SlideShare une entreprise Scribd logo

Presentation1 A.pptx

Télécharger en tant que PPTX, PDF
R
RabinBidari

for engineering student

Ingénierie
1  sur  11
ICTNWK546 MANAGE NETWORK SECURITY Anuj Thapa
NETWORK SECURITY PLANNING To plan, build and manage a network security design
Outlined below are the processes involved in planning, building, and managing a network security design to meet the requirements of IT Biz Solutions: a. Conduct a security assessment: Conducting a security assessment requires a thorough analysis of the organization's frameworks, procedures, and physical structures to pinpoint any susceptibilities, dangers, and deficiencies in its security status. This aids in the detection of possible security vulnerabilities, evaluation of the current security measures' efficiency, and identification of areas that necessitate enhancement. a. Define security requirements: To establish and maintain an acceptable level of security, determining the necessary measures, controls, and functionalities is necessary. The process involves aligning security objectives with the overall goals of the organization, identifying assets that need protection, evaluating risks, and ensuring adherence to legal and regulatory requirements.
c.Analysis of threats and risks: The procedure entails detecting potential hazards and evaluating the associated risks to the network and data of the organization. This aids in prioritizing security measures by determining the probability and consequences of different threats, empowering the organization to efficiently allocate resources. d.Development of a network security policy: A document called the network security policy details the regulations, protocols, and practices that an organization follows in regards to safeguarding their network. This sets up the structure for executing security measures, determining user obligations, and guaranteeing adherence to applicable guidelines. The protocol entails directives on how to regulate access controls, respond to incidents, safeguard data, and utilize network resources in an acceptable manner.
e.Risk management plan: A plan for managing risk describes a set of tactics and measures to recognize, evaluate, and diminish potential security vulnerabilities in an organization's network. One must engage in the process of recognizing, classifying, analyzing the possible consequences of threats, and creating measures to lessen or relocate these risks. The strategy involves the incorporation of risk control measures, consistent monitoring of risk levels, and routine assessments of the risk management methodology. f. The network architecture and processes: Designing and executing the structural framework of the network is an essential stage that is customized to match the security needs of the enterprise. This involves determining partitions within the network, setting up safe areas, and deciding where to position security tools such as firewalls, IDS, and VPNs. The measures of dividing the network, regulating access, verifying identities, and observing network activity are recorded and carried out.
ORGANISATION’S ASSETS THAT NEED PROTECTING Network Equipment’s High Servers and Data Centres High Data and Information High Software Applications and Systems Medium Databases Medium Communication Systems Medium Intellectual Property and Trade Secrets Medium Employee and Customer Personal Information Medium Physical Facilities Low Workstations and Laptops Low Assets are categorized based on their importance and impact on the organization, with high-value ones being critical to operations, reputation, and financial stability. Need strong protection for security. Medium-value assets are important but less critical than high-value assets. Low-value assets also need protection. Basic security measures should be in place.
THREATS AND THEIR CORRESPONDING SYSTEM VULNERABILITIES ARE: 1.Malware Attack: System Vulnerability: Exploitation of Software Vulnerabilities Explanation: Malware can exploit system weaknesses, such as OS, apps, or network firmware. Attackers exploit vulnerabilities to access unauthorized information, run harmful code, or harm systems and data. Neglecting updates and patches exposes systems to malware.
2. Distributed Denial of Service (DDoS) Attacks:  System Vulnerability: Insufficient Network and Infrastructure Resilience  Explanation: Distributed Denial of Service (DDoS) attacks are a malicious form of cyberattack that seek to inundate a targeted network or system with an excessive amount of traffic. The intended outcome of this tactic is incapacitation, whereby the targeted network or system is rendered inaccessible to users with legitimate access privileges. This phenomenon can arise because of the susceptibility of inadequate network and infrastructure durability. The exploit of said vulnerability is executed through the utilization of botnets, which are networks of compromised devices, to initiate extensive quantities of traffic directed towards a particular network or system. In the event that an organization's network infrastructure fails to incorporate sufficient protective mechanisms, such as traffic filtering, rate limiting, or scalable bandwidth capacity, it becomes increasingly vulnerable to menacing Distributed Denial of Service (DDoS) attacks.
3. Phishing Attacks  System Vulnerability: Human Error and Lack of User Awareness Explanation: Phishing attacks typically entail the deception of individuals by posing as a trustworthy entity, with the ultimate objective of eliciting sensitive information, including but not limited to user credentials, financial data, and related particulars. Frequently, such malicious attacks transpire via crafty emails, websites, or messages. The identified vulnerability is attributed to human fallibility and a dearth of user consciousness whereby individuals may inadvertently click on hazardous links, download corrupted attachments or furnish attackers with sensitive information. Through the exploitation of aforementioned vulnerability, malevolent actors can obtain illicit entrance to networks, systems, and confidential data
Risk management plan Threat Level of Risk Risk Control Malware Attacks High In order to secure your system, it is essential to utilize strong antivirus and antimalware software, keep all software updated and patched, and perform frequent vulnerability scans and penetration tests to pinpoint and address any potential security weaknesses. Phishing Attacks Medium Smartly implement measures such as email filtering and spam detection, educate employees on the identification and notification of phishing attempts, and apply two-factor authentication to boost account security. Distributed Denial of Service (DDoS) Attacks High Safeguard against DDoS attacks by implementing mitigation services or appliances, continuously observing network traffic and identifying any signs of potential threats. In order to prevent the negative effects of DDoS attacks on the network, it is wise to implement measures like limiting rates, filtering traffic, or adopting diversion techniques, and working together with ISPs or cloud-based DDoS protection services. Evaluate the effectiveness of DDoS protection methods.
Thank you

