...Week Four Individual Assignment Kevin M. Gattas University of Phoenix IS Concepts Richard Bohn Purpose The importance of the OSI (open systems interconnection) model is for networks to communicate within the system. It is a system formed to allow a network administrator to perform trouble shooting in a way that is logical and step by step within the OSI model Scope The purpose of this essay is to break down the seven layers of the OSI model. The seven layer model defines a standard by which to computer share data over a network space starting with application layer. It will break each modeling section to lay out a more detailed explanation of how each layer is operated and how they all work together. Also, it will discuss which level this packet filtering routers and firewalls reside at, how packet filtering routers and firewalls protect the network and the concepts of cryptography. The seven layers of the OSI model are: 1. Physical layer 2. Data link layer 3. Network layer 4. Transport layer 5. Session layer 6. Presentation layer 7. Application layer Application Layer (Layer 7) The application layer is the most directly related to computer user because it is the top of the layer hierarchy. This layer provides several application services such as file transfer, resource allocation and whether the identification and verification of the computer is available. This layer is most familiar to us because it is what we commonly...
Words: 1254 - Pages: 6
...would negatively affect their operations and financial situation. Like all other business, customer satisfaction and the security of GFI’s network is crucial. In order to ensure their network and data is secure, GFI has begun to re-evaluate their network infrastructure. GFI has had some service interruptions that has cost them over $100,000 in revenue losses. Description of GFI’s Network, Interconnection and Communication environment Global Finance Inc. Network The Internet is made up of two 10GB connections. Remote Dial up access via PSTN VPN gateway connected to an Off-Site office A DMZ network which is made up of 2 Border (Core) routers, which are connected to the 2 10GB internet connections. 2 Distribution Routers. 1 VPN gateway, 1 firewall, 1 RMS server and a PBX box that is connected to the PSTN remote access dial up network. Above is a table that list the six departments. There is also a breakdown of the workstations and 26 printers per department. There are 6 10GB Access Layer VLAN switches and 3 10GB Multi-Layer switches There is also a Trusted Computing Base Internal Network that is locate inside of Global Finance Inc. Network that is made up of 1 SUS Server, 1Oracle 9i DB Server, 1 Microsoft 2000 Exchange Email Server, 1 File and Print Server, 1 Intranet Web Server and 7 Workstations. Assess risk based on the Global Finance, Inc. Network Diagram scenario The GFI network diagram depicts how fast the company in relation to the amount of network devices and other equipment...
Words: 897 - Pages: 4
...Importance of ethical hacking Chapter 1 Introduction Ethical hacking is an emerging tools used by most of the organizations for testing network security. The security risks and vulnerabilities in a network can be recognized with the help of ethical hacking. This research completely concentrates on ethical hacking, problems that may occur while hacking process is in progress and various ethical hacking tools available for organizations. Information is the important source for any organizations while executing business operations. Organizations and government agencies have to adopt ethical hacking tools in order secure important documents and sensitive information (Harold F. Tipton and Micki Krause, 2004). Ethical hacker professionals have to be hired in order to test the networks effectively. Ethical hackers perform security measure on behalf of the organization owners. In order to bring out the ethical hacking efforts perfectly a proper plan must be executed. Ethical hacking has the ability to suggest proper security tools that can avoid attacks on the networks. Hacking tools can be used for email systems, data bases and voice over internet protocol applications in order to make communications securely. Ethical hacking can also be known as penetration testing which can be used for networks, applications and operating systems (Jeff Forristal and Julie Traxler, 2001). Using hacking tools is a best method for identifying the attacks before it effect the entire organization. Ethical...
Words: 9223 - Pages: 37
...Network Security | Jevon Wooden ISSC341: Introduction to NetworkingProfessor Belkacem KraimecheAmerican Military University7/13/2012 | | What is network security? According to Cisco, Network security refers to any activities designed to protect your network. Specifically, these activities protect the usability, reliability, integrity, and safety of your network and data. Effective network security targets a variety of threats and stops them from entering or spreading on your network. (What is network security?, para. 2) This essay will discuss how network security works, threats against network security, the importance of network security being properly designed, monitored, and tested, and the future trends of network security and global implications. In order to understand the definition of network security, an analysis of what threatens your network and the countermeasures to stop them needs to be obtained. It also needs to be understood that no network is 100% “hackerproof”. Your job is to make things difficult by designing a network that is hardened and ready for cyber warfare. Before going too far into the design and hardening aspect, let us discuss threats that wage war upon your network. The first type to be considered are insider threats which can range anywhere from an untrained user downloading media off the Internet that have viruses, to a disgruntled employee looking to corrupt or steal confidential information to sell it. Internal threats pose as a significant...
