Premium Essay

Case Study - Securing the Network

In:

Submitted By saphia
Words 612
Pages 3
Case Study

Strayer University

SEC 305

It is vital to ensure the safety of a central computer system that is accessed by multiple branches, staff members and remote users. The diversity of an enterprise environment dictates the need to consider multiple aspects when planning for access. Normally, an internal LAN is considered a secure network. Due to its broadcast nature, wireless communications are not considered as secure. Such networks are vulnerable to eavesdropping, rogue access points, and other cracking methods. For remote access, VPN solutions such as dial-up, IPSec VPN, and SSL VPN are commonly used and any access to data center devices must be protected and secured. In the data center, access lists are used to prevent unauthorized access, and reverse-proxy servers use authentication mechanisms to provide a higher degree of security for applications. The need for security is constantly evolving. Maintaining individual security methods for each access scenario can be expensive. There are better alternatives for securing enterprise access. Some that is cost-effective, easy to manage and secure, while addressing performance and scalability requirements.

Basic security requirements consist of:

• Verification of user credentials and services to define user access.

• Client integrity checks that consists of endpoint security verification and of redirecting users to predefined subnets to download compliant anti-virus software, firewalls, operating systems updates, and patches.

• Firewall rules such as granular access control and packet filtering based on protocol, port, and destination.

Very often, the same users access corporate resources from various locations. Therefore, security mechanisms and access policies should be independent of user access methods, such as wireless, internal LAN, and remote access.

Similar Documents

Premium Essay

Cis 417 Complete Class All Assignments and Case Studies

...ASSIGNMENTS AND CASE STUDIES To purchase this, Click here http://www.activitymode.com/product/cis-417-complete-class-all-assignments-and-case-studies/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 417 COMPLETE CLASS ALL ASSIGNMENTS AND CASE STUDIES CIS 417 WK 2 Assignment 1 - Computer Forensic Overview, CIS 417 WK 3 Case Study 1 - BTK, CIS 417 WK 4 Assignment 2 - Forensic Lab Design, CIS 417 WK 5 Case Study 2 - External Intrusion of the PlayStation Network, CIS 417 WK 6 Assignment 3 - Securing the Scene, CIS 417 WK 7 Case Study 3 - Casey Anthony Trial, CIS 417 WK 8 Assignment 4 - Data-Hiding Techniques, CIS 417 WK 10 Term Paper - Investigating Data Theft, Click Here to Buy this; http://www.activitymode.com/product/cis-417-complete-class-all-assignments-and-case-studies Activity modeaims to provide quality study notes and tutorials to the students of CIS 417 Complete Class all assignment in order to ace their studies. CIS 417 COMPLETE CLASS ALL ASSIGNMENTS AND CASE STUDIES To purchase this, Click here http://www.activitymode.com/product/cis-417-complete-class-all-assignments-and-case-studies/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 417 COMPLETE CLASS ALL ASSIGNMENTS AND CASE STUDIES CIS 417 WK 2 Assignment 1 - Computer Forensic Overview, CIS 417 WK 3 Case Study 1 - BTK, CIS 417 WK 4 Assignment 2 - Forensic Lab Design, CIS 417 WK 5 Case Study 2 - External Intrusion of the PlayStation Network, CIS 417 WK 6 Assignment 3 - Securing the Scene, CIS...

Words: 490 - Pages: 2

Premium Essay

Test

...SECURING WI-FI ROGUE ACESS WITHIN AN ENTERPRISE SETTING Securing Wi-Fi Rogue Access within an Enterprise Setting Daniel Joel Clark A Capstone Presented to the Information Technology College Faculty of Western Governors University in Partial Fulfillment of the Requirements for the Degree Master of Science in Information Security Assurance January 9, 2014 1 SECURING WI-FI ROGUE ACESS WITHIN AN ENTERPRISE SETTING 2 A1 - Abstract Since 1999 wireless devices have become a necessity in enterprises. While increasing convenience, connectivity, and productivity, they also pose an unprecedented threat to network security guarding, which has literally taken to the airwaves. This paper will deal with vulnerabilities and risks regarding access points (APs) in a wireless network (WLAN) connecting to a wired local area network (LAN) in enterprises. Data for this paper will come from published academic papers, industry publications including white papers and surveys, and industry specialists. It will also include definitions of terms, policy and procedures that affect access points, and current practices regarding rogue APs. A case study will be presented for a fictional enterprise with multiple locations that has standard procedures, policies, and protocols in place, but recent events have questioned their ability to control access points with the discovery of rogue devices hidden in several office locations. Industry warnings about access points span the...

