Irani - Kan-1661451330426-158199-Security Unit 5

Higher Nationals
Internal verification of assessment decisions – BTEC (RQF)

INTERNAL VERIFICATION – ASSESSMENT DECISIONS
Programme title BTEC Higher National Diploma in Computing
Assessor Ms. Samindhi Internal

Verifier
Unit 05: Security
Unit(s)
EMC Cyber
Assignment title
Mohamed Ramzeen Safwan
Student’s name
List which assessment Pass Merit Distinction
criteria the Assessor
has awarded.
INTERNAL VERIFIER CHECKLIST
Do the assessment criteria awarded

match those shown in the assignment Y/N
brief?
Is the Pass/Merit/Distinction grade

awarded justified by the assessor’s
Y/N
comments on the student work?
Has the work been assessed
Y/N
accurately?
Is the feedback to the student:
Give details:
• Constructive?
Y/N
• Linked to relevant assessment
criteria? Y/N
• Identifying opportunities for

improved performance? Y/N
• Agreeing actions? Y/N
Does the assessment decision need

Y/N
amending?
Assessor signature Date
Internal Verifier signature Date

Programme Leader signature (if
Date
required)
1|Page
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Confirm action completed
Remedial action taken
Give details:
Assessor signature Date
Internal
Date
Verifier
signature
Programme Leader signature
Date
(if required)
2|Page
Assignment 01
Higher Nationals - Summative Assignment Feedback Form
Student Name/ID Mohamed Ramzeen Safwan
Unit Title Unit 05: Security
Assignment Number 1 Assessor Ms. Samindhi

24/08/2022 Date Received
Submission Date
1st submission
Date Received 2nd
Re-submission Date
submission
Assessor Feedback:
LO1. Assess risks to IT security
Pass, Merit & P1 P2 M1 D1
Distinction Descripts
LO2. Describe IT security solutions.

LO3. Review mechanisms to control organisational IT security.
Pass, Merit & P5 P6 M3 M4 D2

LO4. Manage organisational security.

Grade: Assessor Signature: Date:

Resubmission Feedback:
Grade: Assessor Signature: Date:

Internal Verifier’s Comments:
Signature & Date:
3|Page
Assignment 01
Pearson
Higher Nationals in
Computing
Unit 5 : Security
4|Page
Assignment 01
General Guidelines
1. A Cover page or title page – You should always attach a title page to your assignment. Use
previous page as your cover sheet and make sure all the details are accurately filled.
2. Attach this brief as the first section of your assignment.
3. All the assignments should be prepared using a word processing software.
4. All the assignments should be printed on A4 sized papers. Use single side printing.
5. Allow 1” for top, bottom , right margins and 1.25” for the left margin of each page.
Word Processing Rules
1. The font size should be 12 point, and should be in the style of Time New Roman.
2. Use 1.5 line spacing. Left justify all paragraphs.
3. Ensure that all the headings are consistent in terms of the font size and font style.
4. Use footer function in the word processor to insert Your Name, Subject, Assignment No, and
Page Number on each page. This is useful if individual sheets become detached for any reason.
5. Use word processing application spell check and grammar check function to help editing your
assignment.
Important Points:
1. It is strictly prohibited to use textboxes to add texts in the assignments, except for the
compulsory information. eg: Figures, tables of comparison etc. Adding text boxes in the body
except for the before mentioned compulsory information will result in rejection of your work.
2. Carefully check the hand in date and the instructions given in the assignment. Late submissions
will not be accepted.
3. Ensure that you give yourself enough time to complete the assignment by the due date.
4. Excuses of any nature will not be accepted for failure to hand in the work on time.
5. You must take responsibility for managing your own time effectively.
6. If you are unable to hand in your assignment on time and have valid reasons such as illness, you
may apply (in writing) for an extension.
7. Failure to achieve at least PASS criteria will result in a REFERRAL grade .
8. Non-submission of work without valid reasons will lead to an automatic RE FERRAL. You will
then be asked to complete an alternative assignment.
9. If you use other people’s work or ideas in your assignment, reference them properly using
HARVARD referencing system to avoid plagiarism. You have to provide both in-text citation and
a reference list.
10. If you are proven to be guilty of plagiarism or any academic misconduct, your grade could
be reduced to A REFERRAL or at worst you could be expelled from the course
5|Page
Assignment 01
Student Declaration
I hereby, declare that I know what plagiarism entails, namely to use another’s work and to
present it as my own without attributing the sources in the correct way. I further understand what
it means to copy another’s work.
1. I know that plagiarism is a punishable offence because it constitutes theft.

2. I understand the plagiarism and copying policy of the Edexcel UK.
3. I know what the consequences will be if I plagiarize or copy another’s work in any of the
assignments for this programme. .
4. I declare therefore that all work presented by me for every aspects of my programme, will
be of my own, and where I have made use of another’s work, I will attribute the source in
the correct way.
5. I acknowledge that the attachment of this document, signed or not, constitutes a binding
agreement between myself and Pearson UK.
6. I understand that my assignment will not be considered as submitted if this document is
not attached to the main submission.
sfwnsmart@gmail.com
Student’s Signature: Date: 24/08/2022
(Provide E-mail ID) (Provide Submission Date)
6|Page
Assignment 01
Assignment Brief
Student Name /ID Number Mohamed Ramzeen Safwan
Unit Number and Title Unit 5- Security
Academic Year 2020/2021
Unit Tutor
Assignment Title EMC Cyber
Issue Date 29/04/2022

Submission Date 24/08/2022
IV Name & Date
Submission Format:
The submission should be in the form of an individual written report written in a concise, formal
business style using single spacing and font size 12. You are required to make use of headings,
paragraphs and subsections as appropriate, and all work must be supported with research and
referenced using Harvard referencing system. Please provide in- text citation and an end list of
references using Harvard referencing system.
Section 4.2 of the assignment required to do a 15 minutes presentation to illustrate the answers.
7|Page
Assignment 01
Unit Learning Outcomes:
LO1 Assess risks to IT security.
LO2 Describe IT security solutions.
LO3 Review mechanisms to control organisational IT security.
LO4 Manage organisational security.
Assignment Brief and Guidance:
8|Page
Assignment 01
Scenario
‘EMC Cyber’ is a reputed cyber security company based in Colombo Sri Lanka that is delivering
security products and services across the entire information technology infrastructure. The company
has a number of clients both in Sri Lanka and abroad, which includes some of the top-level companies
of the world serving in multitude of industries. The company develops cyber security software
including firewalls, anti-virus, intrusion detection and protection, and endpoint security. EMC Cyber is
tasked with protecting companies’ networks, clouds, web applications and emails. They also offer
advanced threat protection, secure unified access, and endpoint security. Further they also play the role
of consulting clients on security threats and how to solve them. Additionally the company follows
different risk management standards depending on the company, with the ISO 31000 being the most
prominent.
One of the clients of EMC Cyber, Lockhead Aerospace manufacturing which is a reputed aircraft
manufacturer based in the US, has tasked the company to investigate the security implications of
developing IOT based automation applications in their manufacturing process. The client has requested
EMC to further audit security risks of implementing web based IOT applications in their
manufacturing process and to propose solutions. Further, Lockhead uses ISO standards and has
instructed EMC to use the ISO risk management standards when proposing the solution.
The director of the company understands such a system would be the target for cyber-attacks. As you
are following a BTEC course which includes a unit in security, the director has asked you to
investigate and report on potential cyber security threats to their web site, applications and
infrastructure. After the investigation you need to plan a solution and how to implement it according
standard software engineering principles.
9|Page
Assignment 01
Activity 01
Assuming the role of External Security Analyst, you need to compile a report focusing on following
elements to the board of EMC Cyber’;
1.1 Identify the CIA Triad concept and evaluate why and how the CIA Triad could be utilize to
EMC Cyber in order to improve the organization’s security.
1.2 Identify types of security risks EMC Cyber is subject to its present setup and the impact that they
would make on the business itself. Evaluate at least three physical and virtual security risks
identified and suggest the security measures that can be implemented in order to improve the
organization’s security.
1.3 Develop and describe security procedures for EMC Cyber to minimize the impact of
issues discussed in section (1.1) by assessing and rectifying the risks.
Activity 02
2.1 Identify how EMC Cyber and its clients will be impacted by improper/ incorrect
configurations that are applicable to firewalls and VPN solutions. IT security can include a
network monitoring system. Discuss how EMC cyber can benefit by implementing a network
monitoring system with supporting reasons.
2.2 Explain how the following technologies would benefit EMC Cyber and its Clients by facilitating a
‘trusted network’. (Support your answer with suitable examples).
i) DMZ
ii) Static IP
iii)NAT
2.3 Identify and evaluate the tools that can be utilized by EMC cyber to improve the network and
security performance without compromising each other. Evaluate at least three virtual and physical
security measures that can be implemented by EMC to uphold the integrity of organization’s IT
policy.
10 | P a g e
Assignment 01
Activity 03
3.1 Discuss suitable risk assessment integrated enterprise risk management procedures for EMC Cyber
solutions and the impact an IT security audit will have on safeguarding organization and its clients.
Furthermore, your discussion should include how IT security can be aligned with an organizational IT
policy and how misalignment of such a policy can impact on organization’s security.
(This can include one or more of the following: network change management, audit control, business
continuance/disaster recovery plans, potential loss of data/business, intellectual property, Data
Protection Act; Computer Misuse Act; ISO 31000 standards.)
3.2 Explain the mandatory data protection laws and procedures which will be applied to data storage
solutions provided by EMC Cyber. You should also summarize ISO 31000 risk management
methodology.
Activity 04
4.1 Design an organizational security policy for EMC Cyber to minimize exploitations and
misuses while evaluating the suitability of the tools used in an organizational policy.
4.2 Develop and present a disaster recovery plan for EMC Cyber according to the ISO/IEC
17799:2005 or similar standard which should include the main components of an organizational
disaster recovery plan with justifications. Discuss how critical the roles of the stakeholders in the
organization to successfully implement the security policy and the disaster recovery plan you
recommended as a part of the security audit.
(Students should produce a 15 minutes PowerPoint presentation which illustrates the answer for
this section including justifications and reason for decisions and options used).
11 | P a g e
Assignment 01
Table of Contents
Acknowledgment....................................................................................................................18
Activity 01..............................................................................................................................19
1.1 19
What is CIA Traid?.................................................................................................................19
Confidentiality........................................................................................................................19
Integrity...................................................................................................................................20
Availability.............................................................................................................................20
What are the technique we can use to Confidentiality to protect EMC cyber?.........................21
Encrypt sensitive files.................................................................................................................21
Manage data access....................................................................................................................21
Physically secure devices and paper documents........................................................................21
Securely dispose of data, devices, and paper records................................................................22
Manage data acquisition.............................................................................................................22
Manage data utilization..............................................................................................................22
Manage devices..........................................................................................................................22
Threats against Integrity.............................................................................................................24
Media Alteration.........................................................................................................................24
What are the technique we can use to Integrity to protect EMC cyber?....................................25
Message Alteration.....................................................................................................................27
Threats against Availability........................................................................................................28
What are the technique we can ensuring to Availability to protect EMC cyber?......................29
Advantageous of EMC cyber to maintain CIA Triad.................................................................31
1.2 32
What is IT Security?...............................................................................................................32
Importance of IT security...........................................................................................................32
What is IT Risk?.........................................................................................................................32
What is threats?..........................................................................................................................33
Some security risks for EMC cyber........................................................................................33
Physical security risks................................................................................................................33
12 | P a g e
Assignment 01
Virtual security risks..................................................................................................................33
What are the Impacts to the EMC cyber because of Physical & virtual security Risks?...........34
1.3............................................................................................................................................................ 34
What is security procedure?.......................................................................................................34
Physical Security Risks..............................................................................................................35
Tailgating....................................................................................................................................35
Natural........................................................................................................................................36
Theft of documents.....................................................................................................................36
Unaccounted visitors..................................................................................................................36
Stolen identification....................................................................................................................36
Virtual Security Risks.................................................................................................................37
VM Sprawl (Virtual Machine Sprawl).......................................................................................37
Malware & Ransomware Attacks...............................................................................................38
Phishing......................................................................................................................................40
Access Control...........................................................................................................................40
Trojan horse................................................................................................................................40
What is Risk Assessment Procedure?.....................................................................................41
1. Tailgating................................................................................................................................43
2. Natural disaster.......................................................................................................................43
3. Theft of documents.................................................................................................................44
4. Stolen Identification...............................................................................................................44
5. Social engineering..................................................................................................................45
1. VM Sprawl.............................................................................................................................47
2. Malware & Ransomware Attacks..........................................................................................47
3. Access Control.......................................................................................................................48
4. Phishing..................................................................................................................................49
5. Trojan Horse...........................................................................................................................49
Activity 02..............................................................................................................................50
2.1............................................................................................................................................................ 50
Identify the potential impact to IT security of incorrect configuration of firewall policies and
third-party VPNs.....................................................................................................................50
What is VPN?.............................................................................................................................50
13 | P a g e
Assignment 01
VPN Protocols........................................................................................................................51
1. OpenVPN...............................................................................................................................51
2. IPsec/L2TP.............................................................................................................................51
3. IKEv2/IPsec............................................................................................................................51
4. PPTP.......................................................................................................................................51
5. Softether.................................................................................................................................51
7. WireGuard..............................................................................................................................52
Types of VPN.............................................................................................................................52
1. Remote Access VPNs.............................................................................................................52
2. Site-to-Site VPN.....................................................................................................................52
3. Client to Server VPN..............................................................................................................53
4. P2P VPN................................................................................................................................53
Here are some important uses of VPN:......................................................................................54
1) Use Public Wi-Fi securely..................................................................................................54
2) Secure Communication between Sites................................................................................54
3) Bypass the Web Censorship and Content Surveillance......................................................55
Firewall...................................................................................................................................55
Types of firewalls.......................................................................................................................56
Encryption..................................................................................................................................57
2.2 58
DMZ.......................................................................................................................................58
Services of a DMZ include.........................................................................................................59
Static IP...................................................................................................................................59
What Makes a Static IP Address Useful?...................................................................................59
NAT (Network Address Translation).....................................................................................61
NAT Types.................................................................................................................................61
Purpose of NAT..........................................................................................................................62
Advantageous for EMC cyber and client to use those strategy..............................................62
Advantageous for using DMZ....................................................................................................62
Advantageous for using NAT.....................................................................................................65
2.3 66
Physical security measures.....................................................................................................66
14 | P a g e
Assignment 01
Virtual security measures.......................................................................................................67
Activity 3................................................................................................................................69
3.1 69
What is risk assessment procedure?...........................................................................................69
Steps of risk assessment.............................................................................................................70
Benefits of risk assessment.........................................................................................................72
IT Security & Organization Policy.........................................................................................72
Security Audit.........................................................................................................................73
Types of IT security audit..........................................................................................................74
Impacts of IT security audit........................................................................................................74
Computer Misuse.......................................................................................................................75
Types of computer misuse..........................................................................................................75
Computer misuse act of 1990.....................................................................................................76
Data Protection Act (1998)........................................................................................................77
3.2 79
Data protection law and procedures for EMC cyber data storage..............................................79
Data Protection Act 2018...........................................................................................................79
ISO 31000..................................................................................................................................80
Benefit of ISO 31000.................................................................................................................80
Raid Technology.....................................................................................................................81
RAID level 0 – Striping..............................................................................................................82
RAID level 1 – Mirroring...........................................................................................................83
RAID level 5 – Striping with parity...........................................................................................83
RAID level 6 – Striping with double parity...............................................................................84
RAID level 10 – combining RAID 1 & RAID 0.......................................................................84
Activity 4................................................................................................................................85
4.1 85
Security Policy for EMC Cyber.................................................................................................85
Physical security.........................................................................................................................85
Authentication............................................................................................................................85
Privacy........................................................................................................................................86
Security awareness training........................................................................................................86
15 | P a g e
Assignment 01
Special access.............................................................................................................................86
Access to visitors........................................................................................................................86
Password.....................................................................................................................................86
Risk management.......................................................................................................................86
Virus protection..........................................................................................................................86
4.2 87
Refernces......................................................................................................................................107
Table of Figure
Figure 1..........................................................................................................................................19
Figure 2..........................................................................................................................................32
Figure 3..........................................................................................................................................41
Figure 4..........................................................................................................................................41
Figure 5..........................................................................................................................................50
Figure 6..........................................................................................................................................54
Figure 7..........................................................................................................................................54
Figure 8..........................................................................................................................................55
Figure 9..........................................................................................................................................55
Figure 10........................................................................................................................................58
Figure 11........................................................................................................................................61
Figure 12........................................................................................................................................69
Figure 13.......................................................................................................................................73
Figure 14........................................................................................................................................75
Figure 15........................................................................................................................................81
Figure 16........................................................................................................................................82
Figure 17........................................................................................................................................83
Figure 18........................................................................................................................................83
Figure 19........................................................................................................................................84
Figure 20........................................................................................................................................84
Figure 21........................................................................................................................................87
Figure 22........................................................................................................................................87
Figure 23........................................................................................................................................88
Figure 24........................................................................................................................................88
Figure 25........................................................................................................................................89
Figure 26........................................................................................................................................89
16 | P a g e
Assignment 01
Figure 27........................................................................................................................................90
Figure 28........................................................................................................................................90
Figure 29........................................................................................................................................91
Figure 30........................................................................................................................................91
Figure 31........................................................................................................................................92
Figure 32........................................................................................................................................92
Figure 33........................................................................................................................................93
Figure 34........................................................................................................................................93
Figure 35........................................................................................................................................94
Figure 36........................................................................................................................................94
Figure 37........................................................................................................................................95
Figure 38........................................................................................................................................95
Figure 39........................................................................................................................................96
Figure 40........................................................................................................................................96
Figure 41........................................................................................................................................97
Figure 42........................................................................................................................................97
Figure 43........................................................................................................................................98
Figure 44........................................................................................................................................98
Figure 45........................................................................................................................................99
Figure 46........................................................................................................................................99
Figure 47......................................................................................................................................100
Figure 48......................................................................................................................................100
Figure 49......................................................................................................................................101
Figure 50......................................................................................................................................101
Figure 51......................................................................................................................................102
Figure 52......................................................................................................................................102
Figure 53......................................................................................................................................103
Figure 54......................................................................................................................................103
Figure 55......................................................................................................................................104
Figure 56......................................................................................................................................104
Figure 57......................................................................................................................................105
Figure 58......................................................................................................................................105
Figure 59......................................................................................................................................106
Table of tables
Table 1...........................................................................................................................................42
Table 2...........................................................................................................................................46
Table 3...........................................................................................................................................77
17 | P a g e
Assignment 01
Acknowledgment
I have taken efforts in this project. It’s cannot be finished with some peoples support. I would
like to thank them. I thank my god give chance to finish this assignment. I am highly thankful to
my lecturer Ms. Samindhi for his guidance as well as for providing important information
regarding the project and also his support to complete the project. I would like to thank my
parents for their co-operation and encouragement, which helped me in the completion of this
project. My thankful for my whole classmate for support and help in some situation to finished
the assignment.
M.R.Safwan
18 | P a g e
Assignment 01
Activity 01
1.1
What is CIA Traid?
Figure 1
Confidentiality, Integrity, and Availability are represented by the three letters "CIA triad." A
prominent model that serves as the foundation for the creation of security systems is the CIA
triad. They are used to identify weaknesses and develop strategies for problem-solving.
The operation of a business or network system depends on the secrecy, integrity, and availability
of information, and the CIA triad divides these three concepts into different focal points. This
distinction is useful because it directs security teams in determining the many approaches they
might take to each issue.
When all three requirements have been completed, the organization's security profile should be
stronger and more prepared to cope with threat situations.
Confidentiality
The efforts made by an organization to keep data private or hidden are referred to as
confidentiality. To do this, access to information must be restricted to avoid the purposeful or
unintentional sharing of data with unauthorized parties. Making sure that individuals without the
appropriate authority are barred from accessing assets crucial to your firm is a crucial part of
protecting confidentiality. On the other hand, a good system also makes sure that individuals
who require access have the proper rights.
19 | P a g e
Assignment 01
Integrity
Integrity requires ensuring that your data is reliable and unaltered. Only if the data is dependable,
accurate, and legitimate will the integrity of your data be preserved.
For instance, the information regarding top managers that your business posts on its website
must be accurate. People who visit your website looking for information could think your
company is unreliable if it is wrong. Someone with a stake in hurting your organization's
reputation might attempt to hack your website and change the executive descriptions, images, or
titles to reflect poorly on them or the business as a whole. In light of these issues, it is crucial to
maintain integrity.
Availability
Even if data is kept private and its integrity is upheld, unless it is accessible to those within the
business and the clients they serve, it is frequently meaningless. This requires that all systems,
networks, and applications operate properly and at the appropriate times. Additionally, people
who have access to particular information must be able to use it when they need to, and
accessing the data shouldn't take too long. The term is availability.
If the CID Triad miss to manage correctly what are the threats will come to EMC Cyber.
Common threats against confidentiality are:
 Eavesdropping attacks.
 Encryption cracking.
 Malicious insiders.
 Man-in-the-middle attacks
 Access to the network by unauthorized persons
 Call Pattern Tracking
 Data Mining
 Reconstruction
20 | P a g e
Assignment 01
What are the technique we can use to Confidentiality to protect EMC cyber?
Consider the following when managing data confidentiality:
 To whom data can be disclosed