Words: 3481 - Pages: 14
...Internet censorship is the use of filters or ‘blocks’ to control what is published, access and viewed across the internet. It is used by parents, organisations such as schools and corporations and governments to restrict what their citizen’s access and post online. Internet censorship has occurred since the early days of the public internet, where governments around the world have attempted to address the issue of illegal material, political propaganda, harmful material or content deemed unsuitable for children. This essay will discuss the instances of internet censorship failing to work, including when governments have attempted to introduce legislation to restrict access to the internet, and the reasons for the failure. Censorship across the globe will be briefly covered as well as techniques governments which have filters in place use to censor information. Many countries practice internet censorship, where the internet is tightly controlled and speaking your mind on it can get you in serious trouble with the government. According to USA Today, North Korea has the most tightly controlled internet , with all websites being under control by their government. It is so tight that only 4% of the population has access to the internet. Appendix A shows how accessible the internet is in countries. Another highly controlling country is China, where the government severely restricts internet access to their citizens by blocking social media websites such as Facebook, Twitter and...
Words: 1893 - Pages: 8
...Abstract This essay seeks to establish the security of virtualized servers compared to the physical servers. The paper determines the value of virtualization in the computer architecture of today’s world which is designed to run on a single operating system and therefore, most of the computer resources are left underutilized. The focus would be to determine whether the virtualized servers are more secure than their physical counterparts giving the advantages of virtualization therein. Virtual servers over physical servers Virtualization entails the obstruction of physical resources away from their underlying logical resources to improve flexibility and agility, reduce costs and therefore, improve the value of the organization. In a virtualized context, computing environments can be dynamically expanded, created, moved or shrunk as demand varies. Server Virtualization entails allocating several occasions of an operation system to run simultaneously on a single server. Virtualization of servers is achieved by applying a hypervisor to allocate logically and separate physical computer resources. The hypervisor enables a guest operating system to function as if it were solely in control of the hardware while running on the virtual machine, oblivious that other guests are sharing it (Bakshi & Yogesh, 2010). The security benefits of virtualized servers over physical servers Virtualization of servers in the current world is surrounded by a very sophisticated management infrastructure...
Words: 1100 - Pages: 5
...end-to-end processes. BPM system is designed to connect customers, vendors, and suppliers. Security Weakness In the communication between AS’s headquarter and its two departments make the AS’s headquarter assets are targeted, I will discuss here about the vulnerabilities in software and the policy. Company’s Assets The assets for AS are the Business Process Management, BPM, system and the servers used to store customer data such as project information, computer aided design and development models, and intellectual properties. Vulnerabilities Hardware vulnerability Aircraft Solution Company has a major weakness in the network architecture as we noticed within the AS’s headquarter there is insufficient number of firewalls. There are two routers with only...
Words: 4091 - Pages: 17
...Freedom of Connection – Freedom of Expression: The Changing Legal and Regulatory Ecology Shaping the Internet by William H. Dutton Anna Dopatka Michael Hills Ginette Law and Victoria Nash Oxford Internet Institute University of Oxford 1 St Giles Oxford OX1 3JS United Kingdom 19 August 2010 A report prepared for UNESCO’s Division for Freedom of Expression, Democracy and Peace. The opinions expressed in this report are those of the authors and do not necessarily reflect the views of UNESCO or its Division for Freedom of Expression, Democracy and Peace. Preface As stated in its Constitution, UNESCO is dedicated to “Promoting the free flow of ideas by word and image”. Part of this mission, therefore, is to promote freedom of expression and freedom of the press through sensitization and monitoring activities, as a central element in building strong democracies, contributing to good governance, promoting civic participation and the rule of law, and encouraging human development and security. Media independence and pluralism are fostered by the Organization, providing advisory services on media legislation and sensitizing governments and parliamentarians, as well as civil society and relevant professional associations. However, UNESCO recognizes that the principle of freedom of expression must apply not only to traditional media, but also...