Words: 18577 - Pages: 75

Premium Essay

It 294 Chapter 1

...Describe the challenges of securing information 2 Objective 2: Define information security and explain why it is important 3 Objective 3: Identify the types of attackers that are common today 5 Hackers 5 Script Kiddies 5 Spies 5 Insiders 5 Cybercriminals 6 Cyberterrorists 6 Objective 4: List the basic steps of an attack 6 Objective 5: Describe the five basic principles of defense 7 Layering 7 Limiting 7 Diversity 7 Obscurity 8 Simplicity 8 Works Cited 8 Chapter 1 Objectives To accomplish the learning objectives for Chapter 1: • I have read all of Chapter 1 in the course textbook (pages 1-39); including understanding the key terms on (pages 28-29). • I have read and answered all of the review questions on (pages 29-32), then compared my decisions with the solutions posted on Canvas, any incorrect answers I corrected and confirmed in the chapter. • I have read and worked through Hands-On Projects 1-1 through 1-4 to facilitate in achieving each of the stated learning objectives. • I have read, worked through and evaluated Case Projects 1-1 through 1-8 on (pages 36-38). • I have participated in all class presentations and discussions about Chapter 1 • I have read through and examined Chapter1 slide presentations. The learning objectives for this chapter are as follows: Objective 1: Describe the challenges of securing information To achieve this objective, I have read in the course textbook (pages 5-11) Challenges of Securing Information including...

Words: 3169 - Pages: 13

Premium Essay

Final Project

...Technical Project Paper: Information Systems Security Information Systems Security Haseeb Ahmed Khan Mark O’Connell CIS 333 Fundamentals of Information Security March 12, 2012 Abstract In today’s IT world every organization has a responsibility to protect the information and sensitive data they have. Protecting data is not only responsibility of security and IT staff but every individual is involved in protecting the information. The risks to information security are not digital only, but it involves technology, people and process that an organization may have. These threats may represent the problems that are associated to complex and expensive solution, but doing nothing about these risks is not the solution. The case we have been assigned today deals with physical and logical vulnerabilities and protection against the risks and threats by implying the best controls to either mitigate, avoid and transfer the risks. Being an Information Security officer at a newly opened location in a busy mall, I have been asked to identify physical and logical risks to the pharmacy operations and also to suggest remedies to avoid any huge loss to the business. The pharmacy operations involve the unique transactions which involves the critical patients’ data, valuable medication and access to cash. The regulation set by the government obligates a pharmacy to meet certain standards to secure logical and physical access to information systems. The pharmacy is comprised of 4 work...

Words: 2531 - Pages: 11

Free Essay

Network Security

...Case Study: Network Security Computer networks of every company have the potential to be exposed to dangers that have the potential to do great harm. Individuals could gain access to Windows and Unix/Linux servers to exploit the company’s vulnerabilities. Computer networks are not only vulnerable to outsiders, but employees also have the opportunity to compromise the system. An unprotected network would open the door for malicious activity that could damage the company’s system, compromise company and customer information, and cost a great amount of precious time and money. A breach in the network could have a negative impact on finances, privacy, and information. Securing the Windows and Unix/Linux servers within a company from shortcomings and vulnerabilities to potential threats by both outsiders and insiders is an absolute necessity. This is achieved by using technical measures and enforcing security policies. One reason it is important to secure the servers is potential of the insider threat. With 1,500 employees, the chance of an attack from the inside is elevated. The threat could come in the form of a disgruntled employee, by someone looking for gain, or by someone who unknowingly compromises the system. Conklin and White (2010) stated the following: One of the hardest threats that security professionals will have to address is that of the insider. Since employees already have access to the organization and its assets, additional mechanisms need to be in place to detect...

