Professional Documents
Culture Documents
• Constructive?
Y/N
• Linked to relevant assessment
criteria? Y/N
1|Page
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Confirm action completed
Remedial action taken
Give details:
Internal
Date
Verifier
signature
Programme Leader signature
Date
(if required)
2|Page
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Higher Nationals - Summative Assignment Feedback Form
Student Name/ID Mohamed Ramzeen Safwan
Assessor Feedback:
LO1. Assess risks to IT security
Pass, Merit & P1 P2 M1 D1
Distinction Descripts
LO2. Describe IT security solutions.
3|Page
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Pearson
Higher Nationals in
Computing
Unit 5 : Security
4|Page
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
General Guidelines
1. A Cover page or title page – You should always attach a title page to your assignment. Use
previous page as your cover sheet and make sure all the details are accurately filled.
2. Attach this brief as the first section of your assignment.
3. All the assignments should be prepared using a word processing software.
4. All the assignments should be printed on A4 sized papers. Use single side printing.
5. Allow 1” for top, bottom , right margins and 1.25” for the left margin of each page.
1. The font size should be 12 point, and should be in the style of Time New Roman.
2. Use 1.5 line spacing. Left justify all paragraphs.
3. Ensure that all the headings are consistent in terms of the font size and font style.
4. Use footer function in the word processor to insert Your Name, Subject, Assignment No, and
Page Number on each page. This is useful if individual sheets become detached for any reason.
5. Use word processing application spell check and grammar check function to help editing your
assignment.
Important Points:
1. It is strictly prohibited to use textboxes to add texts in the assignments, except for the
compulsory information. eg: Figures, tables of comparison etc. Adding text boxes in the body
except for the before mentioned compulsory information will result in rejection of your work.
2. Carefully check the hand in date and the instructions given in the assignment. Late submissions
will not be accepted.
3. Ensure that you give yourself enough time to complete the assignment by the due date.
4. Excuses of any nature will not be accepted for failure to hand in the work on time.
5. You must take responsibility for managing your own time effectively.
6. If you are unable to hand in your assignment on time and have valid reasons such as illness, you
may apply (in writing) for an extension.
7. Failure to achieve at least PASS criteria will result in a REFERRAL grade .
8. Non-submission of work without valid reasons will lead to an automatic RE FERRAL. You will
then be asked to complete an alternative assignment.
9. If you use other people’s work or ideas in your assignment, reference them properly using
HARVARD referencing system to avoid plagiarism. You have to provide both in-text citation and
a reference list.
10. If you are proven to be guilty of plagiarism or any academic misconduct, your grade could
be reduced to A REFERRAL or at worst you could be expelled from the course
5|Page
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Student Declaration
I hereby, declare that I know what plagiarism entails, namely to use another’s work and to
present it as my own without attributing the sources in the correct way. I further understand what
it means to copy another’s work.
sfwnsmart@gmail.com
Student’s Signature: Date: 24/08/2022
(Provide E-mail ID) (Provide Submission Date)
6|Page
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Assignment Brief
Student Name /ID Number Mohamed Ramzeen Safwan
Unit Number and Title Unit 5- Security
Academic Year 2020/2021
Unit Tutor
Assignment Title EMC Cyber
Section 4.2 of the assignment required to do a 15 minutes presentation to illustrate the answers.
7|Page
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Unit Learning Outcomes:
LO1 Assess risks to IT security.
LO2 Describe IT security solutions.
LO3 Review mechanisms to control organisational IT security.
LO4 Manage organisational security.
8|Page
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Scenario
‘EMC Cyber’ is a reputed cyber security company based in Colombo Sri Lanka that is delivering
security products and services across the entire information technology infrastructure. The company
has a number of clients both in Sri Lanka and abroad, which includes some of the top-level companies
of the world serving in multitude of industries. The company develops cyber security software
including firewalls, anti-virus, intrusion detection and protection, and endpoint security. EMC Cyber is
tasked with protecting companies’ networks, clouds, web applications and emails. They also offer
advanced threat protection, secure unified access, and endpoint security. Further they also play the role
of consulting clients on security threats and how to solve them. Additionally the company follows
different risk management standards depending on the company, with the ISO 31000 being the most
prominent.
One of the clients of EMC Cyber, Lockhead Aerospace manufacturing which is a reputed aircraft
manufacturer based in the US, has tasked the company to investigate the security implications of
developing IOT based automation applications in their manufacturing process. The client has requested
EMC to further audit security risks of implementing web based IOT applications in their
manufacturing process and to propose solutions. Further, Lockhead uses ISO standards and has
instructed EMC to use the ISO risk management standards when proposing the solution.
The director of the company understands such a system would be the target for cyber-attacks. As you
are following a BTEC course which includes a unit in security, the director has asked you to
investigate and report on potential cyber security threats to their web site, applications and
infrastructure. After the investigation you need to plan a solution and how to implement it according
standard software engineering principles.
9|Page
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Activity 01
Assuming the role of External Security Analyst, you need to compile a report focusing on following
elements to the board of EMC Cyber’;
1.1 Identify the CIA Triad concept and evaluate why and how the CIA Triad could be utilize to
EMC Cyber in order to improve the organization’s security.
1.2 Identify types of security risks EMC Cyber is subject to its present setup and the impact that they
would make on the business itself. Evaluate at least three physical and virtual security risks
identified and suggest the security measures that can be implemented in order to improve the
organization’s security.
1.3 Develop and describe security procedures for EMC Cyber to minimize the impact of
issues discussed in section (1.1) by assessing and rectifying the risks.
Activity 02
2.1 Identify how EMC Cyber and its clients will be impacted by improper/ incorrect
configurations that are applicable to firewalls and VPN solutions. IT security can include a
network monitoring system. Discuss how EMC cyber can benefit by implementing a network
monitoring system with supporting reasons.
2.2 Explain how the following technologies would benefit EMC Cyber and its Clients by facilitating a
‘trusted network’. (Support your answer with suitable examples).
i) DMZ
ii) Static IP
iii)NAT
2.3 Identify and evaluate the tools that can be utilized by EMC cyber to improve the network and
security performance without compromising each other. Evaluate at least three virtual and physical
security measures that can be implemented by EMC to uphold the integrity of organization’s IT
policy.
10 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Activity 03
3.1 Discuss suitable risk assessment integrated enterprise risk management procedures for EMC Cyber
solutions and the impact an IT security audit will have on safeguarding organization and its clients.
Furthermore, your discussion should include how IT security can be aligned with an organizational IT
policy and how misalignment of such a policy can impact on organization’s security.
(This can include one or more of the following: network change management, audit control, business
continuance/disaster recovery plans, potential loss of data/business, intellectual property, Data
Protection Act; Computer Misuse Act; ISO 31000 standards.)
3.2 Explain the mandatory data protection laws and procedures which will be applied to data storage
solutions provided by EMC Cyber. You should also summarize ISO 31000 risk management
methodology.
Activity 04
4.1 Design an organizational security policy for EMC Cyber to minimize exploitations and
misuses while evaluating the suitability of the tools used in an organizational policy.
4.2 Develop and present a disaster recovery plan for EMC Cyber according to the ISO/IEC
17799:2005 or similar standard which should include the main components of an organizational
disaster recovery plan with justifications. Discuss how critical the roles of the stakeholders in the
organization to successfully implement the security policy and the disaster recovery plan you
recommended as a part of the security audit.
(Students should produce a 15 minutes PowerPoint presentation which illustrates the answer for
this section including justifications and reason for decisions and options used).
