ASSIGNMENT 1 FRONT SHEET

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit 5: Security

Submission date 23/04/2023 Date Received 1st submission

Re-submission Date 25/04/2023 Date Received 2nd submission

Student Name Nguyen Luu Bao Phuc Student ID GCD210392

Class GCD1101 Assessor name Dang Quang Hien

Student declaration

I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that
making a false declaration is a form of malpractice.

Student’s signature Phuc

Grading grid

P1 P2 P3 P4 M1 M2 D1

1
 /

❒Summative Feedback: ❒Resubmission Feedback:

Grade: Assessor Signature: Date:

Lecturer Signature:

1
Table of Contents
Task 1 - Identify types of security threat to organisations. Give an example of a recently publicized security breach
and discuss its consequences (P1)..................................................................................................................................................................... 6
I. Define threat .............................................................................................................................................................................................. 6
II. Identify threats agents to organizations ................................................................................................................................ 6
1. Nation States......................................................................................................................................................................................... 6
2. Non target specific ............................................................................................................................................................................. 6
3. Employees and Contractor ........................................................................................................................................................... 6
4. Terrorists and Hacktivists (political parties, media, enthusiasts, activists, vandals, general public,
extremists, religious followers) ................................................................................................................................................................ 6
5. Organised crime ................................................................................................................................................................................. 6
6. Natural disasters ................................................................................................................................................................................ 7
7. Corporates ............................................................................................................................................................................................. 7
III. List type of threats that organizations will face ................................................................................................................ 7
1. Viruses and worms ............................................................................................................................................................................ 7
2. Botnet ....................................................................................................................................................................................................... 8
3. DDoS (Distributed Denial of Service) Attack ..................................................................................................................... 9
4. Ransomware ...................................................................................................................................................................................... 10
5. Phishing................................................................................................................................................................................................ 10
IV. The recent security breaches ........................................................................................................................................................... 11
1. Hacker Breaches Rockstar Games ........................................................................................................................................ 11
2. Hacker Posts Data on 5.4 Million Twitter Users For Sale ........................................................................................ 11
3. Suggest solutions to organizations ......................................................................................................................................... 11
Task 2 - Describe at least 3 organisational security procedures (P2) ............................................................................................ 12
I. What are the security procedures ............................................................................................................................................... 12
II. Why are security processes and purposes necessary in the organization........................................................ 12
III. Describe at least 3 organisational security procedures............................................................................................... 12
1. Acceptable Use Policy ( AUP ) ................................................................................................................................................. 12
2. Access Control Policy ................................................................................................................................................................... 12
3. Change Management Policy ..................................................................................................................................................... 13
4. Information Security Policy ...................................................................................................................................................... 13
5. Incident Response (IR) Policy .................................................................................................................................................. 13
6. Remote Access Policy .................................................................................................................................................................... 13

2
 7. Email/Communication Policy .................................................................................................................................................. 13
8. Disaster Recovery Policy............................................................................................................................................................. 13
9. Business Continuity Plan (BCP) ............................................................................................................................................. 14
Task 3 - Identify the potential impact to IT security of incorrect configuration of firewall policies and IDS (P3) ..... 14
I. Firewall ..................................................................................................................................................................................................... 14
1. Firewall define .................................................................................................................................................................................. 14
2. Why are firewalls important .................................................................................................................................................... 15
3. Firewall policy .................................................................................................................................................................................. 15
4. Advantage when using firewall in a network ................................................................................................................... 15
5. How does a firewall provide security to a network....................................................................................................... 15
II. Intrusion Detection System ( IDS ) ........................................................................................................................................ 16
1. IDS define ........................................................................................................................................................................................... 16
2. How does an IDS work? .............................................................................................................................................................. 17
3. Classification of Intrusion Detection System ................................................................................................................... 17
III. The potential impact (Threat-Risk) of a firewall and IDS if they are incorrectly configured in a
network ................................................................................................................................................................................................................ 19
1. Unauthorized Access..................................................................................................................................................................... 19
2. False Positives/False Negatives. ............................................................................................................................................... 20
3. Inadequate defense. ....................................................................................................................................................................... 20
4. Lack of visibility. ............................................................................................................................................................................. 20
Task 4 - Show, using an example for each, how implementing a DMZ, static IP and NAT in a network can improve
Network Security (P4) ......................................................................................................................................................................................... 20
I. DMZ (Demilitarized zone ) ............................................................................................................................................................. 20
1. Define DMZ ....................................................................................................................................................................................... 20
2. How does a DMZ Network work ............................................................................................................................................ 21
3. Benefits of Using a DMZ ............................................................................................................................................................. 21
II. Static IP ................................................................................................................................................................................................ 22
1. Define static IP ................................................................................................................................................................................. 22
2. How does Static IP work ............................................................................................................................................................. 22
3. Benefits of using Static IP........................................................................................................................................................... 23
III. NAT ( Network Address Translation ) ..................................................................................................................................... 23
1. Define NAT ........................................................................................................................................................................................ 23
2. How does NAT work ..................................................................................................................................................................... 24

