ASSIGNMENT FRONT SHEET

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit 5: Security

Submission date Date Received 1st submission

Re-submission Date Date Received 2nd submission

Student Name Nguyen Van Manh Student ID BHAF200048

Class PBIT17101 Assessor name Le Van Thuan

Student declaration

I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that
making a false declaration is a form of malpractice.

Student’s signature

Grading grid

P1 P2 P3 P4 M1 M2 D1
❒ Summative Feedback: ❒ Resubmission Feedback:

Grade: Assessor Signature: Date:

Signature & Date:
Table of Contents
INTRODUCTION....................................................................................................................................................................................................5
P1. IDENTIFY TYPES OF SECURITY RISKS TO ORGANIZATIONS.........................................................................................................5
I. Malwares........................................................................................................................................................................................................6
1. Definition.................................................................................................................................................................................................................... 7
2. How to Malware work............................................................................................................................................................................................... 7
3. Types of Malware:..................................................................................................................................................................................................... 8
4. How to prevent malwave........................................................................................................................................................................................... 9
II. Social Engeering Attacks............................................................................................................................................................................14
1. Definition.................................................................................................................................................................................................................. 14
2. How does social engineering work?........................................................................................................................................................................ 14
3. Types of social engineering attacks......................................................................................................................................................................... 16
III. Web Applications Attacks...........................................................................................................................................................................18
1. Web Application Attack.......................................................................................................................................................................................... 18
2. How Do Web Applications Work?.......................................................................................................................................................................... 19
3. Types of Web Application Attacks.......................................................................................................................................................................... 21
IV. Networking Based Attacks..........................................................................................................................................................................22
1. Definition.................................................................................................................................................................................................................. 22
2. Common Types of Network Attacks....................................................................................................................................................................... 23
Example Of A Recently Publicized Security Breach.......................................................................................................................................23
P2. ORGANISATIONAL SECURITY PROCEDURES....................................................................................................................................26
I. Definition......................................................................................................................................................................................................26
 II. Purpose of Security Procedure...................................................................................................................................................................26
III. Security Procedures that an organization should adopt..........................................................................................................................27
P3. IDENTIFY THE POTENTIAL IMPACT TO IT SECURITY OF INCORRECT CONFIGURATION OF FIREWALL POLICIES
AND IDS..................................................................................................................................................................................................................27
I. IDS.................................................................................................................................................................................................................27
1. Definition.................................................................................................................................................................................................................. 28
2. How does a IDS work?............................................................................................................................................................................................. 29
3. Benefits of IDS.......................................................................................................................................................................................................... 29
II. Firewalls........................................................................................................................................................................................................29
1. Definition.................................................................................................................................................................................................................. 29
2. Types of Firewalls.................................................................................................................................................................................................... 30
3. Benefits of Firewalls................................................................................................................................................................................................. 30
III. Potential security risk if policies are misconfigured on Firewall............................................................................................................32
P4. HOW DIFFERENT TECHNIQUES CAN BE IMPLEMENTED TO IMPROVE NETWORK SECURITY.......................................32
I. DMZ..............................................................................................................................................................................................................32
1. Definition.................................................................................................................................................................................................................. 32
2. How to DMZ work................................................................................................................................................................................................... 32
II. Static IP.........................................................................................................................................................................................................33
1. Definition.................................................................................................................................................................................................................. 34
2. How to Static IP work.............................................................................................................................................................................................. 34
III. NAT...............................................................................................................................................................................................................35
1. Definition.................................................................................................................................................................................................................. 35
2. How to NAT work.................................................................................................................................................................................................... 35
CONCLUSION.......................................................................................................................................................................................................36
REFERENCE..........................................................................................................................................................................................................36

INTRODUCTION
The world is involving critically. Nowadays, many electronic devices have been used by humans. They are everywhere and have become the
most necessary thing in human life. These devices are not only easy to use but also have many functions making life simpler. In the other hand,
technology involved in the bad side. More and more security threads come up when people using the internet. Phone number, the web's history,
even people's identity might be stolen for such purposes, etc. IT security is important because threads are not something to play with. They are
harmful to computers or can bring great break down to organizations. With great awareness, NorthStar Secure carry the great mission in the
field of security, provide high protection and prevent thief identity. As a trainee IT Security Specialist in NorthStar Secure, this report will
include full details of IT security and ways to deal with it.