11 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Table of Contents
Acknowledgment....................................................................................................................18
Activity 01..............................................................................................................................19
1.1 19
What is CIA Traid?.................................................................................................................19
Confidentiality........................................................................................................................19
Integrity...................................................................................................................................20
Availability.............................................................................................................................20
What are the technique we can use to Confidentiality to protect EMC cyber?.........................21
Encrypt sensitive files.................................................................................................................21
Manage data access....................................................................................................................21
Physically secure devices and paper documents........................................................................21
Securely dispose of data, devices, and paper records................................................................22
Manage data acquisition.............................................................................................................22
Manage data utilization..............................................................................................................22
Manage devices..........................................................................................................................22
Threats against Integrity.............................................................................................................24
Media Alteration.........................................................................................................................24
What are the technique we can use to Integrity to protect EMC cyber?....................................25
Message Alteration.....................................................................................................................27
Threats against Availability........................................................................................................28
What are the technique we can ensuring to Availability to protect EMC cyber?......................29
Advantageous of EMC cyber to maintain CIA Triad.................................................................31
1.2 32
What is IT Security?...............................................................................................................32
Importance of IT security...........................................................................................................32
What is IT Risk?.........................................................................................................................32
What is threats?..........................................................................................................................33
Some security risks for EMC cyber........................................................................................33
Physical security risks................................................................................................................33
12 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Virtual security risks..................................................................................................................33
What are the Impacts to the EMC cyber because of Physical & virtual security Risks?...........34
1.3............................................................................................................................................................ 34
What is security procedure?.......................................................................................................34
Physical Security Risks..............................................................................................................35
Tailgating....................................................................................................................................35
Natural........................................................................................................................................36
Theft of documents.....................................................................................................................36
Unaccounted visitors..................................................................................................................36
Stolen identification....................................................................................................................36
Virtual Security Risks.................................................................................................................37
VM Sprawl (Virtual Machine Sprawl).......................................................................................37
Malware & Ransomware Attacks...............................................................................................38
Phishing......................................................................................................................................40
Access Control...........................................................................................................................40
Trojan horse................................................................................................................................40
What is Risk Assessment Procedure?.....................................................................................41
1. Tailgating................................................................................................................................43
2. Natural disaster.......................................................................................................................43
3. Theft of documents.................................................................................................................44
4. Stolen Identification...............................................................................................................44
5. Social engineering..................................................................................................................45
1. VM Sprawl.............................................................................................................................47
2. Malware & Ransomware Attacks..........................................................................................47
3. Access Control.......................................................................................................................48
4. Phishing..................................................................................................................................49
5. Trojan Horse...........................................................................................................................49
Activity 02..............................................................................................................................50
2.1............................................................................................................................................................ 50
Identify the potential impact to IT security of incorrect configuration of firewall policies and
third-party VPNs.....................................................................................................................50
What is VPN?.............................................................................................................................50
13 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
VPN Protocols........................................................................................................................51
1. OpenVPN...............................................................................................................................51
2. IPsec/L2TP.............................................................................................................................51
3. IKEv2/IPsec............................................................................................................................51
4. PPTP.......................................................................................................................................51
5. Softether.................................................................................................................................51
7. WireGuard..............................................................................................................................52
Types of VPN.............................................................................................................................52
1. Remote Access VPNs.............................................................................................................52
2. Site-to-Site VPN.....................................................................................................................52
3. Client to Server VPN..............................................................................................................53
4. P2P VPN................................................................................................................................53
Here are some important uses of VPN:......................................................................................54
1) Use Public Wi-Fi securely..................................................................................................54
2) Secure Communication between Sites................................................................................54
3) Bypass the Web Censorship and Content Surveillance......................................................55
Firewall...................................................................................................................................55
Types of firewalls.......................................................................................................................56
Encryption..................................................................................................................................57
2.2 58
DMZ.......................................................................................................................................58
Services of a DMZ include.........................................................................................................59
Static IP...................................................................................................................................59
What Makes a Static IP Address Useful?...................................................................................59
NAT (Network Address Translation).....................................................................................61
NAT Types.................................................................................................................................61
Purpose of NAT..........................................................................................................................62
Advantageous for EMC cyber and client to use those strategy..............................................62
Advantageous for using DMZ....................................................................................................62
Advantageous for using NAT.....................................................................................................65
2.3 66
Physical security measures.....................................................................................................66
14 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Virtual security measures.......................................................................................................67
Activity 3................................................................................................................................69
3.1 69
What is risk assessment procedure?...........................................................................................69
Steps of risk assessment.............................................................................................................70
Benefits of risk assessment.........................................................................................................72
IT Security & Organization Policy.........................................................................................72
Security Audit.........................................................................................................................73
Types of IT security audit..........................................................................................................74
Impacts of IT security audit........................................................................................................74
Computer Misuse.......................................................................................................................75
Types of computer misuse..........................................................................................................75
Computer misuse act of 1990.....................................................................................................76
Data Protection Act (1998)........................................................................................................77
3.2 79
Data protection law and procedures for EMC cyber data storage..............................................79
Data Protection Act 2018...........................................................................................................79
ISO 31000..................................................................................................................................80
Benefit of ISO 31000.................................................................................................................80
Raid Technology.....................................................................................................................81
RAID level 0 – Striping..............................................................................................................82
RAID level 1 – Mirroring...........................................................................................................83
RAID level 5 – Striping with parity...........................................................................................83
RAID level 6 – Striping with double parity...............................................................................84
RAID level 10 – combining RAID 1 & RAID 0.......................................................................84
Activity 4................................................................................................................................85
4.1 85
Security Policy for EMC Cyber.................................................................................................85
Physical security.........................................................................................................................85
Authentication............................................................................................................................85
Privacy........................................................................................................................................86
Security awareness training........................................................................................................86
15 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Special access.............................................................................................................................86
Access to visitors........................................................................................................................86
Password.....................................................................................................................................86
Risk management.......................................................................................................................86
Virus protection..........................................................................................................................86
4.2 87
Refernces......................................................................................................................................107
Table of Figure
Figure 1..........................................................................................................................................19
Figure 2..........................................................................................................................................32
Figure 3..........................................................................................................................................41
Figure 4..........................................................................................................................................41
Figure 5..........................................................................................................................................50
Figure 6..........................................................................................................................................54
Figure 7..........................................................................................................................................54
Figure 8..........................................................................................................................................55
Figure 9..........................................................................................................................................55
Figure 10........................................................................................................................................58
Figure 11........................................................................................................................................61
Figure 12........................................................................................................................................69
Figure 13.......................................................................................................................................73
Figure 14........................................................................................................................................75
Figure 15........................................................................................................................................81
Figure 16........................................................................................................................................82
Figure 17........................................................................................................................................83
Figure 18........................................................................................................................................83
Figure 19........................................................................................................................................84
Figure 20........................................................................................................................................84
Figure 21........................................................................................................................................87
Figure 22........................................................................................................................................87
Figure 23........................................................................................................................................88
Figure 24........................................................................................................................................88
Figure 25........................................................................................................................................89
Figure 26........................................................................................................................................89
16 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 27........................................................................................................................................90
Figure 28........................................................................................................................................90
Figure 29........................................................................................................................................91
Figure 30........................................................................................................................................91
Figure 31........................................................................................................................................92
Figure 32........................................................................................................................................92
Figure 33........................................................................................................................................93
Figure 34........................................................................................................................................93
Figure 35........................................................................................................................................94
Figure 36........................................................................................................................................94
Figure 37........................................................................................................................................95
Figure 38........................................................................................................................................95
Figure 39........................................................................................................................................96
Figure 40........................................................................................................................................96
Figure 41........................................................................................................................................97
Figure 42........................................................................................................................................97
Figure 43........................................................................................................................................98
Figure 44........................................................................................................................................98
Figure 45........................................................................................................................................99
Figure 46........................................................................................................................................99
Figure 47......................................................................................................................................100
Figure 48......................................................................................................................................100
Figure 49......................................................................................................................................101
Figure 50......................................................................................................................................101
Figure 51......................................................................................................................................102
Figure 52......................................................................................................................................102
Figure 53......................................................................................................................................103
Figure 54......................................................................................................................................103
Figure 55......................................................................................................................................104
Figure 56......................................................................................................................................104
Figure 57......................................................................................................................................105
Figure 58......................................................................................................................................105
Figure 59......................................................................................................................................106
Table of tables
Table 1...........................................................................................................................................42
Table 2...........................................................................................................................................46
Table 3...........................................................................................................................................77
17 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Acknowledgment
I have taken efforts in this project. It’s cannot be finished with some peoples support. I would
like to thank them. I thank my god give chance to finish this assignment. I am highly thankful to
my lecturer Ms. Samindhi for his guidance as well as for providing important information
regarding the project and also his support to complete the project. I would like to thank my
parents for their co-operation and encouragement, which helped me in the completion of this
project. My thankful for my whole classmate for support and help in some situation to finished
the assignment.
M.R.Safwan
18 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Activity 01
1.1
Figure 1
Confidentiality, Integrity, and Availability are represented by the three letters "CIA triad." A
prominent model that serves as the foundation for the creation of security systems is the CIA
triad. They are used to identify weaknesses and develop strategies for problem-solving.
The operation of a business or network system depends on the secrecy, integrity, and availability
of information, and the CIA triad divides these three concepts into different focal points. This
distinction is useful because it directs security teams in determining the many approaches they
might take to each issue.
When all three requirements have been completed, the organization's security profile should be
stronger and more prepared to cope with threat situations.
Confidentiality
The efforts made by an organization to keep data private or hidden are referred to as
confidentiality. To do this, access to information must be restricted to avoid the purposeful or
unintentional sharing of data with unauthorized parties. Making sure that individuals without the
appropriate authority are barred from accessing assets crucial to your firm is a crucial part of
protecting confidentiality. On the other hand, a good system also makes sure that individuals
who require access have the proper rights.
19 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Integrity
Integrity requires ensuring that your data is reliable and unaltered. Only if the data is dependable,
accurate, and legitimate will the integrity of your data be preserved.
For instance, the information regarding top managers that your business posts on its website
must be accurate. People who visit your website looking for information could think your
company is unreliable if it is wrong. Someone with a stake in hurting your organization's
reputation might attempt to hack your website and change the executive descriptions, images, or
titles to reflect poorly on them or the business as a whole. In light of these issues, it is crucial to
maintain integrity.
Availability
Even if data is kept private and its integrity is upheld, unless it is accessible to those within the
business and the clients they serve, it is frequently meaningless. This requires that all systems,
networks, and applications operate properly and at the appropriate times. Additionally, people
who have access to particular information must be able to use it when they need to, and
accessing the data shouldn't take too long. The term is availability.
If the CID Triad miss to manage correctly what are the threats will come to EMC Cyber.
Eavesdropping attacks.
Encryption cracking.
Malicious insiders.
Man-in-the-middle attacks
Access to the network by unauthorized persons
Call Pattern Tracking
Data Mining
Reconstruction
20 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
What are the technique we can use to Confidentiality to protect EMC cyber?
21 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Securely dispose of data, devices, and paper records.
When data is no longer necessary for University-related purposes, it must be disposed
of appropriately.
• To prevent recovery and misuse, sensitive data, including Social Security numbers, must be
securely deleted.
• Paper documents containing sensitive information should be shred rather than thrown into trash
or recycling bins.
• Devices that were used for University-related purposes or that were otherwise used to store
sensitive information should be destroyed or securely erased to ensure that their previous
contents cannot be recovered and misused.
Manage devices.
A wide range of crucial security procedures are included in the issue of computer administration.
You can safeguard gadgets as well as the data they hold. Use whole-disk encryption, firewalls,
regular software patching, device passcodes, antivirus software, whitelisting, inactive session
suspension, and routine software patching to practice good cybersecurity hygiene.