3
 3. Benefit of using NAT..................................................................................................................................................................... 24
References ................................................................................................................................................................................................................ 25

4
Table of Figures
Figure 1: Viruses and worms ................................................................................................................................... 8
Figure 2: Botnet....................................................................................................................................................... 9
Figure 3:DDos attack ............................................................................................................................................. 10
Figure 4: Firewall diagram .................................................................................................................................... 14
Figure 5: IDS diagram ........................................................................................................................................... 17
Figure 6: Network Intrusion Detection System (NIDS) .......................................................................................... 18
Figure 7: Host Intrusion Detection System (HIDS) ................................................................................................ 19
Figure 8: DMZ diagram ......................................................................................................................................... 21
Figure 9: Static IP diagram ..................................................................................................................................... 22
Figure 10: NAT diagram ......................................................................................................................................... 24

5
Task 1 - Identify types of security threat to organisations. Give
an example of a recently publicized security breach and discuss
its consequences (P1)
I. Define threat
Software attacks, intellectual property loss, identity theft, device or information theft,
information sabotage, and extortion are all examples of information security threats. Anything
that can exploit a vulnerability to breach security and negatively change, delete, or damage an
item or object of interest is considered a threat.
II. Identify threats agents to organizations
1. Nation States
Those companies operating in certain fields, multinational companies, or companies that
are the foundation of a country's development can become the target of other hostile
countries causing difficulties. difficulties in the development of that country.
2. Non target specific
The number of companies no matter how big or small are randomly attacked. Any
organization can become a victim. The source of attack can be Ransomware, Worms,
Trojans, Logic Bombs, or Backdoors...
3. Employees and Contractor
The current software and programs all have pretty good security methods, but the weakest
link in the security system is the user, whether intentionally or unintentionally.
Common mistakes can include sending the wrong email to someone else. Although it can
be fixed immediately, it can affect your company. There have also been some cases of
attempted sabotage from within the organization.
There are also times when organizations need expert help and so hire outside contractors or
agencies who need some access to their systems or data. These third parties can often cause
problems as they may not have the same level of security on their devices that have access
to controller data.
4. Terrorists and Hacktivists (political parties, media, enthusiasts, activists,
vandals, general public, extremists, religious followers)
Rather than the threat posed by countries, it depends on your activities on how much of a
threat these actors pose. However, some terrorists seek to target certain industries or
countries so there can be a persistent threat of a random attack on you.
5. Organised crime

6
 Criminals are targeting personal data for several different reasons; credit card fraud,
identity theft, bank account fraud, etc. These crimes are currently being committed on an
industrial scale. There are many different methods to steal information, but the result is
only one, you and your personal information being used for nefarious purposes.
6. Natural disasters
Although not a cyber attack, natural disasters can have a direct impact on the operations of
companies. If you can't access your office, data center, or cloud-hosted files, you're still
experiencing a data disaster and this must be taken into account.
7. Corporates
When you partner with partner organizations to fill gaps in resources, skills, or simply
service delivery. These partner companies may steal or disclose your intellectual property
or the personal data you are storing, either unintentionally or maliciously, depending on
their motives.
III. List type of threats that organizations will face
1. Viruses and worms
Viruses and worms are malicious software programs (malicious software) that aim to
destroy an organization's systems, data, and networks. A computer virus is a malicious code
that replicates by copying itself to another host program, system, or file. It remains inactive
until someone intentionally or accidentally activates it, spreading the infection without the
user or system administrator's knowledge or permission.

