Network Security and Cryptography module. I started with Risk assessment in Task 1, explaining Risk Control in Task 2, Task 3 is a Network Diagram and Maintaining Security in Task 4 as well as Reflective commentary in Task 5.
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)WAJAHAT IQBAL
This post contains detailed Mindmap related to Complex subject of Cyber security and address critical components summarized as below:
- Cyber Security standards
- SOC (Security Operation Center)
- Cybersecurity Lifecycle
- Hacker Kill Chain
- Malware (Types,Protection Mechanism)
- Cyber Architecture
- CSC (Critical Security Standards)
- Incident Management
- Network Perimeter best security practices
- Final Case Study
I hope the Technical post is appreciated and liked by Security Consultants and Subject Matter experts on Cybersecurity.Your criticals Inputs are appreciated.Thank you
- Wajahat Iqbal
(Wajahat_Iqbal@Yahoo.com)
Network Security and Cryptography module. I started with Risk assessment in Task 1, explaining Risk Control in Task 2, Task 3 is a Network Diagram and Maintaining Security in Task 4 as well as Reflective commentary in Task 5.
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)WAJAHAT IQBAL
This post contains detailed Mindmap related to Complex subject of Cyber security and address critical components summarized as below:
- Cyber Security standards
- SOC (Security Operation Center)
- Cybersecurity Lifecycle
- Hacker Kill Chain
- Malware (Types,Protection Mechanism)
- Cyber Architecture
- CSC (Critical Security Standards)
- Incident Management
- Network Perimeter best security practices
- Final Case Study
I hope the Technical post is appreciated and liked by Security Consultants and Subject Matter experts on Cybersecurity.Your criticals Inputs are appreciated.Thank you
- Wajahat Iqbal
(Wajahat_Iqbal@Yahoo.com)
ISC2 CC Course (Certified in Cybersecurity) - Part 2.pdfHaris Chughtai
Course is designed for those who are willing to write ISC2 CC (Certified in Cybersecurity) exam and not sure where to start and how to move forward.
Course is designed in two parts, this is part 2 which focuses on each of the ISC2 CC domain. At the end of the course , it suggest the additional reference study that could help to pass the exam in first attempt. Part 1 is focused more on course outline, exam registration using free vouchers & necessary precautions to avoid exam day issues.
There are hyperlinks in the deck for quick access to useful information, you will have to download it to have links available to you.
Security awareness training - 4 topics that matter mostInfosec
National Cybersecurity Awareness Month (NCSAM) is right around the corner. Now’s the time to level up your security awareness training program — and instill best practices in employees that will help keep them (and your organization) secure year-round.
Join us to learn about the four key employee behaviors for NCSAM 2022. All registrants will receive a free Cybersecurity Awareness Month Toolkit, which includes:
1 training module & assessment
5 posters & infographics
1 employee presentation
4 email templates
And more
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...Intellipaat
In this session on how to prevent cyber attacks, you will learn what is a cyberattack, the types of cyber attacks, the motive behind the cyber attack, and how to secure your computer. This is a must-watch session for everyone who wishes to learn cybersecurity and make a career in it.
Visual Cryptography Industrial Training ReportMohit Kumar
A visual cryptography scheme (VCS) is a kind of secret sharing scheme which allows the encoding of a secret image into shares distributed to participants. The beauty of such a scheme is that a set of qualified participants is able to recover the secret image without any cryptographic knowledge and computation devices. An extended visual cryptography scheme (EVCS) is a kind of VCS which consists of meaningful shares (compared to the random shares of traditional VCS).
ISC2 CC Course (Certified in Cybersecurity) - Part 2.pdfHaris Chughtai
Course is designed for those who are willing to write ISC2 CC (Certified in Cybersecurity) exam and not sure where to start and how to move forward.
Course is designed in two parts, this is part 2 which focuses on each of the ISC2 CC domain. At the end of the course , it suggest the additional reference study that could help to pass the exam in first attempt. Part 1 is focused more on course outline, exam registration using free vouchers & necessary precautions to avoid exam day issues.