P1. IDENTIFY TYPES OF SECURITY RISKS TO ORGANIZATIONS.

Definition of Risks, Threats
1. Risk
. When it comes to risks, organizations are looking at what may cause potential harm to systems and the overall business. Several
examples of systems susceptible to IT risk include phishing attacks, operating systems, and sensitive data. Organizations go to great
lengths to mitigate, transfer, accept, and avoid risks. A risk assessment is often the first line of defense to reduce security risk. In
order to better prepare for the inevitability of risks, assessments are necessary to baseline an attack surface. Organizations should
invest in a risk management program to better understand how to measure risk. Business and security leaders are fundamentally
trying to solve for true risk when calculating what can be mitigated or avoided.
 (Risk.com, 2021)
2. Threats
-Threats are hacked events targeting vulnerabilities that can lead to the loss of
system information or data. they can occur due to the intentional or unintentional
intentions of a person or a group of people.
3. Types of security threat:
+Security threat; Data stealing, exploitation of data, virus attack.
+Physical threat ; Loss or physical damage to the system
+Internal; power supply, hardware fault.
+External; lighting, natural disaster such as flood, earthquake+Human; theft, vandalism .
+Non-physical threat ; Loss of information, data corruption, cyber security breaches
(Risk.com, 2021)
I. Malwares
1. Definition
Malware is the collective name for a number of malicious software variants, including viruses, ransomware and spyware. Shorthand for
malicious software, malware typically consists of code developed by cyberattackers, designed to cause extensive damage to data and
systems or to gain unauthorized access to a network. Malware is typically delivered in the form of a link or file over email and requires
the user to click on the link or open the file to execute the malware.

Malware has actually been a threat to individuals and organizations since the early 1970s when the Creeper virus first appeared. Since
then, the world has been under attack from hundreds of thousands of different malware variants, all with the intent of causing the most
disruption and damage as possible.
(What is Malware?, 2021)
2. How to Malware work
 Malware typically infects a machine by tricking users into clicking and/or installing a program that they shouldn't from the Internet.
When the click or installation occurs, the malicious code executes actions that the user doesn't anticipate or intend, which could
include:

 Self-replication in different parts of the file system

 Installing applications that capture keystrokes or commandeer system resources, often running without the user being aware,
while slowing the system down considerably
 Blocking access to files, programs or even the system itself, sometimes forcing the user to make a payment to regain access
 Bombarding a browser or desktop with ads
 Breaking essential system components and rendering a device inoperable

3. Types of Malware:
Virus
Possibly the most common type of malware, viruses attach their malicious code to clean code and wait for an unsuspecting user or
an automated process to execute them. Like a biological virus, they can spread quickly and widely, causing damage to the core
functionality of systems, corrupting files and locking users out of their computers. They are usually contained within an executable
file.
Worms
Worms get their name from the way they infect systems. Starting from one infected machine, they weave their way through the
network, connecting to consecutive machines in order to continue the spread of infection. This type of malware can infect entire
networks of devices very quickly.
Spyware
Spyware, as its name suggests, is designed to spy on what a user is doing. Hiding in the background on a computer, this type of
malware will collect information without the user knowing, such as credit card details, passwords and other sensitive information.
Trojans
Just like Greek soldiers hid in a giant horse to deliver their attack, this type of malware hides within or disguises itself as legitimate
software. Acting discretely, it will breach security by creating backdoors that give other malware variants easy access.
Ransomware
 Also known as scareware, ransomware comes with a heavy price. Able to lockdown networks and lock out users until a ransom is
paid, ransomware has targeted some of the biggest organizations in the world today — with expensive results.
4. How to prevent malwave
 Install Anti-virus software
 One of the most important ways to protect against malware is to install anti-virus software. Anti-virus software will protect
your device from malicious software that poses a threat to the system. It will scan your computer to detect and clean the
malware and provide automatic updates to provide enhanced protection against newly created viruses.
 Regularly update software