A worm is a program that replicates itself without needing to copy itself into a host
program or require human interaction to spread. Its main function is to infect other
computers while still operating on the infected system. Worms often spread using parts of
the operating system that are automated and invisible to the user. Once a worm enters the
system, it will immediately begin replicating itself, infecting inadequately protected
computers and networks.

7
 Figure 1: Viruses and worms

 How does viruses and worm spread ?

- Viruses:
+ Download free games, toolbar, software…
+ Visiting an infected and unsecured website
+ Clicking on advertisement
+ Opening spam email or clicking on URL link
- Worms
It can propagate automatically, take advantage of software security flaws and try to gain access
to steal confidential data, corrupt files, and install a backdoor that allows remote access to the
system.
2. Botnet
A combination of the words "robot" and "network", a botnet is a group of personal
computers infected with malware and controlled by groups without the owner's knowledge.
They are commonly used to send large amounts of spam, perform DDoS attacks, and steal
data/credentials. The botnet has the collective computing power to act as a multiplier for
groups looking to disrupt or break into a target's system.

8
 Figure 2: Botnet

 How does botnet spread ?

A botnet will spread and grow using malware, malware that infects individual devices to
become 'zombies'. Malware often spreads when gullible users download software from a free
website, click a fake link or attachment in an email, or visit a compromised website.
3. DDoS (Distributed Denial of Service) Attack
In a DDoS attack, the perpetrator seeks to make a machine or network resource unavailable
to the intended use by temporarily or indefinitely disrupting the services of a server
connected to the internet. DDoS is usually accomplished by flooding the targeted machine
from various sources with unnecessary requests in an attempt to overload the system and
prevent some or all legitimate requests from being fulfilled.

9
 Figure 3:DDos attack

 How does DDoS attack ?

In a DDoS attack, cybercriminals take advantage of the normal behavior that occurs
between network devices and servers, often targeting network devices that establish a
connection to the internet. As a result, attackers focus on edge network devices (e.g.
routers, switches), rather than individual servers.
4. Ransomware
Once hackers have established a foothold in your network, ransomware is a cryptocurrency
virus that hackers execute and encrypt to perfection. They take important business data or
sensitive personal information from customers, then threaten to jeopardize the documents
unless the target organization pays the ransom.
 How does Ransomware attack ?

In most cases, ransomware spreads through phishing emails containing malicious

attachments, laptops, exposure to public WiFi, Zero-Day vulnerabilities, and drive-by
downloads.
5. Phishing
A phishing attack involves using email to trick employees into believing that the message
comes from a trusted, legitimate source. Then, when they click on the link in the email or
open the attachment, their computer gets infected with the virus. The scammer could be

10
 someone pretending to be from the employee's company, or it could be a company he/she
does business with. Sometimes the message will describe something the employee wants or
needs or thinks they are expecting—a request from their bank, for example. Regardless of
the disguise, a sophisticated phishing attempt has the appearance of real communication but
contains real harm.
 How does Phishing attack ?
-In a phishing email assault, an attacker sends phishing emails to the victim's email address
that appear to have come from their bank and requests personal data from them.
-The message includes a link that takes you to another vulnerable website in order to steal
your personal data
IV. The recent security breaches
1. Hacker Breaches Rockstar Games
On September 18, a hacker under the alias ‘teapotuberhacker’ leaked roughly 50
minutes of footage of Grand Theft Auto 6, an upcoming game produced by Rockstar
Games. They apparently obtained the footage by gaining access to the company’s
Slack, where they proceeded to download the video clips. Rockstar acknowledged the
leak in a statement released on Twitter.
Although RockStar Game did not suffer too much damage except the gameplay was
leaked. But it is a red flag for the security system of big companies
2. Hacker Posts Data on 5.4 Million Twitter Users For Sale
On July 21st, 2022, a hacker under the alias ‘devil’ posted on BreachForums that they
had obtained personal data on 5.4 million Twitter users, including email addresses and
phone numbers. The hacker had apparently exploited a vulnerability to scrape this data
from Twitter, and posted it for sale with an asking price north of $30,000.