 Whether laws, regulations, or contracts require data to remain confidential
 Whether data may only be used or released under certain conditions
 Whether data is sensitive by nature and would have a negative impact if disclosed
 Whether data would be valuable to those who aren't permitted to have it (e.g., hackers)
When managing data confidentiality, follow these guidelines
Encrypt sensitive files.

Data is rendered illegible by encryption to all but those with the necessary password or key. You
can guard sensitive files from being read or used by anyone who are not authorized to do so by
encrypting them (for instance, using file passwords).
Manage data access.

Controlling confidentiality largely involves regulating who has access to the data. In order to
reduce unwanted exposure, it is important to make sure that access is only permitted and given to
those who "need to know." Users should use two-factor authentication wherever possible and
strong passwords to authenticate their access. Review access lists on a regular basis, and when
it's no longer required, swiftly revoke access.
Physically secure devices and paper documents.

Controlling access to data also entails limiting physical and digital access of all types. By
keeping them in locked spaces, you can prevent misuse or theft of electronic devices and paper
documents. Never leave electronic gadgets or delicate documents alone in public.
21 | P a g e
Assignment 01
Securely dispose of data, devices, and paper records.
When data is no longer necessary for University-related purposes, it must be disposed
of appropriately.
• To prevent recovery and misuse, sensitive data, including Social Security numbers, must be
securely deleted.
• Paper documents containing sensitive information should be shred rather than thrown into trash
or recycling bins.
• Devices that were used for University-related purposes or that were otherwise used to store
sensitive information should be destroyed or securely erased to ensure that their previous
contents cannot be recovered and misused.
Manage data acquisition.

Consider how much sensitive data is genuinely needed before gathering it, and pay close
attention to how privacy and confidentiality will be handled during the acquisition process.
Avoid collecting sensitive data until it is absolutely essential; one of the best methods to lessen
the risk to confidentiality is to gather less sensitive data in the first place.
Manage data utilization.

By using sensitive data only when authorized and appropriate, confidentiality risk can be further
decreased. The privacy and confidentiality of the data, as well as the people or groups the it
represents, are violated when sensitive information is used.
Manage devices.
A wide range of crucial security procedures are included in the issue of computer administration.
You can safeguard gadgets as well as the data they hold. Use whole-disk encryption, firewalls,
regular software patching, device passcodes, antivirus software, whitelisting, inactive session
suspension, and routine software patching to practice good cybersecurity hygiene.
22 | P a g e
Assignment 01
1. Label confidential
Information. Confidential documents should be clearly labeled as such. Without this marking,
you run the danger of the information being public and may find it more difficult to hold the
discloser accountable should you decide to take legal action.
2. Train staff to know what is confidential and what is not
You must first train your team to recognize the difference between confidential and non-
confidential material if you plan to give them access to confidential information. They are more
prone to leak private information because they lack this essential understanding.
3. Put in place rules and procedures.
Your employees must understand how to manage and handle confidential information. Ensure
that you have the proper policies and processes in place and that your personnel is trained in
them. Depending on your business and the sort of sensitive information you store, the specifics
of these policies will change. Here are a few instances:
 Which job functions come with confidential information clearance

 What security procedures you have in place
 Who is able to release confidential information
 The reasons and circumstances under which confidential information may be released
 IT systems and software
4. Update your employee handbook.
Be sure your employee handbook has a section outlining confidentiality rules and procedures.
5. Sign a non-disclosure agreement.
Applicants should be made aware if a position entails handling confidential information. The
employee's need to handle sensitive material should also be mentioned in the employment
contract. You are strongly urged to have employees sign a confidentiality or non-disclosure
agreement in
23 | P a g e
Assignment 01
addition to the federal law, which can offer some protection for that information. This shows the
employee how seriously you take keeping confidentiality, if nothing else.
6. Regulate online conduct.
How sensitive information is handled is only one aspect of confidentiality. Additionally, it

covers how employees behave, particularly while using social media. Ensure that your company
has a policy in place that governs which social media sites employees are permitted to use while
on the clock and how they are expected to handle any company information on social media at
all times.
Threats against Integrity
This section is divided into two types of threat at a high level:
1. Threats against message integrity (message alteration)

2. Threats against media integrity (media alteration)
Media Alteration
The risk of media alteration is that an attacker will intercept media in the middle of
communication entities and change the media information to insert unauthorized media, lower
the quality of service, erase specific information, and other things. The medium can only be
voice-based or combined with text, fax, video, or images. Degrading and media infusion are
common instances.
Media injection
An unapproved technique called media injection involves an attacker replacing or adding fresh
media to a live media channel. As a result of media injection, the target audience (victim) might
hear an advertisement, background noise, or silence during a conversation.
Media Degrading
Media degrading is an unauthorized method in which an attacker manipulates media or media

control (for example, Real-Time Control Protocol [RTCP]) packets and reduces the QoS of any
communication. Here are a couple of examples:
24 | P a g e
Assignment 01
1. An attacker intercepts RTCP packets in the middle, and changes (or erases) the statistic
values of media traffic (packet loss, delay, and jitter) so that the endpoint devices may not
control the media properly.
2. An attacker intercepts RTCP packets in the middle, and changes the sequence number of
the packets so that the endpoint device may play the media with wrong sequence, which
degrades the quality
Here some common threats against Integrity are:
• Poor Passwords
• Outdated Software and Apps
• Network Vulnerabilities
• Software Vulnerabilities
• Intrusion Attacks
• Poor Configuration Management
• Improper Security Architecture
• Direct Attack
• Modifying configuration files
• Change the system logs
What are the technique we can use to Integrity to protect EMC cyber?
1. Perform Risk-Based Validation

Verify the systems that will keep you in compliance with POPI and GDPR. Make sure that
mechanisms are in place to meet the necessary data quality standards and that the data is
trustworthy, pertinent, and secure.
2. Apply Quality Assurance Measures

Make sure your quality control techniques and procedures are continually reviewed by a
dedicated team of professionals. Regular audits will confirm that each worker who utilizes the
data abides by the pertinent data governance principles and upholds confidentiality.
25 | P a g e
Assignment 01
3. Have Strong Access Management
Data integrity is guaranteed by a strong access management system. Giving authorized people
access to data so they can examine or edit it improves a company's data visibility and integrity. It
is essential to pinpoint the issue's origin in the event of a data breach. Access management is
crucial for preserving data integrity because of this.
4. Implement Error Detection Software

