3. Outlined below are the processes involved in planning, building, and managing a network
security design to meet the requirements of IT Biz Solutions:
a. Conduct a security assessment:
Conducting a security assessment requires a thorough analysis of the organization's
frameworks, procedures, and physical structures to pinpoint any susceptibilities, dangers, and
deficiencies in its security status. This aids in the detection of possible security
vulnerabilities, evaluation of the current security measures' efficiency, and identification of
areas that necessitate enhancement.
a. Define security requirements:
To establish and maintain an acceptable level of security, determining the necessary
measures, controls, and functionalities is necessary. The process involves aligning security
objectives with the overall goals of the organization, identifying assets that need protection,
evaluating risks, and ensuring adherence to legal and regulatory requirements.
4. c.Analysis of threats and risks:
The procedure entails detecting potential hazards and evaluating the
associated risks to the network and data of the organization. This aids in
prioritizing security measures by determining the probability and
consequences of different threats, empowering the organization to
efficiently allocate resources.
d.Development of a network security policy:
A document called the network security policy details the regulations,
protocols, and practices that an organization follows in regards to
safeguarding their network. This sets up the structure for executing security
measures, determining user obligations, and guaranteeing adherence to
applicable guidelines. The protocol entails directives on how to regulate
access controls, respond to incidents, safeguard data, and utilize network
resources in an acceptable manner.
5. e.Risk management plan:
A plan for managing risk describes a set of tactics and measures to recognize,
evaluate, and diminish potential security vulnerabilities in an organization's
network. One must engage in the process of recognizing, classifying,
analyzing the possible consequences of threats, and creating measures to
lessen or relocate these risks. The strategy involves the incorporation of risk
control measures, consistent monitoring of risk levels, and routine
assessments of the risk management methodology.
f. The network architecture and processes:
Designing and executing the structural framework of the network is an
essential stage that is customized to match the security needs of the enterprise.
This involves determining partitions within the network, setting up safe areas,
and deciding where to position security tools such as firewalls, IDS, and VPNs.
The measures of dividing the network, regulating access, verifying identities,
and observing network activity are recorded and carried out.
6. ORGANISATION’S ASSETS THAT NEED PROTECTING
Network Equipment’s High
Servers and Data Centres High
Data and Information High
Software Applications and Systems Medium
Databases Medium
Communication Systems Medium
Intellectual Property and Trade Secrets Medium
Employee and Customer Personal Information Medium
Physical Facilities Low
Workstations and Laptops Low
Assets are categorized based on their importance and impact on the organization, with
high-value ones being critical to operations, reputation, and financial stability. Need
strong protection for security. Medium-value assets are important but less critical than
high-value assets. Low-value assets also need protection. Basic security measures should
be in place.
7. THREATS AND THEIR CORRESPONDING SYSTEM
VULNERABILITIES ARE:
1.Malware Attack:
System Vulnerability: Exploitation of Software Vulnerabilities
Explanation: Malware can exploit system weaknesses, such as
OS, apps, or network firmware. Attackers exploit
vulnerabilities to access unauthorized information, run harmful
code, or harm systems and data. Neglecting updates and
patches exposes systems to malware.
8. 2. Distributed Denial of Service (DDoS) Attacks:
System Vulnerability: Insufficient Network and Infrastructure Resilience
Explanation: Distributed Denial of Service (DDoS) attacks are a malicious form of
cyberattack that seek to inundate a targeted network or system with an excessive
amount of traffic. The intended outcome of this tactic is incapacitation, whereby the
targeted network or system is rendered inaccessible to users with legitimate access
privileges. This phenomenon can arise because of the susceptibility of inadequate
network and infrastructure durability. The exploit of said vulnerability is executed
through the utilization of botnets, which are networks of compromised devices, to
initiate extensive quantities of traffic directed towards a particular network or system.
In the event that an organization's network infrastructure fails to incorporate sufficient
protective mechanisms, such as traffic filtering, rate limiting, or scalable bandwidth
capacity, it becomes increasingly vulnerable to menacing Distributed Denial of
Service (DDoS) attacks.
9. 3. Phishing Attacks
System Vulnerability: Human Error and Lack of User Awareness
Explanation: Phishing attacks typically entail the deception of individuals by
posing as a trustworthy entity, with the ultimate objective of eliciting
sensitive information, including but not limited to user credentials, financial
data, and related particulars. Frequently, such malicious attacks transpire via
crafty emails, websites, or messages. The identified vulnerability is attributed
to human fallibility and a dearth of user consciousness whereby individuals
may inadvertently click on hazardous links, download corrupted attachments
or furnish attackers with sensitive information. Through the exploitation of
aforementioned vulnerability, malevolent actors can obtain illicit entrance to
networks, systems, and confidential data
10. Risk management plan
Threat
Level of
Risk Risk Control
Malware Attacks High In order to secure your system, it is essential to utilize strong antivirus and
antimalware software, keep all software updated and patched, and perform
frequent vulnerability scans and penetration tests to pinpoint and address any
potential security weaknesses.
Phishing Attacks Medium Smartly implement measures such as email filtering and spam detection,
educate employees on the identification and notification of phishing attempts,
and apply two-factor authentication to boost account security.
Distributed Denial
of Service (DDoS)
Attacks
High Safeguard against DDoS attacks by implementing mitigation services or
appliances, continuously observing network traffic and identifying any signs
of potential threats. In order to prevent the negative effects of DDoS attacks on
the network, it is wise to implement measures like limiting rates, filtering
traffic, or adopting diversion techniques, and working together with ISPs or
cloud-based DDoS protection services. Evaluate the effectiveness of DDoS
protection methods.