Security Plan

Security Plan Scenario Widget W arho spend is a medium sized e-commerce comp any(prenominal) that supports 200 customers daily. The student has been hired to facilitate in the development of a new pledge system policy. An assignment has been authorized to analyse the current mesh of Widget W arho wont. The Widget Wargonhouse profits is comprised of an intranet with 200 users, and a public Web waiter that processes the familiarity e-commerce traffic. The indispensable internet is logically divided into an discipline technology (IT) segment branch, an method of accounting branch, a customer service branch, a sales branch, and an inventory branch. tread 1 Create a contestation of various attack intrudersa. The IT department for Widget W atomic number 18house has a general realizeing of security further they be very inexperienced with the various attacks an intruder hind end use to exploit their profits resources. Create a sway of various attacks intruders advise use maliciously against the Widget Warehouse intercommunicate. Also, allow a abbreviated explanation of possible attacks, including their purpose. Attack Name Attack Description skirt chaser force attack This attack uses a specific character bewilder ( such(prenominal) as A-Z, 0-9) and computes the hash for every possible password made up of those characters. Eavesdropping When an assaulter is eavesdropping on our conferences, it is referred to as sniffing or snooping. The ability of an eavesdropper to monitor the network is generally the biggest security problem that administrators face in an initiative. Without strong encryption services that are based on cryptography, our data seat be read by others as it traverses the network. Denial-of-Service Attack The denial-of-service attack prevents normal use of your electronic computer or network by valid users. After gaining assenting to the network the attacker behind send invalid data to applications or network services, wh ich causes abnormal termination or behaviour of the applications or services, attacker can flood a computer or the entire network with traffic until a shutdown occurs because of the everyplaceload, attacker can Block traffic, which may result in loss of bother our network resources by the users. knowledge Modification After an attacker has read our data, the next logical tread is to alter it. An attacker can modify the data in the software program without the knowledge of the sender or receiver. Even if we do non lead confidentiality for all communications or we do non want any of the messages to be modified in transit. For example, if one is exchanging purchase requisitions, he does not want the items, amounts, or billing information to be modified. Identity Spoofing (IP cover Spoofing) Most networks and operating systems use the IP address of a computer to identify a valid entity. In certain cases, it is possible for an IP address to be falsely assumed identity spoofing . An attacker moguliness also use special programs to construct IP packets that appear to initiate from valid addresses at heart the corporate intranet. After gaining entranceway to the network with a valid IP address, the attacker can modify, reroute, or delete your data. Password-establish Attacks A common denominator of most operating system and network security plans is password-based gate control. Thus the coming rights to a computer and network resources are fit(p) by the person, the user name and the password. Older applications do not eternally protect identity information as it is passed through the network for validation. This might allow an eavesdropper to gain access to the network by posing as a valid user.Sniffer Attack A sniffer is an application or crook that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer give ups a full view of the data inside the packet. Even encapsulated (tunn elled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key. Man-in-the-Middle Attack The man-in-the-middle attack occurs when soulfulness among you and the person with whom you are communicating is actively supervise, capturing, and controlling your communication transparently. For example, the attacker can re-route a data exchange. When computers are communicating at low levels of the network layer, the computers might not be able to get hold with whom they are exchanging data. Trojan horses and worms Trojan horses are often associated with viruses which are they are dangerous programs that masquerade as benign programs. tempo 2 work on a List of Security Requirementsa. 1 of the first blackguards in creating a security policy is gathering the requirements for the company. Create a list of questions to ask the Widget Warehouse executives, in order to better chthonicstand their security requirements and business goal s. 1. Widget Warehouse requirements a) What are the specifications required for the network operation? b) What access controls are needed to be apply on the users? c) Which departments are needed to be interconnected? d) What are the login policies and to which extent are they needed to be applied? (day, time range etc) e) A list of various applications which are required for the different branches? f) To what extent the policies are to be applied on the users? g) How group policies should be applied on the server which allows the users to access information? h) What are the policies to be implied on the web access? i) Specifications of file policies to all the users? j) What are the password policies needed to be applied on the users?Step 3 Identify Security Implementation Options a. Based on the questions, it is discovered that mission-critical information is passed amidst remote departments in the company over the LAN and the Internet. What security implementation could be use d to make this information out of unauthorized manpower? Provide a outline explanation with each answer. Company leave have the information approximately their employees, customers, products, sales, and financial status. Most of this information is now