Security

Qualification BTEC Level 5 HND Diploma in Computing
Unit number and title Unit 5: Security
Submission date Date Received 1st submission
Re-submission Date Date Received 2nd submission
Student Name Nguyễn Phi Hùng Student ID GCH18211
Class GCH0711 Assessor name Michael Omar
Student declaration
I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand
that making a false declaration is a form of malpractice.
Student’s signature
Grading grid
P1 P2 P3 P4 M1 M2 D1
1|Page
Nguyễn Phi Hùng GCH18211
Table of Contents
Introduction ................................................................................................................................................................................................................... 6
P1. Identify types of security risks to organizations. ................................................................................................................................................... 6
1.1. Computer virus ................................................................................................................................................................................................... 6
1.2. Rogue security software .................................................................................................................................................................................... 7
1.3. Trojan horses ...................................................................................................................................................................................................... 7
1.4. Adware and spyware ......................................................................................................................................................................................... 8
1.6. DOS and DDOS assault ..................................................................................................................................................................................... 10
1.7. Phishing ............................................................................................................................................................................................................ 12
1.8. Rootkit .............................................................................................................................................................................................................. 12
1.9. SQL Injection attack ......................................................................................................................................................................................... 13
1.10. Man-in-the-middle attacks ............................................................................................................................................................................ 14
*. An example of a recently publicized security breach ............................................................................................................................................ 15
P2. Organisational security procedures...................................................................................................................................................................... 16
2.1. Definition .......................................................................................................................................................................................................... 16
2.2. The Purpose of Security Procedures ................................................................................................................................................................ 17
M1. Method to assess and treat IT security risks. ..................................................................................................................................................... 18
P3. Identify the potential impact to IT security of incorrect configuration of firewall policies and third-party VPNs. .......................................... 18
P4. How different techniques can be implemented to improve network security. ................................................................................................. 20
4.1. DMZ .................................................................................................................................................................................................................. 20
4.1.1. Definition of DMZ ...................................................................................................................................................................................... 20
4.1.2. How DMZ works ........................................................................................................................................................................................ 20
4.1.3. Real situation............................................................................................................................................................................................. 21
2|Page
4.2. Static IP ............................................................................................................................................................................................................. 21
4.2.1. Definition of static IP................................................................................................................................................................................. 21
4.2.2. How static IP works ................................................................................................................................................................................... 22
4.2.3. Real situation............................................................................................................................................................................................. 22
4.3. NAT – Network Address Translation ............................................................................................................................................................... 22
4.3.1. Definition of NAT....................................................................................................................................................................................... 22
4.3.2. How NAT works ......................................................................................................................................................................................... 23