Words: 39228 - Pages: 157
...Chapter 1: Introduction to Computer Networks and Data Communications TRUE/FALSE 1. Data is information that has been translated into a form that is more conducive to storage, transmission, and calculation. ANS: T 2. ANS: F PTS: 1 Some people call computer terminals thick-client workstations. PTS: 1 3. A type of microcomputer-to-local area network connection that is growing in popularity is the wireless connection. ANS: T PTS: 1 4. To communicate with the Internet using a dial-up modem, a user’s computer must connect to another computer that is already communicating with the Internet. ANS: T PTS: 1 5. It is not possible to connect two local area networks so that they can share peripherals as well as software. ANS: F PTS: 1 6. Metropolitan area networks can transfer data at fast, LAN speeds but over smaller geographic regions than typically associated with a local area network. ANS: F 7. ANS: T 8. networks. ANS: T 9. ANS: F PTS: 1 The Internet is not a single network but a collection of thousands of networks. PTS: 1 One of the most explosive areas of growth in recent years has been cellular phone PTS: 1 By the 1970s, telephone systems carried more computer data than voice. PTS: 1 10. Network architectures are cohesive layers of protocols defining a set of communication services. ANS: T PTS: 1 11. The OSI model tells us what kind of wire or what kind of connector to use to connect the pieces of a network...
Words: 46505 - Pages: 187
...Management of Information Security Third Edition This page intentionally left blank Management of Information Security Third Edition Michael Whitman, Ph.D., CISM, CISSP Herbert Mattord, M.B.A., CISM, CISSP Kennesaw State University ———————————————————————— Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States Management of Information Security, Third Edition Michael E. Whitman and Herbert J. Mattord Vice President, Career and Professional Editorial: Dave Garza Executive Editor: Stephen Helba Managing Editor: Marah Bellegarde Product Manager: Natalie Pashoukos Developmental Editor: Lynne Raughley Editorial Assistant: Meghan Orvis Vice President, Career and Professional Marketing: Jennifer McAvey Marketing Director: Deborah S. Yarnell Senior Marketing Manager: Erin Coffin Marketing Coordinator: Shanna Gibbs Production Director: Carolyn Miller Production Manager: Andrew Crouth Senior Content Project Manager: Andrea Majot Senior Art Director: Jack Pendleton Cover illustration: Image copyright 2009. Used under license from Shutterstock.com Production Technology Analyst: Tom Stover © 2010 Course Technology, Cengage Learning ALL RIGHTS RESERVED. No part of this work covered by the copyright herein may be reproduced, transmitted, stored, or used in any form or by any means graphic, electronic, or mechanical, including but not limited to photocopying, recording, scanning, digitizing, taping, Web distribution, information...
Words: 229697 - Pages: 919
...Color profile: Disabled Composite Default screen BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Chapter 2 2 General Security Concepts “The only real security that a man can have in this world is a reserve of knowledge, experience and ability.” —HENRY FORD In this chapter, you will learn how to ■ Define basic terms associated with computer and information security ■ Identify the basic approaches to computer and information security ■ Distinguish among various methods to implement access controls ■ Describe methods used to verify the identity and authenticity of an individual ■ Describe methods used to conduct social engineering ■ Recognize some of the basic models used to implement security in operating systems 20 P:\010Comp\BaseTech\619-8\ch02.vp Wednesday, November 09, 2011 2:01:20 PM I n Chapter 1, you learned about some of the various threats that we, as security professionals, face on a daily basis. In this chapter, you start exploring the field of computer security. Color profile: Disabled Composite Default screen BaseTech / Principles of Computer Security: CompTIA Security+™ and Beyond / Wm. Arthur Conklin / 619-8 / Chapter 2 ■ Basic Security Terminology The term hacking has been used frequently in the media. A hacker was once considered an individual who understood the technical aspects of computer operating systems...