22 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
1. Label confidential
Information. Confidential documents should be clearly labeled as such. Without this marking,
you run the danger of the information being public and may find it more difficult to hold the
discloser accountable should you decide to take legal action.
You must first train your team to recognize the difference between confidential and non-
confidential material if you plan to give them access to confidential information. They are more
prone to leak private information because they lack this essential understanding.
Your employees must understand how to manage and handle confidential information. Ensure
that you have the proper policies and processes in place and that your personnel is trained in
them. Depending on your business and the sort of sensitive information you store, the specifics
of these policies will change. Here are a few instances:
Be sure your employee handbook has a section outlining confidentiality rules and procedures.
Applicants should be made aware if a position entails handling confidential information. The
employee's need to handle sensitive material should also be mentioned in the employment
contract. You are strongly urged to have employees sign a confidentiality or non-disclosure
agreement in
23 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
addition to the federal law, which can offer some protection for that information. This shows the
employee how seriously you take keeping confidentiality, if nothing else.
6. Regulate online conduct.
Media Alteration
The risk of media alteration is that an attacker will intercept media in the middle of
communication entities and change the media information to insert unauthorized media, lower
the quality of service, erase specific information, and other things. The medium can only be
voice-based or combined with text, fax, video, or images. Degrading and media infusion are
common instances.
Media injection
An unapproved technique called media injection involves an attacker replacing or adding fresh
media to a live media channel. As a result of media injection, the target audience (victim) might
hear an advertisement, background noise, or silence during a conversation.
Media Degrading
24 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
1. An attacker intercepts RTCP packets in the middle, and changes (or erases) the statistic
values of media traffic (packet loss, delay, and jitter) so that the endpoint devices may not
control the media properly.
2. An attacker intercepts RTCP packets in the middle, and changes the sequence number of
the packets so that the endpoint device may play the media with wrong sequence, which
degrades the quality
• Poor Passwords
• Outdated Software and Apps
• Network Vulnerabilities
• Software Vulnerabilities
• Intrusion Attacks
• Poor Configuration Management
• Improper Security Architecture
• Direct Attack
• Modifying configuration files
• Change the system logs
What are the technique we can use to Integrity to protect EMC cyber?
25 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
3. Have Strong Access Management
Data integrity is guaranteed by a strong access management system. Giving authorized people
access to data so they can examine or edit it improves a company's data visibility and integrity. It
is essential to pinpoint the issue's origin in the event of a data breach. Access management is
crucial for preserving data integrity because of this.
7. Educate Employees
While many businesses consistently concentrate on what they perceive to be larger and more
significant projects, such as selecting the best software provider, carrying out routine data audits,
complying with regulations, and so forth, they neglect to concentrate on more compact but
potent
26 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
strategies for maintaining data integrity. Employee education is one area where there can be a
significant influence. Employees who support data integrity for their employers must be aware of
its significance and make it a top priority. Through training, they can identify and avoid any
actions that can undermine the integrity of the data swiftly and effectively.
8. Backing Up Data
For their website, papers, and information, even small firms that do not deal with sensitive data
should have a backup and restoration option. Always make sure you have a reliable backup and
restore strategy in place when working with sensitive data. If you have a backup, data can be
restored seamlessly in the case of a data loss, breach, or system failure, guaranteeing that your
activities can continue without interruption and that your data cannot be altered irreversibly or
held for ransom.
Message Alteration
Message alteration is the risk that an attacker would intercept messages while they are being sent
between communication entities and change some of the information to redirect the call, change
some of the information, stop the service, and other things. Black holing and call rerouting are
common instances.
Call Rerouting
Any unauthorized change in call direction made by modifying the protocol message's routing
information is known as call rerouting. Call rerouting has the effect of either include or
excluding legitimate entities from the path of the call signal or media.
27 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Call Black Holing
Any unauthorized way of erasing or refusing to pass any crucial components of protocol
messages in the middle of communication entities is known as call black holing. Call black
holing has a number of negative effects, including delays in call setup, rejection of following
messages, application failures, dropped call connections, etc. Here are a few SIP examples:
1. An attacker as an intermediary drops only ACK messages between call entities so that
the SIP dialog cannot be completed, even though there could be early media between
them.
2. An attacker as an intermediary deletes media session information (SDP) in the INVITE
message, which could result in one-way audio or call disconnection.
3. An attacker as an intermediary refuses to pass all messages to a specific user (victim)
so that the user cannot receive any inbound calls
Call Teardown
Toll Fraud
28 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
4. Call hijacking (registration or media session hijacking)
Registration Hijacking
Media Session Hijacking
5. Server impersonating
8. Natural disaster
What are the technique we can ensuring to Availability to protect EMC cyber?
There should be disaster recovery measures in place that provide replication of the server to a
different data center in the event that a server or piece of hardware becomes unreachable. Plans
for disaster recovery are similar to insurance. Before you need them, you don't need them.
1. Deploying firewall rules to detect unexpected traffic is one other way. Smart techniques and
monitoring tools should be used to constantly differentiate good traffic against the bad ones.
2. One of the other techniques is to reduce the surface area of the attack by running your
services in multiple data centers and have a load balancer in front that can route traffic
across these data centers.
29 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
3. Deploy DDoS prevention devices on the network perimeter. These devices are designed to
detect DDoS attacks much before they can cause any harm.
Your servers and disks have the power to boost or reduce availability. They ought to be created
with availability in mind, distributing data among clusters to prevent total data loss in the event
of a cluster failure.
Hasten the recuperation process
Even Amazon cannot guarantee flawless availability. You must be able to solve problems as
soon as they appear. This endeavor entails investigating the problems, possibly upgrading the
hardware, and restarting the database and operating systems functions.
4. Eliminate corrupted data
Data corruption is similar to bacterial cells in that it doesn't take much to cause significant harm.
When data is missing, inaccurate, out-of-date, or just inaccessible, corruption can occur. In
essence, it's any data that you can't completely trust, which in certain businesses is a lot of data.
The only way to identify and correct all the problems is to use a methodical approach. This
procedure should ideally be automated because doing it by hand is very distracting.
The worst case scenario is when reliable data is available but you can't access it as quickly or
readily as you'd like. This typically occurs because data is formatted differently and can't be
quickly reformatted. As long as you have a tool that integrates data onto a shared platform,
formatting problems are prevalent but preventable.
Even if you are proactive, availability concerns are tough to avoid. As data volume and velocity
rise, managing it becomes increasingly challenging. Additionally, a burgeoning criminal
population is continuously attacking data. This resource is essential, but you simply cannot do
without it because it will only become more unstable and unpredictable.
30 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Advantageous of EMC cyber to maintain CIA Triad
The primary framework for creating security systems and guidelines for organizations is the CIA
triad. As a result, the CIA trinity is essential to protecting your data from evolving cyber threats.
An organization is said to have failed in properly adopting one or more of these principles if a
security incident—such as data theft or a security breach—occurs. The CIA trinity is essential to
information security because it improves security posture, assists enterprises in maintaining
compliance with complicated requirements, and guarantees business continuity.
The CIA trio should be used in the majority of security scenarios, especially since each element
is crucial. However, it is especially useful when creating systems for classifying data and
controlling access credentials. When dealing with your organization's cyber vulnerabilities, you
should strictly apply the CIA trinity. It can be an effective tool for stopping the Cyber Kill Chain,
which is the procedure for identifying and carrying out a cyberattack.
You may use the CIA security Triad to identify potential targets for attackers and then put
policies and procedures in place to effectively safeguard those assets.
Before any consequences from hackers or natural disasters, we must safeguard our precious
system. The CIA Triad is the most safe technique of protection from any effect to EMC Cyber,
as it will prevent us from losing our precious data and information if the above-mentioned
consequences occur.
31 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
1.2
What is IT Security?
Figure 2
32 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
What is threats?
Cyber threats also refer to the potential for a successful cyber assault with the intent of gaining
unauthorized access to, damaging, disrupting, or stealing a computer network, an intellectual
property asset, or any other kind of sensitive data. Cyber threats might originate from within an
organization from reputable people or from distant areas from unauthorized individuals.
33 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
What are the Impacts to the EMC cyber because of Physical & virtual security Risks?
Financial losses
Loss of privacy
Damage to EMC cyber reputation Rep
Legal implications
Even loss of life
The resources of EMC cyber will be lose
Employees will be disappoint
Loss of important data
People and customers will scared to deal with EMC cyber
If the natural disaster happen will be taken more days to refresh the resources
1.3
What is security procedure?
Procedures for information security
A specific course of action or manner of operation might be referred to as a procedure. They
describe an act or the way things are done during any process or action. The protocols outline the
steps necessary for requesting USERIDs, processing passwords, and information disposal. In the
future, the processes for seeking USERIDs or access modifications will be carried out via email,
using simple templates that prompt the requester for all the necessary information. Requests may
be processed quickly, increasing productivity for everyone involved.
34 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
8. Acceptable Encryption and Key Management Policy
9. Data Breach Response Policy
10. Personnel Security Policy
11. Data Backup Policy
12. Incident Response Policy
13. End User Encryption Key Protection Policy
14. Remote Access Policy
15. Secure Systems Management Policy
16. Monitoring and Logging Policy
35 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Natural disaster
A disaster recovery plan (DRP), also known as a disaster recovery implementation plan or an IT
disaster recovery plan, is a documented policy and/or procedure that is intended to help an
organization carry out recovery procedures in the event of a disaster, thereby protecting business
IT infrastructure and, more generally, fostering recovery.
Theft of documents
Implementing a "clear-desk" policy is one of the best ways to stop the theft or unintentional
disclosure of documents and sensitive information. Sensitive documents are less likely to be left
in risky areas when there is a clear-desk policy in place, which requires that all desks are cleaned
and all paperwork is put away at the end of each workday. Additionally, you must make sure that
your staff members destroy all private data they possess after using them.
