Term Paper on "Analyzing Networking Comprehensive Secure Solution"

>

FTP server

192.168.0.2 (static)

Printer

192.168.0.66 (static)

Router

192.168.0.194 (static)

The static IPs above should be configured on the respective devices and excluded from the DHCP pool to ensure there is no case of conflicting IPs.

Security

It is important for ABC Accounting Inc. to safeguard its network from both internal and external threats.

Threats

Social Engineering/Internal Threats

In a social engineering attack, the system or network is compromised by the attacker via social interactions with their target, whom they trick to give them information that will be used to attack and compromise it; phone calls and emails are mainly used in such attacks. Some types of social engineered attacks include:

Phishing

Impersonation (of an administrator, user or vendor, by the attacker) (Microsoft Website, 2016)

Network-based Attacks

The majority of security attacks are network based. Remote systems are usually used to launch attacks that are based on networks by the hackers. Some examples of attacks launched through a network include:

Eavesdropping such as bugging, wiretapping, listening to conversations or even induction using SF receiver.

Spoofing

Hijacking

Hacking

Phishing

Denial of service attack

Ignorance, Human Error and Omission

Of all security breaches that occur through data and voice networks, more than half of them are caused by ignorance and human errors and omissions (Zack, 2010).

ABC Accounting Inc.'s Current Security Threats

The current security threats can harm this company, affect its assets and critical functions, and in a worst case scenario, they can completely paralyze it. They include:

Natural disasters

Intruders

Unhappy or disgruntled employees

Criminals

Terrorists

Flaws in the design of networks, configuration of hardware, applications or operating systems.

Leaving terminals or computers not in use connected to the network.

Use of Passwords that are easy to guess.

Malicious Programs such as Computer Viruses, Spyware and Malware

Risk Assessment Matrix

The risk assessment matrix helped in the determination of the possibility of the current security threats occurring, and their consequences. In order to show the probable damage that can result from the occurrence of a current threat, vulnerability is assigned a risk level that can be high, moderate, or even low. It was assumed that no controls have been put in place by ABC. Therefore, I used this matrix to analyze the security risks (Zack, 2010).

Table 2: Risk Assessment matrix

RISK ASSESSMENT MATRIX

VULNERABILITY AND POSSIBLE DAMAGE CONSEQUENCES

RISK OF MONETARY LOSS

RISK OF PRODUCTIVITY LOSS

RISK OF LOSS IN CUSTOMER CONFIDENCE

H

M

L

H

M

L

H

M

L

CONFIDENTIAL AND SENSITIVE INFORMATION

Unauthorized modification, disclosure and destruction of information

Inadvertent destruction or modification of information

Misdelivery or non-delivery of service

Degradation or denial of service

COMPUTER SOFTWARE (APPLICATIONS AND OPERATING SYSTEMS)

Unauthorized modification, disclosure and destruction of information

Inadvertent destruction or modification of information

Misdelivery or non-delivery of service

Degradation or denial of service

NETWORKS/COMMUNICATIONS

Unauthorized modification, disclosure and destruction of information

Inadvertent destruction or modification of information

Misdelivery or non-delivery of service

Degradation or denial of service

FACILITIES AND EQUIPMENT LIKE HARDWARE

Unauthorized modification, disclosure and destruction of information

Inadvertent destruction or modification of information

Misdelivery or non-delivery of service

Degradation or denial of service

PERSONNEL

Unauthorized modification, disclosure and destruction of information

Inadvertent destruction or modification of information

Misdelivery or non-delivery of service

Degradation or denial of service

Key:

H -- Stands for High

M -- Stands for Moderate

L -- Stands for Low

Table 3: Summary of the Risk Assessment

SUMMARY OF RISK ASSESSMENT TABLE

VULNERABILITY AREA

RISK CATEGORY

MONETARY LOSS

PRODUCTIVITY LOSS

LOSS OF CUSTOMER CONFIDENCE

GENERAL RISK

CONFIDENTIAL & SENSITIVE INFORMATION

H

H

H

H

COMPUTER SOFTWARE (Applications and OS)