Words: 647 - Pages: 3

Premium Essay

Myrtle & Associates/Bellview Law Group to Mab Law Firm Network Integration

...Assumptions: 1. Both Myrtle & Associates & Bellview Law Group Utilized Access To the Internet via a Digital Subscribers Line(DSL) 2. Myrtle & Associates & Bellview Law Group are separated by a considerable geographical distance. 3. Current Novell Servers Used by Bellview Law Group are Old. 4. All internal hard cabling runs will be wired with CAT 5e. Current Network Diagram Please See Exhibit (A-1 & A-2) Diagram of Proposed Network Integration Please See Exhibit (B) Challenges to Integrating the Current LANs, Challenges integrating the Myrtle & Associates and Bellview Law Group networks will be presented by the following: * The geographical distance between the two offices (L2TP/IPsec) * Bellview Law Group use of Novell and IPX/SPX instead of TCP/IP Integrating these two networks will be faced by the geographical distance between the two offices where the law firms reside. One solution would be to lease a dedicated line however; this option would be a very expensive one and is unnecessary due to new Virtual Private Network (VPN) technologies such as Layer 2 Tunneling Protocol (L2TP). Layer 2 Tunneling Protocol (L2TP) is a VPN technology allows for communication between two LAN segments separated by geographic distance by means of Point to Point Protocol (PPP) & encryption. Encryption, which is the process of converting the senders “plaintext” to a unreadable altered version of that plaintext called “ciphertext...

Words: 2057 - Pages: 9

Free Essay

Sec280

...Case Study: Network Infrastructure Security It is important to secure the Windows and Unix/Linux servers for many reasons. Leaving the servers open to shortcomings and vulnerabilities can open a door for those who seek to damage, destroy, or obtain sensitive information from the company. It’s important to identify any possible vulnerability and secure each one quickly and efficiently to protect information, and the system itself. Preventative measures are the best defense against attacks, and securing the network servers before they are breached will help to ensure that those who seek to gain unauthorized access will be kept out. Information stored such as personal information, salaries, social security numbers, and even credit card or bank information are all susceptible to theft if the system is not secure. Identity theft is a very serious and prominent threat; proper measures should be taken to ensure the safety and security of this type of information. The company also stores sensitive information about its employees, business practices, legal and financial information, all of which also need proper safeguarding. Secondly, a breach in the server could do irreparable harm to your corporate image, profits, and daily activities. Once infected, a server will generally “revert to a backup image, which may affect the availability of key, revenue-generating applications and services”. (Bit9) It is vital that the servers be secured and that patches, upgrades and updates are diligently...

Words: 451 - Pages: 2

Premium Essay

Idjgvjhgfjhgj

...the DOS packets to its original source. To achieve this we use Flexible Deterministic Packet Marking (FDPM). FDPM provides a defense system with the ability to find out the real sources of attacking packets that traverse through the network. While a number of other traceback schemes exist, FDPM provides innovative features to trace the source of IP packets and can obtain better tracing capability than others. We are going to simulate FDPM system in NS2 which is network simulation software and study its various advantages and disadvantages as well as its application. 2.) Virtual Router Introduction Computers are the integral part of our life. One can not think of his/her life without the help of computers. Computer network has been playing important role in bringing the world closer due to its functionalities. Routers are the heart of computer network. Virtual Router is an attempt to automate all the functionalities of the physical router on the computer. Various institutes, offices can use virtual router to carry out the routing functions. 1.1 Objective of Project:- Computer networks use physical routers to perform routing of data between the networks. Routers are the integral part of the computer network. Virtual Router is a router that performs all the functions of the physical router and hence can replace physical...