collected, processed and stored on electronic computers and transmitted across networks to other computers. Should confidential information about businesses customers or finances or new product line fall into the hands of a competitor, such a breach of security could lead to incapacitated business, law suits or even bankruptcy of the business. Protecting confidential information is a business requirement, and in many cases also an ethical and intelligent requirement. In the company one department is needed to access the information of another department. We should maintain a firewall to the server. And we have to give the access between the departments where it is required.AuthorizationAuthorization addresses the question what can you do? It is the process that governs the resources and operations that the authenticated client is permitted to access. Resources include files, databases, tables, rows, and so on, together with system-level resources such as regisattempt keys and configuration data. Operations include performing transactions such as purchasing a product, transferring money from one account to another, or increasing a customers credit rating.Virtual Private Network VPNOne of the most important solutions to viruses and hackers threats is VPN 4 that makes the network between companies and users secured it is also authenticated and encrypted for security. VPNs put forward the ability for two offices to communicate with each other in such a way that it looks like theyre directly connected over a snobby leased line. Basically, a VPN is a private network that uses a public network usually the Internet to connect remote sites or users together. Instead of using a dedicated, real world connection su ch as leased line, a VPN 11 uses virtual connections routed through the Internet from the companys private network to the remote site or employee.IPSecIPSec 3 is defined as a set of standards that verifies, authenticates, and encrypts data at the IP packet level. It is used to provide data security for network transmissions. IPSec is a suite of protocols that allows secure, encrypted communication between two computers over an unsecured network. It has two goals to protect IP packets, and to provide a defense against network attacks.Step 4 Create a Description of the Security Wheel a. The Widget Warehouse executives do not completely understand the continual process of security. They appear to be under the impression that once a security policy is implemented it will be sufficient for an extended period of time. Create a description of the security wheel and discuss the benefits of such a model. Sol The network security wheel is a methodology of how the network security of an enterp rise is maintained. Here the notion of wheel is a depiction that says that network security is a continuous process. In other words, in order to persist in the wheel rolling have a continual security policy, the security engineers in an enterprise should always maintain four steps Step Name Step Description 1. Secure We have to secure our networks. This is the step where we implement our security solutions in the enterprise. Firewalls, authentication, encryption are included in this step 2. Monitor This is the step where we monitor our security solutions implemented in the forward step. We should monitor if a security breach exists. We can gestate about IDS or IPS in this stage. This step can also be used to validate our security solutions. 3. Test This is the step where the security engineers/specialists try to break their own security solutions. We can think of this step as penetration testers kind of job. 4. Improve This step is a continuation of the previous step. Once we f ind a breach or something that hinders employees productivity, then we can improve it here. This step may also be a thoroughly place to change our security policies.Step 5 Passive supervise a. The management of Widget Warehouse wishes to see some of the available options in security observe. As the consultant, suggest that a static monitoring avoidance may be an option they should pursue. Write a description of passive monitoring that is to be presented to Widget Warehouse management. Sol Security monitoring focuses on the activities and condition of network traffic and network hosts. Activity monitoring is primarily performed to assess policy compliance, identify non-compliance with the institutions policies, and identify intrusions and support an utile intrusion response. Because activity monitoring is typically an operational procedure performed over time, it is capable of providing continual assurance. Through passive monitoring, a security admin can gain a thorough unders tanding of the networks topology what services are available, what operating systems are in use, and what vulnerabilities may be exposed on the network. Much of this data can be gathered in an automated, non-intrusive fashion through the use of standard tools,Step 6 Explain utilise a Security Policy a. Explain to the IT Department how using a security policy can provide advantages to the company as a way to secure sensitive information. 1. Developing a security policy. By using a security policy, we can achieve confidentiality, integrity and availability over the network. The security policy addresses constraints on functions and flow among them, constraints on access by external systems and adversaries including programs and access to data by the users of different branches. breeding will be protected against unauthorised access. By using access control lists and password policies, certain important data can be protected from unauthorised users. All breaches of Informati on Security, actual or suspected, can be reported and investigated. Retaining confidential and proprietary information. Securing applications Assuring standardization and uniformity At the network level, we can minimise the spread and impact of noisome worms and viruses. Business requirements for the availability of information and information systems will be met.