This assessment is designed to assess your technical skills in investigation IS security, risk threats and management to an organization. The assessment is also assessing your skills to evaluate risk...

1 answer below »
needs everything


This assessment is designed to assess your technical skills in investigation IS security, risk threats and management to an organization. The assessment is also assessing your skills to evaluate risk management techniques and IS auditing. You are required to select an organization that uses information systems to perform daily business operations. You have to identify the most valuable assets for the organisations and investigate the security threats and mitigation techniques. You have also to propose/evaluate the risk management techniques adopted by the selected organization to ensure the reliability, confidentiality, availability, and integrity. You have also to discuss audit plan and processes used by the organization and investigate the impact of human factors on security and risk management. Task Specifications This assessment includes two tasks as follows: Task-1: Each student should select an organisation. The organization must provide information systems services to the staff and customers. You have to write a report to answer the followings related to the selected organization: 1. Network devices are highly vulnerable and can be exposed. Discuss two types of threats against network routers/switches of the selected organization. Illustrate how these devices are vulnerable to destruction and abuse. 2. Propose with justification two types of network security devices can be used to control security and mitigate threats related to the web and email servers. 3. Assume the organization used Windows server 2016 to host the organization web site. Discuss how the organization can ensure the availability of the web service using windows server 2016. 4. Discuss the impact of employee on information security of the selected organization. Provide risk management recommendation to reduce the risk of employee. 5. Windows server 2016 supported with different tools for auditing. Illustrate windows server 2016 auditing tools and discuss how they can be used by the selected organization to monitor and analyzing the web server and email server problems. You may need to make some assumptions with the required justifications. Task-2: Use the online encryption tool at: https://www.tools4noobs.com/online_tools/encrypt to encrypt your student ID and name using Data Encryption Standard (DEC) according to the following table: Table 1: Encryption student details using DEC Item Setting/results Key SBM4304 Algorithm Data Encryption Standard Mode CBC Encode the output using Base64 Text to encrypt {student ID: student name} Encrypted with dec (Results) {Encrypted text} You have to replace: • {Student ID:Student name} with your student ID and your name • {Encrypted text} with the encrypted text In your report, you have to provide: 1. Table-1 with completed fields with a support of screenshot of encryption website. 2. Screenshot demonstrate the verification of your work by decrypting the cipher obtain in Table-1 using: https://www.tools4noobs.com/online_tools/decrypt/ Please note you have to use Harvard reference style and the report should be submitted as a Word file.
Answered Same DayApr 22, 2021SBM4304

Answer To: This assessment is designed to assess your technical skills in investigation IS security, risk...

Amit answered on Apr 30 2021
147 Votes
Title of the assignment:
Student’s name:
Professor’s name:
Course title:
Date:
Table of Contents
1.    Task 1    3
2.    Introduction    3
3.    Threats to network switches/routers and destruction methods    3
4.    Security devices mitigating threats to email and web server    5
5.    Ensuring web service availability with Windows server 2016    5
6.    Impact on information security from organizational employees    6
7.    Recommendations to organizational employees for reducing risks    7
8.    Auditing tools of Windo
ws server 2016 and problem analysis for email and web server    8
9.    Task 2    9
10.    Encryption and decryption    9
11.    Conclusion    11
12.    References:    13
1. Task 1
2. Introduction
The network security is most fundamental requirement of modern IT world based organizations and these organizations makes implementation of different devices to mitigate the security threats on their used servers. The Amazon is the selected organization which is making this report. The Windows server 2016 is used by most of the organizations for solving their database, web and other requirements. The availability of web server defines the end availability for all organizations. The implementation of used IS mechanism has huge impact on organizational employees. Making certain recommendations for reducing risks to employees will help organizations to ensure required security for them. The implementation of window server associates auditing tools implementation for organizations. These auditing tools of window server can easily analyze the problems for email and web servers used in the organization.
3. Threats to network switches/routers and destruction methods
The Amazon is an IT organization which is completely doing its business from the developed infrastructure. The occurred vulnerabilities to used network devices make them easily explored for threats. To enter in any organizational network most of the hackers use switches or routers as the easy gateway of organizational network. There are different types of threats possible to used switches or routers in Amazon network. The most commonly occurred threats to switches and routers used in Amazon network are of following types:
1. Hijacking: The hijacking of routers and switches with falsified IP address and its packets is mostly done by attackers. Hacker’s makes predictions of sequence numbers of possible IP assigned to any switch or router through IP spoofing and makes alteration in it for making unauthorized access. The death attack, session hijacking, replay attack, eavesdropping and unauthorized attacks are most common attacks in this type.
2. Protocol based attacks: The routers and switches works on bases of different implemented protocols. These protocols help these devices to maintain their availability and reliability. Hackers make attacks on used routing protocols in these devices. By attacking the routing protocol, the complete information related to any data packets route is obtained by hackers and they can easily make changes in their routes.
For destruction of these attacks on switches and routers, different methods are used. These methods are automatically invoked when any possibility of network attack is occurred. The most commonly used destruction methods by such devices for avoiding any attack on them are:
1. When any attack is observed by such devices, then, complete route implemented on these devices is diverted for all passing data packets. The attacked switch or router becomes dead and stop working to make any active part in networking tasks. By doing so, the attacker becomes limited to that specific device only and any other network component is not attacked. The working tasks of attacked devices can be managed by other used similar devices in that network.
2. The fragmentation of IP is also done by such devices to avoid any possible attack. By doing so, the filtering of traffic on router or switch is performed. The used layer 3 and 4 in these devices performs deny or permit action based on the performed fragmentations. Any data packet sent by attacker will be non-fragmented them, it can easily be detected by layer 4 of these devices and can easily be destructed.
4. Security devices mitigating threats to email and web server
The security of email and web server is most important task to Amazon and Amazon makes use of different devices to avoid any possible attack. For controlling the security and mitigating any occurred attack on network security, following types of devices can be used by Amazon:
1. Firewall: The first defense line to Amazon network is its firewalls. The used firewall makes implementation of black listing and white listing policies for mitigating any occurred threat to email and web server of Amazon. Amazon makes use of different types of firewalls which works on packet filtering (source and destination address of incoming data packets is analyzed), filtering of data packets based on their...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here