It might take a lot of effort to manually audit your systems, validate your processes, and control
who has access to your data. Furthermore, it isn't even the best option. In reality, it might be
prone to mistakes and abnormalities can go unnoticed, jeopardizing the integrity of your data. In
order to assure correctness, relevance, and quality, all significant documents and data can be
verified using the proper automatic mistake detection software.
5. Encrypting your Data

One of the finest methods for protecting data is encryption. Since attackers will struggle to
access or alter information without an encryption key, it can ensure that your data is safe even in
the event of unauthorized access. Cybercriminals won't be able to access any sensitive data in
this method, even if there is a data breach.
6. Implement Multi-Factor Authentication

The time when straightforward passwords would do was long gone. You need more than a
secure password in this digital age as hackers and cyberattacks become more adept, destructive,
and dangerous. Multi-Factor Authentication must be used. This will guarantee that even if a
cybercriminal obtains one set of login credentials, they will not be able to access your company's
data without having access to that user's email address, cellphone, or fingerprints.
7. Educate Employees
While many businesses consistently concentrate on what they perceive to be larger and more
significant projects, such as selecting the best software provider, carrying out routine data audits,
complying with regulations, and so forth, they neglect to concentrate on more compact but
potent
26 | P a g e
Assignment 01
strategies for maintaining data integrity. Employee education is one area where there can be a
significant influence. Employees who support data integrity for their employers must be aware of
its significance and make it a top priority. Through training, they can identify and avoid any
actions that can undermine the integrity of the data swiftly and effectively.
8. Backing Up Data
For their website, papers, and information, even small firms that do not deal with sensitive data
should have a backup and restoration option. Always make sure you have a reliable backup and
restore strategy in place when working with sensitive data. If you have a backup, data can be
restored seamlessly in the case of a data loss, breach, or system failure, guaranteeing that your
activities can continue without interruption and that your data cannot be altered irreversibly or
held for ransom.
9. Select Appropriate Systems and Service Providers

To meet your business's needs for data integrity, always pick the appropriate technological
service provider and data-compliant solutions. Make sure you are aware of the software that your
service provider is utilizing and obtain a certificate of evidence for it. Consider going above and
beyond and learning about the working environment, portfolio, and references of your provider.
Message Alteration
Message alteration is the risk that an attacker would intercept messages while they are being sent
between communication entities and change some of the information to redirect the call, change
some of the information, stop the service, and other things. Black holing and call rerouting are
common instances.
Call Rerouting
Any unauthorized change in call direction made by modifying the protocol message's routing
information is known as call rerouting. Call rerouting has the effect of either include or
excluding legitimate entities from the path of the call signal or media.
27 | P a g e
Assignment 01
Call Black Holing
Any unauthorized way of erasing or refusing to pass any crucial components of protocol
messages in the middle of communication entities is known as call black holing. Call black
holing has a number of negative effects, including delays in call setup, rejection of following
messages, application failures, dropped call connections, etc. Here are a few SIP examples:
1. An attacker as an intermediary drops only ACK messages between call entities so that
the SIP dialog cannot be completed, even though there could be early media between
them.
2. An attacker as an intermediary deletes media session information (SDP) in the INVITE
message, which could result in one-way audio or call disconnection.
3. An attacker as an intermediary refuses to pass all messages to a specific user (victim)
so that the user cannot receive any inbound calls
Threats against Availability

The typical threats against availability are as follows
1. Call flooding
 Valid or invalid registration flooding

 Valid or invalid call request flooding
 Call control flooding after call setup
 Ping flooding
2. Malformed messages (protocol fuzzing)
 Infinite loop of parsing

 Buffer overflow, which may permit execution of arbitrary code
 Break state machine
 Unable to process other normal messages
 System crash
3. Spoofed messages (call teardown, toll fraud)
 Call Teardown
 Toll Fraud
28 | P a g e
Assignment 01
4. Call hijacking (registration or media session hijacking)
 Registration Hijacking
 Media Session Hijacking
5. Server impersonating
6. Quality of Service (QoS) abuse
7. Hardware software failure
8. Natural disaster
What are the technique we can ensuring to Availability to protect EMC cyber?
1. Disaster Recovery and Business Continuity Plans
There should be disaster recovery measures in place that provide replication of the server to a
different data center in the event that a server or piece of hardware becomes unreachable. Plans
for disaster recovery are similar to insurance. Before you need them, you don't need them.
2. Protecting against denial of service attacks

Denial of service attacks can be defended against in a number of ways.
Since many attacks involve the creation of artificial load, having elastic computing capacity for
both hardware and network resources is one solution. As a result, the resources can still handle
genuine requests in the case of an attack. Naturally, this approach shouldn't be employed alone.
It should be coupled with the other methods listed below.
1. Deploying firewall rules to detect unexpected traffic is one other way. Smart techniques and
monitoring tools should be used to constantly differentiate good traffic against the bad ones.
2. One of the other techniques is to reduce the surface area of the attack by running your
services in multiple data centers and have a load balancer in front that can route traffic
across these data centers.
29 | P a g e
Assignment 01
3. Deploy DDoS prevention devices on the network perimeter. These devices are designed to
detect DDoS attacks much before they can cause any harm.
3. Improve your physical infrastructure
Your servers and disks have the power to boost or reduce availability. They ought to be created
with availability in mind, distributing data among clusters to prevent total data loss in the event
of a cluster failure.
Hasten the recuperation process
Even Amazon cannot guarantee flawless availability. You must be able to solve problems as
soon as they appear. This endeavor entails investigating the problems, possibly upgrading the
hardware, and restarting the database and operating systems functions.
4. Eliminate corrupted data
Data corruption is similar to bacterial cells in that it doesn't take much to cause significant harm.
When data is missing, inaccurate, out-of-date, or just inaccessible, corruption can occur. In
essence, it's any data that you can't completely trust, which in certain businesses is a lot of data.
The only way to identify and correct all the problems is to use a methodical approach. This
procedure should ideally be automated because doing it by hand is very distracting.
5. Streamline your formatting and organization
The worst case scenario is when reliable data is available but you can't access it as quickly or
readily as you'd like. This typically occurs because data is formatted differently and can't be
quickly reformatted. As long as you have a tool that integrates data onto a shared platform,
formatting problems are prevalent but preventable.
Even if you are proactive, availability concerns are tough to avoid. As data volume and velocity
rise, managing it becomes increasingly challenging. Additionally, a burgeoning criminal
population is continuously attacking data. This resource is essential, but you simply cannot do
without it because it will only become more unstable and unpredictable.
30 | P a g e
Assignment 01
Advantageous of EMC cyber to maintain CIA Triad
The primary framework for creating security systems and guidelines for organizations is the CIA
triad. As a result, the CIA trinity is essential to protecting your data from evolving cyber threats.
An organization is said to have failed in properly adopting one or more of these principles if a
security incident—such as data theft or a security breach—occurs. The CIA trinity is essential to
information security because it improves security posture, assists enterprises in maintaining
compliance with complicated requirements, and guarantees business continuity.
A strategic strategy is necessary for an efficient cybersecurity program because it offers a

comprehensive plan for achieving and maintaining your target degree of cybersecurity maturity.
The CIA Triad, which aims to safeguard your information, plan for and adapt to changing threat
situations, withstand disruptions, and quickly recover from them, is built on an information
security policy.
The CIA trio should be used in the majority of security scenarios, especially since each element
is crucial. However, it is especially useful when creating systems for classifying data and
controlling access credentials. When dealing with your organization's cyber vulnerabilities, you
should strictly apply the CIA trinity. It can be an effective tool for stopping the Cyber Kill Chain,
which is the procedure for identifying and carrying out a cyberattack.
You may use the CIA security Triad to identify potential targets for attackers and then put
policies and procedures in place to effectively safeguard those assets.
Before any consequences from hackers or natural disasters, we must safeguard our precious
system. The CIA Triad is the most safe technique of protection from any effect to EMC Cyber,
as it will prevent us from losing our precious data and information if the above-mentioned
consequences occur.
31 | P a g e
Assignment 01
1.2
What is IT Security?
Figure 2
Information security is the safeguarding of data, particularly as it is being processed. IT security

is to stop unauthorized third parties from modifying data and systems.
This means that the data within businesses and organizations, which consists of both people and
technology, is safeguarded against harm and risks. Not just information and data are included
here; also included are actual data centers or cloud services.
Importance of IT security
1. Protection against external threats
2. Protection against internal threats
3. Regulation compliance
4. Improved productivity
5. Cost savings and value
6. Brand trust and reputation
7. Allows Employees to Work Safely
8. Stop Your Website from Going Down
9. Support Your IT Expert
10. Inspire Confidence in Your Customers
What is IT Risk?
Information security risks are the potential harm that can result from assaults on IT systems. IT
risk includes a wide range of potential occurrences, such as data breaches, legal actions, costs,
harm to one's brand, and more.
32 | P a g e
Assignment 01
What is threats?
Cyber threats also refer to the potential for a successful cyber assault with the intent of gaining
unauthorized access to, damaging, disrupting, or stealing a computer network, an intellectual
property asset, or any other kind of sensitive data. Cyber threats might originate from within an
organization from reputable people or from distant areas from unauthorized individuals.
Some security risks for EMC cyber
Physical security risks

I. Tailgating
II. Natural disaster
III. Theft of documents
IV. Unaccounted visitors
V. Stolen identification
VI. Social engineering
Virtual security risks

I. VM sprawl
II. Malware & Ransomware attacks
III. Network configuration
IV. Access control
V. Phishing
VI. Security of offline virtual machine
VII. Trojan horse
VIII. Workloads with different trust level
IX. Hypervisor security controls
X. Cloud service provider APIs
33 | P a g e
Assignment 01
What are the Impacts to the EMC cyber because of Physical & virtual security Risks?
 Financial losses
 Loss of privacy
 Damage to EMC cyber reputation Rep
 Legal implications
 Even loss of life
 The resources of EMC cyber will be lose
 Employees will be disappoint
 Loss of important data
 People and customers will scared to deal with EMC cyber
 If the natural disaster happen will be taken more days to refresh the resources
1.3
What is security procedure?
Procedures for information security
A specific course of action or manner of operation might be referred to as a procedure. They
describe an act or the way things are done during any process or action. The protocols outline the
steps necessary for requesting USERIDs, processing passwords, and information disposal. In the
future, the processes for seeking USERIDs or access modifications will be carried out via email,
using simple templates that prompt the requester for all the necessary information. Requests may
be processed quickly, increasing productivity for everyone involved.
We can follow these security policies to protect EMC Cyber
1. Acceptable Encryption and Key Management Policy.

2. Acceptable Use Policy.
3. Clean Desk Policy.
4. Data Breach Response Policy.
5. Disaster Recovery Plan Policy.
6. Personnel Security Policy.
7. User Identification, Authentication, and Authorization Policy
34 | P a g e
Assignment 01
8. Acceptable Encryption and Key Management Policy
9. Data Breach Response Policy
10. Personnel Security Policy
11. Data Backup Policy
12. Incident Response Policy
13. End User Encryption Key Protection Policy
14. Remote Access Policy
15. Secure Systems Management Policy
16. Monitoring and Logging Policy
According to 1.2 physical, virtual security Risks countermeasures are
Physical Security Risks

I. Tailgating
II. Natural disaster
III. Theft of documents
IV. Unaccounted visitors
V. Stolen identification
Countermeasure for those physical Risks

Tailgating
Fortunately, by taking the proper physical security precautions, tailgating may be controlled.
Anti- tailing doors, if you're prepared to spend the money, practically eliminate tailgating.
Although they can be expensive to install, they are something you might take into account if you
are moving to a new office site. Giving your staff training in physical security is another strategy
to stop tailgating. This is significantly less dependable but much less expensive. It entails
educating staff members about physical security and distributing a strict physical security policy
to them, along with instructions like avoiding holding doors open for strangers. Additionally, you
ought to urge staff members to alert security personnel about any instances of tailgating they
observe.
35 | P a g e
Assignment 01
Natural disaster
A disaster recovery plan (DRP), also known as a disaster recovery implementation plan or an IT
disaster recovery plan, is a documented policy and/or procedure that is intended to help an
organization carry out recovery procedures in the event of a disaster, thereby protecting business
IT infrastructure and, more generally, fostering recovery.
Theft of documents
Implementing a "clear-desk" policy is one of the best ways to stop the theft or unintentional
disclosure of documents and sensitive information. Sensitive documents are less likely to be left
in risky areas when there is a clear-desk policy in place, which requires that all desks are cleaned
and all paperwork is put away at the end of each workday. Additionally, you must make sure that
your staff members destroy all private data they possess after using them.
Access control must be implemented in order to stop unauthorized visitors from entering your
company and to prevent document theft.
Unaccounted visitors
For corporate security, access control using swipe-card-access or ID doors is crucial, but you
need also make sure that every visitor is registered by giving them visitor cards. This way, you'll
always be able to tell whether someone is allowed to be on your property, and you'll also have a
log of entrance so you can later confirm when someone was there. You must, of course, take
precautions to ensure that everyone is using verification that they are authorized to use.
Stolen identification
Employees must be made aware of the value of safeguarding their IDs or access cards. Without
sufficient training, staff members frequently lend or exchange their cards, making it challenging
to effectively manage access. Employees might not take proper care of their IDs unless it is made
clear how important it is to do so. Hence it is necessary to educate them about ID protection.
36 | P a g e
Assignment 01
Virtual Security Risks
1. VM Sprawl
2. Malware & Ransomware Attacks
3. Access Control
4. Phishing
5. Trojan Horse
Countermeasure for those virtual Risks

