Professional Documents
Culture Documents
For securing a network there are various requirements needs to be fulfilled. These network
security measures and parameters have been discussed below.
Network Security Parameters- The security parameters are in a network are very much essential
and in every organization, that has wide network with numerous number of devices. But firstly
the organizations need to effectively follow the networking standards and security policies. The
security parameter provides only authentication system within the network for keeping away the
unauthorized users of the network. For this purposes, in most of the cases Firewalls are very
much effective and widely used concept. The firewalls are the network security devices used for
eliminating the chances of unauthorized access to a organization’s privet network that is
connected between the Internet and the primary network devices. Firewalls helps to define
network clients by addressing their IP and default gateway and allow only the authorized traffic
in the network such as registered users within the firewall Policies and block other unauthorized
traffic/ users.
Encryption and digitally signature
The encryption is the process of securing any particular data packet through set of security codes.
At the time of opening the data packet the receiver needs to give exactly the same code given by
the sender. Therefore in case of encrypted data packet transferring process, the receiver needs to
have the accurate password for the opening the data packet. This also happens for email and
other data transferring process. Whereas the Digital signatures are very much effectives in
storing relevant users’ data in a organization previously. This in terns helps to reduce the risks of
external attacks. There are three different options for securing the email which is widely used in
almost every organization. These are implementation of “End-to-End encryption” (uses public
key in order to secure email and senders encrypts data packet or information). By using the
privet key receiver can check the message or data packet. Another method can be implemented is
the PGP and S/MIME method. The PGP is basically a software that’s objective is to receive or
send data packet with proper encryption.
Fault Tolerance
The Fault tolerance process in the network are used for defining the capability of the network to
be performed properly in case of any issues occurs in the network that can be failure of any
components. This process often describes as Redundancy of the network. In order to understand
simply, the fault tolerance can be achieved by making a network that has alternate devices for
performing the data transfer in a wide area networks. For this reason the network must have an
option for alternate power and different voltage controlling mechanisms.
Question2
Question3
Threat Defense
Blended threat
It has a huge use to protect the system from
viruses. There should not be any
unauthenticated way for a virus attack.
Unauthorized access from an Organize IDP setting in the system and create
external source firewalls
Adware It implements the solution of anti-malware and
disables the pop-up messages
Malicious Code
The main function of that is the providence
process of statistical analysis with a white box
test.
Question4
Internal zone: organizational Staff or departmental computers (Company LAN / Trust Network).
The concept of internal zone is related to different systems from the internal users of an
organization such as different computers from the internal departments of the system or other
systems of different company staff. The systems of internal zones are generally connected
through trust networks or LAN services within the system.
Internet/External Zone: the most trusted network which is internet (outside Company’s LAN)
The external zone comprises different systems from multiple external users of the industry.
Related external users can be vendors, consultants or other third party systems for the industry.
The external zone is based on internet connectivity and the systems are connected through a
strong internet connection. A proper maintenance of the external zone is crucial to protect the
system from other external threats.
DMZ zone: Demilitarized zone is a most popular sub network that connects physical or logical
sub networks which helps to enlarge the external and internal services of the organization. It also
maintains the services of the organization like Services like Web server, Mail Server and VoIP.
In context with internal and external connections an adequate maintenance process for the DMZ
zone presents a smooth platform for data flow without significant lags for the system.
SIP
Based on study I will use different methods like firewalls security, authentication
security and encryption policies to save the information of the organization. Site to site
trafficking of security modules helps in website based data movements within the
system. The phenomenon of site to site data transfer is susceptible to many security
threats in terms of external attacks from malicious sites. The data becomes more
vulnerable when it flows through data traffic of different websites of the internet.
• Securing traffic from the public internet
For this purpose I will use VPN (Virtual private network) as I know that It creates an
encrypted system and saves the database. I will utilize VPN in order to share public
infrastructure through maintaining privacy in the organization and the system provides
tunneling protocols to the organization.