Access control must be implemented in order to stop unauthorized visitors from entering your
company and to prevent document theft.
Unaccounted visitors
For corporate security, access control using swipe-card-access or ID doors is crucial, but you
need also make sure that every visitor is registered by giving them visitor cards. This way, you'll
always be able to tell whether someone is allowed to be on your property, and you'll also have a
log of entrance so you can later confirm when someone was there. You must, of course, take
precautions to ensure that everyone is using verification that they are authorized to use.
Stolen identification
Employees must be made aware of the value of safeguarding their IDs or access cards. Without
sufficient training, staff members frequently lend or exchange their cards, making it challenging
to effectively manage access. Employees might not take proper care of their IDs unless it is made
clear how important it is to do so. Hence it is necessary to educate them about ID protection.
36 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Virtual Security Risks
1. VM Sprawl
2. Malware & Ransomware Attacks
3. Access Control
4. Phishing
5. Trojan Horse
1. Maintain an inventory
Create a common inventory for all the virtual machines and hosts, and update it periodically.
This inventory helps you understand the function of every VM in your environment and helps
you keep track of the VMs created for multiple purposes by different IT staff.
Create groups based on VM functions or classify them by their departments. Whether you're
creating a new VM, optimizing the existing virtual environment, or applying new configurations,
these groups make VM management easy.
Based on bandwidth consumption, audit the VMs and identify idle VMs early before they take
up too much disk space and cache memory. After this, you have two choices:
a. Delete the VM along with its junk files if it's no longer needed.
b. Archive the VM if you need it again down the road for a similar function.
Since virtual machines are used to provide a top-notch end-user experience, it's crucial to
ensure that they have enough resources to do it. To achieve this, you need to constantly monitor
virtual machines to identify VMs that have high CPU, memory, and disk utilization.
37 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Similarly, you need to monitor VMs to identify the ones that have over-allocated memory and
disk space. You can then modify configurations to ensure your VMs receive sufficient resources,
which can help you avoid potential performance issues.
It's a good practice to audit your VMs from time to time to identify anomalies in their
performance. Generate reports periodically and analyze important parameters such as CPU
usage, memory usage, and disk usage to evaluate their health.
This helps you identify patterns in performance degradation early on for individual VMs and
make more informed VM management decisions. This is a holistic approach every IT admin can
adopt to prevent VM sprawl.
The most important part of a ransomware security strategy is the use of regular data backups.
Enterprises should perform these as often as possible, and they should be combined with backup
and restore drills. Both processes are important, but recovery drills are the only way to know for
certain if a backup plan is a good one. If a team can recover from a very recent backup, they
might not need to pay to get their data back.
Malicious links and attachments that are the main source of ransomware attacks can arrive
through multiple workplace channels – not only through email, but via social media messages,
collaboration tools, and many other communication channels. Effective digital risk
protection tools can proactively monitor all digital communications and immediately detect and
quarantine potentially problematic links, attachments, and URLs. Traditional antivirus software
doesn’t provide enough protection; enterprises need next-gen solutions leveraging machine
learning to detect both known and unknown forms of ransomware
38 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
3. Educate Employees on Cybersecurity Best Practices.
A study by Kaspersky revealed that almost half of employees don't know how to respond to
ransomware attacks. All employees should gain a basic understanding of what ransomware is,
how it usually arrives, and what the warning signs are. They should know who to report
suspicions to, and what to do in the event that their actions trigger the execution of ransomware.
Attackers work relentlessly to discover vulnerabilities that can be exploited. Avoiding malware
and ransomware requires IT professionals to be equally rigorous in return. Common
vulnerabilities and exposures are always being patched, but updating systems and patching
software from legitimate sources, can help significantly reduce exposure to vulnerabilities.
To keep up with the growing and ever-changing threat of ransomware, enterprises need to invest
in digital risk protection tools that provide full threat intelligence. With this approach, IT teams
can automatically identify, assess, and proactively respond to threats, and stop any ransomware
spread before it begins.
A dedicated set of cybersecurity solutions offer endpoint detection and response (EDR). These
solutions can closely monitor activities across all endpoints, and capture raw events deemed
suspicious. These solutions can deliver unhindered environment visibility for proactive threat
recognition and response at the endpoint level.
39 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Phishing
Access Control
Port scanning and compromise
Backdoors are the unauthorized open ports created by malicious programs that allow an
unauthorized entity to gain access into the system. An important countermeasure is to
periodically check these open ports in the system and close the ports that are not used by
programs. Port scanning tools will help in this process. While port scanning helps security tests
to identify open ports, the scanners can also be used by attackers to find the entry points to
system.
Trojan horse
Antivirus software
Authentication
Encryption
Firewall
The primary means of mitigating virus and Trojan horse attacks is antivirus software. Antivirus
software helps prevent hosts from getting infected and spreading malicious code.
40 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
What is Risk Assessment Procedure?
Figure 3
Risk assessment is the process of locating potential threats to a company's capacity to conduct
business. These analyses assist in identifying these inherent company risks and offer steps,
procedures, and controls to lessen their negative effects on daily operations.
In order to prioritize and communicate the contents of the evaluation, including any threats to
their information technology (IT) infrastructure, businesses might utilize a risk assessment
framework (RAF). The RAF assists an organization in identifying prospective risks, any
company assets put at risk by these risks, as well as potential consequences should these risks
materialize.
Figure 4
41 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Risk Case Assurance Severity Assets Effected Solution
Physical Risks
Table 1
42 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
There is a chapter "solution" with a complete definition in the table above.
1. Tailgating
Managing Access Control
Access control is a security technique that regulates who or what can view or use resources in a
computing environment. It is a fundamental concept in security that minimizes risk to the
business or organization. There are two types of access control: physical and logical.
Using Surveillance will helpful to Integration of video surveillance in key security spots on a
building, and particularly the main entrance, not only deters criminals but also helps law
enforcement authorities to identify the tailgaters in case of a crime
Some another ways also there to protect Tailgating these two are main
2. Natural disaster
1. DRP plan
A disaster recovery plan (DRP) is a documented, structured approach that describes how an
organization can quickly resume work after an unplanned incident. A DRP is an essential part of
a business continuity plan (BCP). It is applied to the aspects of an organization that depend on a
functioning information technology (IT) infrastructure. A DRP aims to help an organization
resolve data loss and recover system functionality so that it can perform in the aftermath of an
incident, even if it operates at a minimal level.
The plan consists of steps to minimize the effects of a disaster so the organization can continue to
operate or quickly resume mission-critical functions. Typically, a DRP involves an analysis of
business processes and continuity needs. Before generating a detailed plan, an organization often
performs a business impact analysis (BIA) and risk analysis (RA), and it establishes recovery
objectives.
43 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
2. Data backup center
Backup refers to the process of storing data on a separate medium for added reliability. This
helps recover data in case of primary hardware failures, accidental deletion, cyberattacks and
natural disasters. Servers are backed-up daily and archived offsite for long term retention.
Backup services are available by request to all UCSC employees
3. Regular backup
Regular backup will help us to get back data again if any problem or threats come to our system.
3. Theft of documents
4. Stolen Identification
1.Protect information (Secure your mail , Safeguard your Social Security number, Never let your
credit card out of your sight)
We have to secure our emails because hackers will target emails to affect our system and always
need to safeguard our social security number and also need to keep safety our credit card. These
all the security measure will protect our company and your individual life too from Stolen
Identification.
44 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
5. Social engineering
1. Employees awareness
With threat actors constantly developing their tactics, your team needs to be trained to recognize
attacks or, at the very least, situations that deviate from standard operations.
Over time, learned skills may be forgotten. Regardless, the techniques and tactics of our
adversaries continue to evolve. Regular and timely training for every member of your team could
not be more important.
A holistic training plan should include general security awareness training, regular simulated
phishing tests, and full-on social engineering engagements. Employee awareness of information
and asset sensitivity and classification is also important. If dealing with highly critical
information, your team should be aware that they need to be more skeptical when handling it
than when handling assets of lower importance.
2. Technical Measures
Technical countermeasures are designed to prevent the situation from escalating. The goal is to
stop threat actors before they have any opportunity to take advantage of human nature in the first
place. There are multiple options here, including waste management that safely discards any
sensitive information, safe physical access systems (doors, gates, etc.), sophisticated entry cards,
person verification, accompanying any guests, etc.
45 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Risk Case Assurance Severity Assets Effected Solution
Virtual Risks
5.Trojan Horse When careless High High Damage reputation of 1.use firewall
when using the company 2. Install a high-
internet or quality antivirus.
downloads or 3. Avoid third-party
else using open downloads.
source software
in internet.
Table 2
46 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
There is a chapter "solution" with a complete definition in the table above.
1. VM Sprawl
Use virtualization management software
Depending on how big and diverse your environments are, how experienced your IT team is, and
what your strategic goals are, virtualization management software might make your life a lot
easier. Sure, a single system administrator can manually manage a handful of virtual machines
(VMs) fired up on a single workstation, but large enterprise-wide deployments use virtualization
management software to help their systems be successful.
Regularly update your operating systems, software tools, browsers and plug-ins.
Implement routine maintenance to ensure all software is current and check for signs of
malware in log report
47 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Install or implement a firewall, intrusion detection system (IDS) and intrusion prevention
system (IPS).
Never use unfamiliar remote drives or media that was used on a publicly accessible device.
Close unused ports and disable unused protocols.
Remove inactive user accounts.
Carefully read all licensing agreements before installing software.