The vulnerability was first identified in January 2022 by the white hat hacker
Zhirinovskiy. Twitter apparently patched up the vulnerability – but on August 5th, they
acknowledged that it played a part in the July data breach.
Twitter has notified most of the accounts affected – though they also acknowledged that
they could not confirm all of the accounts that were compromised in this data breach.
3. Suggest solutions to organizations
- Limit access to your most valuable data.
- Third-party vendors must comply.
- Conduct employee security awareness training.
- Update software regularly.
- Develop a cyber breach response plan.

11
Task 2 - Describe at least 3 organisational security
procedures (P2)
I. What are the security procedures
The security process includes the steps and tasks necessary to ensure security in the day-to-day
operations of the organization. Security processes work in conjunction with security policies,
standards, and guidelines to implement outlines for secure operations in any business.

In addition, the security process may implement, enable, or enforce the security controls
outlined in your organization's policy. These security policies, standards, guidelines, and
procedures are followed in all security protocols. Additionally, security policies serve as the
foundation of an organization's security program.
II. Why are security processes and purposes necessary
in the organization
The organization's security purposes and processes are to protect and mitigate data risks in the
implementation of security controls. In addition, if the process is not tracked in the database,
the system administrator can skip a step to the server, or the data is not accepted and run into
very dangerous risks in the security organization secret.

III. Describe at least 3 organisational security procedures

1. Acceptable Use Policy ( AUP )
An AUP stipulates the constraints and practices that an employee using organizational IT
assets must agree to access the corporate network or the internet. It is a standard
onboarding policy for new employees. They are given an AUP to read and sign before
being granted a network ID. It is recommended that organizations’ IT, security, legal, and
HR departments discuss what is included in this policy
2. Access Control Policy
The ACP outlines the access rights available to employees regarding the organization's data
and information systems. Some of the topics that are often included in the policy are access
control standards, such as the NIST Access Control and Implementation Guidelines. Other
items covered in this policy are standards for user access, network access control, operating
system software control, and corporate password complexity. Other additional items that
are often outlined include methods of monitoring how a company's systems are accessed

12
 and used, how to secure unattended workstations, and how to remove access when
employees leave the organization position.
3. Change Management Policy
Change management policies formalise IT, software development, and security
services/operations changes. A change management programme raises awareness and
knowledge of planned changes throughout an organisation and ensures that all changes are
implemented systematically to minimise service and customer impact.
4. Information Security Policy
An organization's information security policies are often high-level policies that may
include a large number of security controls. The Company publishes a basic information
security policy to ensure that all employees using information technology assets within the
organization's boundaries or its network adhere to the stated rules and guidelines. I have
seen organizations ask employees to sign this document to confirm that they have read it
(this is usually done when signing an AUP policy). This policy is designed to make
employees aware that there are rules for which they will be held accountable regarding the
sensitivity of company information and IT assets.
5. Incident Response (IR) Policy
An incident response policy is an organized approach to how a company will manage
incidents and remediate the impact on operations. It's a policy that CISO hopes to never
have to use. However, the goal of this policy is to describe the troubleshooting process to
limit damage to business and customers, and to reduce the time and cost of remediation.
6. Remote Access Policy
A remote access policy is a document that outlines and defines acceptable methods of
remote connection to an organization's internal network. I have also seen this policy include
addendums with rules for using BYOD assets. This policy is a requirement for
organizations with distributed networks with the ability to extend to unsecured network
locations, such as local coffee shops or unmanaged home networks.
7. Email/Communication Policy
A company email policy is a document used to formally outline how employees may use
the business' chosen means of electronic communication. This policy covers email, blogs,
social media, and chat technology. The primary goal of this policy is to provide guidance to
employees on what is considered an acceptable and unacceptable use of any company
communication technology.
8. Disaster Recovery Policy
An organization’s disaster recovery plan will generally include both cyber security and IT
teams’ input and will be developed as part of the larger business continuity plan. The CISO

13
 and teams will manage an incident through the incident response policy. If the event has a
significant business impact, the Business Continuity Plan will be activated.
9. Business Continuity Plan (BCP)
BCP will coordinate efforts across the organization and will use the disaster recovery plan
to recover hardware, applications, and data deemed essential for business continuity. BCPs
are unique to each business because they describe how the organization will operate during
an emergency.