There are a few effective processes of data protection from public internet access.
Through the internet, a general public body can easily access sensitive company data. In
order to protect third parties to access sensitive data, companies can operate within a
virtual private network that is only accessible from the internal computers of the
industry.
Question5
vr2 172.20.215.
05 0/24
srx 172.18.1.0/3
C-1 0
- DO NOT DELETE";
unit 0 { familyinet
{ address
10.10.40.66/24;
fe-0/0/3 { unit 0
{ familyinet { address
172.18.2.2/30;
}
}
fe-0/0/4 { vlan-tagging;
familyinet { address
172.20.106.1/24;
familyinet { address
172.20.206.1/24;
207; familyinet
{ address
172.20.207.1/24;
}
}
familyinet { address
172.20.208.1/24;
} lo0
{ unit 0 { familyinet
{ address
192.168.2.1/32;
no-readvertise;
}
}
{ policyintrazone-Trust { match
{ source-address any;
destination-address any;
application any;
then
{ permit;
{ policyintrazone-Web
destination-address any;
application any;
}
then
{ permit;
Mail {
match { source-address
any; destination-
address any;
applicationjunos-ftp;
then
{ permit;
}
}
from-zone UC to-zone UC
{ policyintrazone-UC
{ match { source-address
any; destination-address
any; applicationjunos-ftp;
then
{ permit;
{ source-address vr106;
destination-address vr206;
application web-apps;
}
then
{ permit;
{ source-address vr106;
destination-address vr207;
application mail-apps;
then
{ permit;
{ source-address vr106;
destination-address vr208;
applicationuc-apps;
then { permit
then
{ reject;
}
policy internet-Trust
{ match { source-
address vr106;
destination-address
then
{ permit;
{ source-address vr206;
destination-address any;
application any;
}
then
{ permit;
{ source-address vr207;
destination-address any;
application any;
then
{ permit;
}
}
then
{ permit;
{ source-address vr105;
destination-address vr106;
application internal-apps;
}
then {
permit; log
{ session-init;
session-close;
scheduler-name internal-apps-scheduler;
{ policyUntrust-to-Web { match
{ source-address any;
destination-address vr206;
application web-apps;
then {
permit ;
{ policyUntrust-to-Mail { match
{ source-address any;
destination-address vr207;
application mail-apps;
then { permit
}
from-zoneUntrust to-zone UC { policyUntrust-to-UC { match { source-address any; destination-
then { permit
zones { functional-zone
management { interfaces {
fe-0/0/0.0;
host-inbound-traffic {
system-services
traceroute; http;
snmp;
172.20.106.0/24;
interfaces {
fe-0/0/4.106;
172.20.206.0/24;
}
interfaces {
fe-0/0/4.206;
172.20.207.0/24;
interfaces { fe-
0/0/4.207;
security-zone UC { address-
172.20.208.0/24;
}
interfaces { fe-
0/0/4.208;
security-zoneuntrust { address-
1 172.18.1.0/30;
interfaces {
fe-0/0/3.0;
} applications { application
Juniper-gizmo
{ protocoludp; source-port
50000; destination-port
50001;
Juniper-gizmo; applicationjunos-telnet;
applicationjunos-ping;
schedulers {
scheduler internal-apps-scheduler
23:00:00;
sunday exclude;
saturday exclude;
}
}
Question 6
The operating system that has been used in the research is Junos with high ability that provides
the huge failure in the entire research. The function ability of the system has been used in some
seasons like the TCP and the UDP seasons before is in that case both the networks helped in the
address translation of the current network and the IP security has been provided to the feature of
the organization that will help in the authentication of their network. The Junos implementation
has helped in the higher availability for the information that has helped in removing the activity
plan and the clusters. To provide the beautiful design the user has used the active and the passive
design as per the help and in order to underpin the signal point which is having the high
availability. And the user had thought in the project that the SRX service can be used in the
research and probably this is the best service network. The firewalls like the NAT, and the VPN
have managed the clusters and the capability of the system in order to control the passive and the
active devices.
