Académique Documents
Professionnel Documents
Culture Documents
Student declaration
I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand
that making a false declaration is a form of malpractice.
Student’s signature
Grading grid
P1 P2 P3 P4 M1 M2 D1
1|Page
Nguyễn Phi Hùng GCH18211
Table of Contents
Introduction ................................................................................................................................................................................................................... 6
P1. Identify types of security risks to organizations. ................................................................................................................................................... 6
1.1. Computer virus ................................................................................................................................................................................................... 6
1.2. Rogue security software .................................................................................................................................................................................... 7
1.3. Trojan horses ...................................................................................................................................................................................................... 7
1.4. Adware and spyware ......................................................................................................................................................................................... 8
1.6. DOS and DDOS assault ..................................................................................................................................................................................... 10
1.7. Phishing ............................................................................................................................................................................................................ 12
1.8. Rootkit .............................................................................................................................................................................................................. 12
1.9. SQL Injection attack ......................................................................................................................................................................................... 13
1.10. Man-in-the-middle attacks ............................................................................................................................................................................ 14
*. An example of a recently publicized security breach ............................................................................................................................................ 15
P2. Organisational security procedures...................................................................................................................................................................... 16
2.1. Definition .......................................................................................................................................................................................................... 16
2.2. The Purpose of Security Procedures ................................................................................................................................................................ 17
M1. Method to assess and treat IT security risks. ..................................................................................................................................................... 18
P3. Identify the potential impact to IT security of incorrect configuration of firewall policies and third-party VPNs. .......................................... 18
P4. How different techniques can be implemented to improve network security. ................................................................................................. 20
4.1. DMZ .................................................................................................................................................................................................................. 20
4.1.1. Definition of DMZ ...................................................................................................................................................................................... 20
4.1.2. How DMZ works ........................................................................................................................................................................................ 20
4.1.3. Real situation............................................................................................................................................................................................. 21
2|Page
Nguyễn Phi Hùng GCH18211
4.2. Static IP ............................................................................................................................................................................................................. 21
4.2.1. Definition of static IP................................................................................................................................................................................. 21
4.2.2. How static IP works ................................................................................................................................................................................... 22
4.2.3. Real situation............................................................................................................................................................................................. 22
4.3. NAT – Network Address Translation ............................................................................................................................................................... 22
4.3.1. Definition of NAT....................................................................................................................................................................................... 22
4.3.2. How NAT works ......................................................................................................................................................................................... 23