VM Sprawl (Virtual Machine Sprawl)
There are five ways to protect from VM sprawl
1. Maintain an inventory
Create a common inventory for all the virtual machines and hosts, and update it periodically.
This inventory helps you understand the function of every VM in your environment and helps
you keep track of the VMs created for multiple purposes by different IT staff.
2. Categorize VMs based on groups or departments
Create groups based on VM functions or classify them by their departments. Whether you're
creating a new VM, optimizing the existing virtual environment, or applying new configurations,
these groups make VM management easy.
3. Identify idle VMs
Based on bandwidth consumption, audit the VMs and identify idle VMs early before they take
up too much disk space and cache memory. After this, you have two choices:
a. Delete the VM along with its junk files if it's no longer needed.
b. Archive the VM if you need it again down the road for a similar function.
4. Identify VMs with under- or over-allocated resources
Since virtual machines are used to provide a top-notch end-user experience, it's crucial to
ensure that they have enough resources to do it. To achieve this, you need to constantly monitor
virtual machines to identify VMs that have high CPU, memory, and disk utilization.
37 | P a g e
Assignment 01
Similarly, you need to monitor VMs to identify the ones that have over-allocated memory and
disk space. You can then modify configurations to ensure your VMs receive sufficient resources,
which can help you avoid potential performance issues.
5. Audit VMs periodically
It's a good practice to audit your VMs from time to time to identify anomalies in their
performance. Generate reports periodically and analyze important parameters such as CPU
usage, memory usage, and disk usage to evaluate their health.
This helps you identify patterns in performance degradation early on for individual VMs and
make more informed VM management decisions. This is a holistic approach every IT admin can
adopt to prevent VM sprawl.
Malware & Ransomware Attacks

Here also we have few ways to protect from this threat.
.1 Test Backup and Recovery Procedures.
The most important part of a ransomware security strategy is the use of regular data backups.
Enterprises should perform these as often as possible, and they should be combined with backup
and restore drills. Both processes are important, but recovery drills are the only way to know for
certain if a backup plan is a good one. If a team can recover from a very recent backup, they
might not need to pay to get their data back.
2. Enhance Powers of Detection.
Malicious links and attachments that are the main source of ransomware attacks can arrive
through multiple workplace channels – not only through email, but via social media messages,
collaboration tools, and many other communication channels. Effective digital risk
protection tools can proactively monitor all digital communications and immediately detect and
quarantine potentially problematic links, attachments, and URLs. Traditional antivirus software
doesn’t provide enough protection; enterprises need next-gen solutions leveraging machine
learning to detect both known and unknown forms of ransomware
38 | P a g e
Assignment 01
3. Educate Employees on Cybersecurity Best Practices.
A study by Kaspersky revealed that almost half of employees don't know how to respond to
ransomware attacks. All employees should gain a basic understanding of what ransomware is,
how it usually arrives, and what the warning signs are. They should know who to report
suspicions to, and what to do in the event that their actions trigger the execution of ransomware.
4. Constantly Update and Patch Operating Systems and Software.
Attackers work relentlessly to discover vulnerabilities that can be exploited. Avoiding malware
and ransomware requires IT professionals to be equally rigorous in return. Common
vulnerabilities and exposures are always being patched, but updating systems and patching
software from legitimate sources, can help significantly reduce exposure to vulnerabilities.
5. Incorporate Digital Risk Protection Into the Core of Cybersecurity Efforts.
To keep up with the growing and ever-changing threat of ransomware, enterprises need to invest
in digital risk protection tools that provide full threat intelligence. With this approach, IT teams
can automatically identify, assess, and proactively respond to threats, and stop any ransomware
spread before it begins.
6. Monitor Endpoints for IOAs (Indicators of Attack).
A dedicated set of cybersecurity solutions offer endpoint detection and response (EDR). These
solutions can closely monitor activities across all endpoints, and capture raw events deemed
suspicious. These solutions can deliver unhindered environment visibility for proactive threat
recognition and response at the endpoint level.
39 | P a g e
Assignment 01
Phishing
Some countermeasures we can use to protect from phishing
1. Filter emails for phishing threats

2. Update client-side operating systems, software, and plug-ins
3. Harden Your Clients
4. Block Internet-bound SMB and Kerberos traffic
5. Detect malware on endpoints
6. Detect compromised credentials and lateral movement
7. Implement 2-factor authentication
8. Enable SPF and DKIM
9. Train your employees on security awareness
10. Have an incident response plan
Access Control
Port scanning and compromise
Backdoors are the unauthorized open ports created by malicious programs that allow an
unauthorized entity to gain access into the system. An important countermeasure is to
periodically check these open ports in the system and close the ports that are not used by
programs. Port scanning tools will help in this process. While port scanning helps security tests
to identify open ports, the scanners can also be used by attackers to find the entry points to
system.
Trojan horse
 Antivirus software
 Authentication
 Encryption
 Firewall
The primary means of mitigating virus and Trojan horse attacks is antivirus software. Antivirus
software helps prevent hosts from getting infected and spreading malicious code.
40 | P a g e
Assignment 01
What is Risk Assessment Procedure?
Figure 3
Risk assessment is the process of locating potential threats to a company's capacity to conduct
business. These analyses assist in identifying these inherent company risks and offer steps,
procedures, and controls to lessen their negative effects on daily operations.
In order to prioritize and communicate the contents of the evaluation, including any threats to
their information technology (IT) infrastructure, businesses might utilize a risk assessment
framework (RAF). The RAF assists an organization in identifying prospective risks, any
company assets put at risk by these risks, as well as potential consequences should these risks
materialize.
Follow these five steps in risk assessment procedure
Figure 4
• Step 1 Identify the hazards

• Step 2 Decide who might be harmed and how
• Step 3 Evaluate the risks and decide on precautions
• Step 4 Record your findings and implement them
• Step 5 Review your assessment and update if necessary
41 | P a g e
Assignment 01
Risk Case Assurance Severity Assets Effected Solution
Physical Risks
1. Tailgating Enter High High Data effect 1. Managing Access

unauthorized
Control
person
physically to the 2. Video Surveillance
privacy place
3. Visitor Credentials
2.Natural Environment Low High Data effected 1. DRP plan

disaster changes Employee effected 2. Regular backup
3. Data
backup
Center
3.Theft of Get data Low High Data effected 1. Lock Away
unnecessary Company Personal
documents
person Information
Damage reputation 2.Shred
of the company Old
Documents
4.Stolen When miss to High High Data effected 1. Secure your mail.
maintain proper 2. Safeguard your
Identification
identification Damage reputation Social Security
of the company number
3. Never let your
Customer may loss credit card out of your
the confident about sight
company
5.Social Employees High High Data effect 1. Employees
,organization
engineering awareness
protection falt Company fund ,
privacy lose 2. Technical Measures
Table 1
42 | P a g e
Assignment 01
There is a chapter "solution" with a complete definition in the table above.
1. Tailgating
Managing Access Control
Access control is a security technique that regulates who or what can view or use resources in a
computing environment. It is a fundamental concept in security that minimizes risk to the
business or organization. There are two types of access control: physical and logical.
Using Surveillance will helpful to Integration of video surveillance in key security spots on a
building, and particularly the main entrance, not only deters criminals but also helps law
enforcement authorities to identify the tailgaters in case of a crime
Some another ways also there to protect Tailgating these two are main
2. Natural disaster
1. DRP plan
A disaster recovery plan (DRP) is a documented, structured approach that describes how an
organization can quickly resume work after an unplanned incident. A DRP is an essential part of
a business continuity plan (BCP). It is applied to the aspects of an organization that depend on a
functioning information technology (IT) infrastructure. A DRP aims to help an organization
resolve data loss and recover system functionality so that it can perform in the aftermath of an
incident, even if it operates at a minimal level.
The plan consists of steps to minimize the effects of a disaster so the organization can continue to
operate or quickly resume mission-critical functions. Typically, a DRP involves an analysis of
business processes and continuity needs. Before generating a detailed plan, an organization often
performs a business impact analysis (BIA) and risk analysis (RA), and it establishes recovery
objectives.
43 | P a g e
Assignment 01
2. Data backup center
Backup refers to the process of storing data on a separate medium for added reliability. This
helps recover data in case of primary hardware failures, accidental deletion, cyberattacks and
natural disasters. Servers are backed-up daily and archived offsite for long term retention.
Backup services are available by request to all UCSC employees
3. Regular backup
Regular backup will help us to get back data again if any problem or threats come to our system.
3. Theft of documents
1 Lock Away Personal Information.

Need to protect personal information from unwanted person get those information. it may be files
or papers or else books even if it is a pen drive or DVD phone chip whatever ,if it is personal
company main data or company privacy details have to protect it.so need to keep safe those all
the source of information.
4. Stolen Identification
1.Protect information (Secure your mail , Safeguard your Social Security number, Never let your
credit card out of your sight)
We have to secure our emails because hackers will target emails to affect our system and always
need to safeguard our social security number and also need to keep safety our credit card. These
all the security measure will protect our company and your individual life too from Stolen
Identification.
44 | P a g e
Assignment 01
5. Social engineering
1. Employees awareness
With threat actors constantly developing their tactics, your team needs to be trained to recognize
attacks or, at the very least, situations that deviate from standard operations.
Over time, learned skills may be forgotten. Regardless, the techniques and tactics of our
adversaries continue to evolve. Regular and timely training for every member of your team could
not be more important.
A holistic training plan should include general security awareness training, regular simulated
phishing tests, and full-on social engineering engagements. Employee awareness of information
and asset sensitivity and classification is also important. If dealing with highly critical
information, your team should be aware that they need to be more skeptical when handling it
than when handling assets of lower importance.
2. Technical Measures
Technical countermeasures are designed to prevent the situation from escalating. The goal is to
stop threat actors before they have any opportunity to take advantage of human nature in the first
place. There are multiple options here, including waste management that safely discards any
sensitive information, safe physical access systems (doors, gates, etc.), sophisticated entry cards,
person verification, accompanying any guests, etc.
45 | P a g e
Assignment 01
Risk Case Assurance Severity Assets Effected Solution
Virtual Risks
1. VM Sprawl When network high high Data effect 1. Use VM

administrators
management
miss to maintain
the machines software
2.setting up policies
& procedures
2. Malware & Unauthorized High High Data effected 1 Install anti-
Ransomware access to our Employee effected virus and anti-
Attacks system spyware software
2. Keep software
updated
3. Control access
to systems
4.Regular backup
5.Data
backup
Center
3.Access Control Miss to maintain Low high Data effected 1.Restrict access to
Access control Company systems
Damage reputation of 2. Strong Password
the company Policy
3.Testing
4. phishing Cheat us by High High Data effected 1. Use anti-spam
attackers to filters
attack our 2. Keep your
system, in several browser updated.
ways. 3. set up a public
email address
5.Trojan Horse When careless High High Damage reputation of 1.use firewall
when using the company 2. Install a high-
internet or quality antivirus.
downloads or 3. Avoid third-party
else using open downloads.
source software
in internet.
Table 2
46 | P a g e
Assignment 01
There is a chapter "solution" with a complete definition in the table above.
1. VM Sprawl
Use virtualization management software
Depending on how big and diverse your environments are, how experienced your IT team is, and
what your strategic goals are, virtualization management software might make your life a lot
easier. Sure, a single system administrator can manually manage a handful of virtual machines
(VMs) fired up on a single workstation, but large enterprise-wide deployments use virtualization
management software to help their systems be successful.
2. Malware & Ransomware Attacks

1. Install anti-virus and anti-spyware software
Anti-virus and anti-spyware programs scan computer files to identify and remove malware. Be
sure to:
 Keep your security tools updated.

 Immediately remove detected malware.
 Audit your files for missing data, errors, and unauthorized
additions. This anti-virus guard will help
2. Keep software updated

No software package is completely safe against malware. However, software vendors regularly
provide patches and updates to close whatever new vulnerabilities show up. As a best practice,
validate and install all new software patches:
 Regularly update your operating systems, software tools, browsers and plug-ins.
 Implement routine maintenance to ensure all software is current and check for signs of
malware in log report
3. Control access to systems