With the use of this clustering, operating systems are gaining greater access to the security of
Junos. Some node redundancy is provided by the cluster system. And if any interface fails,
grouping inactivity is considered. And for one node of the system, the whole system fails. On
this current note all traffic reaches the link to a cluster system in any type of processing period.
And consider that this is a fault of the entire hardware system and consider because it is a failure
of the entire hardware system.
The SRX5800 is for services that have the same configuration of software, the other is the
MX240 router and the last one is the Ethernet switch which is the EX8208 (Dadheech et al.
2018). And the user has been managing the control ports and managing every device that assists
in device assignment and managing cluster IDs. Also the boot system is managed by clusters.
MySQL is used in the cloud platform to update the dataset of primary and secondary zone codes.
All data is stored primarily in the cloud-based platforms of some cloud-based applications.
Configuration of two node like node 0 and node 1 are required to connect two device of same
model. The dedicated control ports of the devices are connected with the node 0 and node 1
respectively. After connecting the two nodes of the device it is required to set the devices into the
cluster mode and after setting the devices into the cluster mode reboot of the devices are
required. This is the whole process of configuration of two nodes like node 0 and node 1.
(Source: draw.io)
Question7
Configure the port of each device, and commit the configuration. Select FPC 1/13 (slot 0). Place
the control ports on a separate SPC from the central point (slot 1)
The cluster ID is the same on both devices, but the node ID must be different because one device
Results.
destination 0.0.0.0/16;
interfaces {
fxp0 { unit
0 { familyinet
{ address
10.3.5.1/24;
destination 0.0.0.0/16;
interfaces {
fxp0 { unit
0 { familyinet
{ address
10.3.5.2/24;
} apply-groups "$
authentication {
encrypted-password "$ABC1234EFGH5678IJKL9101"; }
name-server {
4.2.2.2;
services { ssh {
root-login allow;
netconf { ssh;
web-management {
http { interface
fxp0.0;
} chassis { cluster
{ control-link-
recovery; reth-count
2; control-ports {
fpc 1 port 0;
fpc 13 port 0;
redundancy-group 0
redundancy-group 1
interface-monitor { xe–
} interfaces { xe–6/0/0
{ gigether–options
{ redundant–parent
reth0; }
xe–6/1/0 { gigether–options
{ redundant–parent reth1;
xe–18/0/0 { gigether–options
{ redundant–parent reth0;
}
xe–18/1/0 { gigether–options
{ redundant–parent reth1;
} }
fab0 { fabric–
options { member–
interfaces { ge–
11/3/0;
} fab1
{ fabric–options
{ member–interfaces
{ ge–23/3/0;
} } reth0
{ redundant–ether–
options { redundancy–
group 1;
unit 0 { familyinet
{ address
1.1.1.1/24;
}
} } reth1
{ redundant–ether–
options { redundancy–
group 1;
unit 0 {
familyinet
{ address
2.2.2.1/24;
} routing–options {
static { route
0.0.0.0/0 { next–
hop 1.1.1.254;
2.2.2.254;
}
}
} security { zones
{ security–zone trust {
host–inbound–traffic {
system–services {
all;
interfaces {
reth0.0;
security–zoneuntrust
{ interfaces {
reth1.0;
destination–address any;
application any;
then
{ permit;
default–policy { deny–all;
Question 9:
In order to verify the VPN connection “Show security ikesa” can be used that will show all the
index, state initiator cookie, responder cookie mode and remote address.
“Show security ipsecsa” command can be used for viewing the total number of active tunnels.