4.3.3. Real situation............................................................................................................................................................................................. 23
M2. Three benefits of implement network monitoring systems with supporting reasons. .................................................................................... 24
2.1. Ensuring the system against hackers/attackers.............................................................................................................................................. 24
2.2. Keeping educated without in-house staff. ...................................................................................................................................................... 24
2.3. Advancing and checking the system................................................................................................................................................................ 24
D1. How a ‘trusted network’ can be part of a security system ................................................................................................................................. 24
Conclusion ................................................................................................................................................................................................................... 27
Presentation – Slides ................................................................................................................................................................................................... 27
References ................................................................................................................................................................................................................... 39
TABLE OF FIGURES
FIGURE 1 SHOWING COMPUTER VIRUS 6
FIGURE 2 SHOWING ROGUE SECURITY SOFTWARE 7
FIGURE 3 SHOWING SYMBOLIC OF TROJAN HORSE 8
FIGURE 4 SHOWING AN EXAMPLE OF SPYWARE - KEYLOGGER 9
FIGURE 5 SHOWING AN EXAMPLE OF ADWARE 9
FIGURE 6 SHOWING SYMBOLIC OF COMPUTER WORM 10
FIGURE 7 SHOWING HOW DOS AND DDOS ATTACKS 11
3|Page
Nguyễn Phi Hùng GCH18211
FIGURE 8 SHOWING COMPUTER PHISHING 12
FIGURE 9 DETAILS ROOTKIT 13
FIGURE 10 SHOWING ATTACK OVERVIEW OF SQL INJECTION ATTACK 14
FIGURE 11 SHOWING HOW MAN-IN-THE-MIDDLE ATTACKS WORK 15
FIGURE 12 ILLUTRATES THAT YAHOO! HAD BEEN HACKED 16
FIGURE 13 SHOWING HOW VPN WORKS 19
FIGURE 14 SHOWING DMZ NETWORK ARCHITECTURE 21
FIGURE 15 SHOWING THE DIFFERENCE BETWEEN DYNAMIC IP AND STATIC IP 22
FIGURE 16 SHOWING HOW NAT WORKS 23
FIGURE 17 SHOWING NETWORK ACCESS CONTROL 25
FIGURE 18 SHOWING SECURITY AUTOMATION 26
FIGURE 19 INTRODUCTION - SLIDE 27
FIGURE 20 TEN COMMON SECURITY RISKS - SLIDE 28
FIGURE 21 COMPUTER VIRUS - SLIDE 28
FIGURE 22 ROGUE SECURITY SOFTWARE - SLIDE 28
FIGURE 23 TROJAN HORSE - SLIDE 29
FIGURE 24 SPYWARE AND ADWARE - SLIDE 30
FIGURE 25 COMPUTER WORM - SLIDE 30
FIGURE 26 DOS AND DDOS ATTACK - SLIDE 31
FIGURE 27 PHISHING - SLIDE 31
FIGURE 28 ROOTKIT - SLIDE 32
FIGURE 29 SQL INJECTION ATTACK - SLIDE 32
FIGURE 30 MAN-IN-THE-MIDDLE ATTACKS - SLIDE 33
FIGURE 31 AN EXAMPLE OF PUBLICIZED SECURITY BREACH - SLIDE 33
FIGURE 32 DEFINITION OF SECURITY PROCEDURES - SLIDE 34
FIGURE 33 WHY SECURITY PROCEDURES ARE IMPORTANT - SLIDE 34
FIGURE 34 METHOD TO ACCESS AND TREAT IT SECURITY RISKS - SLIDE 35
FIGURE 35 THE POTENTAIL IMPACT TO IT SECURITY OF INCORRECT CONFIGURATION OF FIREWALL POLICIES AND THIRD-PARTY VPNS - SLIDE 35
FIGURE 36 DMZ - SLIDE 36
FIGURE 37 STATIC IP - SLIDE 36
FIGURE 38 NAT – NETWORK ADDRESS TRANSLATION - SLIDE 37
FIGURE 39 THE FIRST BENEFIT OF IMPLEMENT NETWORK MONITORING SYSTEMS - SLIDE 37
FIGURE 40 THE SECOND BENEFIT OF IMPLEMENT NETWORK MONITORING SYSTEMS - SLIDE 38
4|Page
Nguyễn Phi Hùng GCH18211
FIGURE 41 THE THIRD BENEFIT OF IMPLEMENT NETWORK MONITORING SYSTEMS - SLIDE 38
FIGURE 42 A TRUSTED NETWORK - SLIDE 39
5|Page
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
Introduction
T
he world is involving critically. Nowadays, many electronic devices have been used by humans.
They are everywhere and have become the most necessary thing in human life. These devices
are not only easy to use but also have many functions making life simpler. In the other hand,
technology involved in the bad side. More and more security threads come up when people using the
internet. Phone number, the web's history, even people's identity might be stolen for such purposes, etc.
IT security is important because threads are not something to play with. They are harmful to computers
or can bring great break down to organizations. With great awareness, NorthStar Secure carry the great
mission in the field of security, provide high protection and prevent thief identity. As a trainee IT Security
Specialist in NorthStar Secure, this report will include full details of IT security and ways to deal with it.
Source: www.google.com
6|Page
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
Programs that sneaky attach to another document or program and execute when that document or
program is opened. Interestingly, viruses may contain directions that reason issues running from showing
an irritating message to eradicating documents from a hard drive or making a computer crash over and
again. In some particular cases, viruses will spread from one computer to others. (Novetta Threat
Research Group. (2016, February 24). Operation Blockbuster: Destructive Malware Report.)
Source: www.google.com
Rogue security software is vindictive programming that deceives clients to accept there is a computer
infection introduced on their PC or that their safety efforts are not cutting-edge. At that point, they offer
to introduce or refresh clients' security settings. They'll either request that you download their program
to evacuate the claimed infections, or to pay for an instrument. The two cases lead to real malware being
installed on the computer. (securitytrails.com)
Figuratively, a "Trojan horse" alludes to fooling somebody into welcoming an assailant into a safely
secured zone. In computing, it holds a fundamentally the same as importance — a Trojan horse, or
7|Page
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
"Trojan," is a malevolent piece of assaulting code or programming fooling clients into running it eagerly,
by holing up behind a genuine program. (securitytrails.com)
Source: www.google.com
Spyware is a general term used to depict programming that furtively keeps an eye on clients by
gathering data without their assent.