3. Access Control
1. Restrict access to systems
Access whether physical or electronic must be restricted to systems, sensitive files, etc. If the
attacker has physical access to the system which hosts authentication records, then they can
dump the records and then crack them offline. Same is the case for electronic access as user’s
access should be restricted to password files. All such activities should be logged and
investigated immediately. Also, user roles should be controlled/restricted as to what they can do
on a system
There must be a password policy that directs the use of strong passwords organization-wide as
it can reduce the attack surface of passwords. The policy should not only include enforcing a
strong password but also directs changing passwords regularly. This type of policy is a must
and organizations should not on depend solely on users’ awareness about strong password and
rather enforce it.
3. Testing:
As they say think like a malicious user would and then prepare control test strategies. This
technique should only be followed by approvals from different groups from within an
organization. Testing strategies should also follow compliance guidelines under which the
control fall or for the compliance organization is striving towards. Testing should frequently be
done on the access control systems, for example, like whenever a new control is deployed, or a
new logical network segmentation is performed. Testing results should be distributed, and
appropriate decisions should be made to fine tune the existing policies or create a new policy if
one is missing. For example, if
48 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
the password is weak and can be cracked but allowed by the password policy then organization
password policy should be fine-tuned and must be enforced on user ac
4. Phishing
1. Use anti-spam filters
Only open email accounts with providers that include spam filtering. Choose an antivirus and
Internet security solution that also includes advanced anti-spam features
Make sure that you use the latest version of your web browser and that all the latest Internet
security patches have been applied.it will protect your company from phishing
Use this address when you need to register on public forums and in chat rooms, or to subscribe to
mailing lists and other Internet services. The following tips will also help you to reduce the
volume of spam you receive via your public email address:
Treat your public address as a temporary address. The chances are high that spammers will
rapidly get hold of your public address, especially if it is frequently being used on the Internet.
Consider using a number of public addresses. That way you’ll have a better chance of tracing
which services may be selling your address to spammers.
5. Trojan Horse
1. Use a firewall
Firewalls screen data that enters your device from the internet. While most operating systems
come with a built-in firewall, it’s also a good idea to use a hardware firewall for full protection
Antivirus and anti-malware software should be your first line of defense and it’s essential to
install something robust enough for the job. These programs scan your device for problems and
alert you if an issue arises. Some will also quarantine and delete any threats from your device
49 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
3. Avoid third-party downloads.
Any download is a potential threat. Websites, ads, and messages that contain automatic
downloads often hide malware. Avoid clicking through to any banners and suspicious links,
don’t use shortened URLs, and think carefully before allowing any download.
Activity 02
2.1
Figure 5
What is VPN?
A virtual private network (VPN) is a network that uses a public telecommunications
infrastructure, such the Internet, to offer secure access to a company's network to remote offices
or individual users. Data entering the tunnel is encrypted in a VPN, and it is decrypted at the
other end by computers at each end of the tunnel.
50 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
VPN Protocols
1. OpenVPN
OpenVPN is one of the most widely used VPN protocols. It’s an open-source protocol that uses
encryption based on the OpenSSL and SSLv3/TLSv1 protocols. Most VPN services support
OpenVPN and it’s available for a lot of different platforms (e.g. Windows, Android, Linux,
routers). Most consider OpenVPN to be the best choice.
2. IPsec/L2TP
This protocol combines IPsec for the encryption of data with L2TP for establishing a secure
connection. Most operating systems include IPsec/L2TP, which is a good choice when
OpenVPN isn’t available.
3. IKEv2/IPsec
IKEv2 is a protocol based on IPSec. This protocol can quickly connect to and switch between
networks. This makes it an ideal choice for smartphones because these devices tend to switch
between Wi-Fi networks and public Wi-Fi networks regularly. According to some sources,
IKEv2 is faster than OpenVPN. Nevertheless, OpenVPN is seen as the better protocol.
4. PPTP
PPTP (Point to Point Tunneling Protocol) is one of the first widely used protocols. This protocol
contains a few (potential) leaks. For this reason, its use is only advisable if speed is more
important to you than safety. This could be the case if you want to bypass restrictions set up by
streaming services.
5. Softether
Softether, unlike other VPN protocols mentioned so far, is not a stand-alone protocol, but an
open- source application that works across different platforms and offers support to VPN
protocols such as SSL VPN, L2TP/IPsec, OpenVPN, and Microsoft Secure Socket Tunneling
Protocol.
51 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
7. WireGuard
WireGuard is a relatively new protocol that has been gaining in popularity. It runs on a Linux
kernel and is aimed at performing even better than OpenVPN and IPsec. It’s still in development,
so you’re better off using OpenVPN for now.
Types of VPN
Remote access VPN is the most common type of VPN in use today. It connects users to a private
network via a secure remote server. A remote access VPN works by routing user's data through a
virtual tunnel between the user's device and the private network.
The encryption protocols ensure that your data isn’t compromised as it moves through networks.
Users must install the client VPN software to establish a connection to the VPN.Remote access
VPNs are simple to use and easy to set up. They can easily bypass geo-blocks and access content
that is otherwise restricted. Remote access VPNs are ideal for personal use
2. Site-to-Site VPN
A Site-to-Site VPN is commonly used in large companies where multiple users in various
locations need to access shared resources. Organizations with branches in numerous locations
rely on site- to-site VPNs to connect the network of one branch to the network at another branch.
Intranet based VPN: An Intranet based VPN links two offices of the same company. It
connects two separate LANs to a single WAN.
Extranet based VPN: Some organizations need to connect to a network of another
organization
Using an extranet: based VPN. A possible example of such a connection would be a
company that connects to its supplier's network for efficient trade.
52 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
A Site-to-Site VPN connects geographically distant offices through the internet and ensures
secure communication. As the VPN connection is established on router-to-router
communication, one router acts as a client while the other as a VPN server. Communication
between the routers only starts after authenticating both the end points.
4. P2P VPN
A Peer-to-Peer (P2P) VPN is a service that is compatible with peer-to-peer network. When
searching a file on a P2P network, the service locates copies of the file and creates connections
with sources that contain part of or the entire requested file.
P2P quickens the file sharing process since you’re downloading it not from a single location, but
from multiple nodes that contain small chunks of the same data. As you download the file, it’s
uploaded to more users who are requesting the same file.
Despite the advantages, P2P networks carry a negative reputation. A P2P VPN can protect your
data, but it cannot keep you safe for from malicious files. Since peer-to-peer networks rely on
data being hosted by different nodes, there is always a risk of malicious actors within the
network. A P2P VPN won't be able to protect your device if you download malware
masquerading as a normal legitimate file
Some users also use P2P VPN to access illegal content like copyrighted software, movies, and
music. This is why many countries have strict laws to discourage P2P file sharing
53 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Here are some important uses of VPN:
1) Use Public Wi-Fi securely
Figure 6
Some people use VPNs at Wi-Fi hotspots to prevent snoopers from gathering private
information because public Wi-Fi offers no encryption security to its users and your
signals are broadcast for anyone knowledgeable enough to eavesdrop. In general,
employing a VPN service, which completely encrypts all Internet traffic, is the best
approach to prevent your data from falling into the wrong hands.
Figure 7
Today, a site-to-site VPN connection is used by many firms to connect their branch
offices to their main office through the Internet. Businesses can, for instance, allow
employees who use laptops while traveling or working from home to connect to the
company network just as if they were seated at a desk in the office. Using a VPN, a
business with offices in two different places can link them via the internet so that it seems
as though they are on the same network. Users can send and receive information
through a secure link by
54 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
connecting remote sites to a central office. File servers and printers that are not physically
located in the same office can be used by employees.
Figure 8
Some nations erect firewalls to limit what their citizens can see, hear, and share with
others both inside and outside of their borders. You can "tunnel out" of the censorship
limitations and access the entire World Wide Web by connecting to a VPN server.
In our EMC facility in response to your final query, using a VPN service alone won't
conceal your true identity or where you are. There are numerous methods to be
recognized and followed if you don't safeguard your PC and browser.
Firewall
Figure 9
55 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Assume for the moment that you are a member of a 500-person company. As a result, the
company will have a large number of computers with network cards linking them all.
Without a firewall, all of those 100 computers are simultaneously accessible to everyone
on the internet. These computers can be probed, attempted FTP connections, attempted
telnet connections, and other actions by someone who is aware of what they are doing.
Hackers can gain access to the device and make the most of the security flaw if one
employee makes a mistake and leaves it. The environment is quite exclusive with a
firewall in place. A company will install a firewall at each internet connection so that the
firewall may enforce safety rules.
Types of firewalls
Software firewalls
Hardware firewalls
Cloud firewalls
Software firewalls
Software firewalls include any type of firewall that is installed on a local device rather than a
separate piece of hardware (or a cloud server). The big benefit of a software firewall is that it's
highly useful for creating defense in depth by isolating individual network endpoints from one
another.
However, maintaining individual software firewalls on different devices can be difficult and
time-consuming. Furthermore, not every device on a network may be compatible with a
single software firewall, which may mean having to use several different software firewalls to
cover every asset.
Hardware firewall
Hardware firewalls use a physical appliance that acts in a manner similar to a traffic router to
intercept data packets and traffic requests before they're connected to the network's servers.
Physical appliance-based firewalls like this excel at perimeter security by making sure malicious
traffic from outside the network is intercepted before the company's network endpoints are
exposed to risk.
56 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
The major weakness of a hardware-based firewall, however, is that it is often easy for insider
attacks to bypass them. Also, the actual capabilities of a hardware firewall may vary depending
on the manufacturer some may have a more limited capacity to handle simultaneous connections
than others.
Cloud firewalls
Whenever a cloud solution is used to deliver a firewall, it can be called a cloud firewall, or
firewall-as-a-service (FaaS). Cloud firewalls are considered synonymous with proxy firewalls
by many, since a cloud server is often used in a proxy firewall setup (though the proxy doesn't
necessarily have to be on the cloud, it frequently is).
