SlideShare a Scribd company logo

Part 3 ApplicationEnd-User Security Recommendations.docx

Download as DOCX, PDF
D
danhaley45372

Part 3: Application/End-User Security Recommendations Introduction A robust network security strategy is one that actively involves the entire stakeholders of the system. The network administrator has the responsibility of ensuring that best practices in information security management are implemented throughout the entirety of the system they oversee. Threats to a system exist both within and outside an organization. This necessitates the need for a comprehensive security strategy that can cover all those potential threats. Information security threats are of a dynamic nature and the network administrator should take this consideration to ensure that they are always on top of any emerging threats. System vulnerabilities should be sought and effectively sealed and this should be a regular task. End User Security Recommendations Best practice in network security will require that the users and the firm abide by the following: • Training and awareness – all employees of the company should have a firm grasp of matters pertaining network security. This will come through the training that should be offered by the company. The training should involve how to spot and identify threats, how to combat them, and how to handle them should they occur. As new threats emerge, the firm will need to create a continuous awareness program to inform its employees on them. • Effective monitoring program – even after training has been done, this is not reason enough to believe employees will adhere to the lessons learnt. As such, the IT personnel should be empowered to conduct random checks on the security behavior of the firm’s employees. This will help in identifying potential weak spots. • Unique user credentials – each and every employee that has been granted use of computer resources should do so with their own unique username and a password that should not be shared with any other user. The password should be complex enough that no one could possibly guess. The user should avoid using passwords from familiar objects or people. A strong password should have a mix of alphanumeric and special characters. For every activity a user does on any computer, they will be required to use their own unique credentials. This should leave an audit that can be followed should there be an incident. • Automatic logoff – it is possible that a user might leave a computer without logging out from their session. This opens the possibility that another user might access resources using the logged in credentials. This could be devastating should the unauthorized have malicious intent and the logged on credentials have advanced permissions. Automatic logoff should be set to happen after a given period of time. This should especially happen after the end of prescribed business hours. • Regular event log audits – event logs are very important when it comes to monitoring the performance of a given system. They can also be used to spot any anomalies within the system. Event log.