8|Page
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
Source: www.google.com
Source: www.google.com
9|Page
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
Adware conveys promoting content in a way that is surprising and undesirable by the client. Once the
adware malware moves toward becoming installed, it regularly shows promoting pennants, popup
advertisements, or opens new internet browser windows aimlessly interims
(searchsecurity.techtarget.com)
Source: www.google.com
Computer worms are bits of malware programs that imitate rapidly and spread starting with one
computer then onto the next. A worm spreads from a tainted computer by sending itself to the majority
of the computer's contacts, at that point promptly to the contacts of others. Interestingly, they are not
constantly intended to cause hurt; there are worms that are made just to spread. Transmission of worms
is additionally regularly done by misusing programming vulnerabilities. (securitytrails.com)
10 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
A DoS assault is performed by one machine and its web association, by flooding a site with bundles and
making it incomprehensible for genuine clients to get to the substance of the overflowed site. Luckily,
you can't generally over-burden a server with a solitary other server or a computer any longer. In the
previous years, it hasn't been that normal in the event that anything, at that point by blemishes in the
convention.
Source: www.google.com
A DDoS assault, or appropriated forswearing of-administration assault, is like DoS yet is progressively
powerful. It's harder to conquer a DDoS assault. It's propelled from a few computers, and the number of
computers included can run from only a few them to thousands or significantly more. Since almost
certainly, not those machines have a place with the aggressor, they are undermined and added to the
assailant's system by malware. These computers can be circulated around the whole globe, and that
system of traded off computers is known as a botnet.
11 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
Since the assault originates from such a large number of various IP addresses all the while, a DDoS
assault is considerably harder for the unfortunate casualty to find and safeguard against.
(securitytrails.com)
1.7. Phishing
Phishing is a strategy for social designing with the objective of acquiring delicate information, for
example, passwords, usernames, Mastercard numbers.
Source: www.google.com
The assaults frequently come as texts or phishing messages intended to seem genuine. The beneficiary
of the email is then fooled into opening a vindictive connection, which prompts the establishment of
malware on the beneficiary's computer. It can likewise get individual data by sending an email that
seems, by all accounts, to be sent from a bank, requesting to check our personality by giving ceaselessly
your private data. (securitytrails.com)
1.8. Rootkit
12 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
A rootkit is a gathering of programming apparatuses that empowers remote control and organization
level access over a computer or its systems. When remote access is acquired, the rootkit can play out
various malignant activities; they come furnished with keyloggers, secret key stealers and antivirus
disablers.
Source: www.google.com
Rootkits are introduced by stowing away in genuine programming: when people offer authorization to
that product to make changes to their OS, the rootkit installs itself in their PC and trusts that the program
will actuate it. Different methods for rootkit circulation incorporate phishing messages, malignant
connections, documents, and downloading programming from suspicious sites. (Microsoft. (n.d.). Secure
the Windows 8.1 boot process.)
SQL infusion assaults are intended to target information-driven applications by abusing security
vulnerabilities in the application's product. They utilize the pernicious code to get private information,
change and even decimate that information and can venture to void exchanges on sites. It has rapidly
turned out to be a standout amongst the most perilous security issues for information privacy. You can
13 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
peruse more on the historical backdrop of SQL infusion assaults to all the more likely comprehend the
danger it postures to cybersecurity. (securitytrails.com)
Source: www.google.com
Man-in-the-middle attacks are cybersecurity assaults that enable the aggressor to listen stealthily on the
correspondence between two targets. It can tune in to correspondence which should, in typical settings,
be private. (www.imperva.com)
For instance, a man-in-the-center assault happens when the assailant needs to capture correspondence
between individual An an individual B. Individual A sends their open key to individual B, however, the
aggressor blocks it and sends a fashioned message to individual B, speaking to themselves as A, yet
rather, it has the assailants open key. B trusts that the message originates from individual An and
scrambles the message with the assailants open key, sends it back to A, yet aggressor again catches this
message, opens the message with private key, conceivably modifies it, and re-encodes it utilizing the
14 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
open key that was right off the bat given by individual A. Once more, when the message is moved back
to individual A, they trust it originates from individual B, and along these lines, we have an aggressor in
the center that spies the correspondence between two targets.
