...Mr. Cameron, Sir, I would be happy to discuss our perimeter defenses. When defining the perimeter we must first ask, are we discussing a physical or a logical (computer) layer of defense? When you observed the guards, fences, and TV cameras, you were observing the physical perimeter defenses. When your colleague mentioned his network perimeter, he was referring to the defenses established to protect your information technology systems (networks, computers, data storage devices, and information). Network defenses include a variety of both hardware and software resources that mimic the function of guards, fences, and TV cameras, but focus on the protection of computer systems and information. What follows is not an all-inclusive list of network defenses, however, they are some of the more common examples that support information security. Like traffic cops, routers direct electronic media traffic in and out of our networks. A router is typically the first and last line of defense as it is commonly on the outskirts of the network defense perimeter. Picking up where the router left off, a firewall operates on a specified set of rules which determine what is allowed to pass. The different types of firewalls include: (a) static packet filters, (b) stateful firewalls, and (c) proxies. Firewalls do not necessarily know what legitimate traffic...
Words: 521 - Pages: 3
...Introduction West Suburban bank has worked hard to protect its customer information and the related data that is provided to the bank in order to business with them. In collaboration with Perimeter E-Security Company, West Suburban bank has excellent network security system that recognizes the threats within seconds and figures out a solution to fix the problem. Perimeter E-Security offers excellent information security and messaging services helping many businesses to secure their data from unauthorized users. West Suburban bank took advantage of the services provided by Perimeter E-Security as well in order to protect the assets of their clients. There are hundreds of defense methods however for this paper our major focus will be on the six defenses used by West Suburban bank in order to provide best security services to its clients and protect its information. We will be looking at firewalls, data security, Internet security, application security, access control and anti spyware defenses. Firewalls defense Firewalls implement security at every layer. Firewalls are barriers between a trusted network or PC and the untrustworthy Internet, it is a network node consisting of both hardware and software that isolates a private network from a public network. On the Internet, the data and requests sent from one computer to another are broken into segments called packets. Each packet contains the Internet address of the computer sending the data, as well as the Internet address...
Words: 1408 - Pages: 6
...Perimeter Security Applications Robinson Paulino DeVry College of New York Sec- 330 Professor: Gerard Beatty Perimeter Security Applications Outline Introduction 2 Intruder Detection Accuracy 3 Security Cameras 4 1. Using Size Filters for Video Analytics Accuracy 4 2. Geo-Registration and Perimeter Security Detection Accuracy 5 3. Clarity against a moving background 5 Perimeter Security Best Practices 6 Auto Tracking PTZ Camera 6 Long Range Thermal Camera 6 Covering Perimeter Camera Blind Spots 7 Determine a Perimeter Camera’s Range 7 Perimeter Fence . 8 Chain-Link Fences Protection 8 Electric and Infrared Fences 8 Fiber Optic Intrusion Detection Systems 9 In-Ground Intrusion Detection Systems 10 References 11 Perimeter Security Applications Introduction Physical security is the protection offered for property, these may be buildings or any other form of asset, against intruders (Arata, 2006). . The idea therefore, is to keep off unwanted persons or objects from ones premises. One’s premise is defined by a boundary which separates private property from the rest of the land. This boundary is referred to as the perimeter. The perimeter could be physical or logical. Physical security is intended to keep intruders from land and grounds around such property. Logical perimeters on the other hand, are for protection against computer sabotage or any other remote malicious activities (Fennelly, 2012). In a nutshell, perimeter security...