Education
1 of 12
Part 3: Application/End-User Security Recommendations Introduction A robust network security strategy is one that actively involves the entire stakeholders of the system. The network administrator has the responsibility of ensuring that best practices in information security management are implemented throughout the entirety of the system they oversee. Threats to a system exist both within and outside an organization. This necessitates the need for a comprehensive security strategy that can cover all those potential threats. Information security threats are of a dynamic nature and the network administrator should take this consideration to ensure that they are always on top of any emerging threats. System vulnerabilities should be sought and effectively sealed and this should be a regular task. End User Security Recommendations Best practice in network security will require that the users and the firm abide by the following: • Training and awareness – all employees of the company should have a firm grasp of matters pertaining network security. This will come through the training that should be offered by the company. The training should involve how to spot and identify threats, how to combat them, and how to handle them should they occur. As new threats emerge, the firm will need to create a continuous awareness program to inform its employees on them. • Effective monitoring program – even after training has been done, this is not reason enough to believe employees will adhere to the lessons learnt. As such, the IT personnel
should be empowered to conduct random checks on the security behavior of the firm’s employees. This will help in identifying potential weak spots. • Unique user credentials – each and every employee that has been granted use of computer resources should do so with their own unique username and a password that should not be shared with any other user. The password should be complex enough that no one could possibly guess. The user should avoid using passwords from familiar objects or people. A strong password should have a mix of alphanumeric and special characters. For every activity a user does on any computer, they will be required to use their own unique credentials. This should leave an audit that can be followed should there be an incident. • Automatic logoff – it is possible that a user might leave a computer without logging out from their session. This opens the possibility that another user might access resources using the logged in credentials. This could be devastating should the unauthorized have malicious intent and the logged on credentials have advanced permissions. Automatic logoff should be set to happen after a given period of time. This should especially happen after the end of prescribed business hours. • Regular event log audits – event logs are very important when it comes to monitoring the performance of a given system. They can also be used to spot any anomalies within the system. Event logs collected over a long period of time can establish a baseline of operations for a system. Any deviations from this baseline can then be checked further to identify if they are a threat to the system. (Huang, MacCallum, & Du, 2013). • Least privilege – the principle of least privilege has it that a user should only be granted permissions only to the extent of their job description and responsibilities. This will ensure that no single user has complete or unnecessary control over the system. The network administrator account with power over the entire system should be used sparingly and only when necessary to do so.
• Incident reporting procedures – employees should now how they can report a security incident. This could a suspicion of an intruder or even another user’s activity. Whatever reason, users should be provided with a clear cut procedure to make sure these reports reach the right people who can handle them. (Pardoe, & Snyder, 2015). • Anti-malware programs – the entire system should be protected by a regularly updated anti-virus program that can identify and prevent any threats before they get into the system. • Up to date disaster recovery and business continuity plan – even with all the above security measures implemented, there still exists the chance that a security breach event might occur. It is important have a response ready for such an eventuality. A disaster recovery and business continuity plan can go a long way in mitigating the effects of a security breach. References Huang, S. C.-H., MacCallum, D., & Du, D. (2013). Network security. New York: Springer. Pardoe, T. D., & Snyder, G. F. (2015). Network security. Clifton Park, NY: Thomson/Delmar Learning.
Part 2: Network System Security Recommendations Introduction For any organization that has embraced technology, data has become an invaluable asset that the organization cannot do without. As with the protection of other tangible assets, the protections provided to data assets should be commensurate with their importance to the organization. An effective information security strategy implements its safeguards after a careful analysis of potential threats and covering the bases as strongly as possible. The vulnerabilities that exist within the network will need to be identified and patched as soon as they are identified. A wide range of security measures will need to be implemented simultaneously within the system. These will include both hardware and software options as well as intensive security training for users of the system. Threat and risk assessment should not be a one-off activity at the installation of the system. Rather, it is continuous process that is cognizant of the evolving nature of information where newer threats are emerging every day. The most secure system then becomes one whose security strategy is meant to be proactive rather reactive. Network System Security Recommendations An effective firewall is one that will ensure that the traffic that gets through it is one that is safe and only originating from legitimate sources. An intrusion prevention system (IPS) will be required to both detect and prevent any potential threats and
stem off attacks. A secure and robust network must have its components well configured if it is to effectively identify and fend off threats. • Configuring the firewall – the firewall will be configured to identify all traffic that can be definitively traced to be within the company. It will have the capabilities to identify any traffic that does not come from within the company and effectively drop it. Hackers targeting a networking will usually attempt to do so by disguising inbound traffic to appear as if from a legitimate source. If data appears to be from a legitimate source, it has higher chances of gaining entry. But this is not always the case. With ingress filtering, a firewall is granted the capabilities of accurately determining whether that particular data is indeed from the source computer it claims to be from. Microsoft provides Windows Firewall for its operating and this will be the one in use for the firm. The firewall has a primary purpose of limiting communication between the network and the internet. However, this can limit functionality as there will be aspects of the network that will require accessing the internet. As such, there will be the need to configure exceptions. A notifications dialog will provide options for total blocking of a program, unblocking and a third option for when the administrator has not yet decided on whether to block or not. For the last option, the program will stay blocked. Under program exceptions, only a few of them will be granted that exception. This should include the web browser and the email client. Any other programs will be blocked from accessing the internet without the permission of the administrator. The scope of the excepted programs will then be limited to the firm’s network for added protection. All ports should be closed when not in use. Whether under TCP or UDP protocols, the ports to be provided with the exceptions are to be directly specified. The scope for the ports will also be limited to the local network [1]. • Configuring the router – as the gateway for internet traffic to and from the network, it is important that the
configurations of the router are as robust as they can be. The web server and the email server will need to be accessed from the internet. This will require that port forwarding be configured first. Router manufacturers deliver them with default IP addresses and login credentials. If this default credentials are not changed by the end users, there is always the chance they could be used by hackers to access the router. As such, they must be changed once the router has been acquired. The security mode of the NETGEAR MR814 router will need to be set to the 64-bit WEP Wi-Fi encryption protocol that should provide adequate security for this network. Also, it is advisable to disable the Universal Plug and Play (UPnp) feature to keep out rogue devices and software. This will ensure only authenticated devices and software access the network. The password to be used should be long and include an alphanumeric and special character combination. Remote management is unnecessary for single premise firm and should be disabled. Permissions and access control should next be implemented to restrict access to the router to only authorized users and control the flow of information. As with other components of the network all activities of the router will be logged and sent to the syslog server [2]. • Setting up Microsoft Server 2012 – a big improvement on the Microsoft Server 2008 version, Microsoft Server 2012 will provide the firm with opportunities for centralized management and deployment of services and functions. The Active Directory will be installed from the server manager console. Access control will be managed under organizational units that will correspond with the firm’s various departments. Given that employees within the same departments will have close to similarly defined responsibilities, their access to company resources will then be governed under similar privileges. Server virtualization is to be implemented within the Windows Server 2012 environment. This will provide multiple virtual environments that can be used to run separate tasks and also for backing up company data. Virtualization should also do
away with instances of application collisions and incompatibility issues within the system. Microsoft Server 2012 provides a system failover option that will ensure that the fail of one section of the system does not jeopardize the entire system. This is achieved by the virtualized systems that take over should any other break down [1]. • Configuring the intrusion prevention system (IPS) – the intrusion prevention should be configured under global settings that will have it that any rogue connections are dropped silently and in the background. Identifying potential threats will be set to spot protocol anomalies, server-side attacks, client- side attacks, operating system level attacks, and targeted malware attacks. By configuring flood protection in protocols like ICMP, and TCP SYN, anti-DOS attacks will be contained effectively. The intrusion prevention system is meant to operate automatically on its own for the most part. This should enable it to work at all times even outside normal business hours. However, it will important that the system regularly provide alerts to the network administrator who will then analyze the extent of the attacks. The alerts will consist of event logs that provide details on the nature of all the potential threats. The administrator will then be able to implement any measures to meet any emerging threats. Implemented on the perimeter of the system, the intrusion prevention system (IPS) will be able to monitor every communication in the system and identify the threats [3]. Addressing Identified Vulnerabilities • Network backdoors – regular scanning and a network discovery tool will be needed to find any rogue access points within the network. Each and every device and software deployed within the network will require to be mapped and a baseline for their operations established. A network discovery tool should do this even without the input of the network administrator [3]. • Mobile and personal devices – should an employee
wish to use their device for work responsibilities, they should be required to submit the device to the IT team who then go ahead and check its security features. Only after it is deemed secure will the user be allowed. As for company-issued mobile devices, an encryption program should be installed on all devices to secure not just the communication in and out of the device, but also the data stored within the device. There should be also for conditions placed by the firm on the use of the devices [3]. An example would be the requirement that employees only use the devices for company work only and not personal. They should also be regularly submitted to the IT team for inspections. • Removable media – there should be a company-wide rule that no personal devices should attached to company computers. This regulation should work for the most. However, just in case, an up-to-date anti-virus program should be installed within the network to prevent any malware from infecting the network [3]. • Distributed denial of service (DDoS) attacks - these attacks are meant to push a system to its breaking point. To prevent the adverse impact of such attacks, the firm should conduct regular stress tests on its system to gauge its resilience. These tests will provide answers on how far the system can go under stress without breaking down. Any improvements on the system can then be done on the basis of the results [4]. • Security loopholes – for software and hardware that has been delivered by their manufacturers with loopholes in them, they should be swiftly patched. These patches are usually provided by the manufacturer after the loopholes have been identified. Also, the company should endeavor to only acquire software and hardware components from vendors that have secure track record [4]. References [1] D. Rountree, Windows 2012 Server Network Security:
Securing Your Windows Network Systems and Infrastructure. Newnes. 2013. [2] D. Jacobson and J. Idziorek, Computer security literacy: Staying safe in a digital world. CRC Press, 2016. [3] C.F. Endorf, E. Schultz, and J. Mellander, Intrusion detection & prevention. New York: McGraw-Hill/Osborne, 2014. [4] S.C. Huang, D. MacCallum and D. Du, Network security. New York: Springer, 2013. Part 1: Vulnerability Assessment Nambo Francis Network Security October 3, 2016 Introduction Every computer network is a target for attack by virtue of being on. It is therefore necessary that every organization understand where it stands on matters of network security. A vulnerability assessment is done to provide an organization with the state of its network components. The assessment also identifies potential points of weakness within the network infrastructure and the extent to which those vulnerabilities could be exploited. While some attacks on an organization can be targeted specifically to it, others could be as a result of a vulnerability that was identified by attackers after scouring for vulnerable networks. Any exploitable vulnerability in a network no matter how small can cause significant damage to the network. This necessitates the vulnerability assessment that
should be a regular activity. A vulnerability assessment will enable the organization to rank the gravity of the danger posed by all vulnerabilities and allocate the appropriate resources to its handling. Network Vulnerability Assessment • Network backdoors – a backdoor within a system is an access point whose existence is unknown by a network administrator and users of that system. A backdoor can be implemented on a software running in the network or even to hardware devices that are connected to the network. A hacker then uses that backdoor to access the network and collect data without the knowledge anyone involved with the network. A backdoor can grant the hacker administrator level access privileges and as such their activities within the network can go unnoticed [1]. • Security loopholes in software and hardware components – while the above backdoors are usually created by a hacker, security loopholes are as a result of the manufacturer delivering unpatched components. A piece of software or hardware equipment could have been developed and shipped to users without being checked for those loopholes. These unpatched loopholes can then be exploited by hackers to enter a network [1]. • Distributed denial of service attacks – networks are made to handle a certain amount of requests to function properly. A hacker the above attacks will exploit by presenting the network with a large number of illegitimate requests. In a bid to service these requests, the network resources will be overwhelmed to the point of the network shutting down after failing to do so. This attack will then lock out legitimate users and their requests. [1] • Mobile and non-firm devices – a lot more companies are implementing a program where employees get to bring their devices to work. The firms are also issuing their employees with mobile devices like tablets and smartphones for conducting
their tasks. Bringing personal devices to do work on present a potential vulnerability. As these are personal devices, they are secured the same way as other company devices. They could be used to introduce viruses into the network and jeopardize the company’s information. As for company-issued mobile devices, they cannot be secured with the same capabilities as PCs. They have different form factors and also different underlying infrastructure [2]. Given that their use within the workplace is recent, then it means that there isn’t an acceptable method to secure them. This makes them very vulnerable. • Removable media – just as employees are bringing their mobile devices to work, so are they also bringing removable USB media. This includes thumb drives and external hard disks. Most of these devices are usually used across many computers and this increases the chances of them getting infected with viruses. Allowing these devices with questionable history to be plugged into company computers creates the risk that viruses and other malware might get introduced into the network [2]. • Wireless networks – while wired networks can be physically secured by limiting access to ports, this can’t be said of wireless networks. All that is required is proximity. A hacker with a laptop would only have to be near the company premises to view their wireless network. Unsecured wireless networks can be viewed and access with any Wi-Fi connection. It is also possible that a user on a neighboring network could be able to access the network. This open wireless network then exposes the company’s entire network to not just unauthorized users but malicious ones as well [1]. • Operating system platform – between the Windows operating system from Microsoft and Mac operating system from Apple, it has been found that the latter has lesser chances of being a target for attacks than the former. Windows OS as the dominant and ubiquitous platform makes that hackers will lean more towards developing ways to access the systems. Mac OS devices on the other hand are also developed by Apple and the
security implementation is usually far much superior to Windows OS. So, if the company has chosen to use Windows devices, then it has to contend with the fact that it has increased the chances of being a target [1]. • False sense of security in defense in depth – this company will have a firewall, intrusion detection system and anti-virus programs as part of its network security strategy. On the face of it, it is a recommended one as it provides multiple security layers. However, it is important to note that this strategy is only effective if those different aspects of security are all operating at peak level. Even with all of them present, if they are poorly configured and maintained, they become liabilities instead of assets as they create multiple points of vulnerability for the network [1]. References [1] D. Jacobson and J. Idziorek, Computer security literacy: Staying safe in a digital world. CRC Press, 2016. [2] G. Held, G, Network design: Principles and applications. Boca Raton: Auerbach, 2014.