4.3.3. Real situation............................................................................................................................................................................................. 23
M2. Three benefits of implement network monitoring systems with supporting reasons. .................................................................................... 24
2.1. Ensuring the system against hackers/attackers.............................................................................................................................................. 24
2.2. Keeping educated without in-house staff. ...................................................................................................................................................... 24
2.3. Advancing and checking the system................................................................................................................................................................ 24
D1. How a ‘trusted network’ can be part of a security system ................................................................................................................................. 24
Conclusion ................................................................................................................................................................................................................... 27
Presentation – Slides ................................................................................................................................................................................................... 27
References ................................................................................................................................................................................................................... 39
TABLE OF FIGURES
FIGURE 1 SHOWING COMPUTER VIRUS 6
FIGURE 2 SHOWING ROGUE SECURITY SOFTWARE 7
FIGURE 3 SHOWING SYMBOLIC OF TROJAN HORSE 8
FIGURE 4 SHOWING AN EXAMPLE OF SPYWARE - KEYLOGGER 9
FIGURE 5 SHOWING AN EXAMPLE OF ADWARE 9
FIGURE 6 SHOWING SYMBOLIC OF COMPUTER WORM 10
FIGURE 7 SHOWING HOW DOS AND DDOS ATTACKS 11
3|Page
FIGURE 8 SHOWING COMPUTER PHISHING 12
FIGURE 9 DETAILS ROOTKIT 13
FIGURE 10 SHOWING ATTACK OVERVIEW OF SQL INJECTION ATTACK 14
FIGURE 11 SHOWING HOW MAN-IN-THE-MIDDLE ATTACKS WORK 15
FIGURE 12 ILLUTRATES THAT YAHOO! HAD BEEN HACKED 16
FIGURE 13 SHOWING HOW VPN WORKS 19
FIGURE 14 SHOWING DMZ NETWORK ARCHITECTURE 21
FIGURE 15 SHOWING THE DIFFERENCE BETWEEN DYNAMIC IP AND STATIC IP 22
FIGURE 16 SHOWING HOW NAT WORKS 23
FIGURE 17 SHOWING NETWORK ACCESS CONTROL 25
FIGURE 18 SHOWING SECURITY AUTOMATION 26
FIGURE 19 INTRODUCTION - SLIDE 27
FIGURE 20 TEN COMMON SECURITY RISKS - SLIDE 28
FIGURE 21 COMPUTER VIRUS - SLIDE 28
FIGURE 22 ROGUE SECURITY SOFTWARE - SLIDE 28
FIGURE 23 TROJAN HORSE - SLIDE 29
FIGURE 24 SPYWARE AND ADWARE - SLIDE 30
FIGURE 25 COMPUTER WORM - SLIDE 30
FIGURE 26 DOS AND DDOS ATTACK - SLIDE 31
FIGURE 27 PHISHING - SLIDE 31
FIGURE 28 ROOTKIT - SLIDE 32
FIGURE 29 SQL INJECTION ATTACK - SLIDE 32
FIGURE 30 MAN-IN-THE-MIDDLE ATTACKS - SLIDE 33
FIGURE 31 AN EXAMPLE OF PUBLICIZED SECURITY BREACH - SLIDE 33
FIGURE 32 DEFINITION OF SECURITY PROCEDURES - SLIDE 34
FIGURE 33 WHY SECURITY PROCEDURES ARE IMPORTANT - SLIDE 34
FIGURE 34 METHOD TO ACCESS AND TREAT IT SECURITY RISKS - SLIDE 35
FIGURE 35 THE POTENTAIL IMPACT TO IT SECURITY OF INCORRECT CONFIGURATION OF FIREWALL POLICIES AND THIRD-PARTY VPNS - SLIDE 35
FIGURE 36 DMZ - SLIDE 36
FIGURE 37 STATIC IP - SLIDE 36
FIGURE 38 NAT – NETWORK ADDRESS TRANSLATION - SLIDE 37
FIGURE 39 THE FIRST BENEFIT OF IMPLEMENT NETWORK MONITORING SYSTEMS - SLIDE 37
FIGURE 40 THE SECOND BENEFIT OF IMPLEMENT NETWORK MONITORING SYSTEMS - SLIDE 38
4|Page
FIGURE 41 THE THIRD BENEFIT OF IMPLEMENT NETWORK MONITORING SYSTEMS - SLIDE 38
FIGURE 42 A TRUSTED NETWORK - SLIDE 39
5|Page
Assignment 1: Security
Introduction
T
he world is involving critically. Nowadays, many electronic devices have been used by humans.
They are everywhere and have become the most necessary thing in human life. These devices
are not only easy to use but also have many functions making life simpler. In the other hand,
technology involved in the bad side. More and more security threads come up when people using the
internet. Phone number, the web's history, even people's identity might be stolen for such purposes, etc.
IT security is important because threads are not something to play with. They are harmful to computers
or can bring great break down to organizations. With great awareness, NorthStar Secure carry the great
mission in the field of security, provide high protection and prevent thief identity. As a trainee IT Security
Specialist in NorthStar Secure, this report will include full details of IT security and ways to deal with it.
LO1. Assess risks to IT security
P1. Identify types of security risks to organizations.
There are ten common security risks:
1.1. Computer virus
Figure 1 Showing computer virus
Source: www.google.com
6|Page
Programs that sneaky attach to another document or program and execute when that document or
program is opened. Interestingly, viruses may contain directions that reason issues running from showing
an irritating message to eradicating documents from a hard drive or making a computer crash over and
again. In some particular cases, viruses will spread from one computer to others. (Novetta Threat
Research Group. (2016, February 24). Operation Blockbuster: Destructive Malware Report.)
1.2. Rogue security software
Figure 2 Showing rogue security software
Rogue security software is vindictive programming that deceives clients to accept there is a computer
infection introduced on their PC or that their safety efforts are not cutting-edge. At that point, they offer
to introduce or refresh clients' security settings. They'll either request that you download their program
to evacuate the claimed infections, or to pay for an instrument. The two cases lead to real malware being
installed on the computer. (securitytrails.com)
1.3. Trojan horses
Figuratively, a "Trojan horse" alludes to fooling somebody into welcoming an assailant into a safely
secured zone. In computing, it holds a fundamentally the same as importance — a Trojan horse, or
7|Page
"Trojan," is a malevolent piece of assaulting code or programming fooling clients into running it eagerly,
by holing up behind a genuine program. (securitytrails.com)
Figure 3 Showing symbolic of trojan horse
1.4. Adware and spyware
Spyware is a general term used to depict programming that furtively keeps an eye on clients by
gathering data without their assent.