There are hyperlinks in the deck for quick access to useful information, you will have to download it to have links available to you.
Security awareness training - 4 topics that matter mostInfosec
National Cybersecurity Awareness Month (NCSAM) is right around the corner. Now’s the time to level up your security awareness training program — and instill best practices in employees that will help keep them (and your organization) secure year-round.
Join us to learn about the four key employee behaviors for NCSAM 2022. All registrants will receive a free Cybersecurity Awareness Month Toolkit, which includes:
1 training module & assessment
5 posters & infographics
1 employee presentation
4 email templates
And more
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...Intellipaat
In this session on how to prevent cyber attacks, you will learn what is a cyberattack, the types of cyber attacks, the motive behind the cyber attack, and how to secure your computer. This is a must-watch session for everyone who wishes to learn cybersecurity and make a career in it.
Visual Cryptography Industrial Training ReportMohit Kumar
A visual cryptography scheme (VCS) is a kind of secret sharing scheme which allows the encoding of a secret image into shares distributed to participants. The beauty of such a scheme is that a set of qualified participants is able to recover the secret image without any cryptographic knowledge and computation devices. An extended visual cryptography scheme (EVCS) is a kind of VCS which consists of meaningful shares (compared to the random shares of traditional VCS).
Why do you need a network security checklist? Your business faces threats on many fronts, and the more users, devices, and applications you add, the more vulnerable your network becomes. Whether your business is small or large, consider your network security requirements. Then follow our five-step network security checklist to create a holistic security solution to prevent breaches and address issues quickly.
Security and Ethical Challenges Contributors Kim Wanders.docxedgar6wallace88877
Security and Ethical Challenges
Contributors: Kim Wandersee, Les Pang
Computer Security
Computer Security Goals
Computer security must be viewed in a holistic manner and provide an end-to-end protection
as data moves through its lifecycle. Data originates from a user or sensor, passes over a
network to reach a computing system that hosts software. This computer system has software
and processes the data and stores in in a storage device. That data is backed up on a device
and finally archived. The elements that handle the data need to be secure. Computer security
pertains to all the means to protect the confidentiality, integrity, availability, authenticity,
utility, and possession of data throughout its lifecycle.
Confidentiality: A security principle that
works to ensure that data is not disclosed to
unauthorized persons.
Integrity: A security principle that makes sure
that information and systems are not
modified maliciously or accidentally.
Availability: A security principle that assures
reliable and timely access to data and
resources by authorized individuals.
Authenticity: A security principle that the
data, transactions, communications or
documents are genuine, valid, and not
fraudulent.
Utility: A security principle that addresses
that the information is usable for its intended
purpose. .
Possession: A security principle that works to
ensure that data remains under the control of
the authorized individuals.
Figure 1. Parkerian Hexad (PH) security model.
The Parerian Hexad (PH) model expands on the Confidentiality, Integrity, and Availability (CIA)
triad that has been the basic model of Information Security for over 20 years. This framework is
used to list all aspects of security at a basic level. It provides a complete security framework to
provide the means for information owners to protect their information from any adversaries
and vulnerabilities. It adds Authenticity, Utility, and Possession to CIA triad security model. It
addresses security aspects for data throughout its lifecycle.
The Center for Internet Security has identified 20 controls necessary to protect an organization
from known cyber-attack. The first 5 controls will provide effective defense against the most
common cyber-attacks, approximately 85% of attacks. The 5 controls are:
1. Inventory of Authorized and Devices
2. Inventory of Authorized and Unauthorized Software
3. Secure Configurations for Hardware and Software
4. Continuous Vulnerability Assessment and Remediation
5. Controlled User of Administrative Privileges
A full explanation of all 20 controls is available at the Center for Internet Security website.
Search for CIS controls.
Security Standards and Regulations
The National Institute of Standards and Technology (NIST), Computer Security Division, provides
security standards in its Federal Information Processing Standards (.