Recommended

In computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfIn computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdf
anandanand521251
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
Part 1 List the basic steps in securing an operating system. Assume.pdf
Part 1 List the basic steps in securing an operating system. Assume.pdfPart 1 List the basic steps in securing an operating system. Assume.pdf
Part 1 List the basic steps in securing an operating system. Assume.pdf
fashiionbeutycare
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
 
Student NameCYB110Playbook Runbook Parts 1-3S.docx
Student NameCYB110Playbook Runbook Parts 1-3S.docxStudent NameCYB110Playbook Runbook Parts 1-3S.docx
Student NameCYB110Playbook Runbook Parts 1-3S.docx
deanmtaylor1545
 
security and system mainatance
security and system mainatancesecurity and system mainatance
security and system mainatance
Kudzi Chikwatu
 
5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems
MEN Mikro Elektronik GmbH
 
5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems
MEN Micro
 

Recommended

In computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfIn computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdf
anandanand521251
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
Part 1 List the basic steps in securing an operating system. Assume.pdf
Part 1 List the basic steps in securing an operating system. Assume.pdfPart 1 List the basic steps in securing an operating system. Assume.pdf
Part 1 List the basic steps in securing an operating system. Assume.pdf
fashiionbeutycare
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
 
Student NameCYB110Playbook Runbook Parts 1-3S.docx
Student NameCYB110Playbook Runbook Parts 1-3S.docxStudent NameCYB110Playbook Runbook Parts 1-3S.docx
Student NameCYB110Playbook Runbook Parts 1-3S.docx
deanmtaylor1545
 
security and system mainatance
security and system mainatancesecurity and system mainatance
security and system mainatance
Kudzi Chikwatu
 
5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems
MEN Mikro Elektronik GmbH
 
5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems5 Things to Know about Safety and Security of Embedded Systems
5 Things to Know about Safety and Security of Embedded Systems
MEN Micro
 
IDS Research
IDS ResearchIDS Research
IDS Research
Yehan Gunaratne
 
CISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICSCISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICS
Muhammad FAHAD
 
Seven recommendations for bolstering industrial control system cyber security
Seven recommendations for bolstering industrial control system cyber securitySeven recommendations for bolstering industrial control system cyber security
Seven recommendations for bolstering industrial control system cyber security
CTi Controltech
 
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control SystemsNCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
Miller Energy, Inc.
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
CTi Controltech
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
Mountain States Engineering and Controls
 
Defending industrial control systems from cyber attack
Defending industrial control systems from cyber attackDefending industrial control systems from cyber attack
Defending industrial control systems from cyber attack
Analynk Wireless, LLC
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
IJNSA Journal
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
IJNSA Journal
 
Strategies for Data Leakage Prevention
Strategies for Data Leakage PreventionStrategies for Data Leakage Prevention
Strategies for Data Leakage Prevention
IRJET Journal
 
Cryptography and system security
Cryptography and system securityCryptography and system security
Cryptography and system security
Gary Mendonca
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
NeilStark1
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdf
NeilStark1
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
NeilStark1
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptx
rahulkumarcscsf21
 