The big benefit of having cloud-based firewalls is that they are very easy to scale with your
organization. As your needs grow, you can add additional capacity to the cloud server to filter
larger traffic loads. Cloud firewalls, like hardware firewalls, excel at perimeter security
Packet-filtering firewalls
Circuit-level gateways
Next-gen firewall
Encryption
The method of switching statistics privately and secretively is known as encryption. Your online
information is protected. It makes it possible to protect your privacy or anonymity during video,
voice, or text communications.
When you don't want anyone else to have access, encryption is
necessary. Allow me explain how it's implementing:
When you switch your data or information over the net, the information first
dispatched on your local network.
Then your statistics sent for your net service issuer who can view this information.
And then in the end, the information gets the supposed person.
57 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
So, throughout this complete process several man or woman can get entry to your information.
Subsequently, the encryption is needed to preserve your information secure & unreadable.
The pleasant way to encrypt your data over the net is using SSL (Secure Socket Layer) that
encrypt your statistics and make customers assured to technique.
2.2
DMZ
Figure 10
A safe transitory network between an organization's internal and external networks is known as a
demilitarized zone (DMZ). A front-line network called a DMZ server connects to external
networks while remaining isolated from internal networks for security reasons. A safe transitory
network between an organization's internal and external networks is known as a demilitarized
zone (DMZ). A front-line network called a DMZ server connects to external networks while
remaining isolated from internal networks for security reasons.
The main advantage of DMZ is the ability to securely access internet services from public
networks. Additionally, aid in preventing external networks and nodes from engaging with or
accessing the internal network. The internal network's access will be restricted by DMZ. Before
making that internal transfer, you should also run a firewall scan on all of their communication.
A hacker attempting to enter an organization's network can only see the DMZ and is unable to
access the main network hidden behind it. Firewall is less safe and secure than DMZ.
Additionally, it can function as a proxy server.
58 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Anytime an outsider tries to access the EMC Cyber, it directs them through the DMZ, which is
not directly connected to the EMC internal network. When there is no DMZ in the EMC Cyber,
an attacker has a possibility to quickly access the datacenter when attempting to attack the
network. However, if DMZ is present in the EMC Cyber, this will force attackers to only access
the DMZ rather than the internal network.
Static IP
A static IP address is one that stays the same over time. However, this may be given to a single
computer. Alternative to static IP addresses, dynamic IP addresses can only be assigned
temporarily. Static IP is set aside exclusively for one server. As a result, it will always utilize the
same IP address for sessions when a user logs in. This makes it easier for EMC Cyber to identify
the user. Static IP addresses are secure and dependable. Therefore, attacking the EMC will be
challenging for attackers. Static IP can be used by the user as a reliable IP address. That is
private and only the user has access to it.
59 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
A static IP address is also helpful if you run a print server, utilize networked printers, have a file
server in your network, host a website from home, or use remote access software. Other devices
always know exactly how to contact a device that has a static IP address since it never changes.
For instance, if a PC connected to a home network has a static IP address set up. A router can be
configured to always transmit some inbound requests directly to a computer if it has a specific
address associated with it, such as FTP requests if the computer shares files through FTP.
If you're hosting a website, for example, not having a static IP address is a pain since every time
the computer obtains a new IP address, you have to adjust the router settings to send requests to
that new address. Because the router doesn't know which device in the network is the one serving
the website, failing to do this would prevent anyone from seeing your website?
Another example of a static IP address at work is with DNS servers. DNS servers use static IP
addresses so that devices always knows how to connect to them. If they changed often, you'd
have to regularly reconfigure those DNS servers on your router or computer to use the internet.
Static IP addresses are also useful for when the device's domain name is inaccessible. Computers
that connect to a file server in a workplace network, for instance, could be set up to always
connect to the server using the server's static IP instead of its hostname. Even if the DNS server
malfunctions, the computers could still access the file server because they communicate with it
through the IP address
DNS servers are yet another application of a static IP address. Static IP addresses are used by
DNS servers so that devices always know how to connect to them. You would need to often
update those DNS servers on your network or PC in order to access the internet if they changed
frequently. In situations where the device's domain name cannot be accessed, static IP addresses
are also helpful. In a corporate network, for example, file servers could be configured so that
computers connecting to them always use their static IP address rather than their hostname. The
computers could still access the file server even if the DNS server was down since they connect
with it via the IP address.
60 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
NAT (Network Address Translation)
Figure 11
A feature known as network address translation enables users to use a single IP address for both
public and private network communication. There are a lot of public networks and a small
number of private networks in the world. NAT is a good solution for high traffic volume.
When users desire to get in touch with one another. However, IPv4 restricts IP addresses in order
to manage client volume. NAT was developed to address this. Additionally, manage multiple
clients' requests from a single private IP address that public networks require. A router serves as
the hub of network address translation, transforming the real IP address into a new public IP
address. This IP will appear on an external network as the router's IP, however that is incorrect.
NAT is useful for the EMC Cyber network because it allows the corporation to restrict its IP
addresses, which reduces complexity and makes security maintenance simple. It will be highly
beneficial for the security of the EMC network if an employee accesses the external network
using the same IP address that they use to access the EMC Cyber.
NAT Types
There are three different types of NATs. People use them for different reasons, but they all still
work as a NAT.
1. Static NAT
When the local address is converted to a public one, this NAT chooses the same one. This means
there will be a consistent public IP address associated with that router or NAT device.
61 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
2. Dynamic NAT
Instead of choosing the same IP address every time, this NAT goes through a pool of public IP
addresses. This results in the router or NAT device getting a different address each time the
router translates the local address to a public address.
PAT stands for port address translation. It’s a type of dynamic NAT, but it bands several local IP
addresses to a singular public one. Organizations that want all their employees’ activity to use a
singular IP address use a PAT, often under the supervision of a
Purpose of NAT
To communicate with the internet, a networking system requires a unique IP address. This 32-bit
number identifies and locates the network device so a user can communicate with it.
The IPV4 addressing scheme of past decades technically made billions of these unique addresses
available, but not all could be assigned to devices for communication. Instead, some were
exempted and used for testing, broadcast, and certain reserved military purposes. While that left
over 3 billion for communication, the proliferation of the internet has meant the addresses were
near exhaustion.
The IPv6 addressing scheme was introduced as the solution to this weakness in the IPv4
addressing scheme. IPv6 recreates the addressing system so there are more options for allocating
addresses, but it has taken several years to alter the networking system infrastructure and to
implement. NAT was introduced by Cisco in the meantime and widely deployed
Access control.
A DMZ network provides access control to services outside an organization's network perimeters
that are accessed from the internet. It simultaneously introduces a level of network segmentation
that increases the number of obstacles a user must bypass before gaining access to an
organization's
62 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
private network. In some cases, a DMZ includes a proxy server, which centralizes the flow of
internal -- usually, employee -- internet traffic and makes recording and monitoring that traffic
simpler
Network reconnaissance prevention.
A DMZ also prevents an attacker from being able to scope out potential targets within the
network. Even if a system within the DMZ is compromised, the internal firewall still protects the
private network, separating it from the DMZ. This setup makes external active reconnaissance
more difficult. Although the servers in the DMZ are publicly exposed, they are backed by
another layer of protection. The public face of the DMZ keeps attackers from seeing the contents
of the internal private network. If attackers do manage to compromise the servers within the
DMZ, they are still isolated from the private network by the DMZ's internal barrier.
Protection against
Internet Protocol (IP) spoofing. In some cases, attackers attempt to bypass access control
restrictions by spoofing an authorized IP address to impersonate another device on the network.
A DMZ can stall potential IP spoofers, while another service on the network verifies the IP
address's legitimacy by testing whether it is reachable
Advantageous for using static IP address
1. Speed
Since Static IP addresses are with less contradictions, the devices assigned with a Static IP
address tends to perform faster. Only if you are a broadband user, the speed difference is
extremely noticeable. Not for the DSL connections. This is especially beneficial if you are
constantly uploading and downloading files.
2. Security
The security level offered by a Static IP address is always up to a greater extent. Static IP address
is equipped with an additional layer of protection which makes sure that most of the security
problems are prevented.
63 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
3. Accessibility
Remote access is made possible in Static IP address using programs like Virtual Private
Network (VPN). Meaning that, devices can be accessed from any part of the world. As long as
the device is connected to the internet, all the information are made accessible.
4. Hosting
Currently all type of hosting from web server, email server and other types of servers are
accepted by Static IP address. Therefore, if you have a Static IP address all your customers and
clients can easily access your website. And also, when using Static IP address the devices can
easily locate and find all the servers worldwide.
5. Stability
All the Static IP address are known to be stable since they are restricted from changes. Unlike in
a Dynamic IP address, it does nor undergo frequent lapses. Whenever there is a reboot, the
computers will be able to reconnect quickly to the internet using the same IP address.
6. Accuracy
A Static IP address is highly accurate when it comes to geolocation data. All the geolocational
services will be able to find the accurate business location. With these accurate information, it
can be assured that the businesses are always in the frontline. This is beneficial for businesses in
many ways
7. Shared Resources
In some businesses, they commonly share office resources among their employees. For this they
use a business network with devices of Static IP address. Having a device which is assigned with
a Static IP address makes it easier to locate. In the contrary, devices with Dynamic IP address are
known to be difficult to discover.
64 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Advantageous for using NAT
1. Lowers the cost
When any organization uses NAT with their private IP address, they don’t need to buy a new
IP address for all the computers they have in their organization. They can use the same IP
address for multiple computers out there. This will help to reduce the cost of the
organization.