Words: 2429 - Pages: 10
...Coursework Assignment Title: Perimeter Network Security System Outline Requirements The University is based in Glasgow, and provides higher education services to its students and staff. It is located on a single campus called Campus A. Students and staff use the network services from hosts on various different user networks, as shown in Figure 1 . Due to an increasing number of security violations, a possible redesign of the network infrastructure is to be investigated. You have been hired as a consultant to propose security enhancements, and produce a report. The aim of the exercise is to present a possible solution to the problem at hand by creating a prototype of the new network security infrastructure. This new design should tackle the following components: Provide best practice network egress and ingress filtering at the network perimeter. Create a perimeter firewall, with an appropriate topology to provide the organisations services, including public web, and mail servers. The firewall should have a closed security stance, and provide public services in a secure way. Provide secure access to all devices, from the security management subnet. Additionally, research should be carried out into increasingly common Advanced Persistent Threats (APT), and ways to defend against these using network defenses. This part of the coursework will be research only and be confined to a part of the Research Section. You will be required...
Words: 607 - Pages: 3
...Deploying Application Firewall in Defense in Depth Principle Abstract Information security should be a priority for businesses, especially when they are increasingly involved in electronic commerce. With the understanding that securing an operating system successfully requires taking a systematic and comprehensive approach, security practitioners have recommended a layered approach called defense-in-depth. The cost and complexity of deploying multiple security technologies has prevented many organizations from achieving their information security goal. In view of these constraints and in compliance with recent with recent corporate and industry regulations like Sarbanes-Oxley Act and Payment Card Industry Data Security Standard, businesses now deploy application firewalls as security measures. Based on the foregoing, the author has recommended the use of application firewalls as a single platform for achieving layered security through network protection, application protection and data protection. This paper commences by examining the defense in depth theory and the types of application firewall and the author concludes by citing the Institute for Computing Applications (IAC) of the Italian National Research Council (CNR) as an example of an organization which engaged application firewalls in resolving its network security problem. Research Analysis/ Body The development of Information security is of paramount importance to organizations that have online presence...
Words: 1701 - Pages: 7
...firewall to implement? A firewall comes in all shapes, sizes, and specification. All are meant to make a network more secure, but where to start? Is it a software driven firewall or hardware bases firewall used? Which type of firewall; database, network based, host bases, or application bases? What are the differences between them, how they work or what they actually do? Will it do more harm than good? It can all be very confusing when trying to protect a network and figure out which firewall is best fit. All of these are very important questions that should be answered before starting the installation and implementation of a firewall. Hopefully the answer to these questions will become clear as firewalls are discussed further in this paper. Firewalls What is a firewall and how does it work? By definition a firewall protects an internal network from malicious access from the outside. A firewall basically comes in two different styles, hardware or software based. A software based firewall is just that, software that is installed on another piece of equipment in order to provide the functionality of a firewall. Hardware based firewall is an ancillary piece of equipment whose sole purpose it to work as a firewall. The most...
Words: 3446 - Pages: 14
...an Enterprise Setting Daniel Joel Clark A Capstone Presented to the Information Technology College Faculty of Western Governors University in Partial Fulfillment of the Requirements for the Degree Master of Science in Information Security Assurance January 9, 2014 1 SECURING WI-FI ROGUE ACESS WITHIN AN ENTERPRISE SETTING 2 A1 - Abstract Since 1999 wireless devices have become a necessity in enterprises. While increasing convenience, connectivity, and productivity, they also pose an unprecedented threat to network security guarding, which has literally taken to the airwaves. This paper will deal with vulnerabilities and risks regarding access points (APs) in a wireless network (WLAN) connecting to a wired local area network (LAN) in enterprises. Data for this paper will come from published academic papers, industry publications including white papers and surveys, and industry specialists. It will also include definitions of terms, policy and procedures that affect access points, and current practices regarding rogue APs. A case study will be presented for a fictional enterprise with multiple locations that has standard procedures, policies, and protocols in place, but recent events have questioned their ability to control access points with the discovery of rogue devices hidden in several office locations. Industry warnings about access points span the past thirteen years, and still new articles appear saying similar warnings, with only the solutions...
