAZ BINTI MOHD FAUZI

NAME MATRIC NUMBER CLASS

REENA SREE MURELITHIRAN 21DDT19F1167 DDT3G

RUBBINI KUMARAN 21DDT19F1201 DDT3G

SHASMITAA A/P SUKUMARRAN 21DDT19F1147 DDT3G

TABLE OF CONTENT

NO                             TITLE PAGE
.

1. Cover Page 1

2. Table of Content 2

3. Synopsis of the Project 3

4. usernames, passwords, file and folder permission policies and procedure 4-5

i. the probable causes

ii. any possible solutions (include steps / configurations)

iii. expected results

5. Apply protecting data that helps against unauthorized use, while maintaining access 6
for authorized users

i. the probable causes

i. any possible solutions (include steps / configurations)

ii. expected results

6. How an encryption can protect data from being altered 6

i. the probable causes

ii. any possible solutions (include steps / configurations)

iii. expected results

7. How malicious software protection programs can protect against intrusions 7

i. the probable causes

ii. any possible solutions (include steps / configurations)

iii. expected results

8. Budget Plan 7

9. Summarization of the Project 8

Synopsis of the Project

Meaning of TROUBLESHOOTING

Troubleshooting is the process of identifying, locating and correcting problems that occur. There are
three main phase in troubleshooting:

•Identify Problem

•Diagnose Problem

•Solve the Problem

There are 6 Basics Steps in Troubleshooting:

Step 1 : Identify the problem

Step 2 : Establish a theory of probable causes

Step 3 : Test the Theory to Determine cause

Step 4 : Establish a Plan of Action to Resolve the Problem Implement the Solution

Step 5 : Verify Full System Functionality Implement Preventative Measures

Step 6 : Document Findings, Actions, and Outcomes

Based on Task Requirement

Based on the scenario above, discuss on any related security requirements to be implemented, such
as:

1. Usernames, passwords, file and folder permission policies and procedure

A username and password are pieces of information that users need to log on to a computer.
Username are not case sensitive.
There are 8 requirements for password. Every password has the mixture alphanumeric and special
characters. There are two types of password length. Minimum length which has 8 characters and
maximum length which has 14 characters.

Username

Probable Username hack by hacker

cause
Possible  Avoid from utilizing email address with your name
solution  Never use (phone number, address, your name, birthday month) to use
as your username
 Your username must be anything but difficult to recall and difficult to be
surmise
 Try not to utilize your name as username

Example of username: twinkleace

Original name: twinkle just added ace
Result Hackers can only with significant effort hack

Password

Probable Some business data/file labelled as “sensitive” and “confidential” has been found
cause published on the Internet
Possible  Do not use your personal information such as birthday date,
solution account number or a person’s name 
 Password must be 8 to 14 characters in length
 Do not use a word that would be in the dictionary or letters that are
sequential on a keyboard
 Require to use mix character such as numbers/letters and
uppercase/lowercase

Example of password : egVthj01#

Result Some business data/file labelled as “sensitive” and “confidential” has been  not
found published on the Internet
File and folder permission policies and procedure

Probable Staff A can’t access file “JTMK”

cause
Possible
solution 1.Navigate to the folder/file you want to encrypt.
2.Right click on the item. Click Properties, then click the Advanced button

3.Check Encrypt contents to secure data.

4.Click OK, then Apply.
5.Windows then asks whether you wish to encrypt the file only, or its parent folder and all
the files within it as well. We recommend you opt for full folder encryption, just to be on the
safe side.
6.Now, once you navigate to the encrypted folder, you will see a small yellow lock on the
file icon. Also, when you add new content to that folder, it will automatically be encrypted
too.

How to set Permission :

1. Go to Computer Configuration > Policies >Windows Settings >Security Settings and

right-click File System> Add File.
2. The 'Add a file or folder' dialog box will display.
3. Locate the folder or file you want to assign permissions to and click on it.
4. Now press OK.

Result : Staff A able to access the file/folder by changing the setting

2. Apply protecting data that helps against unauthorized use, while maintaining access for authorized
users

Probable Some business data/file labelled as “sensitive” and “confidential” has been found
cause published on the Internet

Possible 1. Determines which users are authorized to read, modify, add, and/or delete
solution information
2. Limit access to confidential information to only those employees who have
a "need to know"
3. Train employees on the importance of document security
4. Hard copies of documents should be kept locked, and electronic copies
should be password protected
5. IP Whitelisting
 Looks at the user’s IP address and compares it to a list of “allowed” IP
addresses to see if this device is authorized to access the account.

Expected Finally, the unauthorized user can’t use the company data and at the same time
results only the authorized user can access the company data.

3.How an encryption can protect data from being altered

Encryption is the process of encoding messages or information in such a way that only authorized
parties can access it. Encryption protects data by converting it into a cipher, rendering it unreadable
without the proper encryption key. In addition, encryption can be used to identify the origin of data and
determine if it has been altered. Encryption of sensitive data can be an effective way for a business to
reduce its data breach risks. Encryption can be a “safe harbour,” that can limit your exposure to
breach notification laws when unauthorized individuals gain access to your data.

Probable Data breach

cause  exposes confidential, or protected information to an unauthorized person
Possible •All database backups must be encrypted
solution •All computer source code must be exported, encrypted and archived monthly
•All data pushed into cloud storage must be encrypted

Expected Whenever data is encrypted, it reduces the potential value of the data. When the value
results is reduced, the likelihood of a thief taking the data is less; that is called risk mitigation.
4.How malicious software protection programs can protect against intrusions
Malicious Software refers to any malicious program that causes harm to a computer system or
network. Malicious Malware Software attacks a computer or network in the form of viruses, worms,
trojans, spyware, adware or rootkits.

Probable A number of malicious intrusions to the company network have been detected 
cause
Possible  Only Use Trusted Antivirus and Malware Software
solution  Always Update Your Operating System
 Stay Up-to-Date on the Latest Attacks

Expected Your security and ensure that your computer runs as fast as it should and also the
results company information will be safe.

Budget plan

Software application Per unit price Total Total coast

(RM) unit (RM)
Avast Antivirus Pro 24.80 25 620
Anti-DDoS 33.50 25 837.5
Cloud security 28.90 25 722.5
Total  RM2,180
Summarization and Suggestion of the Project

As the Internet grows, so does the possibility of illegal activities. These activities can range from
denial-of-service attacks to the compromising of propriety data. Many products have been developed
to protect networks.

Network security deals with aspects like: prevention of unauthorized access, termination of misuse
and denial of service problem. Security may be referred as complementing the factors like:
confidentiality, integrity and availability (CIA). If you are thinking that this is it, you are absolutely
wrong.

Firewalls were the first security products introduced to prevent unauthorized entry into the protected
network. They allow network access only to specifically configured protocols and network objects.
Next came intrusion-detection software products. These products track authorized traffic permitted by
the firewall, while searching for unauthorized activity such as hacking attempts or denial-of-service
attacks. Finally there was scanning software, which allowed administrators to detect security
vulnerabilities in their network design.

Troubleshooting is a systematic approach to problem solving that is often used to find and correct
issues with complex machines, electronics, computers and software systems. Troubleshooting
security systems really isn’t that difficult as long as you are equipped with the right information.

References