Source: www.google.com
15 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
Source: www.google.com
A few months after the fact, in December, it covered that prior record with the exposure that a rupture
in 2013, by an alternate gathering of programmers had bargained 1 billion records. Other than names,
dates of birth, email locations, and passwords that were not too ensured as those associated with 2014,
security questions and answers were additionally traded off. In October of 2017, Yahoo amended that
gauge, saying that, truth be told, every one of the 3 billion client records had been undermined.
The ruptures thumped an expected $350 million off Yahoo's deal cost. Verizon, in the end, paid $4.48
billion for Yahoo's center Internet business. The understanding required the two organizations to share
administrative and lawful liabilities from the ruptures. The deal did exclude a revealed interest in Alibaba
Group Holding of $41.3 billion and a possession enthusiasm for Yahoo Japan of $9.3 billion.
(www.csoonline.com)
2.1. Definition
Security procedures are nitty gritty step-by-step guidelines on the most proficient method to execute,
empower, or authorize security controls as listed from your association's security approaches. Security
procedures should cover the huge number of equipment and programming parts supporting your
business forms just as any security-related business forms themselves. (linfordco.com)
16 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
The reason for security methods is to guarantee consistency in the usage of security control or execution
of a security significant business process. They are to be pursued each time the control should be
actualized or the security important business procedure pursued. Here is a similarity. As a feature of each
flying machine flight, the pilot will pursue a pre-flight agenda. Basically, they do it to guarantee that the
flying machine is prepared to fly and to do everything conceivable to guarantee a sheltered flight. Despite
the fact that pilots may have flown a large number of hours, regardless they pursue the agenda. Following
the agenda guarantees consistency of conduct every single time. Despite the fact that they may have
executed the agenda many occasions, there is a hazard in depending on memory to execute the agenda
as there could be some diversion that makes them overlook or disregard a basic advance.
Much like pre-flight agendas, security methodology manages the individual executing the technique to a
normal result. One model is server solidifying. Despite the fact that a framework head has manufactured
and solidified many servers, the method to solidify the server still should be pursued to guarantee the
server is solidified effectively and to a dimension that still permits operability with the arrangement of
which it is a section. In the event that the solidifying method isn't pursued, the framework manager could
forget a stage that outcomes in an inadmissible presentation of the server or information. The best choice
is robotized the solidifying system through contents or other computerization devices. This will
guarantee the steady execution of the solidifying "procedure."
Every company running businesses over the world need to follow these policies and procedures:
• Security policy
Looking at Humans resources policy that personnel management can highly relate to security. This
includes all pre-employment, employee maintenance, post-employment. Each employee plays an
important part in running a company. If one employee is no longer working for that company, there will
be some policies were set so that private data of the company can not be leaked. That could be rejecting
email of pre-employment, making they promise not to tell the company's secrets
17 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
1. Identify risks
2. Analyze risks
3. Evaluate risks
Besides the above, there are other ways that are simple but very effective:
P3. Identify the potential impact to IT security of incorrect configuration of firewall policies and third-
party VPNs.
18 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
VPN represents Virtual Private Network which aides in averting the information break. It is a sort of the
network which once empowered keeps the information that is shared over the system encoding. This
the system builds up a safe association between the gadgets, on which the information is shared.
Source: www.google.com
A firewall can be characterized as a gadget that is introduced to monitor the traffic visiting or getting to
the information, checking if the client is approved to get to the system or not. According to the guidelines
set or structured, the firewall can permit or square unapproved clients from getting to the network.
If the configuration is not corrected, there could be a security breach that may lead to the case that
private file could be stolen.
• There might lead to a data breach by creating a hole in the network and the third person could take
advantage of that breach and steal the sensitive files
19 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
In the event that a superior arranged risk entertainer can get past the primary firewall, they should then
increase unapproved access to those administrations before they can do any harm, and those
frameworks are probably going to be solidified against such assaults.
20 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
Source: searchsecurity.techtarget.com
At long last, expecting that a well-resourced risk on-screen character can rupture the outer firewall and
assume control over a framework facilitated in the DMZ, they should even now get through the internal
firewall before they can achieve delicate venture assets. While even the best-verified DMZ engineering
can be ruptured by a decided aggressor, a DMZ enduring an onslaught should set off cautions, giving
security experts enough cautioning to deflect a full break of their association.