In recent times science and technology have been improved very much. There are various kinds
of computing tools that have been discovered to increase the ease of doing different kinds of
work. Now here in doing various types of online work there is a huge chance of having
cybercrime like having hacked any kind of private and official data or money. Now all these
different kinds of difficulties can lead the company to have a loss of their business. So in doing
different kinds of official work through the help of the internet one of the most recent discoveries
is various kinds of VPN technologies. Now VPN is mainly known as a "virtual private network"
which means here in this survey one single company or a group of companies do their work of
sharing data and money very privately without opening that in the public. This makes the whole
process very secure and reduces the chance of hacking the data and money (Wang, X., Zhu, X.,
& Zhang, (2018))
IPSec is mainly known as the "internet protocol security". This is one of the most used VPN in
recent times. Here the main working formula of this process is it mainly connects selected two
computers with very high internet security systems with verified authentication and encryption.
Now here the main objective is this network helps to share various kinds of secret manages and
very important data and money protected ways without getting hacked by an unknown third
party. The IPSEC VPN traversed by the network traffic is encrypted using symmetric encryption.
Two different types of encryption
There are mainly two different types of encryption in all the various kinds of VPN systems. Now
here these are Asymmetric encryption and the other one is Symmetric encryption. Now the
difference between these two types of encryption is as follows:
Asymmetric encryption
This type of encryption is mainly worked by two different types of keys for the encryption and
the description process. Now different kinds of keys are used. For the encryption, the private
keys are used and for the decryption, the public keys are used. Generally, this type of encryption
process is very highly secured compared to the Symmetric types. But in various types of urgent
and secured secret work thus types of encryption are used. Generally, this is a very complicated
process compared to the other and here in general the length of the keys used is more than 2048
bits (Aljazaery, I., Alrikabi, H., & Aziz, 2020). In general, this type of encryption is mainly used
in sharing various types of small amounts and very highly secret data. So here at the first various
kinds of authentication are created in the communication channel and completed of the transfer
very securely. Generally, here the private key is not shared with many people, only a small
amount of people know about it, so here the whole process becomes very safe and secure
compared to Symmetric encryption. Here the most used algorithmic examples of this process are
ECC, RSA, Differ-Hellman, and so on.
Symmetric encryption
In this type of encryption, only one type of key is used for both the encrypt and the decrypt
process. Here this process is mainly used for the faster delivery of data and messages and money.
Compared to the Asymmetric process this process is not that safe but a very faster process. Now
here both of the processes are used in different kinds of situations. Generally, the lengths of the
keys which are used in this process are nearly 128 to 256 bits based on the variety of the
requirement of the security. Whenever various types of large amounts of data are needed to be
transferred this process is used. As in this process, the secret keys are shared repeatedly to the
various kinds of people so here the whole risk factor increases and it becomes a very highly
risked process compared to the Asymmetric encryption. This process is mainly used in the
algorithms RC4, AES, DES, etc (Kusuma et al. 2017).
Although both processes are very different and used in different principles and different types of
cost and uses, still both of the processes are highly used and used in various kinds of situations.
Sometimes this process is used altogether and sometimes they are used one at a time. Generally
in the devices like WhatsApp and the other massaging devices both the two types of encryption
is used mainly to make is secure and also make it available to visible to all the people all together
while in different types of works of secret agencies only the Asymmetric process is used and in
the websites where there is a very low chance of hacking the major objective to make it visible to
most of the people and it is very important to share the most amounts of data as soon as possible
there only the Symmetric process is used.