There are multiple ways to regulate your networks to protect against Malware & Ransomware
Attacks
47 | P a g e
Assignment 01
 Install or implement a firewall, intrusion detection system (IDS) and intrusion prevention
system (IPS).
 Never use unfamiliar remote drives or media that was used on a publicly accessible device.
 Close unused ports and disable unused protocols.
 Remove inactive user accounts.
 Carefully read all licensing agreements before installing software.
3. Access Control
1. Restrict access to systems
Access whether physical or electronic must be restricted to systems, sensitive files, etc. If the
attacker has physical access to the system which hosts authentication records, then they can
dump the records and then crack them offline. Same is the case for electronic access as user’s
access should be restricted to password files. All such activities should be logged and
investigated immediately. Also, user roles should be controlled/restricted as to what they can do
on a system
2. Strong Password Policy
There must be a password policy that directs the use of strong passwords organization-wide as
it can reduce the attack surface of passwords. The policy should not only include enforcing a
strong password but also directs changing passwords regularly. This type of policy is a must
and organizations should not on depend solely on users’ awareness about strong password and
rather enforce it.
3. Testing:
As they say think like a malicious user would and then prepare control test strategies. This
technique should only be followed by approvals from different groups from within an
organization. Testing strategies should also follow compliance guidelines under which the
control fall or for the compliance organization is striving towards. Testing should frequently be
done on the access control systems, for example, like whenever a new control is deployed, or a
new logical network segmentation is performed. Testing results should be distributed, and
appropriate decisions should be made to fine tune the existing policies or create a new policy if
one is missing. For example, if
48 | P a g e
Assignment 01
the password is weak and can be cracked but allowed by the password policy then organization
password policy should be fine-tuned and must be enforced on user ac
4. Phishing
1. Use anti-spam filters
Only open email accounts with providers that include spam filtering. Choose an antivirus and
Internet security solution that also includes advanced anti-spam features
2. Keep your browser updated.
Make sure that you use the latest version of your web browser and that all the latest Internet
security patches have been applied.it will protect your company from phishing
3. Set up a public email address
Use this address when you need to register on public forums and in chat rooms, or to subscribe to
mailing lists and other Internet services. The following tips will also help you to reduce the
volume of spam you receive via your public email address:
 Treat your public address as a temporary address. The chances are high that spammers will
rapidly get hold of your public address, especially if it is frequently being used on the Internet.
 Don't be afraid to change your public email address often.
 Consider using a number of public addresses. That way you’ll have a better chance of tracing
which services may be selling your address to spammers.
5. Trojan Horse
1. Use a firewall
Firewalls screen data that enters your device from the internet. While most operating systems
come with a built-in firewall, it’s also a good idea to use a hardware firewall for full protection
2. Install a high-quality antivirus.
Antivirus and anti-malware software should be your first line of defense and it’s essential to
install something robust enough for the job. These programs scan your device for problems and
alert you if an issue arises. Some will also quarantine and delete any threats from your device
49 | P a g e
Assignment 01
3. Avoid third-party downloads.
Any download is a potential threat. Websites, ads, and messages that contain automatic
downloads often hide malware. Avoid clicking through to any banners and suspicious links,
don’t use shortened URLs, and think carefully before allowing any download.
Activity 02
2.1
Identify the potential impact to IT security of incorrect configuration of firewall

policies and third-party VPNs.
Figure 5
What is VPN?
A virtual private network (VPN) is a network that uses a public telecommunications
infrastructure, such the Internet, to offer secure access to a company's network to remote offices
or individual users. Data entering the tunnel is encrypted in a VPN, and it is decrypted at the
other end by computers at each end of the tunnel.
50 | P a g e
Assignment 01
VPN Protocols
1. OpenVPN
OpenVPN is one of the most widely used VPN protocols. It’s an open-source protocol that uses
encryption based on the OpenSSL and SSLv3/TLSv1 protocols. Most VPN services support
OpenVPN and it’s available for a lot of different platforms (e.g. Windows, Android, Linux,
routers). Most consider OpenVPN to be the best choice.
2. IPsec/L2TP
This protocol combines IPsec for the encryption of data with L2TP for establishing a secure
connection. Most operating systems include IPsec/L2TP, which is a good choice when
OpenVPN isn’t available.
3. IKEv2/IPsec
IKEv2 is a protocol based on IPSec. This protocol can quickly connect to and switch between
networks. This makes it an ideal choice for smartphones because these devices tend to switch
between Wi-Fi networks and public Wi-Fi networks regularly. According to some sources,
IKEv2 is faster than OpenVPN. Nevertheless, OpenVPN is seen as the better protocol.
4. PPTP
PPTP (Point to Point Tunneling Protocol) is one of the first widely used protocols. This protocol
contains a few (potential) leaks. For this reason, its use is only advisable if speed is more
important to you than safety. This could be the case if you want to bypass restrictions set up by
streaming services.
5. Softether
Softether, unlike other VPN protocols mentioned so far, is not a stand-alone protocol, but an
open- source application that works across different platforms and offers support to VPN
protocols such as SSL VPN, L2TP/IPsec, OpenVPN, and Microsoft Secure Socket Tunneling
Protocol.
51 | P a g e
Assignment 01
7. WireGuard
WireGuard is a relatively new protocol that has been gaining in popularity. It runs on a Linux
kernel and is aimed at performing even better than OpenVPN and IPsec. It’s still in development,
so you’re better off using OpenVPN for now.
Types of VPN
1. Remote Access VPNs
Remote access VPN is the most common type of VPN in use today. It connects users to a private
network via a secure remote server. A remote access VPN works by routing user's data through a
virtual tunnel between the user's device and the private network.
The encryption protocols ensure that your data isn’t compromised as it moves through networks.
Users must install the client VPN software to establish a connection to the VPN.Remote access
VPNs are simple to use and easy to set up. They can easily bypass geo-blocks and access content
that is otherwise restricted. Remote access VPNs are ideal for personal use
2. Site-to-Site VPN
A Site-to-Site VPN is commonly used in large companies where multiple users in various
locations need to access shared resources. Organizations with branches in numerous locations
rely on site- to-site VPNs to connect the network of one branch to the network at another branch.
These connections can take one of the two forms.
 Intranet based VPN: An Intranet based VPN links two offices of the same company. It
connects two separate LANs to a single WAN.
 Extranet based VPN: Some organizations need to connect to a network of another
organization
 Using an extranet: based VPN. A possible example of such a connection would be a
company that connects to its supplier's network for efficient trade.
52 | P a g e
Assignment 01
A Site-to-Site VPN connects geographically distant offices through the internet and ensures
secure communication. As the VPN connection is established on router-to-router
communication, one router acts as a client while the other as a VPN server. Communication
between the routers only starts after authenticating both the end points.
3. Client to Server VPN

A client to server VPN establishes a secure connection between clients and a corporate network,
while still maintaining the security and resources of the network. It provides a new VPN tunnel
that allows users to access a network without compromising security and privacy.
A client to server VPN is particularly useful when accessing insecure public WLANs. It prevents
ISPs and third parties from compromising data since the connection is encrypted all the way to
the provider
A major advantage of client to server VPN is universal access of employees to company
resources. Clients, for instance, can connect to corporate network from a home office and work
as if they were present at the company workplace.
4. P2P VPN
A Peer-to-Peer (P2P) VPN is a service that is compatible with peer-to-peer network. When
searching a file on a P2P network, the service locates copies of the file and creates connections
with sources that contain part of or the entire requested file.
P2P quickens the file sharing process since you’re downloading it not from a single location, but
from multiple nodes that contain small chunks of the same data. As you download the file, it’s
uploaded to more users who are requesting the same file.
Despite the advantages, P2P networks carry a negative reputation. A P2P VPN can protect your
data, but it cannot keep you safe for from malicious files. Since peer-to-peer networks rely on
data being hosted by different nodes, there is always a risk of malicious actors within the
network. A P2P VPN won't be able to protect your device if you download malware
masquerading as a normal legitimate file
Some users also use P2P VPN to access illegal content like copyrighted software, movies, and
music. This is why many countries have strict laws to discourage P2P file sharing
53 | P a g e
Assignment 01
Here are some important uses of VPN:
1) Use Public Wi-Fi securely
Figure 6
Some people use VPNs at Wi-Fi hotspots to prevent snoopers from gathering private
information because public Wi-Fi offers no encryption security to its users and your
signals are broadcast for anyone knowledgeable enough to eavesdrop. In general,
employing a VPN service, which completely encrypts all Internet traffic, is the best
approach to prevent your data from falling into the wrong hands.
2) Secure Communication between Sites
Figure 7
Today, a site-to-site VPN connection is used by many firms to connect their branch
offices to their main office through the Internet. Businesses can, for instance, allow
employees who use laptops while traveling or working from home to connect to the
company network just as if they were seated at a desk in the office. Using a VPN, a
business with offices in two different places can link them via the internet so that it seems
as though they are on the same network. Users can send and receive information
through a secure link by
54 | P a g e
Assignment 01
connecting remote sites to a central office. File servers and printers that are not physically
located in the same office can be used by employees.
3) Bypass the Web Censorship and Content Surveillance
Figure 8
Some nations erect firewalls to limit what their citizens can see, hear, and share with
others both inside and outside of their borders. You can "tunnel out" of the censorship
limitations and access the entire World Wide Web by connecting to a VPN server.
In our EMC facility in response to your final query, using a VPN service alone won't
conceal your true identity or where you are. There are numerous methods to be
recognized and followed if you don't safeguard your PC and browser.
Firewall
Figure 9
55 | P a g e
Assignment 01
Assume for the moment that you are a member of a 500-person company. As a result, the
company will have a large number of computers with network cards linking them all.
Without a firewall, all of those 100 computers are simultaneously accessible to everyone
on the internet. These computers can be probed, attempted FTP connections, attempted
telnet connections, and other actions by someone who is aware of what they are doing.
Hackers can gain access to the device and make the most of the security flaw if one
employee makes a mistake and leaves it. The environment is quite exclusive with a
firewall in place. A company will install a firewall at each internet connection so that the
firewall may enforce safety rules.
Types of firewalls
 Software firewalls
 Hardware firewalls
 Cloud firewalls
Software firewalls
Software firewalls include any type of firewall that is installed on a local device rather than a
separate piece of hardware (or a cloud server). The big benefit of a software firewall is that it's
highly useful for creating defense in depth by isolating individual network endpoints from one
another.
However, maintaining individual software firewalls on different devices can be difficult and
time-consuming. Furthermore, not every device on a network may be compatible with a
single software firewall, which may mean having to use several different software firewalls to
cover every asset.
Hardware firewall
Hardware firewalls use a physical appliance that acts in a manner similar to a traffic router to
intercept data packets and traffic requests before they're connected to the network's servers.
Physical appliance-based firewalls like this excel at perimeter security by making sure malicious
traffic from outside the network is intercepted before the company's network endpoints are
exposed to risk.
56 | P a g e
Assignment 01
The major weakness of a hardware-based firewall, however, is that it is often easy for insider
attacks to bypass them. Also, the actual capabilities of a hardware firewall may vary depending
on the manufacturer some may have a more limited capacity to handle simultaneous connections
than others.
Cloud firewalls
Whenever a cloud solution is used to deliver a firewall, it can be called a cloud firewall, or
firewall-as-a-service (FaaS). Cloud firewalls are considered synonymous with proxy firewalls
by many, since a cloud server is often used in a proxy firewall setup (though the proxy doesn't
necessarily have to be on the cloud, it frequently is).
The big benefit of having cloud-based firewalls is that they are very easy to scale with your
organization. As your needs grow, you can add additional capacity to the cloud server to filter
larger traffic loads. Cloud firewalls, like hardware firewalls, excel at perimeter security
Here we’ll see about some firewalls
 Packet-filtering firewalls
 Circuit-level gateways
 Stateful inspection firewalls
 Application-level gateways (a.k.a. proxy firewalls)
 Next-gen firewall
Encryption
The method of switching statistics privately and secretively is known as encryption. Your online
information is protected. It makes it possible to protect your privacy or anonymity during video,
voice, or text communications.
When you don't want anyone else to have access, encryption is
necessary. Allow me explain how it's implementing:
 When you switch your data or information over the net, the information first
dispatched on your local network.
 Then your statistics sent for your net service issuer who can view this information.
 And then in the end, the information gets the supposed person.
57 | P a g e
Assignment 01
So, throughout this complete process several man or woman can get entry to your information.
Subsequently, the encryption is needed to preserve your information secure & unreadable.
The pleasant way to encrypt your data over the net is using SSL (Secure Socket Layer) that
encrypt your statistics and make customers assured to technique.
2.2
DMZ
Figure 10
A safe transitory network between an organization's internal and external networks is known as a
demilitarized zone (DMZ). A front-line network called a DMZ server connects to external
networks while remaining isolated from internal networks for security reasons. A safe transitory
network between an organization's internal and external networks is known as a demilitarized
zone (DMZ). A front-line network called a DMZ server connects to external networks while
remaining isolated from internal networks for security reasons.
The main advantage of DMZ is the ability to securely access internet services from public
networks. Additionally, aid in preventing external networks and nodes from engaging with or
accessing the internal network. The internal network's access will be restricted by DMZ. Before
making that internal transfer, you should also run a firewall scan on all of their communication.
A hacker attempting to enter an organization's network can only see the DMZ and is unable to
access the main network hidden behind it. Firewall is less safe and secure than DMZ.
Additionally, it can function as a proxy server.
58 | P a g e
Assignment 01
Anytime an outsider tries to access the EMC Cyber, it directs them through the DMZ, which is
not directly connected to the EMC internal network. When there is no DMZ in the EMC Cyber,
an attacker has a possibility to quickly access the datacenter when attempting to attack the
network. However, if DMZ is present in the EMC Cyber, this will force attackers to only access
the DMZ rather than the internal network.
Services of a DMZ include