In addition to installing anti-virus software, it’s vital to ensure that your software is regularly updated to stop attackers
gaining access to your computer through vulnerabilities in older and outdated systems.
 Only buy Apps from trusted sources
 Buying apps from trustworthy sources reduces the chance of your device being infected with malware. Big brands will take
great care to ensure they do not damage their reputation by distributing malware. To check the authenticity of a source, you
can check the full name, list of published apps and contact details in the app description within the Google Play or Apple app
store.
 Don’t click on suspicious links or download attachments from unknown sources
 Phishing remains the easiest way for hackers to install malware on your device. Phishing scams trick people into opening
emails or clicking on a link that may appear to come from a legitimate business or reputable source. The link may direct you
to a fake website where you are prompted to enter your personal details or take you to a website that directly infects your
computer with malware. If in doubt, don’t click the link.
 Install Firewall
 Another way to protect your device from malware is to use a firewall. A firewall prevents malicious attacks by blocking all
unauthorised access to or from a private computer network. In addition to anti-virus software, a firewall provides an extra
barrier against malware, reducing the chance of attack.
 Back up data regularly
It’s important to back up on a regular basis to ensure that you can still retrieve all your valuable data and files if your
computer is infected with malware. This will help mitigate any damage and ensure that you are not held victim to a
ransomware attack.
(Save Time and Improve your Marks with CiteThisForMe, The No. 1 Citation Tool, 2021)
II. Social Engeering Attacks
1. Definition
Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses
psychological manipulation to trick users into making security mistakes or giving away sensitive information.

Social engineering attacks happen in one or more steps. A perpetrator first investigates the intended victim to gather necessary
background information, such as potential points of entry and weak security protocols, needed to proceed with the attack. Then, the
attacker moves to gain the victim’s trust and provide stimuli for subsequent actions that break security practices, such as revealing
sensitive information or granting access to critical resources.
(What is Social Engineering | Attack Techniques & Prevention Methods | Imperva, 2021)

2. How does social engineering work?

Social engineers use a variety of tactics to perform attacks.
The first step in most social engineering attacks is for the attacker to perform research and reconnaissance on the target. If the target
is an enterprise, for instance, the hacker may gather intelligence on the organizational structure, internal operations, common lingo
used within the industry and possible business partners, among other information.

One common tactic of social engineers is to focus on the behaviors and patterns of employees who have low-level but initial access,
such as a security guard or receptionist; attackers can scan social media profiles for personal information and study their behavior
online and in person.

From there, the social engineer can design an attack based on the information collected and exploit the weakness uncovered during
the reconnaissance phase.

If the attack is successful, the attacker gains access to confidential information, such as Social Security numbers and credit card or
bank account information; makes money off the targets; or gains access to protected systems or networks.
(What are social engineering attacks?, 2021)
3. Types of social engineering attacks
Popular types of social engineering attacks include the following techniques:

 Baiting. An attacker leaves a malware-infected physical device, such as a Universal Serial Bus flash drive, in a place it is
sure to be found. The target then picks up the device and inserts it into their computer, unintentionally installing the malware.
 Phishing. When a malicious party sends a fraudulent email disguised as a legitimate email, often purporting to be from a
trusted source. The message is meant to trick the recipient into sharing financial or personal information or clicking on a link
that installs malware.
 Tailgating :Tailgating , or piggybacking, is the act of trailing an authorized staff member into a restricted-access area.
Attackers may play on social courtesy to get you to hold the door for them or convince you that they are also authorized to be
in the area. Pretexting can play a role here too.
 Pretexting. Pretexting uses a deceptive identity as the “pretext” for establishing trust, such as directly impersonating a
vendor or a facility employee. This approach requires the attacker to interact with you more proactively. The exploit follows
once they’ve convinced you they are legitimate.
 Scareware. This involves tricking the victim into thinking their computer is infected with malware or has inadvertently
downloaded illegal content. The attacker then offers the victim a solution that will fix the bogus problem; in reality, the
victim is simply tricked into downloading and installing the attacker's malware.
 Quid pro quo. This is an attack in which the social engineer pretends to provide something in exchange for the target's
information or assistance. For instance, a hacker calls a selection of random numbers within an organization and pretends to
be a technical support specialist responding to a ticket. Eventually, the hacker will find someone with a legitimate tech issue
whom they will then pretend to help. Through this interaction, the hacker can have the target type in the commands to launch
malware or can collect password information.
 Water Hole: Generally used to target organizations, water hole attacks occur when a group infects websites a particular
organization frequently uses. The goal – much like a cross-site attack – is to load a malicious payload from the infected sites.
Prevention: Anti-virus can passively identify dangerous scripts. Keep website scripts off as a default if your enterprise
suspects an infection.
(What are social engineering attacks?, 2021)
III. Web Applications Attacks
1. Web Application Attack
Serious weaknesses or vulnerabilities allow criminals to gain direct and public access to databases in order to churn sensitive data –
this is known as a web application attack. Many of these databases contain valuable information (e.g. personal data and financial
details) making them a frequent target of attacks. Although such acts of vandalism (often performed by the so-called script kiddies)
as defacing corporate websites are still commonplace, nowadays attackers prefer gaining access to the sensitive data residing on the
database server because of the immense pay-offs in selling the results of data breaches. In the framework described above, it is easy
to see how a criminal can quickly access the data residing on the database through a dose of creativity and, with luck, negligence or
human error, leading to vulnerabilities in the web applications.
(2021)
 (2021)
2. How Do Web Applications Work?
The figure below details the three-layered web application model. The first layer is normally a web browser or the user interface; the
second layer is the dynamic content generation technology tool such as Java servlets (JSP) or Active Server Pages (ASP), and the
third layer is the database containing content (e.g., news) and customer data (e.g., usernames and passwords, social security
numbers, and credit card details).
The figure below shows how the initial request is triggered by the user through the browser over the Internet to the web application
server. The web application accesses the databases servers to perform the requested task updating and retrieving the information
lying within the database. The web application then presents the information to the user through the browser.
 (2021)
3. Types of Web Application Attacks
 Cross-site scripting (XSS). That involves an attacker uploading a piece of malicious script code onto your website that can
then be used to steal data or perform other kinds of mischief. Although this str0061tegy is relatively unsophisticated, it
remains quite common and can do significa IDENTIFY TYPES OF SECURITY RISKS TO ORGANIZATIONS.nt damage.
  SQL Injection (SQLI). This happens when a hacker submits destructive code into an input form. If your systems fail to
clean this information, it can be submitted into the database, changing, deleting, or revealing data to the attacker.
 Path traversal. Also resulting from improper protection of data that has been inputted, these webserver attacks involve
injecting patterns into the webserver hierarchy that allow bad actors to obtain user credentials, databases, configuration files,
and other information stored on hard drives.
 Local File Inclusion. This relatively uncommon attack technique involves forcing the web application to execute a file
located elsewhere on the system.
IV. Networking Based Attacks

1. Definition
A network attack is an attempt to gain unauthorized access to an organization’s network, with the objective of stealing data or perform
other malicious activity. There are two main types of network attacks:

‒ Passive: Attackers gain access to a network and can monitor or steal sensitive information, but without making any change to the
data, leaving it intact.
‒ Active: Attackers not only gain unauthorized access but also modify data, either deleting, encrypting or otherwise harming it.
We distinguish network attacks from several other types of attacks:

‒ Endpoint attacks—gaining unauthorized access to user devices, servers or other endpoints, typically compromising them by
infecting them with malware.
‒ Malware attacks—infecting IT resources with malware, allowing attackers to compromise systems, steal data and do damage.
These also include ransomware attacks.
‒ Vulnerabilities, exploits and attacks—exploiting vulnerabilities in software used in the organization, to gain unauthorized access,
compromise or sabotage systems.
‒ Advanced persistent threats—these are complex multilayered threats, which include network attacks but also other attack types.
In a network attack, attackers are focused on penetrating the corporate network perimeter and gaining access to internal systems. Very
often, once inside attackers will combine other types of attacks, for example compromising an endpoint, spreading malware or
exploiting a vulnerability in a system within the network.
(Network Attacks and Network Security Threats, 2021)
2. Common Types of Network Attacks
 Distributed Denial of Service (DDoS) attacks:
Attackers build botnets, large fleets of compromised devices, and use them to direct false traffic at your network or servers. DDoS
can occur at the network level, for example by sending huge volumes of SYN/ACC packets which can overwhelm a server, or at the
application level, for example by performing complex SQL queries that bring a database to its knees.
 Man in the middle attacks:
A Man-in-the-Middle attack occurs when a third-party hijacks a session between client and host. The hacker generally
cloaks itself with a spoofed IP address, disconnects the client, and requests information from the client. For example,
attempting to log-in to a bank session would allow a MITM attack to hijack user info related to their bank account.
 DNS spoofing: DNS spoofing manipulates your browser and web servers to travel to malicious websites when you enter a
legitimate URL. Once infected with this exploit, the redirect will continue unless the inaccurate routing data is cleared from
the systems involved.
DNS cache poisoning attacks specifically infect your device with routing instructions for the legitimate URL or multiple
URLs to connect to fraudulent websites.
(Network Attacks and Network Security Threats, 2021)
Example Of A Recently Publicized Security Breach
On August 4, on the R*forums forum, the account "chunxong" posted an article confirming that this person hacked into the
server of the network security company BKAV and stole the source code of its products. this company, including source code of
security software package BKAV Pro, mobile security software BKAV Mobile...

In addition, the hacker also left a contact method through an email address named "lovebkav***" for the purpose of selling all
this data.
Contacting the above email address, a user has received a response that is said to be a detailed price list of all the data that the
hacker offers for sale.
Specifically, according to the email response, this person demanded $ 150,000 for software source code (source code) and server
side code (server side code) for anti-virus software from BKAV. Meanwhile, the AI (artificial intelligence) source code is
offered for sale for $ 100,000.
 Consequence: Company data has been exposed
Solution: This incident stemmed from an old employee of the business that stole it. To prevent former employees from leaking
data out, each person is only allowed to be in charge of one module so that if they leak out, they can't do anything.

P2. ORGANISATIONAL SECURITY PROCEDURES.

I. Definition
Security procedures are nitty gritty step-by-step guidelines on the most proficient method to execute, empower, or authorize security
controls as listed from your association's security approaches. Security procedures should cover the huge number of equipment and
programming parts supporting your business forms just as any security-related business forms themselves.
(2021)
II. Purpose of Security Procedure
 The purpose of security procedures is to ensure consistency in the implementation of a security control or execution of a security
relevant business process. They are to be followed each time the control needs to be implemented or the security relevant business
process followed. Here is an analogy. As part of every aircraft flight, the pilot will follow a pre-flight checklist. Why do they do
this? Simply put, they do it to ensure that the aircraft is ready to fly and to do everything possible to ensure a safe flight. Although
pilots may have flown thousands of hours, they still follow the checklist. Following the checklist ensures consistency of behavior
each and every time. Even though they may have executed the checklist hundreds of times, there is risk in relying on memory to
execute the checklist as there could be some distraction that causes them to forget or overlook a critical step.
(2021)
III. Security Procedures that an organization should adopt
Back up data regularly: Enterprises apply information security measures to ensure information safety and limit risks.
To avoid unforeseen risks, businesses should back up their data regularly, especially with customer information, business status
information or business secrets, etc.
By the way, if incidents occur, organizations can easily recover and minimize the time Downtime of the system. Advice for
businesses to backup to the cloud instead of traditional physical devices.
Secure enterprise information systems by using firewalls: Using a firewall is the most basic solution to secure enterprise
information systems . Firewalls are likened to a line of defense between the internal network and the public Internet. It performs the
task of monitoring and filtering incoming/outgoing traffic.
As a result, the firewall will prevent hackers or malicious access, etc.
Use strong passwords, 2-layer security: It is a fact that many users (employees) still use passwords that are simple, easy to
remember and easy to guess. This enhances the ability to reveal passwords, potentially exposing information.
To improve security, users should pay attention to set strong passwords (hard to guess including uppercase, lowercase, alphanumeric
and special characters; do not use personal information to set the password). password,…).
Besides using strong passwords, 2-layer security also needs to be applied. This will be the second layer of protection, enhancing the
security of the account.