H

H

H

H

NETWORKS/COMMUNICATIONS

H

H

H

H

FACILITIES & EQUIPMENT like Hardware

H

H

H

H

PERSONNEL

H

H

H

H

Key:

H -- Stands for High

Consequences/Damages Caused by Current Threats

There are three major consequences or damages that ABC Accounting Inc. can suffer as a result of the security threats it faces. These damages include:

Loss of money

Decrease or loss of productivity

Loss of customer confidence in the business

Solution to Threats Identified

Various possible threats to the security of ABC Accounting Inc. were identified as mentioned above. There are several solutions to these threats that can be implemented to ensure that in case they occur, the systems are not negatively affected in any way. The solutions are as described below:

Encryption

Encryption allows for the conversion of information to be transmitted in a format that is not comprehensible or human readable. It ensures that either in the form of text or voice, data is only read or heard by the intended persons and sent to the right destination or received by the intended recipient. It also ensures that data is not altered during transmission, whether it is voice or text. With encryption, recipients are also sure that the information they received is from trustworthy sources or persons, with genuine intentions. It makes use of a private and public key, stream cipher, block cipher, padding, as well as digital certificates for encryptions. The protocols used for encryption are Kerberos, Pretty Good Privacy (PGP), Internet Protocol Security (IPSec) and Secure Sockets Layer (SSL) (Zack, 2010).

There are two types of encryptions; asymmetric and symmetric key encryptions. DES and RSA encryption standards govern the encryption methods and techniques.

Authentication

In order to access network resources, users are required to identify themselves through a process known as authentication. Authentication of company systems can be realized through usernames and passwords for access to computers or network accounts and biometrics (such as fingerprints or retina scans) used in environments that have been critically sensitive and thus require high security. There are three types of authentications, namely: anonymous, basic and integrated windows. VPN and RAS network services make use of authentication protocols such as Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP) that uses MD5 hash algorithm, Microsoft Challenge Authentication Protocol (MS-CHAP) that uses the MD4 hash algorithm and Extensible Authentication Protocol (EAP) that uses public keys, Kerberos, digital certificates, RADIUS and smart card logon authentications (Anderson & Benedetti, 2009).

Authorization

Authentication authorizes or allows users to access resources depending on the permissions, privileges or rights granted to them. Permissions are an access level that grants users access to resources such as folders, files or objects, whereas rights are privileges given to users to perform any kind of task within an operating system.

User-level Security

User-level security gives an option for choosing a list of users who can access certain resources. This feature is found in Windows Server 2003/2008, Windows XP and Vista.

Share-level Security

This feature is found in older Windows OS like Windows 95 and 98; it allows for assignment of passwords to resources. This level is not just easy to implement, but also easy to maintain. User-level security is more popular and secure because it is very hard to control access in share-level security.

Firewalls

Firewalls are used to secure networks and systems through packet-filtering. They are configured to allow certain packets to pass through them to the networks being safeguarded; unwanted packets or those considered insecure are blocked from accessing the network. Normally at default, firewalls are configured to block all traffic or packets. Exceptions are then configured to allow the required or genuine traffic to pass through the firewall. There are three types of firewall configurations, namely: dual-homed host, screened host and screened subnet firewalls (Anderson & Benedetti, 2009).

There are three types of firewalls namely: packet-filtering, application-level and circuit-level. Each of these firewalls utilizes different approaches to security. Depending on the configuration of the firewall, packet-filtering types examine packets to determine the ones given an exception to gain access to the network. Application level firewalls operate at the presentation, application and session layers of the OSI levels; information is understood and monitored to ensure that it is safe, as part of verification. Although circuit-level are similar to application-level firewalls,… READ MORE