...LUDHIANA COLLEGE OF ENGINEERING & TECHNOLOGY 6 Month SYNOPSIS s Training Submitted to: - Submitted by:- Mr. R.K. Aggarwal Nikhil Sharma Head of Deptt. Electronics & Comm. Electronics & Comm. 8TH (B) 80102108050 ACKNOWLEDGEMENT The beatitude, bliss & euphoria that accompany the successful completion of any task would be incomplete without the expression of the appreciation of simple virtues to the people who made it possible. So, reverence, veneration and honours. I acknowledge all those whose guidance and encouragement has made successful in winding up this synopsis. I owe a huge debt of thanks to a large number of people without whom none of this would have been possible. I am thankful to Dr. J.S. Sohal(Director), Dr. Pawan Kumar(Principal), Mr. R.K Aggarwal(Head of Department) for valuable suggestions and enthusiastic interest during the entire process. For my six months industrial training...
Words: 3916 - Pages: 16
...INFORMATION RESOURCE GUIDE Computer, Internet and Network Systems Security An Introduction to Security i Security Manual Compiled By: S.K.PARMAR, Cst N.Cowichan Duncan RCMP Det 6060 Canada Ave., Duncan, BC 250-748-5522 sunny@seaside.net This publication is for informational purposes only. In no way should this publication by interpreted as offering legal or accounting advice. If legal or other professional advice is needed it is encouraged that you seek it from the appropriate source. All product & company names mentioned in this manual are the [registered] trademarks of their respective owners. The mention of a product or company does not in itself constitute an endorsement. The articles, documents, publications, presentations, and white papers referenced and used to compile this manual are copyright protected by the original authors. Please give credit where it is due and obtain permission to use these. All material contained has been used with permission from the original author(s) or representing agent/organization. ii T eofContent abl 1.0 INTRODUCTION........................................................................................................................................................... 2 1.1 BASIC INTERNET TECHNICAL DETAILS ........................................................................................................................ 2 1.1.1 TCP/IP : Transmission Control Protocol/Internet Protocol .........................................
Words: 134858 - Pages: 540
...employees travel from office to office, from office to home, from city to city. Since business have become more fluid, …, information security is no longer the sole responsibility of a small dedicated group of professionals, …, it is now the responsibility of every employee, especially managers.” http://www.businessandleadership.com/fs/img/news/200811/378x/business-traveller.jpg http://www.businessandleadership.com/fs/img/news/200811/378x/businesshttp://www.koolringtones.co.uk/wp-content/uploads/2010/01/mobile-phones.jpg http://www.koolringtones.co.uk/wp- content/uploads/2010/01/mobile- Information Technology • Information Technology – enables storage and transportation of information from one business unit to another in many organizations, information is seen as the most valuable asset • Information System – entire set of data, software, hardware, networks, people, procedures and policies necessary to use information as a resource in an organization each of 7 components has its own strengths, weaknesses, and its own security requirements Information Technology (cont.) Information Security Security = state of being...
Words: 4051 - Pages: 17
...network as well as a state of the art design and equipment for a Law Firm’s work environment. Assure that appropriate telecommunications and computing resources are available to support the mission of the firm Assure that each staff member who uses telecommunications and computing resources in his or her position has a computer of sufficient capability to fulfill their required job responsibilities Ease resource and financial planning by reducing the effort involved in budgeting and planning for new telephone units, computers, network, classroom equipment and server systems. Provide for the cost effective and timely purchasing and installation of new equipment while decreasing the deployment time for new equipment; and disposal of old and obsolete equipment. ------------------------------------------------- Deliverables Dell Desktops and laptops Cisco Routers, switches, and Ip phones will be installed and configured Firewalls will be installed Blade server holding case will be provided Internet services will be provided by Install Cat 6 cable and fiber optic cable Connector’s trays and cable racks will be installed Software i.e. Microsoft Server 2008R2, Windows 7, Exchange Server, Citrix Carpe Diem, Anti-Virus , Spam Server, VPN Server, Web Server, Hummingbird will be installed All servers for the network will be installed Technical requirements Hardware and Software...