Recommandé

Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxjeanettehully
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxtodd521
 
Simplifying IT Security for GDPR Compliance: Sharique M Rizvi
Simplifying IT Security for GDPR Compliance: Sharique M Rizvi Simplifying IT Security for GDPR Compliance: Sharique M Rizvi
Simplifying IT Security for GDPR Compliance: Sharique M Rizvi Sharique Rizvi
 
Understanding Vulnerability Assessment.pdf
Understanding Vulnerability Assessment.pdfUnderstanding Vulnerability Assessment.pdf
Understanding Vulnerability Assessment.pdf247 tech
 
Information Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfInformation Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfforladies
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdfSitamarhi Institute of Technology
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsSitamarhi Institute of Technology
 
Safety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docxSafety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docxAdeen Ali
 

Recommandé

Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxjeanettehully
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxtodd521
 
Simplifying IT Security for GDPR Compliance: Sharique M Rizvi
Simplifying IT Security for GDPR Compliance: Sharique M Rizvi Simplifying IT Security for GDPR Compliance: Sharique M Rizvi
Simplifying IT Security for GDPR Compliance: Sharique M Rizvi Sharique Rizvi
 
Understanding Vulnerability Assessment.pdf
Understanding Vulnerability Assessment.pdfUnderstanding Vulnerability Assessment.pdf
Understanding Vulnerability Assessment.pdf247 tech
 
Information Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfInformation Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfforladies
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdfSitamarhi Institute of Technology
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsSitamarhi Institute of Technology
 
Safety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docxSafety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docxAdeen Ali
 
46 102-112
46 102-11246 102-112
46 102-112idescitation
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimemuhammad awais
 
Network srcurity
Network srcurityNetwork srcurity
Network srcuritysheikhparvez4
 
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docxyoroflowproduct
 
Advanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfAdvanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfmanoharparakh
 
Advanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfAdvanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfmanoharparakh
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
Application security testing an integrated approach
Application security testing an integrated approachApplication security testing an integrated approach
Application security testing an integrated approachIdexcel Technologies
 
CC ss.pptx
CC ss.pptxCC ss.pptx
CC ss.pptxShakthiShakthi13
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management ProgramTripwire
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxNeilStark1
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfNeilStark1
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxNeilStark1
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Cloud computing
Cloud computing Cloud computing
Cloud computing ShakthiShakthi13
 
Webinar 2.1 - Network protection and devices.pptx
Webinar 2.1 - Network protection and devices.pptxWebinar 2.1 - Network protection and devices.pptx
Webinar 2.1 - Network protection and devices.pptxRoyMurillo4
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...IJNSA Journal
 