Task 3 - Identify the potential impact to IT security of

incorrect configuration of firewall policies and IDS
(P3)
I. Firewall
1. Firewall define
Firewalls are network security devices that act as a barrier between an organization's
internal network and an external network (e.g., the Internet), monitoring and filtering
incoming and outgoing network traffic based on predefined rules. Firewalls use a set of
policies, also known as firewall rules, to determine what traffic is allowed or blocked.

Figure 4: Firewall diagram

14
2. Why are firewalls important
Modern security methods are used in many applications and they are incorporated into the
firewall design. namely, under the client-server model, which is the core architecture of
modern computing, networks in the early days of the Internet needed to be built with new
security mechanisms. Firewalls have already started to do just that, building security for
networks of varying complexity. Everyone knows that firewalls check traffic and reduce
danger to hardware.
3. Firewall policy
Firewall policies are rules that define how firewalls handle network traffic based on criteria
such as source/destination IP addresses, port numbers, and protocols. They allow or block
traffic and can trigger alerts for suspicious activity, ensuring network security.
4. Advantage when using firewall in a network
- Monitors network traffic
A network firewall monitors and analyzes traffic by inspecting whether the
traffic or packets passing through our network is safe for our network or not. By
doing so, it keeps our network away from any malicious content that can harm
our network.
- Halt Hacking
In a society where everyone is connected to technology, it becomes more
important to keep firewalls in our network and use the internet safely.
- Stops viruses
Viruses can come from anywhere, such as from an insecure website, from a
spam message, or any threat, so it becomes more important to have a strong
defense system (i.e. firewall in this case), a virus attack can easily shut off a
whole network. In such a situation, a firewall plays a vital role.
- Better security
If it is about monitoring and analyzing the network from time to time and
establishing a malware-free, virus-free, spam-free environment so network
firewall will provide better security to our network.
- Increase privacy
By protecting the network and providing better security, we get a network that
can be trusted.
5. How does a firewall provide security to a network
- Access Control: Firewalls inspect incoming and outgoing traffic based on
predefined rules that specify which traffic is allowed and which is denied. These
rules can be configured to allow or block traffic based on various aspects such
as source and destination IP addresses, ports, protocols, and content. By

15
 controlling access to the network, firewalls prevent unauthorized access and
help protect against network attacks.
- Traffic filtering: Firewalls filter network traffic, allowing only authorized and
legitimate traffic to pass through. They can block traffic from suspicious or
malicious sources, such as malware, known viruses, or other types of attacks.
Firewalls can also be configured to detect and block specific attack patterns,
such as DDoS attacks or intrusion attempts, by analyzing traffic patterns and
behavior.
- Logging and monitoring: Firewalls can log and monitor network traffic,
providing valuable insights into potential security threats. They can generate
allowed and blocked traffic logs, which can be reviewed to detect suspicious or
unusual activity. This helps to identify and respond to security incidents
promptly, allowing proactive security measures to be taken.
- Network segmentation: Firewalls can be used to segment a network into
different security zones, allowing better control and isolating traffic between
different parts of the network. This helps limit the potential impact of security
breaches, as it limits the horizontal movement of attackers in the network.
- Application control: Some firewalls also offer application-level filtering,
allowing administrators to control and restrict access to specific applications or
services based on their policies. This helps prevent unauthorized access to
sensitive applications or services, reducing the attack surface of the network.
- VPN and remote access security: Firewalls can also provide security for
remote access connections, such as Virtual Private Network (VPN) connections,
by authenticating and encrypting traffic between people's remote and intranet
use. This helps ensure remote access to the network and protects against
unauthorized access.
II. Intrusion Detection System ( IDS )
1. IDS define
IDS (Intrusion Detection System) is a network activity monitoring system to detect
suspicious or intrusive activities. Its main function is to detect and report on unwanted or
unusual activities on the network. Some IDS systems are also capable of performing
actions such as blocking network traffic from suspicious IP addresses. IDS is distinct from
intrusion prevention system (IPS), although both monitor and detect malicious activities,
IPS mainly focuses on preventing threats after detection, while IDS is mainly focused on
detecting and recording threats.