Words: 11532 - Pages: 47
...CHAPTER Firewall Fundamentals 2 T o some network administrators, a firewall is the key component of their infrastructure’s security. To others, a firewall is a hassle and a barrier to accomplishing essential tasks. In most cases, the negative view of firewalls stems from a basic misunderstanding of the nature of firewalls and how they work. This chapter will help dispel this confusion. This chapter clearly defines the fundamentals of firewalls. These include what a firewall is, what a firewall does, how it performs these tasks, why firewalls are necessary, the various firewall types, and filtering mechanisms. Once you understand these fundamentals of firewalls, you will be able to look beyond the unschooled opinions, common mythology, and marketing hype surrounding them, and the crucial benefits of effective firewall architecture will become clear. Like any tool, firewalls are useful in solving a variety of problems and in supporting essential network security. Chapter 2 Topics This chapter covers the following topics and concepts: • What a firewall is • Why you need a firewall • How firewalls work and what they do • What the basics of TCP/IP are • What the types of firewalls are • What ingress and egress filtering is • What the types of firewall filtering are • What the difference between software and hardware firewalls is • What dual-homed and triple-homed firewalls are • What the best placement of a firewall is 43 Chapter 2 Goals When you complete...
Words: 15367 - Pages: 62
...because it causes a huge loss and impact on the society. There are many control systems in an airport, and the report only focus on air traffic control system (ATC). The risks, mitigations strategies, risk management plan is analysis the technology problem and solution to the computer system of ATC. In this report, the hazard, financial and operational risks that cause by information technology vulnerability is assess in the first session. The second session discusses the risk management techniques for the risks that identify in first session. Lastly, the risk mitigation plan is discussed the critical business function and plans to deal with computer outage, power outage when the issues happen. RISK ASSESSMENT Activity, Asset, Data information, risk The Air Traffic Control (ATC) is responsible for several activities in the airport. It involves separation assurance, landing services operating, navigation and ground control. Separation assurance is one of the main ATC components. It maintains the separation of aircraft from each other to avoid collision (Dwyer & Landry, 2013). The separation assurance tracks the position of each aircraft, and air traffic controller collects the information and provides it to the pilot. Both of automated tasks and manual tasks are involved in this function. The flights information such as identification, location and situation is recorded and used in the system. The separation assurance involves different facility such as radar and control...
Words: 6286 - Pages: 26
...This page was intentionally left blank This page was intentionally left blank Hands-On Ethical Hacking and Network Defense Second Edition Michael T. Simpson, Kent Backman, and James E. Corley ———————————————————————— Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States Copyright 2010 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. This is an electronic version of the print textbook. Due to electronic rights restrictions, some third party content may be suppressed. Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. The publisher reserves the right to remove content from this title at any time if subsequent rights restrictions require it. For valuable information on pricing, previous editions, changes to current editions, and alternate formats, please visit www.cengage.com/highered to search by ISBN#, author, title, or keyword for materials in your areas of interest. Copyright 2010 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated...
Words: 185373 - Pages: 742
...Provisions and Directives 4 3.2 Objectives 4 3.3 Organization 5 3.4 Contingency Phases 8 3.4.1 Response Phase 8 3.4.2 Resumption Phase 8 3.4.3 Recovery Phase 8 3.4.4 Restoration Phase 9 3.5 Assumptions 9 3.6 Critical Success Factors and Issues 9 3.7 Mission Critical Systems/Applications/Services 10 3.8 Threats 10 3.8.1 Probable Threats 11 4 System Description 12 4.1 Physical Environment 12 4.2 Technical Environment 12 5 Plan 12 5.1 Plan Management 12 5.1.1 Contingency Planning Workgroups 12 5.1.2 Contingency Plan Coordinator 12 5.1.3 System Contingency Coordinators 13 5.1.4 Incident Notification 13 5.1.5 Internal Personnel Notification 13 5.1.6 External Contact Notification 13 5.1.7 Media Releases 14 5.1.8 Alternate Site (s) 14 5.2 Teams 14 5.2.1 Damage Assessment Team 14 5.2.2 Operations Team 15 5.2.3 Communications Team 15 5.2.4 Data Entry and Control Team 15 5.2.5 Off-Site Storage Team 15 5.2.6 Administrative Management Team 15 5.2.7 Procurement Team 15 5.2.8 Configuration Management Team 16 5.2.9 Facilities Team 16 5.2.10 System Software Team 16 5.2.11 Internal Audit Team 16 5.2.12 User Assistance Team 16 5.3 Data Communications 16 5.4 Backups 16 5.4.1 Vital Records/Documentation 17 5.5 Office Equipment, Furniture and Supplies 19 5.6 Recommended Testing Procedures 19 6 Recommended Strategies 20 6...