P3. IDENTIFY THE POTENTIAL IMPACT TO IT SECURITY OF INCORRECT CONFIGURATION OF FIREWALL POLICIES
AND IDS.
I. IDS
1. Definition
An Intrusion Detection System (IDS) is a system that monitors network traffic for suspicious activity and issues alerts when such
activity is discovered. It is a software application that scans a network or a system for harmful activity or policy breaching. Any
malicious venture or violation is normally reported either to an administrator or collected centrally using a security information
and event management (SIEM) system. A SIEM system integrates outputs from multiple sources and uses alarm filtering
techniques to differentiate malicious activity from false alarms.
(What is an intrusion detection system (IDS)? Definition from SearchSecurity, 2021)
 2. How does a IDS work?
Intrusion detection systems are used to detect anomalies with the aim of catching hackers before they do real damage to a
network. IDSes can be either network- or host-based. A host-based intrusion detection system is installed on the client computer,
while a network-based intrusion detection system resides on the network.

Intrusion detection systems work by either looking for signatures of known attacks or deviations from normal activity. These
deviations or anomalies are pushed up the stack and examined at the protocol and application layer. They can effectively detect
events such as Christmas tree scans and Domain Name System (DNS) poisonings.

An IDS may be implemented as a software application running on customer hardware or as a network security appliance. Cloud-
based intrusion detection systems are also available to protect data and systems in cloud deployments.
(What is an intrusion detection system (IDS)? Definition from SearchSecurity, 2021)

3. Benefits of IDS
Intrusion detection systems offer organizations several benefits, starting with the ability to identify security incidents. An IDS
can be used to help analyze the quantity and types of attacks. Organizations can use this information to change their security
systems or implement more effective controls. An intrusion detection system can also help companies identify bugs or problems
with their network device configurations. These metrics can then be used to assess future risks.

Intrusion detection systems can also help enterprises attain regulatory compliance. An IDS gives companies greater visibility
across their networks, making it easier to meet security regulations. Additionally, businesses can use their IDS logs as part of the
documentation to show they are meeting certain compliance requirements.

Intrusion detection systems can also improve security responses. Since IDS sensors can detect network hosts and devices, they
can also be used to inspect data within the network packets, as well as identify the OSes of services being used. Using an IDS to
collect this information can be much more efficient than manual censuses of connected systems.
II. Firewalls
1. Definition
 A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an
organization’s previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a
private internal network and the public Internet. A firewall’s main purpose is to allow non-threatening traffic in and to keep
dangerous traffic out.
(What is a Firewall? The Different Types of Firewalls - Check Point Software, 2021)

2. Types of Firewalls
• Packet filtering: A small amount of data is analyzed and distributed according to the filter’s standards.
• Proxy service: Network security system that protects while filtering messages at the application layer.
• Stateful inspection: Dynamic packet filtering that monitors active connections to determine which network packets to
allow through the Firewall.
• Next Generation Firewall (NGFW): Deep packet inspection Firewall with application-level inspection.
(What is a Firewall? The Different Types of Firewalls - Check Point Software, 2021)
3. Benefits of Firewalls
Monitors Network Traffic
All of the benefits of firewall security start with the ability to monitor network traffic. Data coming in and out of your systems
creates opportunities for threats to compromise your operations. By monitoring and analyzing network traffic, firewalls leverage
preestablished rules and filters to keep your systems protected. With a well-trained IT team, you can manage your levels of
protection based on what you see coming in and out through your firewall.

Stops Virus Attacks

Nothing can shut your digital operations down faster and harder than a virus attack. With hundreds of thousands of new threats
developed every single day, it is vital that you put the defenses in place to keep your systems healthy. One of the most visible
benefits of firewalls is the ability to control your system's entry points and stop virus attacks. The cost of damage from a virus
attack on your systems could be immeasurably high, depending on the type of virus.