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...Mohammed Abdul Lateef
 
Vulenerability Management.pptx
Vulenerability Management.pptxVulenerability Management.pptx
Vulenerability Management.pptxThavaselviMunusamy1
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxfenichawla
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfankushspencer015
 

Contenu connexe

Similaire à Presentation1 A.pptx

chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimemuhammad awais
 
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docxyoroflowproduct
 
Advanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfAdvanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfmanoharparakh
 
Advanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfAdvanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfmanoharparakh
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
Application security testing an integrated approach
Application security testing an integrated approachApplication security testing an integrated approach
Application security testing an integrated approachIdexcel Technologies
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management ProgramTripwire
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxNeilStark1
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfNeilStark1
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxNeilStark1
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Webinar 2.1 - Network protection and devices.pptx
Webinar 2.1 - Network protection and devices.pptxWebinar 2.1 - Network protection and devices.pptx
Webinar 2.1 - Network protection and devices.pptxRoyMurillo4
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...IJNSA Journal
 
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...Mohammed Abdul Lateef
 

Similaire à Presentation1 A.pptx (20)

46 102-112
46 102-11246 102-112
46 102-112
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crime
 
Network srcurity
Network srcurityNetwork srcurity
Network srcurity
 
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
 
Advanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfAdvanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdf
 
Advanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfAdvanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdf
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptx
 
Application security testing an integrated approach
Application security testing an integrated approachApplication security testing an integrated approach
Application security testing an integrated approach
 
CC ss.pptx
CC ss.pptxCC ss.pptx
CC ss.pptx
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdf
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
Cloud computing
Cloud computing Cloud computing
Cloud computing
 
Webinar 2.1 - Network protection and devices.pptx
Webinar 2.1 - Network protection and devices.pptxWebinar 2.1 - Network protection and devices.pptx
Webinar 2.1 - Network protection and devices.pptx
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
 
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
 
Vulenerability Management.pptx
Vulenerability Management.pptxVulenerability Management.pptx
Vulenerability Management.pptx
 

Dernier

BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxfenichawla
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfankushspencer015
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfRagavanV2
 
chapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringchapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringmulugeta48
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTbhaskargani46
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdfKamal Acharya
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdfKamal Acharya
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfJiananWang21
 
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)simmis5
 

Dernier (20)

BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
 
AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
chapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringchapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineering
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
NFPA 5000 2024 standard .
NFPA 5000 2024 standard .NFPA 5000 2024 standard .
NFPA 5000 2024 standard .
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdf
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 