2. Conserving Address
When you use NAT overload, it will allow you to preserve the IPv4 address space which will
give access to all the privatization of intranets. Here, it can be done with the help of Intranet
Privatization. In this process, they used to save all the addresses at the port level in multiple
applications.
3. Connection Flexibility
NAT has multiple tools, load balancing tools, and backup tools. These tools will help to
increase the overall reliability and flexibility of the network. It will happen when we
establish any connection either in the public or any of their connections.
5. Network Security
In-Network Address Translation all your original source and destination sources will be
hidden by them completely. Without the user’s permission, so that the hosts inside them will
not be reached by other hosts in the network. This proves that they have got additional
security.
6. Private Addressing
They have a private IPv4 addressing system that is owned by them. So, if you move to
another addressing system, they will still have their own addressing system. If the user
changes the internet service provider, it will prevent the internal address changes in them.
65 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
2.3
Establish surveillance
Locking the server room door is a nice first step, but someone might break in or someone with
access might abuse that power. You must be able to track who enters and exits at what times.
The simplest way to do this is with a log book for signing in and out, but this has a lot of
disadvantages. Someone who has bad intentions will probably just ignore it.
An authentication system built into the locking mechanisms would be preferable to the log book
because it would require a smart card, token, or biometric scan to unlock the doors and keep
track of who enters.
The log book or electronic access system should be supplemented with a video surveillance
camera that provides an excellent view of people entering and exiting and is located in a location
that makes it impossible to tamper with, disable (or even find). Using motion detection
technology, surveillance cameras can either record continuously or only when someone is
moving about. They can also be configured to alert users through email or mobile phone if
motion is detected when it shouldn't be (such as after hours).
66 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Remember the workstations, too
Any unprotected machine linked to the network might be used by hackers to access or remove
crucial data for your company. Particularly vulnerable are workstations located at vacant desks,
vacant offices (such as those occupied by absentee or departing employees who have not yet
been replaced), or places where visitors can readily access the building, like the desk of the front
receptionist.
Lock all vacant offices, including those that are only briefly empty when a worker is away for
lunch or ill, and disconnect or remove any computers that aren't in use. Install smart card or
biometric readers on computers that must remain in public spaces, often hidden from employees'
view, to make it more difficult for unauthorized users to log in.
67 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Protect Your Wi-Fi Network
If you still use WEP (or Wired Equivalent Privacy), stop using it and replace it with WPA2 (Wi-
Fi Protected Access version 2), which is far more secure.
There is a significant probability that you are already utilizing WPA2, which is a standard for
internet security that is becoming more and more popular. To move all of their operations to a
more secure network, large companies will need to put out a concerted effort because some fail
to upgrade their infrastructure.
Change your wireless routers or access point's name, commonly known as the Service Set
Identifier, to prevent hackers from accessing your Wi-Fi network (SSID). For further security,
you can be sure to use a challenging Pre-shared Key (PSK) passphrase.
A documented cyber security policy outlining the proper ways to use the Internet and office
computers is helpful, but it is insufficient. So that your employees can put it into effect, you must
make sure that all of its specifics are explained to them and understood by them. The only way to
make such policies effective is in that way.
If you want to ensure that your procedure is secure both offline and online, you should think
about hiring a third-party expert.
Additionally, since you'll need to update these rules frequently in light of the contents' relevancy,
you'll want to have a mechanism in place for doing so.
Because of the ease of carrying them around, laptops and smartphones hold a hell of a lot of
valuable data, and that is also the reason they are at a higher risk of getting lost or stolen.
Granted, the thieves are often more interested in making a quick buck at a pawn shop than in
ransoming off your business's corporate secrets, but either way, you'll lose access to your data
and your verified device.
68 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
What steps can you take to protect a physical device? Here are the biggest options available
Data encryption
We mentioned business-wide encryption software earlier, but sometimes an employee neglects
to encrypt the data on their device as well as on the cloud
Password protection
Similarly, you'll want to have a password to enter your laptop as well as one to access online
accounts. Many password managers can help with this as well.
Remote wiping
With this ability set up, a business IT manager can remotely delete the data on a misplaced device.
Finally, a company-wide employee training session detailing the best practices for company-
owned devices can be useful as well, ensuring employees know whether they can take laptops off
of the premises and how to keep them safe if they do. In fact, let's give that idea its own entry:
Activity 3
3.1
Figure 12
69 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Risk assessment is the process of locating potential threats to a company's capacity to conduct
business. These analyses assist in identifying these inherent company risks and offer steps,
procedures, and controls to lessen their negative effects on daily operations. In order to prioritize
and communicate the contents of the evaluation, including any threats to their information
technology (IT) infrastructure, businesses might utilize a risk assessment framework (RAF). The
RAF assists an organization in identifying prospective risks, any company assets put at risk by
these risks, as well as potential consequences should these risks materialize.
The Chief Risk Officer (CRO) or a Chief Risk Manager is often in charge of conducting the risk
assessment process in major businesses.
70 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
For example:
Home care supervisors must take due account of their client's personal safety in the
home, and ensure safe working and lifting arrangements for their own home care staff.
In a supermarket, hazards are found in the repetitive tasks at the checkout, in lifting loads,
and in slips and trips from spillages and obstacles in the shop and storerooms. Staff face
the risk of violence from customers and intruders, especially in the evenings.
In call centers, workstation equipment (i.e. desk, screen, keyboard and chair) must be
adjusted to suit each employee.
Employers have special duties towards the health and safety of young workers, disabled
employees, night workers, shift workers, and pregnant or breastfeeding women.
Ensure that agreed safe working practices continue to be applied (e.g. that management's
safety instructions are respected by supervisors and line managers); and
Take account of any new working practices, new machinery or more demanding work
targets.
71 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Benefits of risk assessment
Benefits for me
Policies are set of a guidelines to protect the organization, employee and their clients.
Organization policies contain regulatory procedures, employee practice, employee disciplines,
about internet and email use. In the modern world attackers are find smart ways to bypass the
security of the organization. So organization like EMC which manage lots of sensitive data, want
to protect their data, and network devices, assets. There are many types of policies that the
organization might develop. Such as e-polices, health and safety policies, employee policies,
security policies. In the security policies, IT security is most important. There are several types
of IT security like Network security, internet security, data storage security application security.
IT security policies are rules and guideline for accessing and using company’s IT assets or
resources. The main objectives of IT security is CIA (Confidentiality, Integrity and Availability).
72 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Confidentiality – Restrict the access for only authorized people. It is help to
prevent sensitive information from reaching unauthorized
peoples
Integrity – Allow only authorized people to modify IT assets or data.
Availability – Want to have continuous access for authorized users for
allowed assets
“Designed to guide employees’ behavior with regard to the security of company data, assets, IT
systems, etc. These security policies define the who, what, and why regarding the desired
behavior, and they play an important role in an organization’s overall security posture.
Information security policies should reflect the risk appetite of executive management and
therefore serve to establish an associated security mind-set within an organization”. (Dunham,
2018)
Security Audit
Figure 13
73 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Types of IT security audit
1) One-time assessment
Security checks that you conduct for unforeseen or particular circumstances and triggers in your
activities Assuming, for example, that you will introduce a new product, you have a battery of
tests and reviews that you rush to obtain before adding any new wager to your store.
2) Tollgate assessment
Security audits that produce two results. A review is conducted to determine whether or not
another cycle or methodology may be applied to your current situation. You're not so much
choosing to bet as you are looking for pieces of art that will slow you down.
3) Portfolio assessment
The yearly, semiannual, or <enter your prerequisites here> consistently booked review. Utilize
these reviews to confirm that your security cycles and methodology are being followed and that
they are sufficient for the ongoing industry environment and necessities.
74 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Computer Misuse
Figure 14
Hacking, the dissemination of malware (such as viruses), and other unauthorized behavior, such
as the altering of software or data, changing passwords, and interfering with the regular operation
of the computer system, are all examples of computer misuse.
Hacking
Hacking is where an unauthorized person uses a network, internet or modem connection to gain
access past security passwords or other security to see data stored on another computer. Hackers
sometimes use software hacking tools and often target, for example, particular sites on the
internet
Data misuse and unauthorized transfer or copying
Copying and illegal transfer of data is very quick and easy using online computers and large
storage devices such as hard disks, memory sticks and DVDs. Personal data, company research
and written work, such as novels and textbooks, cannot be copied without the copyright holder's
permission.
Copying and distributing copyrighted software, music and film
This includes copying music and movies with computer equipment and distributing it on the
internet without the copyright holder's permission. This is a widespread misuse of both
computers and the internet that breaks copyright regulations.
75 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Email and chat room abuses
Internet services such as chat rooms and email have been the subject of many well-publicized
cases of impersonation and deception where people who are online pretend to have a different
identity. Chat rooms have been used to spread rumors about well-known personalities. A
growing area of abuse of the internet is email spam, where millions of emails are sent to
advertise both legal and illegal products and services.
Pornography
A lot of indecent material and pornography is available through the internet and can be stored in
electronic form. There have been several cases of material, which is classified as illegal, or
which shows illegal acts, being found stored on computers followed by prosecutions for
possession of the material.
This topic includes misuse of stolen or fictional credit card numbers to obtain goods or services
on the internet, and use of computers in financial frauds. These can range from complex well
thought out deceptions to simple uses such as printing counterfeit money with colour printers.
Viruses
Viruses are relatively simple programs written by people and designed to cause nuisance or
damage to computers or their files.
76 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
3. Unauthorized modification of data. This refers to modifying or deleting data, and also
covers the introduction of malware or spyware onto a computer (electronic vandalism and
theft of information)
4. Making, supplying or obtaining anything which can be used in computer misuse offences
These four clauses cover a range of offences including hacking, computer fraud, blackmail and
viruses.