8|Page
Figure 4 Showing an example of spyware - keylogger
Figure 5 Showing an example of adware
9|Page
Adware conveys promoting content in a way that is surprising and undesirable by the client. Once the
adware malware moves toward becoming installed, it regularly shows promoting pennants, popup
advertisements, or opens new internet browser windows aimlessly interims
(searchsecurity.techtarget.com)
1.5. Computer worm
Figure 6 Showing symbolic of computer worm
Computer worms are bits of malware programs that imitate rapidly and spread starting with one
computer then onto the next. A worm spreads from a tainted computer by sending itself to the majority
of the computer's contacts, at that point promptly to the contacts of others. Interestingly, they are not
constantly intended to cause hurt; there are worms that are made just to spread. Transmission of worms
is additionally regularly done by misusing programming vulnerabilities. (securitytrails.com)
1.6. DOS and DDOS assault
10 | P a g e
A DoS assault is performed by one machine and its web association, by flooding a site with bundles and
making it incomprehensible for genuine clients to get to the substance of the overflowed site. Luckily,
you can't generally over-burden a server with a solitary other server or a computer any longer. In the
previous years, it hasn't been that normal in the event that anything, at that point by blemishes in the
convention.
Figure 7 Showing how DoS and DdoS attacks
A DDoS assault, or appropriated forswearing of-administration assault, is like DoS yet is progressively
powerful. It's harder to conquer a DDoS assault. It's propelled from a few computers, and the number of
computers included can run from only a few them to thousands or significantly more. Since almost
certainly, not those machines have a place with the aggressor, they are undermined and added to the
assailant's system by malware. These computers can be circulated around the whole globe, and that
system of traded off computers is known as a botnet.
11 | P a g e
Since the assault originates from such a large number of various IP addresses all the while, a DDoS
assault is considerably harder for the unfortunate casualty to find and safeguard against.
(securitytrails.com)
1.7. Phishing
Phishing is a strategy for social designing with the objective of acquiring delicate information, for
example, passwords, usernames, Mastercard numbers.
Figure 8 Showing computer phishing
The assaults frequently come as texts or phishing messages intended to seem genuine. The beneficiary
of the email is then fooled into opening a vindictive connection, which prompts the establishment of
malware on the beneficiary's computer. It can likewise get individual data by sending an email that
seems, by all accounts, to be sent from a bank, requesting to check our personality by giving ceaselessly
your private data. (securitytrails.com)
1.8. Rootkit
12 | P a g e
A rootkit is a gathering of programming apparatuses that empowers remote control and organization
level access over a computer or its systems. When remote access is acquired, the rootkit can play out
various malignant activities; they come furnished with keyloggers, secret key stealers and antivirus
disablers.
Figure 9 Details rootkit
Rootkits are introduced by stowing away in genuine programming: when people offer authorization to
that product to make changes to their OS, the rootkit installs itself in their PC and trusts that the program
will actuate it. Different methods for rootkit circulation incorporate phishing messages, malignant
connections, documents, and downloading programming from suspicious sites. (Microsoft. (n.d.). Secure
the Windows 8.1 boot process.)
1.9. SQL Injection attack
SQL infusion assaults are intended to target information-driven applications by abusing security
vulnerabilities in the application's product. They utilize the pernicious code to get private information,
change and even decimate that information and can venture to void exchanges on sites. It has rapidly
turned out to be a standout amongst the most perilous security issues for information privacy. You can
13 | P a g e
peruse more on the historical backdrop of SQL infusion assaults to all the more likely comprehend the
danger it postures to cybersecurity. (securitytrails.com)
Figure 10 Showing attack overview of SQL injection attack
1.10. Man-in-the-middle attacks
Man-in-the-middle attacks are cybersecurity assaults that enable the aggressor to listen stealthily on the
correspondence between two targets. It can tune in to correspondence which should, in typical settings,
be private. (www.imperva.com)
For instance, a man-in-the-center assault happens when the assailant needs to capture correspondence
between individual An an individual B. Individual A sends their open key to individual B, however, the
aggressor blocks it and sends a fashioned message to individual B, speaking to themselves as A, yet
rather, it has the assailants open key. B trusts that the message originates from individual An and
scrambles the message with the assailants open key, sends it back to A, yet aggressor again catches this
message, opens the message with private key, conceivably modifies it, and re-encodes it utilizing the
14 | P a g e
open key that was right off the bat given by individual A. Once more, when the message is moved back
to individual A, they trust it originates from individual B, and along these lines, we have an aggressor in
the center that spies the correspondence between two targets.