16
 Figure 5: IDS diagram

2. How does an IDS work?

- IDS (Intrusion Detection System) monitors traffic on computer networks to
detect any suspicious activity.
- It analyzes data flowing through the network looking for patterns and signs of
unusual behavior.
- IDS compares network activity with a set of predefined rules and patterns to
identify any activity that could indicate an attack or intrusion.
- If IDS detects something that matches one of these rules or patterns, it sends an
alert to the system administrator.
- System administrators can then investigate the warning and take action to
prevent any further damage or intrusion.
3. Classification of Intrusion Detection System
IDS are classified into 5 types:
- Network Intrusion Detection System (NIDS)
- Host Intrusion Detection System (HIDS)
- Protocol-based Intrusion Detection System (PIDS)
- Application Protocol-based Intrusion Detection System (APIDS)
- Hybrid Intrusion Detection System

17
Figure 6: Network Intrusion Detection System (NIDS)

18
 Figure 7: Host Intrusion Detection System (HIDS)

III. The potential impact (Threat-Risk) of a firewall and

IDS if they are incorrectly configured in a network
1. Unauthorized Access: If firewalls and IDS are configured incorrectly, hostile attackers can
gain access to the network and endanger critical systems or data. Data breaches,

19
 unauthorized use of network resources, and potential financial or reputational damage can
result from this.
2. False Positives/False Negatives: Improperly configured firewalls and IDSs can provide
false positives or false negatives. When legitimate traffic is intercepted, false positives
result, disrupting the regular operation of the network. False negatives occur when harmful
traffic is ignored, allowing potential threats to enter and possibly harm the network.
3. Inadequate defense: Misconfigured firewalls and IDSs can expose sensitive network or
system parts to attack. Due to the vulnerabilities created by this, attackers can bypass
network security measures and gain access to critical assets without permission.
4. Lack of visibility: getting into network traffic due to improper IDS settings can make it
difficult to identify and adequately respond to possible attacks. As a result, security issues
can be handled slowly or inefficiently, creating opportunities for attackers to do damage.

Task 4 - Show, using an example for each, how

implementing a DMZ, static IP and NAT in a
network can improve Network Security (P4)
I. DMZ (Demilitarized zone )
1. Define DMZ
The DMZ, also known as the Demilitarized Zone, is a network architecture concept used to
create a separate, isolated network segment that acts as a buffer between an organization's
internal network (intranet ) and the public-facing network (the internet). DMZs are typically
used to host public services such as web servers, email servers, and other publicly accessible
resources, and to keep the internal network secure from potential external threats. outside.

20
 Figure 8: DMZ diagram

2. How does a DMZ Network work

- Businesses with public websites need to place their web servers on the internet,
which means putting the organization's intranet at high risk.
- To prevent this, one option is to hire a hosting company that puts the server
publicly on the firewall, but this can affect performance.
- Instead, the public servers can be located in a separate and isolated network
called the DMZ.
- The DMZ provides a buffer between the internet and the organization's private
network, protected by firewalls or other security tools.
- The DMZ helps prevent attackers from directly accessing an organization's
internal network after bypassing an external firewall.
- If an attacker can break into the DMZ, they must also bypass the internal
firewall before accessing sensitive organization data.
- Another option is to install a proxy server in the DMZ to help track and control
user activity and comply with information security-related regulations
3. Benefits of Using a DMZ
- The DMZ provides an enhanced layer of security for an organization's internal
network by restricting access to sensitive data and servers.
- The DMZ allows website visitors to access specific services while creating a
buffer between them and the organization's private network.
- The DMZ provides additional security benefits such as access control, blocking
attackers' targeted activities, preventing IP address spoofing, and providing
network segmentation.

21
 - Installing a proxy server in the DMZ can also help track and record user activity
while simplifying internal data flow, enhancing system security
II. Static IP
1. Define static IP
A static IP, also known as a fixed IP, is an IP address that is manually and consistently assigned to
a particular device or network. Unlike dynamic IPs, which are assigned automatically by the
DHCP (Dynamic Host Configuration Protocol) server, static IPs do not change unless manually
reconfigured.
 What is the difference between a dynamic IP and static IP address?
When a device is assigned a static IP address, the address does not change. Most devices use
dynamic IP addresses, which are assigned by the network when they connect and change over
time.