Irm 5-malicious networkbehaviour
Irm 5-malicious networkbehaviourIrm 5-malicious networkbehaviour
Irm 5-malicious networkbehaviour
Kasper de Waard
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- ingles
isidro luna beltran
 
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
WilheminaRossi174
 
IRJET- Security from Threats of Computer System
IRJET- Security from Threats of Computer SystemIRJET- Security from Threats of Computer System
IRJET- Security from Threats of Computer System
IRJET Journal
 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdf
ahmed53254
 
Your initial post should be 2-3 paragraphs in length.Inclu.docx
Your initial post should be 2-3 paragraphs in length.Inclu.docxYour initial post should be 2-3 paragraphs in length.Inclu.docx
Your initial post should be 2-3 paragraphs in length.Inclu.docx
danhaley45372
 
Your initial post should be made during Unit 2,  January 21st at 4.docx
Your initial post should be made during Unit 2,  January 21st at 4.docxYour initial post should be made during Unit 2,  January 21st at 4.docx
Your initial post should be made during Unit 2,  January 21st at 4.docx
danhaley45372
 

More Related Content

Similar to Part 3 ApplicationEnd-User Security Recommendations.docx

IDS Research
IDS ResearchIDS Research
IDS Research
Yehan Gunaratne
 
CISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICSCISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICS
Muhammad FAHAD
 
Seven recommendations for bolstering industrial control system cyber security
Seven recommendations for bolstering industrial control system cyber securitySeven recommendations for bolstering industrial control system cyber security
Seven recommendations for bolstering industrial control system cyber security
CTi Controltech
 
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control SystemsNCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
Miller Energy, Inc.
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
CTi Controltech
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
Mountain States Engineering and Controls
 
Defending industrial control systems from cyber attack
Defending industrial control systems from cyber attackDefending industrial control systems from cyber attack
Defending industrial control systems from cyber attack
Analynk Wireless, LLC
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
IJNSA Journal
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
IJNSA Journal
 
Strategies for Data Leakage Prevention
Strategies for Data Leakage PreventionStrategies for Data Leakage Prevention
Strategies for Data Leakage Prevention
IRJET Journal
 
Cryptography and system security
Cryptography and system securityCryptography and system security
Cryptography and system security
Gary Mendonca
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
NeilStark1
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdf
NeilStark1
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
NeilStark1
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptx
rahulkumarcscsf21
 
Irm 5-malicious networkbehaviour
Irm 5-malicious networkbehaviourIrm 5-malicious networkbehaviour
Irm 5-malicious networkbehaviour
Kasper de Waard
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- ingles
isidro luna beltran
 
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
WilheminaRossi174
 
IRJET- Security from Threats of Computer System
IRJET- Security from Threats of Computer SystemIRJET- Security from Threats of Computer System
IRJET- Security from Threats of Computer System
IRJET Journal
 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdf
ahmed53254
 

Similar to Part 3 ApplicationEnd-User Security Recommendations.docx (20)

IDS Research
IDS ResearchIDS Research
IDS Research
 
CISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICSCISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICS
 
Seven recommendations for bolstering industrial control system cyber security
Seven recommendations for bolstering industrial control system cyber securitySeven recommendations for bolstering industrial control system cyber security
Seven recommendations for bolstering industrial control system cyber security
 
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control SystemsNCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
 
Defending industrial control systems from cyber attack
Defending industrial control systems from cyber attackDefending industrial control systems from cyber attack
Defending industrial control systems from cyber attack
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
 
Strategies for Data Leakage Prevention
Strategies for Data Leakage PreventionStrategies for Data Leakage Prevention
Strategies for Data Leakage Prevention
 
Cryptography and system security
Cryptography and system securityCryptography and system security
Cryptography and system security
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdf
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptx
 
Irm 5-malicious networkbehaviour
Irm 5-malicious networkbehaviourIrm 5-malicious networkbehaviour
Irm 5-malicious networkbehaviour
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- ingles
 
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
 
IRJET- Security from Threats of Computer System
IRJET- Security from Threats of Computer SystemIRJET- Security from Threats of Computer System
IRJET- Security from Threats of Computer System
 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdf
 

More from danhaley45372

Your initial post should be 2-3 paragraphs in length.Inclu.docx
Your initial post should be 2-3 paragraphs in length.Inclu.docxYour initial post should be 2-3 paragraphs in length.Inclu.docx
Your initial post should be 2-3 paragraphs in length.Inclu.docx
danhaley45372
 
Your initial post should be made during Unit 2,  January 21st at 4.docx
Your initial post should be made during Unit 2,  January 21st at 4.docxYour initial post should be made during Unit 2,  January 21st at 4.docx
Your initial post should be made during Unit 2,  January 21st at 4.docx
danhaley45372
 
Your initial post should be at least 450+ words and in APA forma.docx
Your initial post should be at least 450+ words and in APA forma.docxYour initial post should be at least 450+ words and in APA forma.docx
Your initial post should be at least 450+ words and in APA forma.docx
danhaley45372
 
Your initial post should be made during Unit 2, january 21st at 4.docx
Your initial post should be made during Unit 2, january 21st at 4.docxYour initial post should be made during Unit 2, january 21st at 4.docx
Your initial post should be made during Unit 2, january 21st at 4.docx
danhaley45372
 
Your initial post should be made during, Submissions after this time.docx
Your initial post should be made during, Submissions after this time.docxYour initial post should be made during, Submissions after this time.docx
Your initial post should be made during, Submissions after this time.docx
danhaley45372
 
Your essay should address the following.(a) How  is the biologic.docx
Your essay should address the following.(a) How  is the biologic.docxYour essay should address the following.(a) How  is the biologic.docx
Your essay should address the following.(a) How  is the biologic.docx
danhaley45372
 
Your initial post is due by midnight (1159 PM) on Thursday. You mus.docx
Your initial post is due by midnight (1159 PM) on Thursday. You mus.docxYour initial post is due by midnight (1159 PM) on Thursday. You mus.docx
Your initial post is due by midnight (1159 PM) on Thursday. You mus.docx
danhaley45372
 
Your individual sub-topic written (MIN of 1, MAX 3 pages)You.docx
Your individual sub-topic written (MIN of 1, MAX 3 pages)You.docxYour individual sub-topic written (MIN of 1, MAX 3 pages)You.docx
Your individual sub-topic written (MIN of 1, MAX 3 pages)You.docx
danhaley45372
 
Your HR project to develop a centralized model of deliveri.docx
Your HR project to develop a centralized model of deliveri.docxYour HR project to develop a centralized model of deliveri.docx
Your HR project to develop a centralized model of deliveri.docx
danhaley45372
 