4.2. Static IP
4.2.1. Definition of static IP
A static IP address is an IP address that was physically designed for a gadget, versus one that was doled
out through a DHCP server. It's called static since it doesn't change. (www.lifewire.com)
21 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
Source: www.google.com
On the other hand, if the server were doled out a dynamic IP address, it would change infrequently which
would keep your switch from knowing which computer on the network in the right server. People can
use the static IP address to host private file or FTP server, host a private website or domain name server
or even a chat server.
22 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
Source: www.google.com
When a framework from outside the system has been permitted to get to a computer inside the system,
the IP address is then deciphered from the router's address to the computer's one of a kind address. The
address is found in a "NAT table" that characterizes the interior IP addresses of computers on the system.
The NAT table likewise characterizes the worldwide address seen by computers outside the network.
Despite the fact that every computer inside the local network has a particular IP address, outer
frameworks can possibly observe one IP address when interfacing with any of the computers inside the
network.
23 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
M2. Three benefits of implement network monitoring systems with supporting reasons.
2.1. Ensuring the system against hackers/attackers.
System checking frameworks can recognize suspicious traffic, in this way enabling proprietors to act
quick. A system checking administration can give an expansive review of an SMB's whole IT framework
so nothing is missed. Today, misuses are increasingly complex and progressed and can focus on a
framework in an assortment of ways. Checking antivirus and firewall arrangements independently may
leave security holes.
• Authentication: the policy of using is a must if the user wants to log into the system
24 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
• Private network: VPA is Virtual Private Network ought to be designed in a Trusted system in
request to control the traffic and to distinguish the unapproved clients for getting to the
information.
• Firewall: deny the traffic of the public network to enter the information of private network
• Encryption: in order to prevent the third people to see the information that information must be
encrypted and enclosed.
Moreover, a trusted network connect has the policy decision points use a standard protocol named IF-
PEP to talk to the policy enforcement points for each network. Security automation, on the other hand,
operates by having all our security systems share information through standard protocols so they can
provide automated analysis and response.
Source: www.google.com
25 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
Information is shared through a common protocol named IF-MAP. The security systems use IF-MAP to
store information in a database called a metadata access point and to query that database or subscribe
to changes to a specific record. For example, a policy decision point can share information about a user
who is logged into the network and subscribe to any events pertaining to that user. If the user starts
attacking other people, a network intrusion detection system can publish an event about the problem
and the policy decision point will be notified via the IF-MAP protocol. Then the policy decision point can
tell the policy enforcement point to quarantine that user.
Source: www.google.com
The attackers are automated, always stand a chance to steal something from us. That is why we need
to be secured and why a security system needs a trusted network.
26 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
Conclusion
In conclusion, the world is a dangerous place. Everyone could be the enemy who will possibly steal data
from our information. That is why we need to truly understand what is basic about security in order to
protect our personal life. Furthermore, security may be a useful weapon in running a business in the near
future.
Presentation – Slides
27 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
28 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
29 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
30 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
31 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
32 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
33 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
34 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
Figure 35 The potentail impact to IT security of incorrect configuration of firewall policies and third-
party VPNs - slide
35 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
36 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
37 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
38 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
References
Microsoft. (n.d.). Secure the Windows 8.1 boot process, viewed June 7 2019
Novetta Threat Research Group. (2016, February 24). Operation Blockbuster: Destructive Malware
Report, viewed June 7 2019
Securitytrails, Top 10 common network security threats explained, viewed June 7 2019, from
https://securitytrails.com/blog/top-10-common-network-security-threats-explained
Searchsecurity, Ten ways to prevent insider secutity threats, viewed June 7 2019, from
https://searchsecurity.techtarget.com/feature/Ten-ways-to-prevent-insider-security-threats
Attack.mitre, Bootkit, viewed June 7 2019, from https://attack.mitre.org/techniques/T1067/
Csoonline, The biggest data breaches of the 21st century, viewed June 7 2019, from
https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html
Linfordco, Security procedures, viewed June 7 2019, from https://linfordco.com/blog/security-
procedures/
Imperva, Man-in-the-middle-attack, viewed June 7 2019, from
https://www.imperva.com/learn/application-security/man-in-the-middle-attack-mitm/
39 | P a g e
Nguyễn Phi Hùng GCH18211
Assignment 1: Security
40 | P a g e
Nguyễn Phi Hùng GCH18211