Security and Ethical Challenges Contributors Kim Wanders.docxfathwaitewalter
Security and Ethical Challenges
Contributors: Kim Wandersee, Les Pang
Computer Security
Computer Security Goals
Computer security must be viewed in a holistic manner and provide an end-to-end protection
as data moves through its lifecycle. Data originates from a user or sensor, passes over a
network to reach a computing system that hosts software. This computer system has software
and processes the data and stores in in a storage device. That data is backed up on a device
and finally archived. The elements that handle the data need to be secure. Computer security
pertains to all the means to protect the confidentiality, integrity, availability, authenticity,
utility, and possession of data throughout its lifecycle.
Confidentiality: A security principle that
works to ensure that data is not disclosed to
unauthorized persons.
Integrity: A security principle that makes sure
that information and systems are not
modified maliciously or accidentally.
Availability: A security principle that assures
reliable and timely access to data and
resources by authorized individuals.
Authenticity: A security principle that the
data, transactions, communications or
documents are genuine, valid, and not
fraudulent.
Utility: A security principle that addresses
that the information is usable for its intended
purpose. .
Possession: A security principle that works to
ensure that data remains under the control of
the authorized individuals.
Figure 1. Parkerian Hexad (PH) security model.
The Parerian Hexad (PH) model expands on the Confidentiality, Integrity, and Availability (CIA)
triad that has been the basic model of Information Security for over 20 years. This framework is
used to list all aspects of security at a basic level. It provides a complete security framework to
provide the means for information owners to protect their information from any adversaries
and vulnerabilities. It adds Authenticity, Utility, and Possession to CIA triad security model. It
addresses security aspects for data throughout its lifecycle.
The Center for Internet Security has identified 20 controls necessary to protect an organization
from known cyber-attack. The first 5 controls will provide effective defense against the most
common cyber-attacks, approximately 85% of attacks. The 5 controls are:
1. Inventory of Authorized and Devices
2. Inventory of Authorized and Unauthorized Software
3. Secure Configurations for Hardware and Software
4. Continuous Vulnerability Assessment and Remediation
5. Controlled User of Administrative Privileges
A full explanation of all 20 controls is available at the Center for Internet Security website.
Search for CIS controls.
Security Standards and Regulations
The National Institute of Standards and Technology (NIST), Computer Security Division, provides
security standards in its Federal Information Processing Standards ( ...
ISE 510 Final Project Scenario Background Limetree Inc. is a resea.docxchristiandean12115
ISE 510 Final Project Scenario Background Limetree Inc. is a research and development firm that engages in multiple research projects with the federal government and private corporations in the areas of healthcare, biotechnology, and other cutting-edge industries. It has been experiencing major growth in recent years, but there is also a concern that information security lapses are becoming rampant as the company grows. Limetree Inc. is working to establish a strong reputation in the industry, and it views a robust information security program as part of the means to achieving its goal. The company looks to monitor and remain compliant to any regulation impacting its operations.
Limetree Inc. recently experienced a security breach; it believes confidential company data has been stolen, including personal health information (PHI) used in a research study. Limetree Inc. believes the breach may have occurred because of some security vulnerabilities within its system and processes.
Limetree Inc.’s virtual environment is presented in the Agent Surefire: InfoSec educational video game. The rest of the environment is presented via an interview with the security manager, Jack Sterling.
Highlight of Interview with Jack Sterling
Interview with Jack Sterling revealed the following about Limetree Inc.’s system and processes:
Hardware/Software:
Desktop Apps: Internet Explorer, Firefox, Google Chrome, MS Office, Adobe Flash, Adobe Acrobat
Applications/Databases:
Browser – Browser in use is Internet Explorer and browser security setting was set to low. Browsers allow remote installation of applets, and there is no standard browser for the environment.
Virus Software – MacAfee is deployed locally on each user's machine and users are mandated to update their virus policy every month.