Your Immersion Project for this course is essentially ethnographic r.docx
Your Immersion Project for this course is essentially ethnographic r.docxYour Immersion Project for this course is essentially ethnographic r.docx
Your Immersion Project for this course is essentially ethnographic r.docx
danhaley45372
 
Your country just overthrew its dictator, and you are the newly .docx
Your country just overthrew its dictator, and you are the newly .docxYour country just overthrew its dictator, and you are the newly .docx
Your country just overthrew its dictator, and you are the newly .docx
danhaley45372
 
Your have been contracted by HealthFirst Hospital Foundation (HHF),.docx
Your have been contracted by HealthFirst Hospital Foundation (HHF),.docxYour have been contracted by HealthFirst Hospital Foundation (HHF),.docx
Your have been contracted by HealthFirst Hospital Foundation (HHF),.docx
danhaley45372
 
Your group presentationWhat you need to do.docx
Your group presentationWhat you need to do.docxYour group presentationWhat you need to do.docx
Your group presentationWhat you need to do.docx
danhaley45372
 
Your contribution(s) must add significant information to the dis.docx
Your contribution(s) must add significant information to the dis.docxYour contribution(s) must add significant information to the dis.docx
Your contribution(s) must add significant information to the dis.docx
danhaley45372
 
Your good friends have just adopted a four-year-old child. At th.docx
Your good friends have just adopted a four-year-old child. At th.docxYour good friends have just adopted a four-year-old child. At th.docx
Your good friends have just adopted a four-year-old child. At th.docx
danhaley45372
 
Your good friends have just adopted a four-year-old child. At this p.docx
Your good friends have just adopted a four-year-old child. At this p.docxYour good friends have just adopted a four-year-old child. At this p.docx
Your good friends have just adopted a four-year-old child. At this p.docx
danhaley45372
 
Your goals as the IT architect and IT security specialist are to.docx
Your goals as the IT architect and IT security specialist are to.docxYour goals as the IT architect and IT security specialist are to.docx
Your goals as the IT architect and IT security specialist are to.docx
danhaley45372
 
Your essay should address the following problem.(a) What is .docx
Your essay should address the following problem.(a) What is .docxYour essay should address the following problem.(a) What is .docx
Your essay should address the following problem.(a) What is .docx
danhaley45372
 
Your future financial needs will be based on the income you can reas.docx
Your future financial needs will be based on the income you can reas.docxYour future financial needs will be based on the income you can reas.docx
Your future financial needs will be based on the income you can reas.docx
danhaley45372
 
Your friend Lydia is having difficulty taking in the informati.docx
Your friend Lydia is having difficulty taking in the informati.docxYour friend Lydia is having difficulty taking in the informati.docx
Your friend Lydia is having difficulty taking in the informati.docx
danhaley45372
 

More from danhaley45372 (20)

Your initial post should be 2-3 paragraphs in length.Inclu.docx
Your initial post should be 2-3 paragraphs in length.Inclu.docxYour initial post should be 2-3 paragraphs in length.Inclu.docx
Your initial post should be 2-3 paragraphs in length.Inclu.docx
 
Your initial post should be made during Unit 2,  January 21st at 4.docx
Your initial post should be made during Unit 2,  January 21st at 4.docxYour initial post should be made during Unit 2,  January 21st at 4.docx
Your initial post should be made during Unit 2,  January 21st at 4.docx
 
Your initial post should be at least 450+ words and in APA forma.docx
Your initial post should be at least 450+ words and in APA forma.docxYour initial post should be at least 450+ words and in APA forma.docx
Your initial post should be at least 450+ words and in APA forma.docx
 
Your initial post should be made during Unit 2, january 21st at 4.docx
Your initial post should be made during Unit 2, january 21st at 4.docxYour initial post should be made during Unit 2, january 21st at 4.docx
Your initial post should be made during Unit 2, january 21st at 4.docx
 
Your initial post should be made during, Submissions after this time.docx
Your initial post should be made during, Submissions after this time.docxYour initial post should be made during, Submissions after this time.docx
Your initial post should be made during, Submissions after this time.docx
 
Your essay should address the following.(a) How  is the biologic.docx
Your essay should address the following.(a) How  is the biologic.docxYour essay should address the following.(a) How  is the biologic.docx
Your essay should address the following.(a) How  is the biologic.docx
 
Your initial post is due by midnight (1159 PM) on Thursday. You mus.docx
Your initial post is due by midnight (1159 PM) on Thursday. You mus.docxYour initial post is due by midnight (1159 PM) on Thursday. You mus.docx
Your initial post is due by midnight (1159 PM) on Thursday. You mus.docx
 
Your individual sub-topic written (MIN of 1, MAX 3 pages)You.docx
Your individual sub-topic written (MIN of 1, MAX 3 pages)You.docxYour individual sub-topic written (MIN of 1, MAX 3 pages)You.docx
Your individual sub-topic written (MIN of 1, MAX 3 pages)You.docx
 
Your HR project to develop a centralized model of deliveri.docx
Your HR project to develop a centralized model of deliveri.docxYour HR project to develop a centralized model of deliveri.docx
Your HR project to develop a centralized model of deliveri.docx
 
Your Immersion Project for this course is essentially ethnographic r.docx
Your Immersion Project for this course is essentially ethnographic r.docxYour Immersion Project for this course is essentially ethnographic r.docx
Your Immersion Project for this course is essentially ethnographic r.docx
 
Your country just overthrew its dictator, and you are the newly .docx
Your country just overthrew its dictator, and you are the newly .docxYour country just overthrew its dictator, and you are the newly .docx
Your country just overthrew its dictator, and you are the newly .docx
 
Your have been contracted by HealthFirst Hospital Foundation (HHF),.docx
Your have been contracted by HealthFirst Hospital Foundation (HHF),.docxYour have been contracted by HealthFirst Hospital Foundation (HHF),.docx
Your have been contracted by HealthFirst Hospital Foundation (HHF),.docx
 
Your group presentationWhat you need to do.docx
Your group presentationWhat you need to do.docxYour group presentationWhat you need to do.docx
Your group presentationWhat you need to do.docx
 
Your contribution(s) must add significant information to the dis.docx
Your contribution(s) must add significant information to the dis.docxYour contribution(s) must add significant information to the dis.docx
Your contribution(s) must add significant information to the dis.docx
 