Words: 17284 - Pages: 70
...Provisions and Directives 4 3.2 Objectives 4 3.3 Organization 5 3.4 Contingency Phases 8 3.4.1 Response Phase 8 3.4.2 Resumption Phase 8 3.4.3 Recovery Phase 8 3.4.4 Restoration Phase 9 3.5 Assumptions 9 3.6 Critical Success Factors and Issues 9 3.7 Mission Critical Systems/Applications/Services 10 3.8 Threats 10 3.8.1 Probable Threats 11 4 System Description 12 4.1 Physical Environment 12 4.2 Technical Environment 12 5 Plan 12 5.1 Plan Management 12 5.1.1 Contingency Planning Workgroups 12 5.1.2 Contingency Plan Coordinator 12 5.1.3 System Contingency Coordinators 13 5.1.4 Incident Notification 13 5.1.5 Internal Personnel Notification 13 5.1.6 External Contact Notification 13 5.1.7 Media Releases 14 5.1.8 Alternate Site (s) 14 5.2 Teams 14 5.2.1 Damage Assessment Team 14 5.2.2 Operations Team 15 5.2.3 Communications Team 15 5.2.4 Data Entry and Control Team 15 5.2.5 Off-Site Storage Team 15 5.2.6 Administrative Management Team 15 5.2.7 Procurement Team 15 5.2.8 Configuration Management Team 16 5.2.9 Facilities Team 16 5.2.10 System Software Team 16 5.2.11 Internal Audit Team 16 5.2.12 User Assistance Team 16 5.3 Data Communications 16 5.4 Backups 16 5.4.1 Vital Records/Documentation 17 5.5 Office Equipment, Furniture and Supplies 19 5.6 Recommended Testing Procedures 19 6 Recommended Strategies 20 6...
Words: 17323 - Pages: 70
...1. An IS auditor is reviewing access to an application to determine whether the 10 most recent "new user" forms were correctly authorized. This is an example of: A. variable sampling. B. substantive testing. C. compliance testing. D. stop-or-go sampling. The correct answer is: C. compliance testing. Explanation: Compliance testing determines whether controls are being applied in compliance with policy. This includes tests to determine whether new accounts were appropriately authorized. Variable sampling is used to estimate numerical values, such as dollar values. Substantive testing substantiates the integrity of actual processing, such as balances on financial statements. The development of substantive tests is often dependent on the outcome of compliance tests. If compliance tests indicate that there are adequate internal controls, then substantive tests can be minimized. Stop-or-go sampling allows a test to be stopped as early as possible and is not appropriate for checking whether procedures have been followed. 2. The decisions and actions of an IS auditor are MOST likely to affect which of the following risks? A. Inherent B. Detection C. Control D. Business The correct answer is: B. Detection Explanation: Detection risks are directly affected by the auditor's selection of audit procedures and techniques. Inherent risks usually are not affected by the IS auditor. Control risks are controlled by the actions of the company's management. Business...
Words: 97238 - Pages: 389
...Definition: An information system can be any organized combination of people, hardware, software, computer networks and data resources that stores and retrieves, transforms, and disseminates information in an organization. Roles of IS in Business: There are three fundamental reasons for all business applications of information technology. They are found in the three vital roles that information system can perform for a business enterprise. Support of its business processes and operations. Support of decision making by its employees and managers. Support of its strategies for competitive advantage. Trends in IS: The business applications of information systems have expanded significantly over the years. Data Processing (1950s – 1960s): Electronic data processing systems which includes transaction processing, record keeping, and traditional accounting applications. Management Reporting (1960s – 1970s): Management information systems that include preparation of management reports of pre specified information to support decision making. Decision Support (1970s – 1980s): Decision support systems include interactive ad hoc support of managerial decision making process. Strategic and End User Support (1980s – 1990s): o End user computing systems: Direct computing support for end user productivity and work group collaboration. o Executive information systems: Critical information for top management. o Expert Systems: Knowledge based expert advice for...
Words: 13881 - Pages: 56
...The Critical Security Controls for Effective Cyber Defense Version 5.0 1 Introduction ..................................................................................................................................................................... 3 CSC 1: Inventory of Authorized and Unauthorized Devices ............................................................................ 8 CSC 2: Inventory of Authorized and Unauthorized Software ....................................................................... 14 CSC 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers ....................................................................................................................................... 19 CSC 4: Continuous Vulnerability Assessment and Remediation ................................................................. 27 CSC 5: Malware Defenses .......................................................................................................................................... 33 CSC 6: Application Software...