In the encryption method, there is a certain process of checking that is called the transverse then
is checking process. Similar sites of advantages are generated through the VPN method of
analysis where the US free models and the encryption models have generated in phase 2 method
of analysis to maintain a certain force that VPN can be organized under the to request after one
future return process of analysis. There should be a systematic process of verification and also
there should be a certain amount of available letter of system attributes for all the network-based
project management and their fundamental proceedings are denoted to a certain point of the
determination of the welding process and also the verify June security Management process also
there to generate the face to system line (Abdullah et al. 2018). After the entering parts in a
network, the packages are generated through a fundamental current meeting system generation
where the first in production and the checking package methodology are developed through its
final view and the observation in malware to be idealized under the current packet system
methodology with a total upbringing of final analysis and their food production and way to
support the method to emphasize the organizational corporation of transfer control protocol and
also encryption method. The process of encoding the unrealistic messages and their system
advanced method of assembling receiving process generation is called the encryption process,
basically a network graphics system analysis generalized to a particular method to increase the
variation of security fundamental management and the ongoing up being used towards it. All the
process-based system partners are manufactured through a particular will generating method that
the encrypted possibilities are generated to a particular development by a consolation of random
cyber Hacking system with a random complex number of production. Encryption processes are
generally organized to a particular set of variants, their total fundamental organization and the
modern scientific set of systems are generalized to the particular method that compromise under
a systematic advancing Technology-based system analysis throughout its presenting parts is
generally in the organizational capability of this interaction (Zhang, 2018).
In the process of this t encryption system, the system given analysis is developed to generate
every bit software system interface. The main system is being produced under a phase of
software system analysis in a very highly generative computer-based programming model
compiler.
Applications: any
Action: permit
From zone: trust, To zone: Internet
Applications: any
Action: permit
Applications: any
Action: deny
Applications: any
Action: deny
Sequence number: 1
Source addresses:
any: 0.0.0.0/0
Destination addresses:
any: 0.0.0.0/0
Application: any
Sequence number: 1
Source addresses:
any: 0.0.0.0/0
Destination addresses:
any: 0.0.0.0/0
Application: any
Question 10
Email encryption is one of the most useful and most valuable parts of the company's data
security management. This process can be used in various encryption methods due to some
extent it is the most advanced AI policy that the company must take to ensure the company's
privacy policy and its effectiveness towards the beneficiary system of the technology-based
operation. Produce software implementation through some particular and extension of methods
that system can be produced and organized throughout the whole organizational compilation. In
this particular research study PGP, email encryption process can be used In the ongoing
Technology-based system finding machines (Leszczyna, (2018)). The data in the database are
encrypted with the particular point of approach where the user can be dependent on the particular
PGP operation for all the factors that need to be contributed. In modern scientific Technology
PGP is one of the most advanced and important email configuration and email encryption
processes. It is invented to denote the main factorial parameter that can be used by the overall
address and permanent advancing of scientific functional approach and towards is a next-
generation system process and Outsourcing towards Software balancing method of technology.
Email can be Set by the next target system operation. The email processing function will be used
by the higher grade System Management process and by invented by the top software
development tool is the measure that can be contributed towards the security encryption process.
There are several parameters to denote the main factor: dual advancement for all the emails
regarding the users and the organization can be supported towards the beneficiary process of
development. A final enlisted process can have the same Outlook with all the factors equal to the
same interface and the organization capability can be used in terms of generating system function
with the PGP encryption model. PGP encryption processes for all their factorial determination
can have the same Outlook towards its view regarding every factorial process in terms of a
compilation through software methods.
GnuPG is a standard for encryption that can be utilized by the company for encrypting and
decrypting emails or text messages. If the file or data transmitted is encrypted using a key then
the receiver will only one who can encrypt the file by using his public key. GnuPG or “Gnu
Privacy Guard” is nearly impossible to hack in reality. Thus it is used by the company to encrypt
the valuable information so that it can only be accessed by the specific receivers. The security
and the safety of GnuPG depend on the strength of the passwords used for accessing it.
S/MIME is basically a standard for encrypting public keys in order to sign the data regarding
MIME for security purposes. It is used for verification regarding the email sender. The
operations regarding S/MIME depend on the asymmetric type encryption process. It works in a
certain manner like there are the keys present for encrypting and decrypting purposes. The
sender while sending an email encrypts it by utilizing the public key sent by the receiver. The
specific receiver then decrypts the sent email by utilizing the private key provided by the sender.