Your good friends have just adopted a four-year-old child. At th.docx
Your good friends have just adopted a four-year-old child. At th.docxYour good friends have just adopted a four-year-old child. At th.docx
Your good friends have just adopted a four-year-old child. At th.docx
 
Your good friends have just adopted a four-year-old child. At this p.docx
Your good friends have just adopted a four-year-old child. At this p.docxYour good friends have just adopted a four-year-old child. At this p.docx
Your good friends have just adopted a four-year-old child. At this p.docx
 
Your goals as the IT architect and IT security specialist are to.docx
Your goals as the IT architect and IT security specialist are to.docxYour goals as the IT architect and IT security specialist are to.docx
Your goals as the IT architect and IT security specialist are to.docx
 
Your essay should address the following problem.(a) What is .docx
Your essay should address the following problem.(a) What is .docxYour essay should address the following problem.(a) What is .docx
Your essay should address the following problem.(a) What is .docx
 
Your future financial needs will be based on the income you can reas.docx
Your future financial needs will be based on the income you can reas.docxYour future financial needs will be based on the income you can reas.docx
Your future financial needs will be based on the income you can reas.docx
 
Your friend Lydia is having difficulty taking in the informati.docx
Your friend Lydia is having difficulty taking in the informati.docxYour friend Lydia is having difficulty taking in the informati.docx
Your friend Lydia is having difficulty taking in the informati.docx
 

Recently uploaded

Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
Scholarhat
 
How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17
Celine George
 
PIMS Job Advertisement 2024.pdf Islamabad
PIMS Job Advertisement 2024.pdf IslamabadPIMS Job Advertisement 2024.pdf Islamabad
PIMS Job Advertisement 2024.pdf Islamabad
AyyanKhan40
 
Cognitive Development Adolescence Psychology
Cognitive Development Adolescence PsychologyCognitive Development Adolescence Psychology
Cognitive Development Adolescence Psychology
paigestewart1632
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
Nguyen Thanh Tu Collection
 
Main Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docxMain Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docx
adhitya5119
 
How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17
Celine George
 
Advanced Java[Extra Concepts, Not Difficult].docx
Advanced Java[Extra Concepts, Not Difficult].docxAdvanced Java[Extra Concepts, Not Difficult].docx
Advanced Java[Extra Concepts, Not Difficult].docx
adhitya5119
 
A Independência da América Espanhola LAPBOOK.pdf
A Independência da América Espanhola LAPBOOK.pdfA Independência da América Espanhola LAPBOOK.pdf
A Independência da América Espanhola LAPBOOK.pdf
Jean Carlos Nunes Paixão
 
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Excellence Foundation for South Sudan
 
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
GeorgeMilliken2
 
Pengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptxPengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptx
Fajar Baskoro
 
The basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptxThe basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptx
heathfieldcps1
 
How to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP ModuleHow to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP Module
Celine George
 
BBR 2024 Summer Sessions Interview Training
BBR 2024 Summer Sessions Interview TrainingBBR 2024 Summer Sessions Interview Training
BBR 2024 Summer Sessions Interview Training
Katrina Pritchard
 
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptxChapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
Hindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdfHindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdf
Dr. Mulla Adam Ali
 
DRUGS AND ITS classification slide share
DRUGS AND ITS classification slide shareDRUGS AND ITS classification slide share
DRUGS AND ITS classification slide share
taiba qazi
 
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
PECB
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
Nicholas Montgomery
 

Recently uploaded (20)

Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
 
How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17
 
PIMS Job Advertisement 2024.pdf Islamabad
PIMS Job Advertisement 2024.pdf IslamabadPIMS Job Advertisement 2024.pdf Islamabad
PIMS Job Advertisement 2024.pdf Islamabad
 
Cognitive Development Adolescence Psychology
Cognitive Development Adolescence PsychologyCognitive Development Adolescence Psychology
Cognitive Development Adolescence Psychology
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
 
Main Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docxMain Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docx
 
How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17
 
Advanced Java[Extra Concepts, Not Difficult].docx
Advanced Java[Extra Concepts, Not Difficult].docxAdvanced Java[Extra Concepts, Not Difficult].docx
Advanced Java[Extra Concepts, Not Difficult].docx
 
A Independência da América Espanhola LAPBOOK.pdf
A Independência da América Espanhola LAPBOOK.pdfA Independência da América Espanhola LAPBOOK.pdf
A Independência da América Espanhola LAPBOOK.pdf
 
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
 
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
 
Pengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptxPengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptx
 
The basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptxThe basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptx
 
How to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP ModuleHow to Add Chatter in the odoo 17 ERP Module
How to Add Chatter in the odoo 17 ERP Module
 
BBR 2024 Summer Sessions Interview Training
BBR 2024 Summer Sessions Interview TrainingBBR 2024 Summer Sessions Interview Training
BBR 2024 Summer Sessions Interview Training
 
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptxChapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
 
Hindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdfHindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdf
 
DRUGS AND ITS classification slide share
DRUGS AND ITS classification slide shareDRUGS AND ITS classification slide share
DRUGS AND ITS classification slide share
 