Failure to comply with the Computer Misuse Act can lead to fines and potentially imprisonment.
Offence Penalty
Table 3
77 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Who could access this information?
How accurate was the information?
Could it be easily copied?
Was it possible to store information about a person without that individual's knowledge or
permission?
The Data Protection Act aims to safeguard all information held about an individual classified as
personal (e.g., name, address, financial details) or sensitive (e.g., ethnicity, political opinion,
religion). The act ensures data stored about you is processed fairly and lawfully. For example,
there are strict rules as to who can access and alter your health records. Regular checks are made
to ensure that the rules of the Data Protection Act are being followed.
Data must be collected and used fairly and inside the law
Data must only be held and used for the reasons given to the Information Commissioner
Data can only be used for those registered purposes. You cannot give it away or sell it
unless you said you would initially. For example, your school could not sell pupils' data
to a book or uniform supplier without permission
The data held must be acceptable, appropriate and not beyond what is necessary when
compared with the purpose for which the data is held
Data must be accurate and be kept up to date. For example, making sure data subjects'
contact numbers are current
Data must not be kept longer than is necessary. This rule means that it would be wrong to
keep information about past customers longer than a few years at most
Data must be kept safe and secure, for example, personal data should not be left open to
be viewed by just anyone
Data may not be transferred outside of the European Economic Area (that's the EU plus
some small European countries) unless the country where the data is being sent has a
suitable and similar data protection law. This part of the Data Protection Act has led to
some countries passing compatible laws to allow computer data centers to be located in
their jurisdiction
78 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
3.2
Data protection law and procedures for EMC cyber data storage
Data protection law is different from country to country. Data protection laws a setup by the
government or standard organization to protect the information. And also maintain CIA triad
(Confidentiality, integrity, Availability). Following are the some data protection laws which will
give good advantages for EMC Cyber.
“Everyone responsible for using personal data has to follow strict rules called ‘data protection
principles’. They must make sure the information is:
There is stronger legal protection for more sensitive information, such as:
race
ethnic background
political opinions
religious beliefs
trade union membership
genetics
biometrics (where used for identification)
health
There are separate safeguards for personal data relating to criminal convictions and offences.” (UK
Government, 2019)
79 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
ISO 31000
“Organizations that manage risks effectively are more likely to protect themselves and succeed
in growing their business. The challenge for any business is to integrate good practice into their
day- to-day operations and apply it to the wider aspects of their organizational practice.
BS ISO 31000 is the international standard for risk management. By providing comprehensive
principles and guidelines, this standard helps organizations with their risk analysis and risk
assessments. Whether you work in a public, private or community enterprise, you can benefit
from BS ISO 31000, because it applies to most business activities including planning,
management operations and communication processes.
Whilst all organizations manage risk to some extent, this international standard’s best-practice
recommendations were developed to improve management techniques and ensure safety and
security in the workplace at all times. By implementing the principles and guidelines of BS ISO
31000 in your organization,
You’ll be able to improve operational efficiency, governance and stakeholder confidence, while
minimizing losses. This international standard also helps you to boost health and safety
performance, establish a strong foundation for decision making and encourage proactive
management in all areas.
80 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Raid Technology
Figure 15
81 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
two most common ways to use Hardware RAID are either built into the disk drive or connected
to the host computer through fiber channel or SCSI, or utilizing a card to connect to the PCI bus.
In full-fledged server systems, hardware RAID is by far the most popular technique because it
doesn't add any more computing demands to the server.
Let's look at the details of the different RAID technology levels.
Figure 16
In a RAID 0 system data are split up into blocks that get written across all the drives in the array.
By using multiple disks (at least 2) at the same time, this offers superior I/O performance. This
performance can be enhanced further by using multiple controllers, ideally one controller per
disk.
82 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
RAID level 1 – Mirroring
Figure 17
Data are stored twice by writing them to either the data drive (or set of data drives) and a mirror
drive (or set of drives). If a drive fails, the controller uses either the data drive or the mirror drive
for data recovery and continuous operation. You need at least 2 drives for a RAID 1 array.
Figure 18
RAID 5 is the most common secure RAID level. It requires at least 3 drives but can work with
up to 16. Data blocks are striped across the drives and on one drive a parity checksum of all the
block data is written. The parity data are not written to a fixed drive, they are spread across all
drives, as the drawing below shows. Using the parity data, the computer can recalculate the data
of one of the other data blocks, should those data no longer be available. That means a RAID 5
array can withstand a single drive failure without losing data or access to data. Although RAID
5 can be achieved in software, a hardware controller is recommended. Often extra cache
memory is used on these controllers to improve the write performance
83 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
RAID level 6 – Striping with double parity
Figure 19
RAID 6 is like RAID 5, but the parity data are written to two drives. That means it requires at
least 4 drives and can withstand 2 drives dying simultaneously. The chances that two drives
break down at exactly the same moment are of course very small. However, if a drive in a RAID
5 systems dies and is replaced by a new drive, it takes hours or even more than a day to rebuild
the swapped drive. If another drive dies during that time, you still lose all of your data. With
RAID 6, the RAID array will even survive that second failure.
Figure 20
It is possible to combine the advantages (and disadvantages) of RAID 0 and RAID 1 in one
single system. This is a nested or hybrid RAID configuration. It provides security by mirroring
all data on secondary drives while using striping across each set of drives to speed up data
transfers.
84 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Activity 4
4.1
Physical security
Want put CCTV surveillance in important area like entrance gate, server room, working place
etc. security guards must be in the entrance gate and inside the organization to prevent from
abnormal actions. Allow only authorized people to come inside of the organization from entrance
by giving an ID card with barcode reader.
Authentication
Only allow authorized people to enter working departments. In every working department want a
card reader to punch the ID card. Than the door will open. And also give alert when ID card is
not recognized by the reader. It will help to detect the unauthorized people.
85 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Privacy
Only important peoples like HR manager, CEO, Supervisor know the some business privacy
matters. That will help protect the privacy without leek.
Security awareness training
Want to conduct security awareness training for the staffs to prevent from security failure.
Employees want to have knowledge about the security to protect EMC Cyber’s client’s sensitive
data.
Special access
Only important authorized peoples have rights to accesses some important things like, network
server, data storage. This help to safeguard the organization. Otherwise there will be problem
which is can occur because everyone can use every devices.
Access to visitors
When clients come to the organization, there will be separate place to communicate with them.
Assign a specific team communicate with the clients about the services what EMC is provide.
Only authorized staffs can enter all other place than this.
Password
Card reared is not enough for places like data storage, and network server want passcode
verification to access those servers to protect the sensitive information. Also that passcode is
known by employees who is in important roles like managers, leaders.
Network security
When connecting with external network there want protection for internal network devices. So
want VPN, Firewall, DMZ, Static IP and NAT to secure the network.
Risk management
Company like EMC Cyber has large amount of data. Therefor there is a chance for threats and
hazards. So to control them want risk assessment plan to prevent from data losses and other risks.
Also want disaster recovery plan as well.
Virus protection
In the working place, there will be thousands of nodes which is used for daily work. So that
nodes have protection from malware and viruses. So want to put virus guard software like
Kaspersky will help to prevent from this.
86 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
4.2
Figure 21
Figure 22
87 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 23
Figure 24
88 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 25
Figure 26
89 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 27
Figure 28
90 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 29
Figure 30
91 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 31
Figure 32
92 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 33
Figure 34
93 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 35
Figure 36
94 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 37
Figure 38
95 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 39
Figure 40
96 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 41
Figure 42
97 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 43
Figure 44
98 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 45
Figure 46
99 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 47
Figure 48
100 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 49
Figure 50
101 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 51
Figure 52
102 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 53
Figure 54
103 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 55
Figure 56
104 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 57
Figure 58
105 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Figure 59
106 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Refernces
https://www.compuquip.com/blog/types-firewall-architectures
Firewall
https://phoenixnap.com/blog/types-of-firewalls
Firewall misconfiguration
https://www.akamai.com/blog/security/the-dangers-of-firewall-misconfigurations-and-how-
to-avoid-them
https://www.comparitech.com/net-admin/network-monitoring-tools/
DMZ
https://www.techtarget.com/searchsecurity/definition/DMZ
Static IP
https://www.lifewire.com/what-is-a-static-ip-address-2626012
VPN
https://vpnoverview.com/vpn-information/what-is-a-vpn/
https://worksmart.org.uk/health-advice/health-and-safety/hazards-and-risks/what-are-five-steps-
risk-assessment
107 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
https://www.investopedia.com/terms/i/intellectualproperty.asp
Network manage
https://www.techtarget.com/searchnetworking/tip/5-principles-of-the-network-change-
management-process
https://www.itgovernance.co.uk/blog/5-data-protection-policies-your-organisation-must-have
RAID
https://www.prepressure.com/library/technology/raid
ISO
https://www.process.st/iso-31000/
MISS USE
https://isaaccomputerscience.org/concepts/net_sec_misuse_act?examBoard=all&stage=all
https://www.bbc.co.uk/bitesize/guides/zt8qtfr/revision/1
Policies
https://www.adserosecurity.com/security-learning-center/ten-it-security-policies-every-
organization-should-have/
108 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
DR plan
https://cloudian.com/guides/disaster-recovery/disaster-recovery-5-key-features-and-building-
your-dr-plan/
The British Standards Institution, 2019. The British Standards Institution. [Online]
Available at: https://www.bsigroup.com/en-GB/iso-31000-risk-management/
[Accessed 21 February 2019].
109 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
110 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
Grading Rubric
Grading Criteria Achieved Feedback
111 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
P5 Discuss risk assessment procedures.
112 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
113 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01
114 | P a g e
Mohamed Ramzeen Safwan – HND in Computing | Security
Assignment 01