TASK 04

1. Compile a case study response to the scenario

outlined, which:

identifies the type of workgroup computer network

required
First we need to build an internal LAN network , Secondary in the establishment of an
external WAN network
The following picture shows the picture
 identifies the equipment and software required

1 18 computer host (equipment)

2 19 computer screen (equipment)

3 19 mouse & 19keyboard (equipment)

4 1 server (equipment)
5 4 router (equipment)

6 1 firewall (software)

7 firewall (office software)

A. Microsoft windows

B. Microsoft Word

C. Microsoft Excel

D. Microsoft PowerPoint

E. Google chrome
 outlines the data management and security measures
to be implemented
1. Physical security

Physical security describes security measures that are designed to deny unauthorized access
to facilities, equipment and resources, and to protect personnel and property from damage or
harm (such asespionage , theft, or terrorist attacks).[1] Physical security involves the use of
multiple layers of interdependent systems which include CCTV surveillance, security
guards, protective barriers, locks, access control protocols, and many other techniques.

2. Data security

Data security means protecting data, such as a database, from destructive forces and from the
unwanted actions of unauthorized users.

Data security technologies

Disk encryption

Disk encryption refers to encryption technology that encrypts data on a hard disk drive. Disk
encryption typically takes form in either software (see disk encryption software) or hardware
(see disk encryption hardware). Disk encryption is often referred to as on-the-fly
encryption (OTFE) or transparent encryption.

Software versus hardware-based mechanisms for protecting data

Software-based security solutions encrypt the data to protect it from theft. However, a malicious
program or a hacker could corrupt the data in order to make it unrecoverable, making the system
unusable. Hardware-based security solutions can prevent read and write access to data and
hence offer very strong protection against tampering and unauthorized access.

Hardware based security or assisted computer security offers an alternative to software-only

computer security. Security tokens such as those using PKCS#11 may be more secure due to
the physical access required in order to be compromised. Access is enabled only when the token
is connected and correct PIN is entered (see two-factor authentication). However, dongles can
be used by anyone who can gain physical access to it. Newer technologies in hardware-based
security solves this problem offering full proof security for data.

Working of hardware-based security: A hardware device allows a user to log in, log out and set
different privilege levels by doing manual actions. The device uses biometric technology to
prevent malicious users from logging in, logging out, and changing privilege levels. The current
state of a user of the device is read by controllers in peripheral devices such as hard disks. Illegal
access by a malicious user or a malicious program is interrupted based on the current state of a
user by hard disk and DVD controllers making illegal access to data impossible. Hardware-based
access control is more secure than protection provided by the operating systems as operating
systems are vulnerable to malicious attacks by viruses and hackers. The data on hard disks can
be corrupted after a malicious access is obtained. With hardware-based protection, software
cannot manipulate the user privilege levels. It is impossible for a hacker or a malicious program
to gain access to secure data protected by hardware or perform unauthorized privileged
operations. This assumption is broken only if the hardware itself is malicious or contains a
backdoor.[2] The hardware protects the operating system image and file system privileges from
being tampered. Therefore, a completely secure system can be created using a combination of
hardware-based security and secure system administration policies.

Backups

Backups are used to ensure data which is lost can be recovered from another source. It is
considered essential to keep a backup of any data in most industries and the process is
recommended for any files of importance to a user.

Data masking

Data masking of structured data is the process of obscuring (masking) specific data within a
database table or cell to ensure that data security is maintained and sensitive information is not
exposed to unauthorized personnel. This may include masking the data from users (for example
so banking customer representatives can only see the last 4 digits of a customers national
identity number), developers (who need real production data to test new software releases but
should not be able to see sensitive financial data), outsourcing vendors, etc.

Data erasure

Data erasure is a method of software-based overwriting that completely destroys all electronic
data residing on a hard drive or other digital media to ensure that no sensitive data is leaked
when an asset is retired or reused...

International laws and standards

International laws

In the UK, the Data Protection Act is used to ensure that personal data is accessible to those
whom it concerns, and provides redress to individuals if there are inaccuracies. [5] This is
particularly important to ensure individuals are treated fairly, for example for credit checking
purposes. The Data Protection Act states that only individuals and companies with legitimate and
lawful reasons can process personal information and cannot be shared. Data Privacy Day is an
international holiday started by the Council of Europe that occurs every January 28.[6]
International standards

The international standards ISO/IEC 27001:2013 and ISO/IEC 27002:2013 covers data security
under the topic of information security, and one of its cardinal principles is that all stored
information, i.e. data, should be owned so that it is clear whose responsibility it is to protect and
control access to that data.