Words: 1214 - Pages: 5

Free Essay

Security Report

...Case Study Jose Rios SEC-415 Professor Johnson May 12, 2013 Case Study 1 Cyber attacks are starting to become more popular as companies solely depend on technology to get through their workdays as well to store most of their customers and employees confidential information. Most companies invest money on securing their databases to prevent any type of cyber attack and even though they try to prevent these types of events from occurring hackers are becoming more creative on the way they hack onto companies’ secured network. Hackers go through tremendous amounts of time in order to get to a secured network in order to get the information they are seeking or just to go through private information for their own personal gain. Secured networks are set up throughout organizations to minimize the possibility of a cyber attack from occurring along with other security measures to protect the private information that is being held on those secured networks. Most of the attacks that occur are mainly from people that are disgruntle towards certain companies for their type of work or actions that they have done but others take advantage and commit crimes that affect others. Mark Pollitt, special agent for the FBI, offers a working definition: “Cyberterrorism is the premeditated, politically motivated attacks against information, computer systems, computer programs, and data which result in violence against noncombatant targets by subnational groups or clandestine agents.”(Denning...

Words: 598 - Pages: 3

Premium Essay

Laudon Ch5

...Systems 124 Analyzing Business Processes for an Enterprise System 165 Part Two Chapter 5 Chapter 6 Chapter 7 Chapter 8 Part Two Project Information Technology Infrastructure 167 IT Infrastructure and Emerging Technologies 168 Foundations of Business Intelligence: Databases and Information Management 222 Telecommunications, the Internet, and Wireless Technology 260 Securing Information Systems 312 Creating a New Internet Business 351 Part Three Chapter 9 Chapter 10 Chapter 11 Chapter 12 Part Three Project Key System Applications for the Digital Age 353 Achieving Operational Excellence and Customer Intimacy: Enterprise Applications 354 E-Commerce: Digital Markets, Digital Goods 388 Managing Knowledge 428 Enhancing Decision Making 470 Designing an Enterprise Information Portal 508 Part Four Chapter 13 Chapter 14 Chapter 15 Part Four Project Building and Managing Systems 509 Building Systems 510 Project Management: Establishing the Business Value of Systems and Managing Change 552 Managing Global Systems 592 Redesigning Business Processes for Healthlite Yogurt Company 629 International Case Study 631 Your Digital Portfolio 645 References R 1 Glossary G 1 Photo and Screen Shot Credits P 1 Indexes 11 iv Complete Contents Part One Chapter 1 Organizations, Management, and the Networked...

Words: 3508 - Pages: 15

Premium Essay

Cybersecurity

...is that cyber security focuses on protecting computer networks, systems, data, and programs from unwanted access. Cyber security is sometimes referred to as information security, information network security, cyberspace security, or even computer security. There are many viewpoints by highly educated people on cyber security but the purpose of this paper is to tell my viewpoint on the subject. Every aspect of a persons life has some sort of cyber dimension. People paying for bills online, cloud computing, and even online gaming. This year in 2014, everyone is bombarded with news headlines that say cyber threats are up. Many of these headlines always include some kind of phishing attack trying to steal someones identity, a hacker that breached the network of a company, a new technique that attacks mobile devices like smart phones, or a government trying to monitor and take secrets from another government!!br0ken!! The concern for cyber security is now a real-world concern globally. The concern over cyber security is what is driving the governments worldwide to make it priority one on their list's now. This is so, because technology is growing at a very fast and continuous pace. The technology field itself is very vast and has much variety. Cyber security in particular though, is somewhat the backbone of technology. Most networks and data have to be protected. Mostly everyone that uses any type of computer system or network, will have something they want hidden or want protected...

Words: 4041 - Pages: 17

Free Essay

Securing the Usb Drive

...Technical Writing Project Coversheet Capstone Proposal Project Name: Securing the Universal Serial Bus Interface for the Enterprise Environment Student Name: Steve Wild _ Degree Program: Bachelor of Science in Information Technology – Security Emphasis _ Mentor Name: Yolanda DuPree____________________________________________________ Signature Block: Student’s Signature: _______________________________________________________ Mentor’s Signature: _______________________________________________________ Running head: SECURING THE USB INTERFACE                                                                                                       1    Securing the Universal Serial Bus Interface for the Enterprise Environment Steve Wild Western Governor’s University SECURING THE USB INTERFACE                                                                                                                                  2    Summary The USB interface is one vector of possible attack against a company and must be proactively defended against data theft, data loss, and corporate espionage in order for a company to maintain a secure enterprise environment, minimize downtime, and maximize productivity. Project Goals and Objectives There are several goals that will be accomplished during this project: explore the hardware problems, explore the software problems, explore the policy problems, and give real world examples. The objectives are: provide example...