 DNS servers
 FTP servers
 Mail servers
 Proxy servers
 Web servers
Static IP
A static IP address is one that stays the same over time. However, this may be given to a single
computer. Alternative to static IP addresses, dynamic IP addresses can only be assigned
temporarily. Static IP is set aside exclusively for one server. As a result, it will always utilize the
same IP address for sessions when a user logs in. This makes it easier for EMC Cyber to identify
the user. Static IP addresses are secure and dependable. Therefore, attacking the EMC will be
challenging for attackers. Static IP can be used by the user as a reliable IP address. That is
private and only the user has access to it.
What Makes a Static IP Address Useful?
Another way to conceive of a static IP address is to compare it to a physical address, such as a

house address or an email address. These addresses are static, making it simple to get in touch
with or locate someone.
59 | P a g e
Assignment 01
A static IP address is also helpful if you run a print server, utilize networked printers, have a file
server in your network, host a website from home, or use remote access software. Other devices
always know exactly how to contact a device that has a static IP address since it never changes.
For instance, if a PC connected to a home network has a static IP address set up. A router can be
configured to always transmit some inbound requests directly to a computer if it has a specific
address associated with it, such as FTP requests if the computer shares files through FTP.
If you're hosting a website, for example, not having a static IP address is a pain since every time
the computer obtains a new IP address, you have to adjust the router settings to send requests to
that new address. Because the router doesn't know which device in the network is the one serving
the website, failing to do this would prevent anyone from seeing your website?
Another example of a static IP address at work is with DNS servers. DNS servers use static IP
addresses so that devices always knows how to connect to them. If they changed often, you'd
have to regularly reconfigure those DNS servers on your router or computer to use the internet.
Static IP addresses are also useful for when the device's domain name is inaccessible. Computers
that connect to a file server in a workplace network, for instance, could be set up to always
connect to the server using the server's static IP instead of its hostname. Even if the DNS server
malfunctions, the computers could still access the file server because they communicate with it
through the IP address
DNS servers are yet another application of a static IP address. Static IP addresses are used by
DNS servers so that devices always know how to connect to them. You would need to often
update those DNS servers on your network or PC in order to access the internet if they changed
frequently. In situations where the device's domain name cannot be accessed, static IP addresses
are also helpful. In a corporate network, for example, file servers could be configured so that
computers connecting to them always use their static IP address rather than their hostname. The
computers could still access the file server even if the DNS server was down since they connect
with it via the IP address.
60 | P a g e
Assignment 01
NAT (Network Address Translation)
Figure 11
A feature known as network address translation enables users to use a single IP address for both
public and private network communication. There are a lot of public networks and a small
number of private networks in the world. NAT is a good solution for high traffic volume.
When users desire to get in touch with one another. However, IPv4 restricts IP addresses in order
to manage client volume. NAT was developed to address this. Additionally, manage multiple
clients' requests from a single private IP address that public networks require. A router serves as
the hub of network address translation, transforming the real IP address into a new public IP
address. This IP will appear on an external network as the router's IP, however that is incorrect.
NAT is useful for the EMC Cyber network because it allows the corporation to restrict its IP
addresses, which reduces complexity and makes security maintenance simple. It will be highly
beneficial for the security of the EMC network if an employee accesses the external network
using the same IP address that they use to access the EMC Cyber.
NAT Types
There are three different types of NATs. People use them for different reasons, but they all still
work as a NAT.
1. Static NAT
When the local address is converted to a public one, this NAT chooses the same one. This means
there will be a consistent public IP address associated with that router or NAT device.
61 | P a g e
Assignment 01
2. Dynamic NAT
Instead of choosing the same IP address every time, this NAT goes through a pool of public IP
addresses. This results in the router or NAT device getting a different address each time the
router translates the local address to a public address.
PAT stands for port address translation. It’s a type of dynamic NAT, but it bands several local IP
addresses to a singular public one. Organizations that want all their employees’ activity to use a
singular IP address use a PAT, often under the supervision of a
Purpose of NAT
To communicate with the internet, a networking system requires a unique IP address. This 32-bit
number identifies and locates the network device so a user can communicate with it.
The IPV4 addressing scheme of past decades technically made billions of these unique addresses
available, but not all could be assigned to devices for communication. Instead, some were
exempted and used for testing, broadcast, and certain reserved military purposes. While that left
over 3 billion for communication, the proliferation of the internet has meant the addresses were
near exhaustion.
The IPv6 addressing scheme was introduced as the solution to this weakness in the IPv4
addressing scheme. IPv6 recreates the addressing system so there are more options for allocating
addresses, but it has taken several years to alter the networking system infrastructure and to
implement. NAT was introduced by Cisco in the meantime and widely deployed
Advantageous for EMC cyber and client to use those strategy
Advantageous for using DMZ
Access control.
A DMZ network provides access control to services outside an organization's network perimeters
that are accessed from the internet. It simultaneously introduces a level of network segmentation
that increases the number of obstacles a user must bypass before gaining access to an
organization's
62 | P a g e
Assignment 01
private network. In some cases, a DMZ includes a proxy server, which centralizes the flow of
internal -- usually, employee -- internet traffic and makes recording and monitoring that traffic
simpler
Network reconnaissance prevention.
A DMZ also prevents an attacker from being able to scope out potential targets within the
network. Even if a system within the DMZ is compromised, the internal firewall still protects the
private network, separating it from the DMZ. This setup makes external active reconnaissance
more difficult. Although the servers in the DMZ are publicly exposed, they are backed by
another layer of protection. The public face of the DMZ keeps attackers from seeing the contents
of the internal private network. If attackers do manage to compromise the servers within the
DMZ, they are still isolated from the private network by the DMZ's internal barrier.
Protection against
Internet Protocol (IP) spoofing. In some cases, attackers attempt to bypass access control
restrictions by spoofing an authorized IP address to impersonate another device on the network.
A DMZ can stall potential IP spoofers, while another service on the network verifies the IP
address's legitimacy by testing whether it is reachable
Advantageous for using static IP address
1. Speed
Since Static IP addresses are with less contradictions, the devices assigned with a Static IP
address tends to perform faster. Only if you are a broadband user, the speed difference is
extremely noticeable. Not for the DSL connections. This is especially beneficial if you are
constantly uploading and downloading files.
2. Security
The security level offered by a Static IP address is always up to a greater extent. Static IP address
is equipped with an additional layer of protection which makes sure that most of the security
problems are prevented.
63 | P a g e
Assignment 01
3. Accessibility
Remote access is made possible in Static IP address using programs like Virtual Private
Network (VPN). Meaning that, devices can be accessed from any part of the world. As long as
the device is connected to the internet, all the information are made accessible.
4. Hosting
Currently all type of hosting from web server, email server and other types of servers are
accepted by Static IP address. Therefore, if you have a Static IP address all your customers and
clients can easily access your website. And also, when using Static IP address the devices can
easily locate and find all the servers worldwide.
5. Stability
All the Static IP address are known to be stable since they are restricted from changes. Unlike in
a Dynamic IP address, it does nor undergo frequent lapses. Whenever there is a reboot, the
computers will be able to reconnect quickly to the internet using the same IP address.
6. Accuracy
A Static IP address is highly accurate when it comes to geolocation data. All the geolocational
services will be able to find the accurate business location. With these accurate information, it
can be assured that the businesses are always in the frontline. This is beneficial for businesses in
many ways
7. Shared Resources
In some businesses, they commonly share office resources among their employees. For this they
use a business network with devices of Static IP address. Having a device which is assigned with
a Static IP address makes it easier to locate. In the contrary, devices with Dynamic IP address are
known to be difficult to discover.
64 | P a g e
Assignment 01
Advantageous for using NAT
1. Lowers the cost
When any organization uses NAT with their private IP address, they don’t need to buy a new
IP address for all the computers they have in their organization. They can use the same IP
address for multiple computers out there. This will help to reduce the cost of the
organization.
2. Conserving Address
When you use NAT overload, it will allow you to preserve the IPv4 address space which will
give access to all the privatization of intranets. Here, it can be done with the help of Intranet
Privatization. In this process, they used to save all the addresses at the port level in multiple
applications.
3. Connection Flexibility
NAT has multiple tools, load balancing tools, and backup tools. These tools will help to
increase the overall reliability and flexibility of the network. It will happen when we
establish any connection either in the public or any of their connections.
4. Consistency in the Network

It has a scheme called consistent network addressing. It has a proper address space assigned
for the use of public IP addresses. This happens because when we enlarge the network, then
more IP addresses will be required.
5. Network Security
In-Network Address Translation all your original source and destination sources will be
hidden by them completely. Without the user’s permission, so that the hosts inside them will
not be reached by other hosts in the network. This proves that they have got additional
security.
6. Private Addressing
They have a private IPv4 addressing system that is owned by them. So, if you move to
another addressing system, they will still have their own addressing system. If the user
changes the internet service provider, it will prevent the internal address changes in them.
65 | P a g e
Assignment 01
2.3
Physical security measures
 Establish surveillance
Locking the server room door is a nice first step, but someone might break in or someone with
access might abuse that power. You must be able to track who enters and exits at what times.
The simplest way to do this is with a log book for signing in and out, but this has a lot of
disadvantages. Someone who has bad intentions will probably just ignore it.
An authentication system built into the locking mechanisms would be preferable to the log book
because it would require a smart card, token, or biometric scan to unlock the doors and keep
track of who enters.
The log book or electronic access system should be supplemented with a video surveillance
camera that provides an excellent view of people entering and exiting and is located in a location
that makes it impossible to tamper with, disable (or even find). Using motion detection
technology, surveillance cameras can either record continuously or only when someone is
moving about. They can also be configured to alert users through email or mobile phone if
motion is detected when it shouldn't be (such as after hours).
 Shut the server room's door

Make sure the server room door is securely locked before locking down the servers, in fact,
before turning them on for the first time. The best lock in the world won't do you any good if you
don't use it, so you also need policies demanding that those doors be shut whenever the room is
empty. The policies should also specify who is in possession of the key or key code to gain entry.
Your physical network's heart is located in the server room, where anyone with physical access
to the room's servers, switches, routers, cables, and other equipment can cause a great deal of
harm.
 Prevent trespassers from accessing the case

Workstations and servers should both be secured against thieves who might open the case and
take the hard disk. Taking off with a hard drive in your pocket is far simpler than carrying a full
tower. To prevent opening the case without a key, many computers use case locks.
66 | P a g e
Assignment 01
 Remember the workstations, too
Any unprotected machine linked to the network might be used by hackers to access or remove
crucial data for your company. Particularly vulnerable are workstations located at vacant desks,
vacant offices (such as those occupied by absentee or departing employees who have not yet
been replaced), or places where visitors can readily access the building, like the desk of the front
receptionist.
Lock all vacant offices, including those that are only briefly empty when a worker is away for
lunch or ill, and disconnect or remove any computers that aren't in use. Install smart card or
biometric readers on computers that must remain in public spaces, often hidden from employees'
view, to make it more difficult for unauthorized users to log in.
 Turn off the drives

Floppy disks, USB ports, and other methods of connecting external drives can be disabled or
removed if you don't want employees copying company data to removable media. It might not be
enough to just cut the cords to dissuade tech-savvy staff. Although there are software methods
that forbid it, some organizations go so far as to cover ports with glue or other materials to
permanently restrict their use. If your computer still has floppy drives, you can use disk locks
like the one from SecurityKit.com to lock out other diskettes.
Virtual security measures
 Often backup your data

To ensure that your data is preserved securely, your company should either manually backup all
data to an external hard drive or the cloud, or simply set up automated backups. In this manner,
even if your systems are compromised, your information will still be safe with you.
Although many software programs that handle sensitive data come with this capability by
default, it won't hurt to conduct a review of all company communications to make sure that no
single point of failure can delete months or years' worth of historical data.
67 | P a g e
Assignment 01
 Protect Your Wi-Fi Network
If you still use WEP (or Wired Equivalent Privacy), stop using it and replace it with WPA2 (Wi-
Fi Protected Access version 2), which is far more secure.
There is a significant probability that you are already utilizing WPA2, which is a standard for
internet security that is becoming more and more popular. To move all of their operations to a
more secure network, large companies will need to put out a concerted effort because some fail
to upgrade their infrastructure.
Change your wireless routers or access point's name, commonly known as the Service Set
Identifier, to prevent hackers from accessing your Wi-Fi network (SSID). For further security,
you can be sure to use a challenging Pre-shared Key (PSK) passphrase.
 Informing employees about cyber security measures
A documented cyber security policy outlining the proper ways to use the Internet and office
computers is helpful, but it is insufficient. So that your employees can put it into effect, you must
make sure that all of its specifics are explained to them and understood by them. The only way to
make such policies effective is in that way.
If you want to ensure that your procedure is secure both offline and online, you should think
about hiring a third-party expert.
Additionally, since you'll need to update these rules frequently in light of the contents' relevancy,
you'll want to have a mechanism in place for doing so.
 Secure Laptops and Smartphones
Because of the ease of carrying them around, laptops and smartphones hold a hell of a lot of
valuable data, and that is also the reason they are at a higher risk of getting lost or stolen.
Granted, the thieves are often more interested in making a quick buck at a pawn shop than in
ransoming off your business's corporate secrets, but either way, you'll lose access to your data
and your verified device.
68 | P a g e
Assignment 01
What steps can you take to protect a physical device? Here are the biggest options available
 Data encryption
We mentioned business-wide encryption software earlier, but sometimes an employee neglects
to encrypt the data on their device as well as on the cloud
 Password protection
Similarly, you'll want to have a password to enter your laptop as well as one to access online
accounts. Many password managers can help with this as well.
 Remote wiping
With this ability set up, a business IT manager can remotely delete the data on a misplaced device.
Finally, a company-wide employee training session detailing the best practices for company-
owned devices can be useful as well, ensuring employees know whether they can take laptops off
of the premises and how to keep them safe if they do. In fact, let's give that idea its own entry:
Activity 3
3.1
What is risk assessment procedure?
Figure 12
69 | P a g e
Assignment 01
Risk assessment is the process of locating potential threats to a company's capacity to conduct
business. These analyses assist in identifying these inherent company risks and offer steps,
procedures, and controls to lessen their negative effects on daily operations. In order to prioritize
and communicate the contents of the evaluation, including any threats to their information
technology (IT) infrastructure, businesses might utilize a risk assessment framework (RAF). The
RAF assists an organization in identifying prospective risks, any company assets put at risk by
these risks, as well as potential consequences should these risks materialize.
The Chief Risk Officer (CRO) or a Chief Risk Manager is often in charge of conducting the risk
assessment process in major businesses.
Steps of risk assessment

1. Identify hazards
E.g.: - anything that may cause harm

Employers have a duty to assess the health and safety risks faced by their workers. Your
employer must systematically check for possible physical, mental, chemical and biological
hazards.
This is one common classification of hazards:

 Physical: e.g. lifting, awkward postures, slips and trips, noise, dust, machinery, computer
equipment, etc.
 Mental: e.g. excess workload, long hours, working with high-need clients, bullying, etc.
These are also called 'psychosocial' hazards, affecting mental health and occurring within
working relationships.
 Chemical: e.g. asbestos, cleaning fluids, aerosols, etc.
 Biological: including tuberculosis, hepatitis and other infectious diseases faced by
healthcare workers, home care staff and other healthcare professionals.
2. Decide who may be harmed, and how.
Identifying who is at risk starts with your organization’s own full- and part-time employees.
Employers must also assess risks faced by agency and contract staff, visitors, clients and other
members of the public on their premises.
Employers must review work routines in all the different locations and situations where their
staff are employed.
70 | P a g e
Assignment 01
For example:
 Home care supervisors must take due account of their client's personal safety in the
home, and ensure safe working and lifting arrangements for their own home care staff.
 In a supermarket, hazards are found in the repetitive tasks at the checkout, in lifting loads,
and in slips and trips from spillages and obstacles in the shop and storerooms. Staff face
the risk of violence from customers and intruders, especially in the evenings.
 In call centers, workstation equipment (i.e. desk, screen, keyboard and chair) must be
adjusted to suit each employee.
Employers have special duties towards the health and safety of young workers, disabled
employees, night workers, shift workers, and pregnant or breastfeeding women.
3. Assess the risks and take action.