Figure 9: Static IP diagram

2. How does Static IP work

- Hosting sever: To host web servers, email servers, FTP servers, and other types
of servers that need a fixed IP address for clients to connect to, a static IP
address is very important.
- Static IP addresses are used for remote access to systems or networks, such as
virtual private network (VPN) connections, remote desktop connections, and
network device management.

22
 - Network services: Devices that provide network services, such as DNS
(Domain Name System) servers, DHCP servers, and routers, typically use static
IP addresses.
- Security equipment: To enable remote administration and monitoring, a static
IP address can be used for security equipment including firewalls, intrusion
detection/prevention systems, and surveillance cameras
3. Benefits of using Static IP
- Better DNS support: Static IP addresses are much easier to set up and manage
with DNS servers.

- Server hosting: If you are hosting a web server, email server, or any other kind
of server, having a static IP address makes it easier for customers to find you via
DNS. Practically speaking that means it's quicker for clients to get to your
websites and services if they have a static IP address.

- Convenient remote access: A static IP address makes it easier to work remotely

using a Virtual Private Network (VPN) or other remote access programs.

- More reliable communication: Static IP addresses make it easier to use Voice

over Internet Protocol (VoIP) for teleconferencing or other voice and video
communications.

- More reliable geo-location services: With a static IP address, services can match
the IP address with its physical location. For example, if you use a local weather
service with a static IP address you're more likely to get the weather report you
need instead of the one for the next city over.
III. NAT ( Network Address Translation )
1. Define NAT
NAT, also known as Network Address Translation, is a networking concept that allows private IP addresses
to be translated into public IP addresses, and vice versa, in order to enable communication between devices
on different networks.

23
 Figure 10: NAT diagram

2. How does NAT work

- Preserve IP addresses: NAT allows devices of a private network to share a single public
IP address with each other. Since private IP addresses can be reused inside a private
network, this saves scarce public IP address space.
- Private network devices can now connect to the Internet with a single public IP address
thanks to NAT technology. Devices in a private network can connect to the Internet
because private IP addresses are converted to public IP addresses when talking to the
Internet.
- IP Address Assignment: Devices in a private network can be assigned a private IP
address through NAT that is not routable over the Internet. Thus, managing IP
addresses inside a private network is made simple and efficient
3. Benefit of using NAT
- Reuse of private IP addresses.
- Enhancing security for private networks by keeping internal addressing private from
the external network.
- Connecting a large number of hosts to the global Internet using a smaller number of
public (external) IP address, thereby conserving IP address space.

24
 References

Anon., n.d. [Online]

Available at: https://www.thedataguardians.co.uk/2019/02/27/7-threat-agents-your-cyber-security-team-should-be-
aware-of/
[Accessed 19 4 2023].

Anon., n.d. [Online]

Available at: https://www.techtarget.com/searchsecurity/feature/Top-10-types-of-information-security-threats-for-
IT-teams
[Accessed 20 4 2023].

Anon., n.d. [Online]

Available at: https://www.celerium.com/blog/7-network-security-threats-to-your-organization-today
[Accessed 20 4 2023].

Anon., n.d. [Online]

Available at: https://essentialdata.com/the-principles-about-a-security-
procedure/#:~:text=A%20security%20procedure%20consists%20of,safety%20operations%20within%20any%20bu
siness.
[Accessed 21 4 2023].

Anon., n.d. [Online]

Available at: https://www.geeksforgeeks.org/intrusion-detection-system-ids/
[Accessed 22 4 2023].

Anon., n.d. [Online]

Available at: https://www.trustnetinc.com/firewall-vulnerabilities/
[Accessed 22 4 2023].

Anon., n.d. [Online]

Available at: https://www.rapid7.com/blog/post/2017/01/11/the-pros-cons-of-intrusion-detection-
systems/#:~:text=An%20IDS%20cannot%20see%20into,until%20the%20intrusion%20is%20discovered.
[Accessed 22 4 2023].

Anon., n.d. [Online]

Available at: https://wifi.fpt.net/nat-network-address-translation-la-gi-nhung-dieu-can-biet-ve-nat/
[Accessed 23 4 2023].

25