Words: 18577 - Pages: 75
...SHORT PAPER ASSIGNMENT THREE SUBMITTED TO: IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR CYB 5275: ENTERPRISE INFORMATION SECURITY BY CRAIG CANNON MELBOURNE, FLORIDA FEBRUARY 1ST 2013 Information Systems security has never been more critical around the world than it is today. Demand for new improved services has become intense causing enterprises to reinvent their infrastructures by erasing traditional network boundaries. The cyber security threat lurking outside those boundaries is causing security analyst to rethink their views on network security. As the BYOD (bring your own devices) and cloud computing trend becomes more commonplace, security by exclusion by attempting to maintain hard perimeters is no longer a viable option. As the number of network devices continues to increase, the number of vulnerabilities also increases as well. As more and more organizations continue to be overwhelmed by cyber attacks it will become evident that the current strategy of responding to attacks no longer works. To be affective analyst will have to change their strategy from a reactive to a proactive state. References Baker, SA and Dunlap, CJ Jr, (1 May 2012) ‘What is the Role of Lawyers in Cyberwarfare?’ http://www.abajournal.com/magazine/article/what_is_the_role_of_lawyers_in_cyberwarfare Benitz, J. (27 May 2011) ‘Baltic States Urge NATO to Bolster Cyber-Defense’ NATO...
Words: 394 - Pages: 2
...granted providing that copies bear this notice and a full citation on the first page. Any other reproduction or transmission requires prior written permission. Artificial Intelligence in Cyber Defense Enn Tyugu R&D Branch Cooperative Cyber Defense Center of Excellence (CCD COE) and Estonian Academy of Sciences Tallinn, Estonia tyugu@ieee.org Abstract- The speed of processes and the amount of data to be used in defending the cyber space cannot be handled by humans without considerable automation. However, it is difficult to develop software with conventional fixed algorithms (hard-wired logic on decision making level) for effectively defending against the dynamically evolving attacks in networks. This situation can be handled by applying methods of artificial intelligence that provide flexibility and learning capability to software. This paper presents a brief survey of artificial intelligence applications in cyber defense (CD), and analyzes the prospects of enhancing the cyber defense capabilities by means of increasing the intelligence of the defense systems. After surveying the papers available about artificial intelligence applications in CD, we can conclude that useful applications already exist. They belong, first of all, to applications of artificial neural nets in perimeter defense and some other CD areas. From the other side – it has become obvious that many CD problems can be solved successfully only when methods of artificial intelligence are being used. For example,...
Words: 4861 - Pages: 20
...Abstract This paper discusses Airport security throughout the world and in the U.S. The lack of security in the airports in the U.S. compared to other countries even after 9/11. The resources not being used for security and training; the different security sections that should be made developed for more thorough security checks before any passenger even steps foot onto the airplane. The airport should run their security like it was a military base where everything out of the ordinary is scrutinized with undercover security personnel asking suspicious passengers questions. Airport Security How many times have you, your family member or friend gone through security in a U.S. Airport? Is a metal detector really going to stop a terrorist from hi-jacking a plane? I have been to different Airports in the U.S. and to Hartsfield International Airport too many times. I have noticed one thing in all of these airports in the U.S., lack of security and the business like approach to it. After we all pass through the metal detectors, what other security measures are there, from preventing a person to get on a plane with bad intentions either smuggling something or passing through the metal detectors which, they don’t catch a terrorist with bad intentions. After the initial security metal detector check point, we are all free and on are way to the airplane. If the security guards at the metal detector check point, don’t catch the person with bad intentions the first time, who will? The...
Words: 1612 - Pages: 7
...A1.Nature of the Incident An employee hacked into the human resource records system at the employee’s place of business and changed the employee’s base salary rate to obtain a pay raise. The employee did this by spoofing an IP address in order to eavesdrop on the network. Once the employee identified where the data was stored and how to modify it, the employee made the changes and received two paychecks with the new amount. IP Spoofing means, pretending to be something you are not. In Internet terms it means pretending to be a different Internet address from the one you really have in order to gain something. That might be information like credit card numbers, passwords, personal information or the ability to carry out actions using someone else’s identity. IP spoofing attack involves forging one's source address. It is the act of using one machine to impersonate another.Spoofing is an active security attack in which one machine on the network masquerades as a different machine. As an active attack, it disrupts the normal flow of data and may involve injecting data into the communications link between other machines. This masquerade aims to fool other machines on the network into accepting the impostor as an original, either to lure the other machines into sending it data or to allow it to alter data. The meaning of“spoof” here is not “a lighthearted parody,” but rather “a deception intended to trick one into accepting as genuine something that is actually false...