SQL Database – Ordinary users can escalate privilege via SQL Agent. Disk space for SQL database log is small and is overwritten with new information when it is full. Limetree Inc. is not using any encryption for sensitive data at rest within the SQL server environment.
Network:
The network comprises the following: three web/applications servers, three email servers, five file and printer servers, two proxy servers, seven remotely manageable Cisco switches, 250 desktops, three firewall devices, one gateway (router) device to the internet, and three wireless access points.
Configuration Highlights:
Wireless – Wireless network is available with clearly advertised SSID, and it is part of the local area network (LAN). There is no segmentation or authentication between the wireless and wired LAN. Visitors are provided access code to the wireless network at the front desk to use the internet while they wait to be attended to.
Managed switches – There is no logging of network activities on any of the switches.
Web server – Public-facing web server is part of the LAN. This is where internet users get needed information on the company. The web servers are running the f.
Similar to Id 00153639 md. mahbub alom_nsc_assignment_march-16 (20)
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Normal Labour/ Stages of Labour/ Mechanism of LabourWasim Ak
Normal labor is also termed spontaneous labor, defined as the natural physiological process through which the fetus, placenta, and membranes are expelled from the uterus through the birth canal at term (37 to 42 weeks
Embracing GenAI - A Strategic ImperativePeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Thesis Statement for students diagnonsed withADHD.ppt
Id 00153639 md. mahbub alom_nsc_assignment_march-16
1. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-161
Contents
INTRODUCTION:..................................................................................................................................................................2
TASK -1 ....................................................................................................................................................................................3
RISK ASSESSMENT ..............................................................................................................................................................3
Important information assets of City College......................................................................................................3
Asset list, threat, likelihood and risk matrix .........................................................................................................4
TASK-2......................................................................................................................................................................................5
EXPLAINING RISK CONTROL..............................................................................................................................................5
Internal risk control: .....................................................................................................................................................5
External risk control:....................................................................................................................................................7
System:............................................................................................................................................................................8
WHERE I USE ENCRYPTION AND WHY? ...........................................................................................................................9
Relevant: .........................................................................................................................................................................9
TASK-3...................................................................................................................................................................................10
NETWORK DIAGRAM .........................................................................................................................................................10
Without IP (Network components).......................................................................................................................10
Network diagram with suitable IP ........................................................................................................................11
Firewall rules and explanation of table: .............................................................................................................12
TASK-4...................................................................................................................................................................................13
MAINTAINING SECURITY ..................................................................................................................................................13
TASK-5...................................................................................................................................................................................14
REFLECTIVE COMMENTARY ............................................................................................................................................14
CONCLUSION: ...................................................................................................................................................................16
BIBLIOGRAPHY.................................................................................................................................................................17
2. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-162
Introduction:
This assessment is written about City College it’s a private institution which based in UK.
This college run’s local area network. They want to setup new virtual learning environment
so that Staff and students enable to secure access. Here need to provide security matters of
the city college.
3. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-163
Task -1
Risk assessment
After analysis the scenario in this task I have identified five important assets of City College.
Important information assets of City College
I. Financial system
II. Employee personal data
III. Network folder (Y-drive)
IV. Marketing website (own website hosting)
V. Record students data
4. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-164
Asset list, threat, likelihood and risk matrix
5. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-165
Task-2
Explaining Risk Control
Here I will discuss how to control risk which I have identified in previous task. To control all
risk of City College here I have divided three parts as their requirements these are given
below
1. Internal risk control
2. External risk control
3. System risk control
Internalrisk control:
How to control internal risk of City College which threats I have identified as their
requirements after analysis all these threats I should provide some internal risk control ways
these are given below;
Strong password policies and Controlling User Accounts: Strong password policies are
one of the most important ways to protect from unauthorized user. Longer passwords are
harder for criminals to estimate or break, a combination of upper case and lower case
letters, numbers and keyboard symbols such as @ # $ % ^ & * ( ) _ +Dictionary password
not allowedand password should be encrypted. So I think strong password policy will control
internal risk.