Words: 31673 - Pages: 127
...their Building Blocks * 1-1 Introduction to Networks * 1-2 Networking Types * 1-3 OSI Reference Model * 1-4 TCP/IP Model * 1-5 Ethernet Technologies and Cabling * 1-6 Cisco 3 Layer Model * 1-7 Summary * Chapter 2 – IP Addressing and Subnets * 2-1 IP Addresses – Composition, Types and Classes * 2-2 Private and Public IP addresses * 2-3 Subnetting * 2-4 Variable Length Subnet Masks (VLSM) * 2-5 Route Summarization * 2-6 Troubleshooting IP Addressing * Chapter 3 Introduction to Cisco Routers, Switches and IOS * 3-1 Introduction to Cisco Routers, Switches, IOS & the Boot Process * 3-2 Using the Command-Line Interface (CLI) * 3-3 Basic Configuration of Router and Switches * 3-4 Configuring Router Interfaces * 3-5 Gathering Information and Verifying Configuration * 3-6 Configuring DNS & DHCP * 3-7 Saving, Erasing, Restoring and Backing up Configuration & IOS File * 3-8 Password Recovery on a Cisco Router * 3-9 Cisco Discovery Protocol (CDP) * 3-10 Using Telnet on IOS * 3-11 CCNA Lab #1 * Chapter 4 Introduction to IP Routing * 4-1 Understanding IP Routing * 4-2 Static, Default and Dynamic Routing * 4-3 Administrative Distance and Routing Metrics * 4-4 Classes of Routing Protocols * 4-5 Routing Loops ...
Words: 95744 - Pages: 383
...State of North Carolina Statewide Information Security Manual Prepared by the Enterprise Security and Risk Management Office Publication Date: April 20, 2012 INTRODUCTION FOR STATEWIDE INFORMATION SECURITY MANUAL ...... 1 GUIDANCE FOR AGENCIES .............................................................................. 1 CHAPTER 1 – CLASSIFYING INFORMATION AND DATA ................................ 2 CHAPTER 2 – CONTROLLING ACCESS TO INFORMATION AND SYSTEMS. 7 CHAPTER 3 – PROCESSING INFORMATION AND DOCUMENTS ................. 32 CHAPTER 4 – PURCHASING AND MAINTAINING COMMERCIAL SOFTWARE ..................................................................................................... 107 CHAPTER 5 – SECURING HARDWARE, PERIPHERALS AND OTHER EQUIPMENT .................................................................................................... 122 CHAPTER 6 – COMBATING CYBER CRIME ................................................. 146 CHAPTER 7 – CONTROLLING E-COMMERCE INFORMATION SECURITY 153 CHAPTER 9 – DEALING WITH PREMISES RELATED CONSIDERATIONS . 173 CHAPTER 10 – ADDRESSING PERSONNEL ISSUES RELATING TO SECURITY ........................................................................................................ 185 CHAPTER 11 – DELIVERING TRAINING AND STAFF AWARENESS .......... 192 CHAPTER 12 – COMPLYING WITH LEGAL AND POLICY REQUIREMENTS ......................................................................................................................
Words: 65255 - Pages: 262
...Template Version 1.0 31 October 2007 TABLE OF CONTENTS DISASTER RECOVERY PLAN – DOCUMENT CHANGE CONTROL 6 EXECUTIVE SUMMARY 8 Overview 8 Recovery Statement Summary 8 Recovery Scenario #1: The Preferred Solution for a Total Data Center Loss 8 Recovery Strategies: Activities and Time Frames 9 Short-Term (2 to 3 Days): 9 Medium-Term (6 to 12 weeks): 9 Longer-Term (6 months to 2 years): 9 Recovery Scenario #2: The Strategy for Loss of a Critical System or Component 9 Summary 10 INTRODUCTION 11 INFORMATION SECURITY POLICY – DEFINITIONS & STATED REQUIREMENTS 11 8.2 Disaster Recovery Plan 11 8.3 Business Recovery Strategy 11 PLAN DISTRIBUTION 11 PLAN OBJECTIVES 11 PLAN ASSUMPTIONS 12 Definitions 12 PROCESSING ENVIRONMENT 13 Scope of Recovery 13 Environment Description 13 Essential Equipment 13 Disaster Recovery Scripts 15 RECOVERY PLAN ELEMENTS 17 1. Recovery Plan for Major Disasters 17 A. Detection and Reaction 17 B. Identifying the problem – Notifying the authorities 17 C. Establishing a Command Center 17 D. Reducing Exposure 17 2. Roles and Responsibilities 20 A. Management / Damage Assessment Team: Initial Response 21 B. Disaster Recovery Teams — Emergency Contact List 22 (AGENCY) FUNCTIONAL AREA MANAGERS 23 3. Recovery Plan for Major Disasters 24 A. Establishment of Full Recovery at Backup Site 24 B. Disaster Recovery Team Checklists 24 C. Restoration of Facilities and Operations at the Original and/or Alternate Site 24 4. DISASTER RECOVERY...
Words: 17396 - Pages: 70