Words: 2163 - Pages: 9
............................................................................................................... 3 Writing Conventions....................................................................................................... 3 Vulnerability Severity Code Definitions ........................................................................ 4 STIG Distribution ........................................................................................................... 5 Document Revisions ....................................................................................................... 5 ACCESS CONTROL LAYERS .......................................................................................... 7 2.1 The Access Control Perimeter...
Words: 38488 - Pages: 154
...The merger between Myrtle & Associates and Bellview will Law Group, forming the MAB Law Firm, will create a new network and domain. Myrtle & Associates existing network is modern and using update to date technologies. This network also allows for mobile access to case via the internet. The capabilities of this network give Myrtle & Associates an advantage and helps make them competitive. The Bellview Law Group operates on an antiquated system that is stationary and not as secure as their counterpart. They do not have access to case files on the move. With the merger forming MAB Law Firm there must be some necessary and much needed changes to both systems to a single definitive network. Myrtle & Associates domain will become part of the MAB Law Firm domain. Myrtle & Associates will still have the same experience they previously encountered but will be able to interact more effectively with the employee of Bellview Law Group location. Belleview Law Group will see a complete over hall of their network and systems. Their outdated in-house built server towers will be replaced with new Dell power edge servers. They will operate the same case management software that the Myrtle & Associates operate. These systems will replicate with one another. The network will become a Server 2008 R2 based network utilizing windows active directory one the MAB Law Firm domain. Each site will host a domain controller and domain name system on the same server....
Words: 2002 - Pages: 9
...v Optional Physical Security………..………………........................................................................vi Information and Records Security………..………........................................................................vi Emergency and Response Planning...............................................................................................vii OSHA Standards and Violaton….…………………………………………….……………..….xiii Hiring Practices……………...….…………………………………………….……………..….xiii Legal Issues…..……………...….…………………………………………….……………..……ix Conclusion……………...….…………………………………………….……………..………...ix References…………………………………………………………………….……………..…….x Introduction The purpose of this paper is to design a security plan for the Maryland Public Safety Education and Training Center (MPSETC) that, at a minimum, identifies the facility assets requiring protection, the criticality of those assets, the various threats directed at the assets and the probability of loss. Through my research, I will identify various problems and offer possible solutions to those listed issues. Facility Overview The MPSETC is currently located in Sykesville, Maryland. It is operated under the Maryland Police and Correctional Training (MPCT) commission, which is a division of the...
Words: 3218 - Pages: 13
...together”. An attack is defined as “an aggressive and violent act against a person or place”. Lastly, security is defined as “the state of being free from danger or threat”. Since the beginning of networking there have been users out there with malicious intent to either gain information or disrupt it. Technicians may not be able to stop the initiation of attack but there are certainly tools and techniques to fight back. This paper will discuss the protocol layers of networking, the associated threats and applicable solutions. This research paper will include an analysis of networking and examples of attacks. While not all solutions will be touched upon, this paper will give you a basic understanding of the way forward. Many references sited in my research are scholarly, peer reviewed journals and are considered experts in their field of Information Technology Technology is the basis of many operations in society today. While technological advances have made numerous processes easier and faster, it has also introduced an equal number of negative practices. This paper will discuss the theoretical model of networking which breaks up the data transmission process into multiple layers. We will first take a look at the original networking model and its functions compared to the newer model. Next we will take a look at vulnerabilities that are susceptible to attacks within each layer. Finally we will take a look at possible solutions to thwart malicious activity. Before we begin, let’s...
Words: 3311 - Pages: 14