Features of GnuPG or S/MIME
● It permits to encrypt as well as sign the specific information and communication.
● It has a very flexible key managing system and allows the modules for the directories of
various public keys.
● GnuPG supports S/MIME.
● S/MIME helps in maintaining the security of the emails by authenticating, encrypting,
and integrating messages.
● It also ensures that both the sender of the email is legal and thus encrypts both the sent
and received emails.
● In the case of S/MIME, the need for digital signature is necessary for validating the
identity of the sender and the messages are encrypted and decrypted by the public key.
Both GnuPG and S/MIME are capable of maintaining authentication and integrity with the use
of the "Command-Line Interface".
The encryption algorithms used are “ Diffie- Hellman”, “DSS” and “DES”.
Question 11
The process to maintain the integrity of Email can be assured by several algorithmic functions. It
is one of the most important and highly advanced full system technologies in software system
analysis. There are several digital communication processes where all the email encryption
processes can be elements into it by digital communication process. One of the most useful in
highly advanced technology where the fingerprint sensor module generation and also the face
detection process also can be developed into this (Tanwar et al. (2018)). In several processes of
security management techniques all these several factors can have the same Outlook Where the
engineering system technology and their software implementation are the same as the algorithm
in process of technology. In this particular integrity maintenance system the algorithm message
digest algorithm and Secure hash algorithm can be used. Message digests and treats them as a
cryptographic hash algorithm where the generation of network system mesh topology is under
the route details certificate of System administration accepted by the system accounting process
of management. Md5 algorithm has a higher chance of acceptance among the user verification
system and all the beneficiary Technology oriented software implementations can have the same
process where the interface will be as easy as the user can access the vulnerability according to
their system. The secure hash algorithm has a function where the method of cascade value and its
parameter have the same balancing method where the output value will be similar in the security
Agency basis of Technology oriented methods. In any type of organization there is a process of
security check in their software implementing the process of data source element so it is
important to maintain the security throughout the every software product elimination. In the
recent time all the organizational process is hampered due to every unsecured elemental data
passing out so it is important to maintain integrity of the process for all the sectional input can be
verified. Email encryption and maintenance of email security is on the biggest tape that every
company must take to protect their users from any type of unwanted hazards and unwanted
access in their system. Md5 and SHA algorithms can be used in all of this working process of
email encryption in email integrity maintenance.
Question 17
There are some factors that contribute to the encryption stain used factors can be explained as
private keys configuration scheme of the service system access system into it is a process of
software system elimination these are some few examples of the software in and contribute to the
encryption stain process. Private keys are dependent on the process of where all the system
factors and their ingredients are dependent on the ECC pauses and there are variations related to
the order system software encrypted methods had all the forces of software generating terms.
The private key can be idealized by the proper way of user credential and their elimination
process is also dependent upon the system verification and knowledge providing system
guidance of software system implementation. There are various ways where the private key
system functions with the ideal addition process of all the user requirements and their
personalized information must be encrypted and with this, they can get the benefit to secure their
data and their final security forces also have been in element by the overall system function
(Zhang et al. (2019)). RSA system access configuration can be provided at the certain part of the
encryption Regulation and their particular process of System administration depending on the
particular server system modulation where all the users can get access to the certain server where
to where it is encrypted and high-security providers access also can be depended upon three of
the process system allocation. There are various where all the file and system providers can be
managed and encrypted by the system function, the private keys, and the server configuration
system modulation of all the encrypted cryptographic systems. The modulation cannot access the
advantage system because all the factors are dependent upon all the needed software input
methodology and the implementation process is also similar by the overall access point of
implementation.
Two factors contributing to encryption strength are:
The strength of the encryption depends on the keys' size. The keys having a longer length
which is generally calculated in bits, provide more sturdy encryption. Various kinds of
ciphers need various lights of keys for obtaining the strength of encryption.