Prevents Hacking
Unfortunately, the trend of businesses moving more toward digital operations invites thieves and bad actors to do the same. With
the rise of data theft and criminals holding systems hostage, firewalls have become even more important, as they prevent hackers
from gaining unauthorized access to your data, emails, systems, and more. A firewall can stop a hacker completely or deter them
to choose an easier target.

Stops Spyware
In a data-driven world, a much-needed benefit is stopping spyware from gaining access and getting into your systems. As
systems become more complex and robust, the entry points criminals can use to gain access to your systems also increase. One
of the most common ways unwanted people gain access is by employing spyware and malware—programs designed to infiltrate
your systems, control your computers, and steal your data. Firewalls serve as an important blockade against these malicious
programs.

Promotes Privacy
An overarching benefit is the promotion of privacy. By proactively working to keep your data and your customers' data safe, you
build an environment of privacy that your clients can trust. No one likes their data stolen, especially when it is clear that steps
could have been taken to prevent the intrusion.
 Additionally, upgraded data-protection systems can be a competitive advantage and a selling point to customers and clients. The
benefit increases the more sensitive the data your company deals with.
(What is a Firewall? The Different Types of Firewalls - Check Point Software, 2021)
III. Potential security risk if policies are misconfigured on Firewall
A firewall can be characterized as a gadget that is introduced to monitor the traffic visiting or getting to
the information, checking if the client is approved to get to the system or not. According to the guidelines
set or structured, the firewall can permit or square unapproved clients from getting to the network.
If the configuration is not corrected, there could be a security breach that may lead to the case that
private file could be stolen.
Potential impact to IT security:
• There might lead to a data breach by creating a hole in the network and the third person could take advantage of that breach and
steal the sensitive files
• Desired traffic could not land it’s wanted destination.

• The traffic reaches a destination it should have not reached.

P4. HOW DIFFERENT TECHNIQUES CAN BE IMPLEMENTED TO IMPROVE NETWORK SECURITY.

I. DMZ
1. Definition
A DMZ Network is a perimeter network that protects and adds an extra layer of security to an organization’s internal local-
area network from untrusted traffic. A common DMZ is a subnetwork that sits between the public internet and private
networks.
(What Is a DMZ and Why Would You Use It? | Fortinet, 2021)
2. How to DMZ work
 DMZs function as a buffer zone between the public internet and the private network. The DMZ subnet is deployed between
two firewalls. All inbound network packets are then screened using a firewall or other security appliance before they arrive at
the servers hosted in the DMZ.
If better-prepared threat actors pass through the first firewall, they must then gain unauthorized access to the services in the
DMZ before they can do any damage. Those systems are likely to be hardened against such attacks.
Finally, assuming well-resourced threat actors take over a system hosted in the DMZ, they must still break through the
internal firewall before they can reach sensitive enterprise resources. Determined attackers can breach even the most secure
DMZ architecture. However, a DMZ under attack will set off alarms, giving security professionals enough warning to avert a
full breach of their organization.

 Real situation: DMZ is suitable for small and medium businesses that want to use independent LAN system. Limit
the loss of data from external or being stolen. This is a similar way to the firewall, protecting sensitive data and
resource.
II. Static IP
1. Definition
A static IP address is simply an address that doesn't change. Once your device is assigned a static IP address, that number
typically stays the same until the device is decommissioned or your network architecture changes. Static IP addresses
generally are used by servers or other important equipment.
(Static vs. Dynamic IP Addresses, 2021)
2. How to Static IP work
At the point when Static IP Addresses are used. Static IP locations are essential for gadgets that need steady access.
On the other hand, if the server were doled out a dynamic IP address, it would change infrequently which
would keep your switch from knowing which computer on the network in the right server. People can use the static IP
address to host private file or FTP server, host a private website or domain name server or even a chat server.
(Static vs. Dynamic IP Addresses, 2021)
 Real Situation: Static IP would be great in the classroom. They can share a printer over a network by using static IP.
III. NAT
1. Definition
NAT stands for network address translation. It’s a way to map multiple local private addresses to a public one before
transferring the information. Organizations that want multiple devices to employ a single IP address use NAT, as do most
home routers.
(Network Address Translation Definition | How NAT Works | Computer Networks | CompTIA, 2021)
2. How to NAT work
Let’s say that there is a laptop connected to a home router. Someone uses the laptop to search for directions to their favorite
restaurant. The laptop sends this request in a packet to the router, which passes it along to the web. But first, the router
changes the outgoing IP address from a private local address to a public address.
 If the packet keeps a private address, the receiving server won’t know where to send the information back to — this is akin to
sending physical mail and requesting return service but providing a return address of anonymous. By using NAT, the
information will make it back to the laptop using the router’s public address, not the laptop’s private one.
(Network Address Translation Definition | How NAT Works | Computer Networks | CompTIA, 2021)
 Real situation: DMZ is suitable for small and medium businesses that want to use independent LAN system. Limit
the loss of data from external or being stolen. This is a similar way to the firewall, protecting sensitive data and
resource
CONCLUSION
In conclusion, the world is a dangerous place. Everyone could be the enemy who will possibly steal data from our information. That is
why we need to truly understand what is basic about security in order to protect our personal life. Furthermore, security may be a useful
weapon in running a business in the near future.