Words: 3010 - Pages: 13

Premium Essay

Essentials of Management Information Systems

...Securing Information Systems LEARNING OBJECTIVES C H A P T E R 7 STUDENT LEARNING OBJECTIVES After completing this chapter, you will be able to answer the following questions: 1. Why are information systems vulnerable to destruction, error, and abuse? What is the business value of security and control? What are the components of an organizational framework for security and control? What are the most important tools and technologies for safeguarding information resources? 2. 3. 4. ISBN 1-256-42913-9 232 Essentials of MIS, Ninth Edition, by Kenneth C. Laudon and Jane P. Laudon. Published by Prentice Hall. Copyright © 2011 by Pearson Education, Inc. C HAPTER O UTLINE Chapter-Opening Case: Boston Celtics Score Big Points Against Spyware 7.1 System Vulnerability and Abuse 7.2 Business Value of Security and Control 7.3 Establishing a Framework for Security and Control 7.4 Technologies and Tools for Protecting Information Resources 7.5 Hands-on MIS Projects Business Problem-Solving Case: Are We Ready for Cyberwarfare? BOSTON CELTICS SCORE BIG POINTS AGAINST SPYWARE While the Boston Celtics were fighting for a spot in the playoffs several years ago, another fierce battle was being waged by its information systems. Jay Wessel, the team’s vice president of technology, was trying to score points against computer spyware. Wessel and his IT staff manage about 100 laptops issued to coaches and scouts, and sales, marketing, and finance employees, and these...

Words: 21009 - Pages: 85

Premium Essay

Essay Mba

...deepen African content in the MBA curriculum, provide a platform to link Vanderbilt Owen students with top African careers and help Vanderbilt Owen improve its visibility & brand in Africa. This will ultimately increase the level of admission applications and recruitment from Africa. To help achieve this goal, the proposed African Business Club will hold an annual African Business Summit aimed at bringing together students and professionals under one roof to discuss new developments on the African continent. These conferences will discuss African trade, business regulatory framework, major economic sectors, emerging economic sectors, case studies from diverse sectors and business entry on the continent. The African Business Club will leverage the overall Vanderbilt sterling reputation and the African, and emerging economies, professional network of the greater Vanderbilt Alumni members to attract frontline African and global professionals, academia, entrepreneurs and regulators to speak at these events. These...

Words: 473 - Pages: 2

Premium Essay

Cyber Security

...systems (OS) fail to meet business needs. Maintaining the security of e-commerce and business processes is a major concern for system administrators. Protecting the operating systems is the main component when it comes to shielding all the information systems. The software scripts of the OS are what enable network devices, servers and desktops to communicate as a whole. OS is the glue that keeps all the files, hardware, and software together. The OS role includes managing files, processing controls of computer programs, and serving as GUI between the computer and user. With all the responsibility an OS is bound to have weaknesses. Typically, security vulnerabilities are usually rooted from glitches/bugs in the scripts that run beneath the OS. The most commonly used OS are Unix, Mac OS, and Microsoft Windows. With Windows being the leading OS, security patches have to be downloaded constantly. With out identifying a specific OS, there are advantages and disadvantages that can be implemented to protect the OS. Advantages of Securing OS Mitigating internal security threats is a common practice that should have a plan of action to protect business systems as a whole. Securing the physical hardware; servers, consoles routers etc. is essential. The actual system it self should be physically protected and authorized personal should be granted access to the systems. Many OS have back door access to get into the system incase a password is lost or authorized access can not be achieved...

Words: 2482 - Pages: 10