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
 

Part 3 ApplicationEnd-User Security Recommendations.docx

  • 1. Part 3: Application/End-User Security Recommendations Introduction A robust network security strategy is one that actively involves the entire stakeholders of the system. The network administrator has the responsibility of ensuring that best practices in information security management are implemented throughout the entirety of the system they oversee. Threats to a system exist both within and outside an organization. This necessitates the need for a comprehensive security strategy that can cover all those potential threats. Information security threats are of a dynamic nature and the network administrator should take this consideration to ensure that they are always on top of any emerging threats. System vulnerabilities should be sought and effectively sealed and this should be a regular task. End User Security Recommendations Best practice in network security will require that the users and the firm abide by the following: • Training and awareness – all employees of the company should have a firm grasp of matters pertaining network security. This will come through the training that should be offered by the company. The training should involve how to spot and identify threats, how to combat them, and how to handle them should they occur. As new threats emerge, the firm will need to create a continuous awareness program to inform its employees on them. • Effective monitoring program – even after training has been done, this is not reason enough to believe employees will adhere to the lessons learnt. As such, the IT personnel
  • 2. should be empowered to conduct random checks on the security behavior of the firm’s employees. This will help in identifying potential weak spots. • Unique user credentials – each and every employee that has been granted use of computer resources should do so with their own unique username and a password that should not be shared with any other user. The password should be complex enough that no one could possibly guess. The user should avoid using passwords from familiar objects or people. A strong password should have a mix of alphanumeric and special characters. For every activity a user does on any computer, they will be required to use their own unique credentials. This should leave an audit that can be followed should there be an incident. • Automatic logoff – it is possible that a user might leave a computer without logging out from their session. This opens the possibility that another user might access resources using the logged in credentials. This could be devastating should the unauthorized have malicious intent and the logged on credentials have advanced permissions. Automatic logoff should be set to happen after a given period of time. This should especially happen after the end of prescribed business hours. • Regular event log audits – event logs are very important when it comes to monitoring the performance of a given system. They can also be used to spot any anomalies within the system. Event logs collected over a long period of time can establish a baseline of operations for a system. Any deviations from this baseline can then be checked further to identify if they are a threat to the system. (Huang, MacCallum, & Du, 2013). • Least privilege – the principle of least privilege has it that a user should only be granted permissions only to the extent of their job description and responsibilities. This will ensure that no single user has complete or unnecessary control over the system. The network administrator account with power over the entire system should be used sparingly and only when necessary to do so.
  • 3. • Incident reporting procedures – employees should now how they can report a security incident. This could a suspicion of an intruder or even another user’s activity. Whatever reason, users should be provided with a clear cut procedure to make sure these reports reach the right people who can handle them. (Pardoe, & Snyder, 2015). • Anti-malware programs – the entire system should be protected by a regularly updated anti-virus program that can identify and prevent any threats before they get into the system. • Up to date disaster recovery and business continuity plan – even with all the above security measures implemented, there still exists the chance that a security breach event might occur. It is important have a response ready for such an eventuality. A disaster recovery and business continuity plan can go a long way in mitigating the effects of a security breach. References Huang, S. C.-H., MacCallum, D., & Du, D. (2013). Network security. New York: Springer. Pardoe, T. D., & Snyder, G. F. (2015). Network security. Clifton Park, NY: Thomson/Delmar Learning.
  • 4. Part 2: Network System Security Recommendations Introduction For any organization that has embraced technology, data has become an invaluable asset that the organization cannot do without. As with the protection of other tangible assets, the protections provided to data assets should be commensurate with their importance to the organization. An effective information security strategy implements its safeguards after a careful analysis of potential threats and covering the bases as strongly as possible. The vulnerabilities that exist within the network will need to be identified and patched as soon as they are identified. A wide range of security measures will need to be implemented simultaneously within the system. These will include both hardware and software options as well as intensive security training for users of the system. Threat and risk assessment should not be a one-off activity at the installation of the system. Rather, it is continuous process that is cognizant of the evolving nature of information where newer threats are emerging every day. The most secure system then becomes one whose security strategy is meant to be proactive rather reactive. Network System Security Recommendations An effective firewall is one that will ensure that the traffic that gets through it is one that is safe and only originating from legitimate sources. An intrusion prevention system (IPS) will be required to both detect and prevent any potential threats and
  • 5. stem off attacks. A secure and robust network must have its components well configured if it is to effectively identify and fend off threats. • Configuring the firewall – the firewall will be configured to identify all traffic that can be definitively traced to be within the company. It will have the capabilities to identify any traffic that does not come from within the company and effectively drop it. Hackers targeting a networking will usually attempt to do so by disguising inbound traffic to appear as if from a legitimate source. If data appears to be from a legitimate source, it has higher chances of gaining entry. But this is not always the case. With ingress filtering, a firewall is granted the capabilities of accurately determining whether that particular data is indeed from the source computer it claims to be from. Microsoft provides Windows Firewall for its operating and this will be the one in use for the firm. The firewall has a primary purpose of limiting communication between the network and the internet. However, this can limit functionality as there will be aspects of the network that will require accessing the internet. As such, there will be the need to configure exceptions. A notifications dialog will provide options for total blocking of a program, unblocking and a third option for when the administrator has not yet decided on whether to block or not. For the last option, the program will stay blocked. Under program exceptions, only a few of them will be granted that exception. This should include the web browser and the email client. Any other programs will be blocked from accessing the internet without the permission of the administrator. The scope of the excepted programs will then be limited to the firm’s network for added protection. All ports should be closed when not in use. Whether under TCP or UDP protocols, the ports to be provided with the exceptions are to be directly specified. The scope for the ports will also be limited to the local network [1]. • Configuring the router – as the gateway for internet traffic to and from the network, it is important that the
  • 6. configurations of the router are as robust as they can be. The web server and the email server will need to be accessed from the internet. This will require that port forwarding be configured first. Router manufacturers deliver them with default IP addresses and login credentials. If this default credentials are not changed by the end users, there is always the chance they could be used by hackers to access the router. As such, they must be changed once the router has been acquired. The security mode of the NETGEAR MR814 router will need to be set to the 64-bit WEP Wi-Fi encryption protocol that should provide adequate security for this network. Also, it is advisable to disable the Universal Plug and Play (UPnp) feature to keep out rogue devices and software. This will ensure only authenticated devices and software access the network. The password to be used should be long and include an alphanumeric and special character combination. Remote management is unnecessary for single premise firm and should be disabled. Permissions and access control should next be implemented to restrict access to the router to only authorized users and control the flow of information. As with other components of the network all activities of the router will be logged and sent to the syslog server [2]. • Setting up Microsoft Server 2012 – a big improvement on the Microsoft Server 2008 version, Microsoft Server 2012 will provide the firm with opportunities for centralized management and deployment of services and functions. The Active Directory will be installed from the server manager console. Access control will be managed under organizational units that will correspond with the firm’s various departments. Given that employees within the same departments will have close to similarly defined responsibilities, their access to company resources will then be governed under similar privileges. Server virtualization is to be implemented within the Windows Server 2012 environment. This will provide multiple virtual environments that can be used to run separate tasks and also for backing up company data. Virtualization should also do