Words: 16889 - Pages: 68
...SECURITY ESSENTIALS IMPACT OF SECURITY BREACHES • Security breaches affect organizations in a variety of ways. They often result in the following: • Loss of revenue • Damage to the reputation of the organization • Loss or compromise of data • Interruption of business processes • Damage to customer confidence • Damage to investor confidence • Legal Consequences -- In many states/countries, legal consequences are associated with the failure to secure the system—for example, Sarbanes Oxley, HIPAA, GLBA, California SB 1386. • Security breaches can have far-reaching effects. When there is a perceived or real security weakness, the organization must take immediate action to ensure that the weakness is removed and the damage is limited. • Many organizations now have customer-facing services—for example, websites. Customers may be the first people to notice the result of an attack. Therefore, it is essential that the customer-facing side of the business be as secure as possible. SECURITY RISK MANAGEMENT DISCIPLINE (SRMD) PROCESSES In this topic, we will discuss security risk management discipline (SRMD). Specifically, we will discuss: The three processes of SRMD - • Assessment • Development and implementation • Operation Assessment involves • Asset assessment and valuation. • Identifying security risks with STRIDE. • Analyzing...
Words: 6837 - Pages: 28
...Computer crime Computer Crime Definition A computer crime is any illegal action where the data on a computer is accessed without permission. This access doesn't have to result in loss of data or even data modifications. Arguably the worst computer crime occurs when there are no indications that data was accessed. Computer crime is often attributed to rogue hackers and crackers, but increasingly organized crime groups have realized the relative ease of stealing data with relative low-level of risk. Government organizations are also rumored to be involved with hacking in to computer systems, but the legality of such actions is far too grey an area to be discussed here. Computer crime, or cybercrime, refers to any crime that involves a computer and a network, where the computers may or may not have played an instrumental part in the commission of a crime.[1] Netcrime refers, more precisely, to criminal exploitation of the Internet.[2] Issues surrounding this type of crime have become high-profile, particularly those surrounding hacking, copyright infringement, child pornography, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise. On the global level, both governments and non-state actors continue to grow in importance, with the ability to engage in such activities as espionage, financial theft, and other cross-border crimes sometimes referred to as cyber warfare. The international legal system is...
Words: 7299 - Pages: 30
...Enterprise Resource Planning Software Of The Cloud Information Technology Essay Introduction ERP on the Cloud is based on Enterprise Resource Planning software and the cloud computing platform, two technologies that have increased in popularity over the last few years. ERP refers to a business management system that comprises integrated sets of comprehensive software that can manage and integrate all the business functions within an organization (Shehab et al.). When implemented correctly, ERP is a high-cost investment but also offers high return as it enables companies to centralize their day-to-day operations in real time. Cloud computing technology enables convenient, on-demand network access to a shared pool of configurable computing resources that can be provisioned and released with minimal management effort or service provider interaction (Mell et al.). There are three service models in cloud computing: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). SaaS is capability provided to the consumer to use the software provider's applications running on a cloud infrastructure, with applications accessible from various client devices (Mell et al.). PaaS is capability provided to the consumer to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider (Mell et al.). IaaS is capability provided to the consumer to provision processing...
Words: 7153 - Pages: 29
...Chapter 1 Business Information Systems in Your Career Multiple Choice Questions 1. One of the recent critical challenges facing Major League Baseball was: a. b. c. d. poor coordination between local and national sales channels. poorly managed sales channels. outdated information systems. decreasing ticket sales. Difficulty: Medium Reference: p. 3 Answer: d 2. The six important business objectives of information technology are new products, services, and business models; customer and supplier intimacy; survival; competitive advantage, operational excellence, and: a. b. c. d. improved flexibility. improved decision making. improved business practices. improved efficiency. Difficulty: Easy Reference: p. 6 Answer: b 3. Dell Computer's use of information systems to improve efficiency and implement "mass customization" techniques to maintain consistent profitability and an industry lead illustrates which business objective? a. b. c. d. Improved flexibility Improved business practices Competitive advantage Survival Difficulty: Hard Reference: p. 8 Answer: c 4. The use of information systems because of necessity is: a. b. c. d. survival improved business practices competitive advantage improved flexibility Difficulty: Medium Reference: p. 9 Answer: a 5. (Analysis) Which of the following choices may lead to competitive advantage (1) new products, services, and business models; (2) charging less for superior products; (3) responding to customers in real-time? a. b. c. d. 1 only 1 and 2...
Words: 34754 - Pages: 140