Access controls on folder:Access control is a safety method that can be used to control
who or what can view in a computing environment. Only authentic user should be permitted
to access network folder(y-drive) by following user authentication method.
Remote access Authentication:Remote access authentication must be needed to access
securely by HTTPS from their home so that students and staffs access virtual learning
environment (VLE).
Restrictions: Need restriction to access Y-Drive, file download, and file transfer and
Dropboex access etc by following user authentication.
Wi-Fi Security: keep secure Wi-Fi encrypted password, after two or three months old
password should be changed and Dictionary password not allowed.
Monitoring: The senior management team will be monitoring all sectorsby IP address,
access history and they will find week point then they will solve.
6. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-166
Justification: I think above these things like encrypted strong password or Wi-Fi security
policies, authentication, IP address monitoring etc. will control all these internal risk.
7. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-167
Externalrisk control:
(CROWN COPYRIGHT, 2015)
Network perimeter: The limitation of access to set of connections ports, protocols and
applications pass through a filter and checkingevery part of traffic at the network boundary to
make sure that just traffic which is needed to maintain the business is being replaced.
Manage allincoming and outgoing network links and deploy technological controls to scan for
malware and other malicious content. There are temporary IP address blacklist.
Install firewall: To control traffic, external risk and control all incoming and outgoing network
connections and deploy technical controls to scan for malware and other malicious content
install firewall.
Vulnerability scans: This institute should run automated vulnerability scanning tools against
all networked devices and identified vulnerabilities within an agreed time frame.
Disable unnecessary input/output devices and removable media access: to control risk
disable ports and system functionality that is not required (Which may include USB ports,
CD/DVD/Card media drives).
Set anti-malware defenses across the own network: Set anti-malware defenses across
the own network of city college and keep secure all host and users machines with antivirus
resolutions that will dynamically scan for malware.
Encryption: Encrypt sensitive data when send over the internet such as email sending, file
transfer etc. I should encrypt with digital signatures, keys, certificates and any other
encryption tools.
Secure configuration: Don’t use default configuration to keep secure.
Anti-phishing protection:Detection and blocking of scam and blocking website.
Anti-spam protection: Detection and removal of spam emails and block sender (email) IP
address.
Email client protection: Scanning of emails received and sent through an email client.
Web access protection: Detection and blocking of websites with malicious content.
VPN for external users:set virtual private network for external users.
8. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-168
SoI think if you follow and use above these things then external risk should be control.
System:
Data backup: Backup system should be required to control system risk. There are two types
of backup system offline data backup and online data backup system. I think online data
backup system is best in this college. Here I used cloud backup system.
Redundant hardware: Redundant hardware is required to emergency connect because
somehow any hardware can be damage so to control this system risk and come out from
risk I think Redundant hardware must be needed.
Data recovery: accidently important data can be removed or deleted so we can recover
documents, emails, photos, videos, audio files and more. So by using data recovering
system I can control this risk.
UPS: UPS will provide short time electricity backup so that a user enables to use in load
shedding period and enable to save data.
Voltage stabilizer: it control electricity voltage and supply accurate electricity. So it will
prevent much hardware.
9. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-169
Where I use encryption and why?
I use Encryption to save from harm our data by following symmetric encryption method. It
saves our data when it's sitting on our computers and it protects it when it's being
transmitted around the Internet.
Financial system: I use encryption in financial system of City College because I need to
protect all financial information of this college.
Protocol: Here I recommend using PPTP and IPSec.
All personal information: To share the personal information’s of City College over the
network I use encryption to protect data from unauthorized users.
Protocol: Here I recommend using IPSec, HTTPS,
Registration: I use encryption in employee and students registration form so that no one
can get their personal information.
Protocol: Here I recommend using IPSec, SSL.
Y-drive: To store all personal information of City College like policies, procedures,
committee minutes etc. will be encrypted.Secure File Transfer Protocol (SFTP), IPSec,
L2TP.