Question 18
When delivering an email, the originator looks for the recipient's public key. If no matching is
detected for the master password, the transmitter notifies the destination knowing the
communication would be sent unencrypted encryption. As a result, the confidentiality of the
message included was jeopardized. As a result, such issues could be resolved by completing the
methods outlined beneath:
● The essential actions must be taken in attempt to encrypted incoming emails: - Hardly
● Because guarantee the confidentiality of the relationships saved for subsequent usage, the
● As a result, if the recipient's information also isn't saved, a connection message would
● After that, it really should be updated and deleted. That will include the electronic
● If the correspondent is now in the relationships, the modal conversation would declare
● This polygon signatures could be utilized to solve the problem of secure communications.
When delivering a message, the originator looks again for recipient's public key. Unless nothing
compatibility was detected using such public key, this same transmitter notifies the destination
that perhaps the message should be sent unencrypted encryption.
Question 19
The category or some network attack that happens in a group. The projection of the network
actually tries to enervate by the attackers with some fraudulent measurements. And the reply of
the attack is some more counter attacks to get the control over the objects that are manipulated
and also in the attacked networks. And the security network is a threat in the object that is
manipulated.
In order to the reply attack a simple idea occurs in the program and the entities are based on the
system that actually forces the system to delay in the program (Wang et al. 2019). The external
sources are helped to do the counter attacks of the system and the system identifiers are lagged
by the response of the causing system that is unnecessary in the delays of the system.
The method that helps in the prevention:
The messages that are needed in the encryption in an appropriate process. And there are some
encrypted message keys. In the time of the message decoration the datas get the accessibility in
the recipient. And the attacker will not get into the decode key, but it will capture the elements
and the benefit and in the convenience.
The counter action that helps the receiver and the sender to make the random used season keys of
the code and the code will be unused from the next time.
1. In the prevention of the other methods it is implemented in different types of
implementation in the firewall that is helpful for the system and also helps the breakers
that are unwanted for the system. The system gets the help form the external breach
which is fully automated (Zhu et al. 2018). And besides the using of the firewall the users
are introduced by the full version of the anti-malware and the anti-spyware functions are
prevented from the external sources to connect with the server of the company.
2. In the purpose of preventing both the receiver and the sender from establishing the
session key, this type of code is only accessible for only one transaction. And it cannot be
used again.
The function to provide the timestamp the use of the function to return some specific date or
some value of the time and the data of the Timestamp. And it is having some formality to check
the first name and the last name and the year and the hour and the month from that particular
person (dl.acm.org, 2021).
Question 22
This same permission procedures could be considered as a method for identifying authorised
consumers at any and absolutist consumer beneficiaries and there own individual content
knowledge that could really be validated but also accused via an unique platform of advancement
assessment for every one of the substantiated procedure framework methodology that could
indeed be ascertained with account name passcode. The perimeter servers were integrated into
the existing application procedure. Just following computer has been authenticated in, customers
constantly attempt to execute instructions. The authorisation procedure merely checks to see if
the customer is authorised to do just that.
This same identification procedures was indeed defined as a technique by which those
corresponding input statistics are evaluated to something like a specific diameter database
technique, but still the ticketed component specifications could be made accessible via the with a
overall augmentation of this specific framework authenticated legislative power towards it
rejects the recipient approach (Lounis, (2018)). Verification is the practice of authenticating a
person prior providing permission by utilizing an accurate and relevant login as well as
passcodes.
The financial reporting procedures in the network device could be ascertained by an overall
discrete moment of period in which all framework authenticated components could have the
identical Viewpoint towards that and the individual component at the procedure structure
ascertained certification where access control could both be validated within such a.
Accountancy was utilized to calculate the amount of information or content sent or received by
the computer during a given encounter.
