ICTNWK546 Project Portfolio Assessment 2
pdf
keyboard_arrow_up
School
Albright Institute of Business and Language *
*We aren’t endorsed by this school
Course
546
Subject
Information Systems
Date
Feb 20, 2024
Type
Pages
10
Uploaded by Moondimz
PORTFOLIO Student Version
ICTNWK546
Manage network security
CONTENTS Section 1: Security design preparation 4
Section 2: Security design and policy 6
ICTNWK546 Manage network security |
3 Student name: BUAN, MA BUENA FELICITA Assessor: Date: Business this assessment is based on: ICTNWK546 - Manage network security
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
ICTNWK546 Manage network security |
4 Section 1: Security design preparation Network security planning Provide an outline of the processes you will use to plan, build and manage a network security design to meet the organisation’s requirements. In addressing network security, we can consider the following aspects: Establishing robust password policies. Enhancing the email security infrastructure. Securely managing and maintaining technologies. Implementing policies for the use of social media and the internet within corporate networks. Developing backup and restoration plans. Following a thorough investigation of the company's infrastructure, it has been confirmed that there is currently no built-in security. Consequently, as we design the new network for the company, our primary focus will be on enhancing network and system security. This involves the implementation of various security measures, such as firewalls, Access Control Lists (ACLs), and security protocols for wireless technologies. To further bolster security, different security measures will be applied during the configuration of routers and switches. Ultimately, Wireshark and other similar monitoring tools will be utilized to monitor and analyze data flow, as well as to detect any potential security intrusions within the network. ICT assets Provide an overview of the organisation’s assets that need protecting. Remember assets are not just physical assets. Categorise each of the assets in terms of their value. The value does not need to be a monetary value but instead can be based on the value to the organisation e.g., high, medium, low, etc. ICT assets categorization of the IT biz company as follows: HIgh Medium Low Detailed information and data Components required for networking Different kinds of software Servers Computers, routers and switches
ICTNWK546 Manage network security |
5 Threat modelling Describe at least three major threats to network security that can happen to any organisation, as well as where these threats originate from. For each threat, describe a system vulnerability that may have led to the threat. Malicious Software or MALWARE: It infiltrates the system through deceptive software designed to appear authentic. This deceptive tactic is not only employed by individual hackers but also by major companies engaged in fraudulent activities, monitoring, and unauthorized data acquisition from their customers. The introduced malware has the capability to compromise the computer directly, causing malfunctions or surreptitiously monitoring the user's activities without their awareness. Even uninstalling the rogue software does not rectify the issue once the system is infected. This type of attack is particularly prevalent in IT businesses where security measures and preventative systems against such attacks are lacking. While this form of attack may not occur frequently in daily operations, the company, given its abundance of confidential data on users and employees and the absence of security systems, remains susceptible to such threats at any given time.
Risk management plan For each of the threats you have identified, identify the level of risk that the threat presents (use a risk legend to do this). Rank the threats in order of severity from least severe to most severe. Outline a risk control relevant to each threat. Use the table included in the Portfolio to develop your plan. Threats Risk control measures Risk ranking (1-5) (where 1=lowest and 5=highest) Malware Upgrading the system with latest security patches and using antivirus software 5 Advanced persistent threats Upgrading the system with the latest 4 DDos attack Utilizing the different kind of anti-ddos antiviruses intrusion prevention system, cloud computing etc. 2
ICTNWK546 Manage network security |
6 Presentation Write the title of your presentation here and attach it to your Portfolio.
Manage Network Security Process Guide Plan for End-users Attach: Presentation ☐
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
ICTNWK546 Manage network security |
7 Section 2: Security design and policy Network security design Provide an overview of your design to protect network security. Include screenshots to illustrate your work as required. Make sure you take into account manufacturer’s recommendations for use of the tools you will incorporate into your design. Write about how you have done this. Further, include the costs of the equipment/software you have identified and document them here. In accordance with the network security design, we will integrate all the components outlined in the scenario and the aforementioned plan. However, due to the absence of existing security systems within the company, we will introduce a firewall as a hardware security measure. Additionally, for other security aspects, we will configure the devices accordingly. The firewall will serve as a data filtering device, screening both incoming and outgoing data packages based on the assigned rules. Network Security Design Overview (Figure 1) The depicted illustration presents the network security design tailored for the IT Biz company. In this configuration, a router facilitates communication with the internet, while switches are employed to segregate various departments. A shared printer is accessible to all 90 computers. For robust security measures, a hardware firewall is incorporated and visibly represented in the diagram. In addition, for software-related security, Access Control Lists (ACLs) and antivirus software are employed. These tools aid in filtering and defining permissible IP addresses for network access, as well as scanning and eliminating viruses on the computers, respectively. The subsequent table outlines the required costs for both hardware and software components within the company:
ICTNWK546 Manage network security |
8 Particulars Cost(AUD$) Microtik Routers $1100 Microtic switches $3500 Firewalls $1800 PC’s $12000 HP Printers $750 Software Window 10 Pro $1250 Antivirus $1000 Total $21400 Security policies Develop and document security policies to accompany your network security design. Your security policy must include as a minimum: Purpose of the policy. Key procedures relevant to maintaining security e.g., identity management, threat management (including incident response procedures) and auditing procedures. As a guide your policy should be 2 – 3 pages. Write the name of your Policy Objectives The primary objective of this security policy is to articulate various security policies and procedures employed during research endeavors. All outlined security policies are applicable to every facet of research within this project. Non-compliance with these security rules and regulations by staff members will result in immediate termination, accompanied by the revocation of associated privileges. Security Policies Identity Management Policy Each staff member's username and password must be unique. Writing or sharing passwords is strictly prohibited. Consultation with the IT administrator is mandatory for assigning new roles or personal access requests, ensuring the implementation of diverse security procedures. The IT administrator must be informed of any redundant roles to maintain proper security standards within the company. Password Policy
ICTNWK546 Manage network security |
9 policy here and attach it your Portfolio. Passwords must be a minimum of 8 characters in length. Regular password updates are required every month. Passwords must include at least one number, one special character, and one capital letter. Previously used passwords cannot be reused. Three consecutive incorrect password entries will result in user account blocking. Risk Management Policy The system should undergo checks every 24 hours, with continuous monitoring 24/7. Immediate action is required upon the detection of any anomalies. Incident Response Policy Regular backups must be conducted by IT administrations. Users and staff should regularly back up files in the cloud or on the internet rather than on local disks, with regular notifications from the IT teams. Hot backups should be performed hourly, daily, and regularly for restoration within 2 hours. These backups are exclusively accessible to system admins and used solely for system backup purposes. Offline backups, conducted weekly or monthly, involve storing data in different data centers on tapes and should be available within 24 hours for restoration in case of incidents. Information about staff and users should only be made available for offsite backup, with strict confidentiality. Auditing Process Clearly define and explain the scope of the auditing process. Assess risks associated with the auditing process. Regularly evaluate and update policies as required. Conduct reviews of password policies. Ensure the confidentiality and security of the company's sensitive data.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
ICTNWK546 Manage network security |
10 Feedback Write the feedback you received here and your response to it. Customers satisfied with the result of the Security policies and feel safe and confident that Data Privacy and protection is in place from network threats.