Microsoft’s office 365 (emailing): IPSec, L2TP. SMTP
Relevant:
Virtual learning environment:Media Transfer Protocol (MTP) use to transfer image, video
etc.
Wi-Fi security key: Here I recommend using WPA, WPA2.
10. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-1610
Task-3
Network diagram
Without IP (Network components)
Figure 1: Network Diagram
11. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-1611
Network diagram with suitable IP
Figure 2: Network Diagram
Here one switch (8-port) has reserved to emergency connects.
12. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-1612
Firewall rules and explanation of table:
Here I used top quality device to design this network. Here I have used unshielded twisted-
pair (UTP), RJ-45 connectors, layer3-switch, switch (8 ports). To give network protection
from incoming threats used firewall. Here I have set access list in firewall which user can
access and who can’t access. A firewall permits you to found certain rules to decide what
traffic should be permitted in or out of your private network. Here are used two types of
firewalls, software firewalls and hardware firewalls. Hardware firewalls are naturally
established in routers, which allocate incoming traffic from an Internet connection
to computers and Software firewalls exist in individual computers.
Firewalls are necessary; they can block genuine transmission of data and programs. Some
Firewalls traffic blocking rules are given Words or phrases, Domain names, IP addresses,
Ports, Protocols etc.
Name Access Authentication Modification
Y-drive
IP-192.168.0.3
Authentic IP-192.168.0.5 Allow
Finance PC
IP-192.168.0.2
Authentic IP-192.168.0.5 Allow
Drop-box Any one IP-192.168.0.4 Allow
Student –PC
IP-192.168.0.4
Authentic IP-192.168.0.4 Allow
Virtual Learning
environment(VLE)
Authentic IP-192.168.0.4
IP-192.168.0.5
Allow
13. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-1613
Task-4
Maintaining Security
Maintaining is the most important part of this city college. Preventive maintenance helps
avoid unexpected downtime and breakdowns. After given top security like install firewall,
vulnerability scans, access control, VPN, web security, mail security and different types of
authentication etc. now need to proper maintenance and I think to ensuring maintaining
security they should be needed employee training and development, workshop, audits,
software up-to-date etc.
14. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-1614
Task-5
Reflective commentary
In this assessment I learnt many things here I have learnt security issues I have known
which mechanism needs to give protection data. Here I have known about cyber security
attack, different types of encryption method etc.
(A)
Here I faced many problems to complete their requirements which the city college have
given, to solve these problem I learnt many things like I don’t know how to secure network,
how to draw logical network diagram. To prepare this assignment I have spent too much
time, I have followed NCC materials like lecture slide, student handbook and others
referenced book. After reading this scenario I am confused about network diagram and I
disappointed, our module leader have removed all these confusion and also helped to
complete the assignment.
(B)
In this assignment some task I would do differently if I start again. In task-1 I can do it
differently here I have completed in one table. If I start again this task then I should four
individual tables and one complete table like first table is look like
2nd
table is look like
3rd
table is look like
15. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-1615
After all final or complete table is look like
Network diagram also change if I start again here I would draw cloud backup in network
diagram. Here I will also provide backup internet connection.
(C)
In this assignment I have identified which types of securities are the most important for this
city college. I think chief executive officer will be pleasure about security. I described about
the security matters as their requirements.
16. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-1616
Conclusion:
Here the assignment has been finished and I believe I have successfully recognized better
security for completing this assignment. In this assessment I have done risk assessment as
their assets and I identified all possible risk and I described all these risk how to control
these risks.
17. Network Security and Cryptography
ID_00153639_Md. MahbubAlom_NSC_Assignment_March-16 March-1617
Bibliography
CROWNCOPYRIGHT. 2015. Crown copyright. [online]. [Accessed 06 January 2016].
Available from World Wide Web: <https://www.gov.uk/government/publications/10-steps-to-
cyber-security-advice-sheets/10-steps-network-security--11>