Question 23
IPSC is indeed an abbreviation for Secure Connections, which it refers to how each on that
internet backbone platforms' offered activities may be supplied with a high manufacturing
technique utilizing the networking comments as well as the geographical distances pressures
could be mucked up that degrees combat with the officials.
MPLS VPN order to further understand could be described as routing badge swapping secure
vpn scheme that those procedures seem to be qualified for numerous paragraph manner of
information as well as their going to interconnect components of the VPN were also splitted into
position range system of course at system of course corresponding of their position as well as
proximity initiatives of assessment of the infrastructure network as well as the private blockchain
can be validated with the all the procedure framework and the made manifest framework
interconnects toward this it (Beghin et al. (2017)).
The main differences between the two are that IP has that private access system address with the
IP address is verified by different.
IPSEC VPN It does not support Multipoint and Point Tunnels used for data
QoS to Point. It has trafficking need to be
comparatively lower secured. This does
guaranteed not provide security
bandwidth. regarding video or
voice.
Question 25
Introduction
Sahil Singh
Executive manager
Spyon Technology
Adelaide Australia
Cyber security is very essential regarding Spy as they are responsible for the manufacturing of
weapons for military services. Cybercrime is very common these days where the other enemy
countries try to hack into the network of this company in order to receive the entire information
about the manufacturing of the weapon. This can prove to be very harmful to the company and
for the government and people of several countries. Therefore network safety and security are
very necessary. Thus the network needs to be properly encrypted so that it can be less vulnerable
to cyber-attacks. The proper software is required to be utilized to develop this network so that it
can be used to identify if any cybercrime is suspected and prevent it from further damage. The
system developed needs to be inexpensive and effective at the same time so that the company
employees can successfully perform their security operations with the help of this system. The
basic requirements that are required to be done in order to get a secured network are that the data
related to weapon manufacturing and supply needs to be protected from hackers or other
intruders. Secondly strong antivirus or firewalls should be installed to protect the network from
malware or viruses which can be an adverse threat (Liu et al. 2021). And network connections
over which the data are transferred and received are required to be encrypted. As per the need of
the client, it is very essential to maintain the following factors to provide the client with the best-
secured network. Firstly all the WAN links need to be properly encrypted and thoroughly
secured. Secondly, all computer-based systems are required to be encrypted for protecting them
from any intruder. Thirdly, a security perimeter is required to secure sensitive information
regarding the company's weapon manufacturing processes. Next there is a need for digital
signatures for protecting the network from all kinds of cyberattacks like DDoS, DoS, etc.
Finally, all the essential points regarding the network design should be carefully taken into
account and should be ensured that no loopholes must be present in the network design.
the server connects "Internal-to-Web" Allow traffic for the HTTP and
HTTPS server (Gambi et al. 2018)
“web-to-VoIP” server Permit for the traffic of SIP
“Web to Internal zone” Make permits for all Traffic of the server
There are some uses of the firewall of the security parameter. And the WAN links are secure and
encrypted (Carli et al. 2020). Also having protection against cyber security like the DOS the
DDOS and so on.
The inter zone objectives of the policy
From the Internet-to the Allow the http and the https
web traffic
mail server form the web server Allows the SMTP traffic
VoIP server from the web server Allows the SIP traffic
web server from mail server Allow the http and traffic
Web server from internet Allows the http and the https traffic
1 2 3 4 5 6 7 8
Deployment of $5500
site maps and
the scheme of
IP network
Make $5400
Configuration
for the system
of switch
features and
Routing
Cabling for the $650
process of
Electricity
Installation of $840
CCTV cameras
Configure the $7900
protocols for
the purpose of
Monitoring the
system
Cost of the $1400 $1400 $1400 $1400 $1400 $1400 $1400 $1400
Labour
Weekly total $2600 $2240 $6900 $6800 $2400 $10520 $1400 $1400
Total $34260
Figure: Logical Diagram of Spy on Technologies
(Source: Draw.io)
Traffic that are allowed in between the zones