Presentation1 A.pptx

  • 2. NETWORK SECURITY PLANNING To plan, build and manage a network security design
  • 3. Outlined below are the processes involved in planning, building, and managing a network security design to meet the requirements of IT Biz Solutions: a. Conduct a security assessment: Conducting a security assessment requires a thorough analysis of the organization's frameworks, procedures, and physical structures to pinpoint any susceptibilities, dangers, and deficiencies in its security status. This aids in the detection of possible security vulnerabilities, evaluation of the current security measures' efficiency, and identification of areas that necessitate enhancement. a. Define security requirements: To establish and maintain an acceptable level of security, determining the necessary measures, controls, and functionalities is necessary. The process involves aligning security objectives with the overall goals of the organization, identifying assets that need protection, evaluating risks, and ensuring adherence to legal and regulatory requirements.
  • 4. c.Analysis of threats and risks: The procedure entails detecting potential hazards and evaluating the associated risks to the network and data of the organization. This aids in prioritizing security measures by determining the probability and consequences of different threats, empowering the organization to efficiently allocate resources. d.Development of a network security policy: A document called the network security policy details the regulations, protocols, and practices that an organization follows in regards to safeguarding their network. This sets up the structure for executing security measures, determining user obligations, and guaranteeing adherence to applicable guidelines. The protocol entails directives on how to regulate access controls, respond to incidents, safeguard data, and utilize network resources in an acceptable manner.
  • 5. e.Risk management plan: A plan for managing risk describes a set of tactics and measures to recognize, evaluate, and diminish potential security vulnerabilities in an organization's network. One must engage in the process of recognizing, classifying, analyzing the possible consequences of threats, and creating measures to lessen or relocate these risks. The strategy involves the incorporation of risk control measures, consistent monitoring of risk levels, and routine assessments of the risk management methodology. f. The network architecture and processes: Designing and executing the structural framework of the network is an essential stage that is customized to match the security needs of the enterprise. This involves determining partitions within the network, setting up safe areas, and deciding where to position security tools such as firewalls, IDS, and VPNs. The measures of dividing the network, regulating access, verifying identities, and observing network activity are recorded and carried out.
  • 6. ORGANISATION’S ASSETS THAT NEED PROTECTING Network Equipment’s High Servers and Data Centres High Data and Information High Software Applications and Systems Medium Databases Medium Communication Systems Medium Intellectual Property and Trade Secrets Medium Employee and Customer Personal Information Medium Physical Facilities Low Workstations and Laptops Low Assets are categorized based on their importance and impact on the organization, with high-value ones being critical to operations, reputation, and financial stability. Need strong protection for security. Medium-value assets are important but less critical than high-value assets. Low-value assets also need protection. Basic security measures should be in place.
  • 7. THREATS AND THEIR CORRESPONDING SYSTEM VULNERABILITIES ARE: 1.Malware Attack: System Vulnerability: Exploitation of Software Vulnerabilities Explanation: Malware can exploit system weaknesses, such as OS, apps, or network firmware. Attackers exploit vulnerabilities to access unauthorized information, run harmful code, or harm systems and data. Neglecting updates and patches exposes systems to malware.
  • 8. 2. Distributed Denial of Service (DDoS) Attacks:  System Vulnerability: Insufficient Network and Infrastructure Resilience  Explanation: Distributed Denial of Service (DDoS) attacks are a malicious form of cyberattack that seek to inundate a targeted network or system with an excessive amount of traffic. The intended outcome of this tactic is incapacitation, whereby the targeted network or system is rendered inaccessible to users with legitimate access privileges. This phenomenon can arise because of the susceptibility of inadequate network and infrastructure durability. The exploit of said vulnerability is executed through the utilization of botnets, which are networks of compromised devices, to initiate extensive quantities of traffic directed towards a particular network or system. In the event that an organization's network infrastructure fails to incorporate sufficient protective mechanisms, such as traffic filtering, rate limiting, or scalable bandwidth capacity, it becomes increasingly vulnerable to menacing Distributed Denial of Service (DDoS) attacks.
  • 9. 3. Phishing Attacks  System Vulnerability: Human Error and Lack of User Awareness Explanation: Phishing attacks typically entail the deception of individuals by posing as a trustworthy entity, with the ultimate objective of eliciting sensitive information, including but not limited to user credentials, financial data, and related particulars. Frequently, such malicious attacks transpire via crafty emails, websites, or messages. The identified vulnerability is attributed to human fallibility and a dearth of user consciousness whereby individuals may inadvertently click on hazardous links, download corrupted attachments or furnish attackers with sensitive information. Through the exploitation of aforementioned vulnerability, malevolent actors can obtain illicit entrance to networks, systems, and confidential data
  • 10. Risk management plan Threat Level of Risk Risk Control Malware Attacks High In order to secure your system, it is essential to utilize strong antivirus and antimalware software, keep all software updated and patched, and perform frequent vulnerability scans and penetration tests to pinpoint and address any potential security weaknesses. Phishing Attacks Medium Smartly implement measures such as email filtering and spam detection, educate employees on the identification and notification of phishing attempts, and apply two-factor authentication to boost account security. Distributed Denial of Service (DDoS) Attacks High Safeguard against DDoS attacks by implementing mitigation services or appliances, continuously observing network traffic and identifying any signs of potential threats. In order to prevent the negative effects of DDoS attacks on the network, it is wise to implement measures like limiting rates, filtering traffic, or adopting diversion techniques, and working together with ISPs or cloud-based DDoS protection services. Evaluate the effectiveness of DDoS protection methods.