This means employers must consider how likely it is that each hazard could cause harm. This
will determine whether or not your employer should reduce the level of risk. Even after all
precautions have been taken, some risk usually remains. Employers must decide for each
remaining hazard whether the risk remains high, medium or low.
4. Make a record of the findings.

Employers with five or more staff are required to record in writing the main findings of the risk
assessment. This record should include details of any hazards noted in the risk assessment, and
action taken to reduce or eliminate risk.
This record provides proof that the assessment was carried out, and is used as the basis for a later
review of working practices. The risk assessment is a working document. You should be able to
read it. It should not be locked away in a cupboard.
5. Review the risk assessment.

A risk assessment must be kept under review in order to:
 Ensure that agreed safe working practices continue to be applied (e.g. that management's
safety instructions are respected by supervisors and line managers); and
 Take account of any new working practices, new machinery or more demanding work
targets.
71 | P a g e
Assignment 01
Benefits of risk assessment
Benefits for me
1. Identify security vulnerabilities

2. Determine new security requirements
3. Justify spending
4. Make smart purchases
5. Improve planning
6. Document due diligence
Benefits for the company

1. Educated employees
2. Increased motivation
3. Improved communication and decision-making
Benefits for the IT Group

1. Boost productivity
2. Help make budget choices
IT Security & Organization Policy
Policies are set of a guidelines to protect the organization, employee and their clients.
Organization policies contain regulatory procedures, employee practice, employee disciplines,
about internet and email use. In the modern world attackers are find smart ways to bypass the
security of the organization. So organization like EMC which manage lots of sensitive data, want
to protect their data, and network devices, assets. There are many types of policies that the
organization might develop. Such as e-polices, health and safety policies, employee policies,
security policies. In the security policies, IT security is most important. There are several types
of IT security like Network security, internet security, data storage security application security.
IT security policies are rules and guideline for accessing and using company’s IT assets or
resources. The main objectives of IT security is CIA (Confidentiality, Integrity and Availability).
72 | P a g e
Assignment 01
 Confidentiality – Restrict the access for only authorized people. It is help to
prevent sensitive information from reaching unauthorized
peoples
 Integrity – Allow only authorized people to modify IT assets or data.
 Availability – Want to have continuous access for authorized users for
allowed assets
“Designed to guide employees’ behavior with regard to the security of company data, assets, IT
systems, etc. These security policies define the who, what, and why regarding the desired
behavior, and they play an important role in an organization’s overall security posture.
Information security policies should reflect the risk appetite of executive management and
therefore serve to establish an associated security mind-set within an organization”. (Dunham,
2018)
Security Audit
Figure 13
A thorough evaluation of an organization's IT infrastructure and security posture is known as an

IT security audit. Organizations can identify and evaluate the risks present in their IT networks,
connected devices, and apps by conducting an IT security audit. You have the chance to achieve
compliance and close security gaps. Among these are measures like vulnerability scans, which
look for security gaps in IT systems. Or running penetration tests to gain illegal access to the
networks, systems, and applications. Finally, the organization receives the penetration testing
reports created after carrying out all required steps for further analysis and action.
73 | P a g e
Assignment 01
Types of IT security audit
1) One-time assessment
Security checks that you conduct for unforeseen or particular circumstances and triggers in your
activities Assuming, for example, that you will introduce a new product, you have a battery of
tests and reviews that you rush to obtain before adding any new wager to your store.
2) Tollgate assessment
Security audits that produce two results. A review is conducted to determine whether or not
another cycle or methodology may be applied to your current situation. You're not so much
choosing to bet as you are looking for pieces of art that will slow you down.
3) Portfolio assessment
The yearly, semiannual, or <enter your prerequisites here> consistently booked review. Utilize
these reviews to confirm that your security cycles and methodology are being followed and that
they are sufficient for the ongoing industry environment and necessities.
Impacts of IT security audit

 It evaluates the flow of data within your business
 It identifies vulnerable points and problem areas.
 It determines whether you must alter security policies and standards or not.
 It recommends how to leverage information technology in your business security.
 It delivers an in-depth analysis of your internal and external IT practices and system.
 Ensure Your Data is Protected
 View Operations from A New Angle
 Identify Gaps in Your Protection
 Stay Ahead of Regulations
 Use Recommendations to Improve
 Confirms how agreeable your IT foundation is with top administrative bodies and assists
you with adjusting in understanding.
 Finds slack in your association's security preparing and mindfulness and assists you with
pursuing informed choices towards its improvement.
74 | P a g e
Assignment 01
Computer Misuse
Figure 14
Hacking, the dissemination of malware (such as viruses), and other unauthorized behavior, such
as the altering of software or data, changing passwords, and interfering with the regular operation
of the computer system, are all examples of computer misuse.
Types of computer misuse

Misuse of computers and communications systems comes in several forms:
 Hacking
Hacking is where an unauthorized person uses a network, internet or modem connection to gain
access past security passwords or other security to see data stored on another computer. Hackers
sometimes use software hacking tools and often target, for example, particular sites on the
internet
 Data misuse and unauthorized transfer or copying
Copying and illegal transfer of data is very quick and easy using online computers and large
storage devices such as hard disks, memory sticks and DVDs. Personal data, company research
and written work, such as novels and textbooks, cannot be copied without the copyright holder's
permission.
 Copying and distributing copyrighted software, music and film
This includes copying music and movies with computer equipment and distributing it on the
internet without the copyright holder's permission. This is a widespread misuse of both
computers and the internet that breaks copyright regulations.
75 | P a g e
Assignment 01
 Email and chat room abuses
Internet services such as chat rooms and email have been the subject of many well-publicized
cases of impersonation and deception where people who are online pretend to have a different
identity. Chat rooms have been used to spread rumors about well-known personalities. A
growing area of abuse of the internet is email spam, where millions of emails are sent to
advertise both legal and illegal products and services.
 Pornography
A lot of indecent material and pornography is available through the internet and can be stored in
electronic form. There have been several cases of material, which is classified as illegal, or
which shows illegal acts, being found stored on computers followed by prosecutions for
possession of the material.
 Identity and financial abuses
This topic includes misuse of stolen or fictional credit card numbers to obtain goods or services
on the internet, and use of computers in financial frauds. These can range from complex well
thought out deceptions to simple uses such as printing counterfeit money with colour printers.
 Viruses
Viruses are relatively simple programs written by people and designed to cause nuisance or
damage to computers or their files.
Computer misuse act of 1990

The Computer Misuse Act 1990 is the UK's legal defense against hacking, allowing the state to
prosecute those who use or access computers for malicious purposes. The Computer Misuse Act
protects personal data held by organizations from unauthorized access and modification).
The act makes the following illegal:
1. Unauthorized access to computer material. This refers to entering a computer system
without permission (hacking)
2. Unauthorized access to computer materials with intent to commit a further crime. This
refers to entering a computer system to steal data or destroy a device or network (such as
planting a virus)
76 | P a g e
Assignment 01
3. Unauthorized modification of data. This refers to modifying or deleting data, and also
covers the introduction of malware or spyware onto a computer (electronic vandalism and
theft of information)
4. Making, supplying or obtaining anything which can be used in computer misuse offences
These four clauses cover a range of offences including hacking, computer fraud, blackmail and
viruses.
Failure to comply with the Computer Misuse Act can lead to fines and potentially imprisonment.
Offence Penalty
Unauthorized access to computer material Up to six months in prison and/or an

up to a £5,000 fine
Unauthorized access to computer materials with intent to Up to a five-year prison sentence

commit a further crime and/or an unlimited fine
Unauthorized modification of data Up to a five-year prison sentence

and/or an unlimited fine
Making, supplying or obtaining anything which can be Up to a ten-year prison sentence

used in computer misuse offences and/or an unlimited fine
Table 3
Data Protection Act (1998)

In the 1990s, with more and more organizations using digital technology to store and process
personal information, there was a danger this information could be misused. The Data Protection
Act of 1998 was designed to tackle this issue.
Data stored electronically is vulnerable as it is very easy to copy it to a removable drive or to

email/ transfer it via the internet. Individuals who had data stored about them (Data Subjects) had
several concerns:
77 | P a g e
Assignment 01
 Who could access this information?
 How accurate was the information?
 Could it be easily copied?
 Was it possible to store information about a person without that individual's knowledge or
permission?
The Data Protection Act aims to safeguard all information held about an individual classified as
personal (e.g., name, address, financial details) or sensitive (e.g., ethnicity, political opinion,
religion). The act ensures data stored about you is processed fairly and lawfully. For example,
there are strict rules as to who can access and alter your health records. Regular checks are made
to ensure that the rules of the Data Protection Act are being followed.
Principles of the Data Protection Act:
 Data must be collected and used fairly and inside the law
 Data must only be held and used for the reasons given to the Information Commissioner
 Data can only be used for those registered purposes. You cannot give it away or sell it
unless you said you would initially. For example, your school could not sell pupils' data
to a book or uniform supplier without permission
 The data held must be acceptable, appropriate and not beyond what is necessary when
compared with the purpose for which the data is held
 Data must be accurate and be kept up to date. For example, making sure data subjects'
contact numbers are current
 Data must not be kept longer than is necessary. This rule means that it would be wrong to
keep information about past customers longer than a few years at most
 Data must be kept safe and secure, for example, personal data should not be left open to
be viewed by just anyone
 Data may not be transferred outside of the European Economic Area (that's the EU plus
some small European countries) unless the country where the data is being sent has a
suitable and similar data protection law. This part of the Data Protection Act has led to
some countries passing compatible laws to allow computer data centers to be located in
their jurisdiction
78 | P a g e
Assignment 01
3.2
Data protection law and procedures for EMC cyber data storage
Data protection law is different from country to country. Data protection laws a setup by the
government or standard organization to protect the information. And also maintain CIA triad
(Confidentiality, integrity, Availability). Following are the some data protection laws which will
give good advantages for EMC Cyber.
Data Protection Act 2018

This is also a United Kingdom’s implementation of GDRP (General Data Protection Regulation).
“Everyone responsible for using personal data has to follow strict rules called ‘data protection
principles’. They must make sure the information is:
 used fairly, lawfully and transparently

 used for specified, explicit purposes
 used in a way that is adequate, relevant and limited to only what is necessary
 accurate and, where necessary, kept up to date
 kept for no longer than is necessary
 handled in a way that ensures appropriate security, including protection against unlawful
or unauthorized processing, access, loss, destruction or damage
There is stronger legal protection for more sensitive information, such as:
 race
 ethnic background
 political opinions
 religious beliefs
 trade union membership
 genetics
 biometrics (where used for identification)
 health
There are separate safeguards for personal data relating to criminal convictions and offences.” (UK
Government, 2019)
79 | P a g e
Assignment 01
ISO 31000
“Organizations that manage risks effectively are more likely to protect themselves and succeed
in growing their business. The challenge for any business is to integrate good practice into their
day- to-day operations and apply it to the wider aspects of their organizational practice.
BS ISO 31000 is the international standard for risk management. By providing comprehensive
principles and guidelines, this standard helps organizations with their risk analysis and risk
assessments. Whether you work in a public, private or community enterprise, you can benefit
from BS ISO 31000, because it applies to most business activities including planning,
management operations and communication processes.
Whilst all organizations manage risk to some extent, this international standard’s best-practice
recommendations were developed to improve management techniques and ensure safety and
security in the workplace at all times. By implementing the principles and guidelines of BS ISO
31000 in your organization,
You’ll be able to improve operational efficiency, governance and stakeholder confidence, while
minimizing losses. This international standard also helps you to boost health and safety
performance, establish a strong foundation for decision making and encourage proactive
management in all areas.
Benefit of ISO 31000

 Proactively improve operational efficiency and governance
 Build stakeholder confidence in your use of risk techniques
 Apply management system controls to risk analysis to minimize losses
 Improve management system performance and resilience
 Respond to change effectively and protect your business as you grow”
(The British Standards Institution, 2019)
80 | P a g e
Assignment 01
Raid Technology
Figure 15
Redundant Array of Inexpensive Disks, or RAID, is an acronym.