The Trusted Computing Group is an organization that helps standardize computing security
technologies.

The Payment Card Industry Data Security Standard is a proprietary international information
security standard for organizations that handle cardholder information for the major debit, credit,
prepaid, e-purse, ATM and POS cards.

Industry and software

There are several data security software available to be used by consumers and one of the most
used data security software with a U.S issued patent is Folder Lock.

3. Program safe

Software system safety

From Wikipedia, the free encyclopedia

In software engineering, software system safety optimizes system safety in the design,
development, use, and maintenance of software systems and their integration with safety-critical
hardware systems in an operational environment.

Overview
Software system safety,an element of the total safety and software development program, cannot
be allowed to function independently of the total effort. Both simple and highly integrated multiple
systems are experiencing an extraordinary growth in the use of computers and software to
monitor and/or control safety-critical subsystems or functions. A software specification error,
design flaw, or the lack of generic safety-critical requirements can contribute to or cause a
system failure or erroneous human decision. To achieve an acceptable level of safety for
software used in critical applications, software system safety engineering must be given primary
emphasis early in the requirements definition and system conceptual design process. Safety-
critical software must then receive continuous management emphasis and engineering analysis
throughout the development and operational lifecycles of the system. Software system safety is
directly related to the more critical design aspects and safety attributes in software and system
functionality, whereas software quality attributes are inherently different and require standard
scrutiny and development rigor. Level of Rigor (LOR) is a graded approach to software quality
and software design assurance as a pre-requisite that a suitable software process is followed for
confidence. LOR concepts and standards such as DO-178C are NOT a substitute for software
safety. Software safety per IEEE STD-1228 and MIL-STD-882E focuses on ensuring explicit
safety requirements are met and verified using functional approaches from a safety requirements
analysis and test perspective. Software safety hazard analysis required for more complex
systems where software is controlling critical functions generally are in the following sequential
categories and are conducted in phases as part of the system safety or safety engineering
process: software safety requirements analysis; software safety design analyses (top level,
detailed design and code level); software safety test analysis, and software safety change
analysis. Once these "functional" software safety analyses are completed the software
engineering team will know where to place safety emphasis and what functional threads,
functional paths, domains and boundaries to focus on when designing in software safety
attributes to ensure correct functionality and to detect malfunctions, failures, faults and to
implement a host of mitigation strategies to control hazards. Software security and various
software protection technologies are similar to software safety attributes in the design to mitigate
various types of threats vulnerability and risks. Deterministic software is sought in the design by
verifying correct and predictable behavior at the system level.

Goals
Safety consistent with mission requirements, is designed into the software in a timely,
cost effective manner.

On complex systems involving many interactions safety-critical functionality should be

identified and thoroughly analyzed before deriving hazards and design safeguards for
mitigations.

Safety-critical functions lists and preliminary hazards lists should be determined

proactively and influence the requirements that will be implemented in software.

Contributing factors and root causes of faults and resultant hazards associated with the
system and its software are identified, evaluated and eliminated or the risk reduced to an
acceptable level, throughout the lifecycle.

Reliance on administrative procedures for hazard control is minimized.

The number and complexity of safety critical interfaces is minimized.

The number and complexity of safety critical computer software components is

minimized.

Sound human engineering principles are applied to the design of the software-user
interface to minimize the probability of human error.

Failure modes, including hardware, software, human and system are addressed in the
design of the software.

Sound software engineering practices and documentation are used in the development of
the software.

Safety issues and safety attributes are addressed as part of the software testing effort at
all levels.
 Software is designed for human machine interface, ease of maintenance and
modification or enhancement

Software with safety-critical functionality must be thoroughly verified with objective

analysis and preferably test evidence that all safety requirements have been met per
established criteria.

describes the training required for users, including

any required skills audit

Basic instrumental software applications such as Microsoft

Instruments software.

outlines a timeline for establishment of the

workgroup computer network
Hardware installation for 3 days

Hardware equipment test 1 day

Network equipment installed for 1 day

Network equipment test 1 day

Software installation for 1 day

Software test for 1 day

Overall run test for 2 days

The installation is complete (total 10

day)
Estimates the costs for establishment of the workgroup
computer network.