REFERENCE
2021. [online] Available at: <https://reciprocity.com/threat-vulnerability-and-risk-whats-the-difference/> [Accessed 5 November 2021].

Forcepoint. 2021. What is Malware?. [online] Available at: <https://www.forcepoint.com/cyber-edu/malware> [Accessed 5 November 2021].

Learning Center. 2021. What is Social Engineering | Attack Techniques & Prevention Methods | Imperva. [online] Available at:
<https://www.imperva.com/learn/applicati Cynet. 2021. Network Attacks and Network Security Threats. [online] Available at:
<https://www.cynet.com/network-attacks/network-attacks-and-network-security-threats/> [Accessed 5 November 2021].on-security/social-
engineering-attack/> [Accessed 5 November 2021].

SearchSecurity. 2021. What are social engineering attacks?. [online] Available at: <https://searchsecurity.techtarget.com/definition/social-
engineering> [Accessed 5 November 2021].

Check Point Software. 2021. What is a Firewall? The Different Types of Firewalls - Check Point Software. [online] Available at:
<https://www.checkpoint.com/cyber-hub/network-security/what-is-firewall/> [Accessed 5 November 2021].

Linfordco.com. 2021. [online] Available at: <https://linfordco.com/blog/security-procedures/> [Accessed 5 November 2021].

VPN?, H., VPN?, W., legal?, A., to?, C., internet?, W., battery?, D., VPN?, C., banking?, I. and time?, S., 2021. What Is a VPN? How a VPN
Benefits You | ExpressVPN. [online] Expressvpn.com. Available at: <https://www.expressvpn.com/go/what-is-vpn-1?
category=VPN&subcategory=info&lang=en&gclid=CjwKCAjwiY6MBhBqEiwARFSCPvEr84WtLdKhk2OOvw3touRpNTLhbxptZ1SR76_P
D-HJcCTGwryKvRoCy0cQAvD_BwE> [Accessed 5 November 2021].

Default. 2021. Network Address Translation Definition | How NAT Works | Computer Networks | CompTIA. [online] Available at:
<https://www.comptia.org/content/guides/what-is-network-address-translation> [Accessed 12 November 2021].

Static vs. Dynamic IP Addresses. 2021. Static vs. Dynamic IP Addresses. [online] Available at: <https://www.avast.com/c-static-vs-dynamic-
ip-addresses#gref> [Accessed 12 November 2021].

Fortinet. 2021. What Is a DMZ and Why Would You Use It? | Fortinet. [online] Available at:
<https://www.fortinet.com/resources/cyberglossary/what-is-dmz> [Accessed 12 November 2021].

Cite This For Me. 2021. Save Time and Improve your Marks with CiteThisForMe, The No. 1 Citation Tool. [online] Available at:
<https://www.citethisforme.com/> [Accessed 3 December 2021].

SearchSecurity. 2021. What is an intrusion detection system (IDS)? Definition from SearchSecurity. [online] Available at:
<https://www.techtarget.com/searchsecurity/definition/intrusion-detection-system> [Accessed 3 December 2021].