If used literally, it refers to storing data on a number of relatively inexpensive hard disk drives
(HDDs). Generally speaking, it is referred to as "Technology that merges a number of such
cheap HDDs into a single HDD." RAID is the use of several disks to manage HDD data with a
variety of methods. Usually, there are six levels: RAID 0, RAID 1, RAID 2, RAID 3, RAID 4,
and RAID
5. Regarding data deployment and the kind of redundancy provided, they are all different.
Now that it has ETERNUS DX and ETERNUS AF, Fujitsu offers RAID 6. Through the use of
double parity, this guarantees increased reliability. A study group led by Professor Patterson at
the University of California first put out the technology. The "I" in RAID stood for
"Inexpensive" when they presented their paper. This was due to the fact that they were looking
for ways to employ the readily available, reasonably priced HDDs in their study rather than the
proprietary and somewhat specialized disk devices that were often used at the time to increase
disk drive speed and dependability. But today, the "I" in RAID has come to stand for
"Independent," as pricey specialized HDDs have all but vanished from the market. Combining
several RAID level technologies has also grown in popularity as a way to deliver more targeted
cost savings and performance gains. It is possible to install both hardware and software RAID.
Multiple disk devices that are directly linked to a host computer (usually via a SCSI interface)
can be combined and treated as a single logical memory device to achieve software RAID. This
function, which debuted with the Windows NT/2000 operating systems, is often utilized. With
hardware RAID, RAID is implemented by a control component separate from the host CPU. The
81 | P a g e
Assignment 01
two most common ways to use Hardware RAID are either built into the disk drive or connected
to the host computer through fiber channel or SCSI, or utilizing a card to connect to the PCI bus.
In full-fledged server systems, hardware RAID is by far the most popular technique because it
doesn't add any more computing demands to the server.
Let's look at the details of the different RAID technology levels.
RAID level 0 – Striping
Figure 16
In a RAID 0 system data are split up into blocks that get written across all the drives in the array.
By using multiple disks (at least 2) at the same time, this offers superior I/O performance. This
performance can be enhanced further by using multiple controllers, ideally one controller per
disk.
82 | P a g e
Assignment 01
RAID level 1 – Mirroring
Figure 17
Data are stored twice by writing them to either the data drive (or set of data drives) and a mirror
drive (or set of drives). If a drive fails, the controller uses either the data drive or the mirror drive
for data recovery and continuous operation. You need at least 2 drives for a RAID 1 array.
RAID level 5 – Striping with parity
Figure 18
RAID 5 is the most common secure RAID level. It requires at least 3 drives but can work with
up to 16. Data blocks are striped across the drives and on one drive a parity checksum of all the
block data is written. The parity data are not written to a fixed drive, they are spread across all
drives, as the drawing below shows. Using the parity data, the computer can recalculate the data
of one of the other data blocks, should those data no longer be available. That means a RAID 5
array can withstand a single drive failure without losing data or access to data. Although RAID
5 can be achieved in software, a hardware controller is recommended. Often extra cache
memory is used on these controllers to improve the write performance
83 | P a g e
Assignment 01
RAID level 6 – Striping with double parity
Figure 19
RAID 6 is like RAID 5, but the parity data are written to two drives. That means it requires at
least 4 drives and can withstand 2 drives dying simultaneously. The chances that two drives
break down at exactly the same moment are of course very small. However, if a drive in a RAID
5 systems dies and is replaced by a new drive, it takes hours or even more than a day to rebuild
the swapped drive. If another drive dies during that time, you still lose all of your data. With
RAID 6, the RAID array will even survive that second failure.
RAID level 10 – combining RAID 1 & RAID 0
Figure 20
It is possible to combine the advantages (and disadvantages) of RAID 0 and RAID 1 in one
single system. This is a nested or hybrid RAID configuration. It provides security by mirroring
all data on secondary drives while using striping across each set of drives to speed up data
transfers.
84 | P a g e
Assignment 01
Activity 4
4.1
Security Policy for EMC Cyber

“IT Security Policy is a model of the organization’s culture, in which rules and procedures are
driven from its employees' approach to their information and work. Thus, an effective IT security
policy is a unique document for each organization, cultivated from its people’s perspectives on
risk tolerance, how they see and value their information, and the resulting availability that they
maintain of that information. For this reason, many companies will find a boilerplate IT security
policy inappropriate due to its lack of consideration for how the organization’s people actually
use and share information among themselves and to the public.
The objectives of an IT security policy is the preservation of confidentiality, integrity, and

availability of systems and information used by an organization’s members. These three
principles compose the CIA triad:
 Confidentiality involves the protection of assets from unauthorized entities
 Integrity ensures the modification of assets is handled in a specified and authorized manner
 Availability is a state of the system in which authorized users have continuous access to
said assets”
(Paloalto Netowork, 2019)
Following is the security policy for the EMC Cyber,
Physical security
Want put CCTV surveillance in important area like entrance gate, server room, working place
etc. security guards must be in the entrance gate and inside the organization to prevent from
abnormal actions. Allow only authorized people to come inside of the organization from entrance
by giving an ID card with barcode reader.
Authentication
Only allow authorized people to enter working departments. In every working department want a
card reader to punch the ID card. Than the door will open. And also give alert when ID card is
not recognized by the reader. It will help to detect the unauthorized people.
85 | P a g e
Assignment 01
Privacy
Only important peoples like HR manager, CEO, Supervisor know the some business privacy
matters. That will help protect the privacy without leek.
Security awareness training
Want to conduct security awareness training for the staffs to prevent from security failure.
Employees want to have knowledge about the security to protect EMC Cyber’s client’s sensitive
data.
Special access
Only important authorized peoples have rights to accesses some important things like, network
server, data storage. This help to safeguard the organization. Otherwise there will be problem
which is can occur because everyone can use every devices.
Access to visitors
When clients come to the organization, there will be separate place to communicate with them.
Assign a specific team communicate with the clients about the services what EMC is provide.
Only authorized staffs can enter all other place than this.
Password
Card reared is not enough for places like data storage, and network server want passcode
verification to access those servers to protect the sensitive information. Also that passcode is
known by employees who is in important roles like managers, leaders.
Network security
When connecting with external network there want protection for internal network devices. So
want VPN, Firewall, DMZ, Static IP and NAT to secure the network.
Risk management
Company like EMC Cyber has large amount of data. Therefor there is a chance for threats and
hazards. So to control them want risk assessment plan to prevent from data losses and other risks.
Also want disaster recovery plan as well.
Virus protection
In the working place, there will be thousands of nodes which is used for daily work. So that
nodes have protection from malware and viruses. So want to put virus guard software like
Kaspersky will help to prevent from this.
86 | P a g e
Assignment 01
4.2
Figure 21
Figure 22
87 | P a g e
Assignment 01
Figure 23
Figure 24
88 | P a g e
Assignment 01
Figure 25
Figure 26
89 | P a g e
Assignment 01
Figure 27
Figure 28
90 | P a g e
Assignment 01
Figure 29
Figure 30
91 | P a g e
Assignment 01
Figure 31
Figure 32
92 | P a g e
Assignment 01
Figure 33
Figure 34
93 | P a g e
Assignment 01
Figure 35
Figure 36
94 | P a g e
Assignment 01
Figure 37
Figure 38
95 | P a g e
Assignment 01
Figure 39
Figure 40
96 | P a g e
Assignment 01
Figure 41
Figure 42
97 | P a g e
Assignment 01
Figure 43
Figure 44
98 | P a g e
Assignment 01
Figure 45
Figure 46
99 | P a g e
Assignment 01
Figure 47
Figure 48
100 | P a g e
Assignment 01
Figure 49
Figure 50
101 | P a g e
Assignment 01
Figure 51
Figure 52
102 | P a g e
Assignment 01
Figure 53
Figure 54
103 | P a g e
Assignment 01
Figure 55
Figure 56
104 | P a g e
Assignment 01
Figure 57
Figure 58
105 | P a g e
Assignment 01
Figure 59
106 | P a g e
Assignment 01
Refernces
https://www.compuquip.com/blog/types-firewall-architectures
Firewall
https://phoenixnap.com/blog/types-of-firewalls
Firewall misconfiguration
https://www.akamai.com/blog/security/the-dangers-of-firewall-misconfigurations-and-how-
to-avoid-them
Network monitor tool with screenshots
https://www.comparitech.com/net-admin/network-monitoring-tools/
DMZ
https://www.techtarget.com/searchsecurity/definition/DMZ
Static IP
https://www.lifewire.com/what-is-a-static-ip-address-2626012
VPN
https://vpnoverview.com/vpn-information/what-is-a-vpn/
Risk assessment steps
https://worksmart.org.uk/health-advice/health-and-safety/hazards-and-risks/what-are-five-steps-
risk-assessment
What Is Intellectual Property?
107 | P a g e
Assignment 01
https://www.investopedia.com/terms/i/intellectualproperty.asp
Network manage
https://www.techtarget.com/searchnetworking/tip/5-principles-of-the-network-change-
management-process
data protection u must have
https://www.itgovernance.co.uk/blog/5-data-protection-policies-your-organisation-must-have
RAID
https://www.prepressure.com/library/technology/raid
ISO
https://www.process.st/iso-31000/
MISS USE
https://isaaccomputerscience.org/concepts/net_sec_misuse_act?examBoard=all&stage=all
Types of computer misuse
https://www.bbc.co.uk/bitesize/guides/zt8qtfr/revision/1
Policies
https://www.adserosecurity.com/security-learning-center/ten-it-security-policies-every-
organization-should-have/
108 | P a g e
Assignment 01
DR plan
https://cloudian.com/guides/disaster-recovery/disaster-recovery-5-key-features-and-building-
your-dr-plan/
Centre Technologies, 2014. Centre Technologies. [Online]

Available at: https://centretechnologies.com/15-steps-designing-successful-disaster-recovery-
plan/
[Accessed 21 February 2019].
Dunham, R., 2018. LINFORD & COMPANY LLP. [Online]

Available at: https://linfordco.com/blog/information-security-policies/
Paloalto Netowork, 2019. Paloalto Netowork. [Online]

Available at: https://www.paloaltonetworks.com/cyberpedia/what-is-an-it-security-policy
Rouse, M., 2019. TechTarget. [Online]

Available at: https://searchsecurity.techtarget.com/definition/DMZ
[Accessed 28 January 2019].
Techopedia, 2019. Techopedia. [Online]

Available at: https://www.techopedia.com/definition/1074/disaster-recovery-plan-drp
[Accessed 21 Febraury 2019].
The British Standards Institution, 2019. The British Standards Institution. [Online]
Available at: https://www.bsigroup.com/en-GB/iso-31000-risk-management/
UK Government, 2019. GOV.UK. [Online]

Available at: https://www.gov.uk/data-protection
109 | P a g e
Assignment 01
110 | P a g e
Assignment 01
Grading Rubric
Grading Criteria Achieved Feedback
LO1 Assess risks to IT security
P1 Identify types of security risks to organisations.

P2 Describe organizational security procedures.
M1 Propose a method to assess and treat IT security risks.
LO2 Describe IT security solutions
P3 Identify the potential impact to IT security of incorrect

configuration of firewall policies and thirparty VPNs.
P4 Show, using an example for each, how implementing a DMZ,

static IP and NAT in a network can improve Network Security.
M2 Discuss three benefits to implement network monitoring
systems with supporting reasons.
D1 Evaluate a minimum of three of physical and virtual security
measures that can be employed to ensure the integrity of
organisational IT security.
LO3 Review mechanisms to control organisational IT
security
111 | P a g e
Assignment 01
P5 Discuss risk assessment procedures.
P6 Explain data protection processes and regulations as applicable

to an organisation.
M3 Summarise the ISO 31000 risk management methodology and its

application in IT security.
M4 Discuss possible impacts to organizational security resulting
from an IT security audit.
D2 Consider how IT security can be aligned with organisational
policy, detailing the security impact of any misalignment.
LO4 Manage organizational security
P7 Design and implement a security policy for an organisation.
P8 List the main components of an organisational disaster recovery

plan, justifying the reasons for inclusion.
M5 Discuss the roles of stakeholders in the organisation to
implement security audit recommendations.
D3 Evaluate the suitability of the tools used in an organisational
policy.
112 | P a g e
Assignment 01
113 | P a g e
Assignment 01
114 | P a g e
Assignment 01

Irani - Kan-1661451330426-158199-Security Unit 5

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Irani - Kan-1661451330426-158199-Security Unit 5

Uploaded by

Copyright:

Available Formats

Higher Nationals

Internal verification of assessment decisions – BTEC (RQF)

Assessor Ms. Samindhi Internal

Do the assessment criteria awarded

Is the Pass/Merit/Distinction grade

• Identifying opportunities for

• Agreeing actions? Y/N

Does the assessment decision need

Internal Verifier signature Date

Assessor signature Date

Unit Title Unit 05: Security

Assignment Number 1 Assessor Ms. Samindhi

Pass, Merit & P3 P4 M2 D1

LO3. Review mechanisms to control organisational IT security.

Pass, Merit & P5 P6 M3 M4 D2

LO4. Manage organisational security.

Pass, Merit & P7 P8 M5 D3

Grade: Assessor Signature: Date:

Grade: Assessor Signature: Date:

Signature & Date:

Word Processing Rules

1. I know that plagiarism is a punishable offence because it constitutes theft.

Issue Date 29/04/2022

Assignment Brief and Guidance:

What is CIA Traid?

Common threats against confidentiality are:

Consider the following when managing data confidentiality:

 To whom data can be disclosed

When managing data confidentiality, follow these guidelines

Encrypt sensitive files.

Manage data access.

Physically secure devices and paper documents.

Manage data acquisition.

Manage data utilization.

2. Train staff to know what is confidential and what is not

3. Put in place rules and procedures.

 Which job functions come with confidential information clearance

4. Update your employee handbook.

5. Sign a non-disclosure agreement.

How sensitive information is handled is only one aspect of confidentiality. Additionally, it

Threats against Integrity

This section is divided into two types of threat at a high level:

1. Threats against message integrity (message alteration)

Media degrading is an unauthorized method in which an attacker manipulates media or media

Here some common threats against Integrity are:

1. Perform Risk-Based Validation

2. Apply Quality Assurance Measures

4. Implement Error Detection Software

5. Encrypting your Data

6. Implement Multi-Factor Authentication

9. Select Appropriate Systems and Service Providers

Threats against Availability

 Valid or invalid registration flooding

2. Malformed messages (protocol fuzzing)

 Infinite loop of parsing

3. Spoofed messages (call teardown, toll fraud)

6. Quality of Service (QoS) abuse

7. Hardware software failure

1. Disaster Recovery and Business Continuity Plans

2. Protecting against denial of service attacks

3. Improve your physical infrastructure

5. Streamline your formatting and organization

A strategic strategy is necessary for an efficient cybersecurity program because it offers a