  • 7. away with instances of application collisions and incompatibility issues within the system. Microsoft Server 2012 provides a system failover option that will ensure that the fail of one section of the system does not jeopardize the entire system. This is achieved by the virtualized systems that take over should any other break down [1]. • Configuring the intrusion prevention system (IPS) – the intrusion prevention should be configured under global settings that will have it that any rogue connections are dropped silently and in the background. Identifying potential threats will be set to spot protocol anomalies, server-side attacks, client- side attacks, operating system level attacks, and targeted malware attacks. By configuring flood protection in protocols like ICMP, and TCP SYN, anti-DOS attacks will be contained effectively. The intrusion prevention system is meant to operate automatically on its own for the most part. This should enable it to work at all times even outside normal business hours. However, it will important that the system regularly provide alerts to the network administrator who will then analyze the extent of the attacks. The alerts will consist of event logs that provide details on the nature of all the potential threats. The administrator will then be able to implement any measures to meet any emerging threats. Implemented on the perimeter of the system, the intrusion prevention system (IPS) will be able to monitor every communication in the system and identify the threats [3]. Addressing Identified Vulnerabilities • Network backdoors – regular scanning and a network discovery tool will be needed to find any rogue access points within the network. Each and every device and software deployed within the network will require to be mapped and a baseline for their operations established. A network discovery tool should do this even without the input of the network administrator [3]. • Mobile and personal devices – should an employee
  • 8. wish to use their device for work responsibilities, they should be required to submit the device to the IT team who then go ahead and check its security features. Only after it is deemed secure will the user be allowed. As for company-issued mobile devices, an encryption program should be installed on all devices to secure not just the communication in and out of the device, but also the data stored within the device. There should be also for conditions placed by the firm on the use of the devices [3]. An example would be the requirement that employees only use the devices for company work only and not personal. They should also be regularly submitted to the IT team for inspections. • Removable media – there should be a company-wide rule that no personal devices should attached to company computers. This regulation should work for the most. However, just in case, an up-to-date anti-virus program should be installed within the network to prevent any malware from infecting the network [3]. • Distributed denial of service (DDoS) attacks - these attacks are meant to push a system to its breaking point. To prevent the adverse impact of such attacks, the firm should conduct regular stress tests on its system to gauge its resilience. These tests will provide answers on how far the system can go under stress without breaking down. Any improvements on the system can then be done on the basis of the results [4]. • Security loopholes – for software and hardware that has been delivered by their manufacturers with loopholes in them, they should be swiftly patched. These patches are usually provided by the manufacturer after the loopholes have been identified. Also, the company should endeavor to only acquire software and hardware components from vendors that have secure track record [4]. References [1] D. Rountree, Windows 2012 Server Network Security:
  • 9. Securing Your Windows Network Systems and Infrastructure. Newnes. 2013. [2] D. Jacobson and J. Idziorek, Computer security literacy: Staying safe in a digital world. CRC Press, 2016. [3] C.F. Endorf, E. Schultz, and J. Mellander, Intrusion detection & prevention. New York: McGraw-Hill/Osborne, 2014. [4] S.C. Huang, D. MacCallum and D. Du, Network security. New York: Springer, 2013. Part 1: Vulnerability Assessment Nambo Francis Network Security October 3, 2016 Introduction Every computer network is a target for attack by virtue of being on. It is therefore necessary that every organization understand where it stands on matters of network security. A vulnerability assessment is done to provide an organization with the state of its network components. The assessment also identifies potential points of weakness within the network infrastructure and the extent to which those vulnerabilities could be exploited. While some attacks on an organization can be targeted specifically to it, others could be as a result of a vulnerability that was identified by attackers after scouring for vulnerable networks. Any exploitable vulnerability in a network no matter how small can cause significant damage to the network. This necessitates the vulnerability assessment that
  • 10. should be a regular activity. A vulnerability assessment will enable the organization to rank the gravity of the danger posed by all vulnerabilities and allocate the appropriate resources to its handling. Network Vulnerability Assessment • Network backdoors – a backdoor within a system is an access point whose existence is unknown by a network administrator and users of that system. A backdoor can be implemented on a software running in the network or even to hardware devices that are connected to the network. A hacker then uses that backdoor to access the network and collect data without the knowledge anyone involved with the network. A backdoor can grant the hacker administrator level access privileges and as such their activities within the network can go unnoticed [1]. • Security loopholes in software and hardware components – while the above backdoors are usually created by a hacker, security loopholes are as a result of the manufacturer delivering unpatched components. A piece of software or hardware equipment could have been developed and shipped to users without being checked for those loopholes. These unpatched loopholes can then be exploited by hackers to enter a network [1]. • Distributed denial of service attacks – networks are made to handle a certain amount of requests to function properly. A hacker the above attacks will exploit by presenting the network with a large number of illegitimate requests. In a bid to service these requests, the network resources will be overwhelmed to the point of the network shutting down after failing to do so. This attack will then lock out legitimate users and their requests. [1] • Mobile and non-firm devices – a lot more companies are implementing a program where employees get to bring their devices to work. The firms are also issuing their employees with mobile devices like tablets and smartphones for conducting
  • 11. their tasks. Bringing personal devices to do work on present a potential vulnerability. As these are personal devices, they are secured the same way as other company devices. They could be used to introduce viruses into the network and jeopardize the company’s information. As for company-issued mobile devices, they cannot be secured with the same capabilities as PCs. They have different form factors and also different underlying infrastructure [2]. Given that their use within the workplace is recent, then it means that there isn’t an acceptable method to secure them. This makes them very vulnerable. • Removable media – just as employees are bringing their mobile devices to work, so are they also bringing removable USB media. This includes thumb drives and external hard disks. Most of these devices are usually used across many computers and this increases the chances of them getting infected with viruses. Allowing these devices with questionable history to be plugged into company computers creates the risk that viruses and other malware might get introduced into the network [2]. • Wireless networks – while wired networks can be physically secured by limiting access to ports, this can’t be said of wireless networks. All that is required is proximity. A hacker with a laptop would only have to be near the company premises to view their wireless network. Unsecured wireless networks can be viewed and access with any Wi-Fi connection. It is also possible that a user on a neighboring network could be able to access the network. This open wireless network then exposes the company’s entire network to not just unauthorized users but malicious ones as well [1]. • Operating system platform – between the Windows operating system from Microsoft and Mac operating system from Apple, it has been found that the latter has lesser chances of being a target for attacks than the former. Windows OS as the dominant and ubiquitous platform makes that hackers will lean more towards developing ways to access the systems. Mac OS devices on the other hand are also developed by Apple and the
  • 12. security implementation is usually far much superior to Windows OS. So, if the company has chosen to use Windows devices, then it has to contend with the fact that it has increased the chances of being a target [1]. • False sense of security in defense in depth – this company will have a firewall, intrusion detection system and anti-virus programs as part of its network security strategy. On the face of it, it is a recommended one as it provides multiple security layers. However, it is important to note that this strategy is only effective if those different aspects of security are all operating at peak level. Even with all of them present, if they are poorly configured and maintained, they become liabilities instead of assets as they create multiple points of vulnerability for the network [1]. References [1] D. Jacobson and J. Idziorek, Computer security literacy: Staying safe in a digital world. CRC Press, 2016. [2] G. Held, G, Network design: Principles and applications. Boca Raton: Auerbach, 2014.