Figure 11 Showing how man-in-the-middle attacks work
*. An example of a recently publicized security breach
According to www.csoonline.com, in September 2016, the once-prevailing Internet Goliath, while in

exchanges to pitch itself to Verizon, declared it had been the casualty of the greatest information rupture
ever, likely by "a state-supported entertainer," in 2014. The assault traded off the genuine names, email
addresses, dates of birth and phone quantities of 500 million clients. The organization said the "vast
majority" of the passwords included had been hashed utilizing the strong grave calculation.
15 | P a g e
Figure 12 illutrates that Yahoo! had been hacked
A few months after the fact, in December, it covered that prior record with the exposure that a rupture
in 2013, by an alternate gathering of programmers had bargained 1 billion records. Other than names,
dates of birth, email locations, and passwords that were not too ensured as those associated with 2014,
security questions and answers were additionally traded off. In October of 2017, Yahoo amended that
gauge, saying that, truth be told, every one of the 3 billion client records had been undermined.
The ruptures thumped an expected $350 million off Yahoo's deal cost. Verizon, in the end, paid $4.48
billion for Yahoo's center Internet business. The understanding required the two organizations to share
administrative and lawful liabilities from the ruptures. The deal did exclude a revealed interest in Alibaba
Group Holding of $41.3 billion and a possession enthusiasm for Yahoo Japan of $9.3 billion.
(www.csoonline.com)
P2. Organisational security procedures.
2.1. Definition
Security procedures are nitty gritty step-by-step guidelines on the most proficient method to execute,
empower, or authorize security controls as listed from your association's security approaches. Security
procedures should cover the huge number of equipment and programming parts supporting your
business forms just as any security-related business forms themselves. (linfordco.com)
16 | P a g e
2.2. The Purpose of Security Procedures
The reason for security methods is to guarantee consistency in the usage of security control or execution
of a security significant business process. They are to be pursued each time the control should be
actualized or the security important business procedure pursued. Here is a similarity. As a feature of each
flying machine flight, the pilot will pursue a pre-flight agenda. Basically, they do it to guarantee that the
flying machine is prepared to fly and to do everything conceivable to guarantee a sheltered flight. Despite
the fact that pilots may have flown a large number of hours, regardless they pursue the agenda. Following
the agenda guarantees consistency of conduct every single time. Despite the fact that they may have
executed the agenda many occasions, there is a hazard in depending on memory to execute the agenda
as there could be some diversion that makes them overlook or disregard a basic advance.
Much like pre-flight agendas, security methodology manages the individual executing the technique to a
normal result. One model is server solidifying. Despite the fact that a framework head has manufactured
and solidified many servers, the method to solidify the server still should be pursued to guarantee the
server is solidified effectively and to a dimension that still permits operability with the arrangement of
which it is a section. In the event that the solidifying method isn't pursued, the framework manager could
forget a stage that outcomes in an inadmissible presentation of the server or information. The best choice
is robotized the solidifying system through contents or other computerization devices. This will
guarantee the steady execution of the solidifying "procedure."
Every company running businesses over the world need to follow these policies and procedures:
• Security policy
• Human resources policy
• Incident response policy
Looking at Humans resources policy that personnel management can highly relate to security. This
includes all pre-employment, employee maintenance, post-employment. Each employee plays an
important part in running a company. If one employee is no longer working for that company, there will
be some policies were set so that private data of the company can not be leaked. That could be rejecting
email of pre-employment, making they promise not to tell the company's secrets
17 | P a g e
M1. Method to assess and treat IT security risks.
There are fours steps to treat IT security risks:
1. Identify risks
2. Analyze risks
3. Evaluate risks
4. Choose risk treatment options:
• Avoid the risk by disposing of it totally
• Modify the risk by applying security controls
• Offer the risk with an outsider (through protection or by redistributing it)
• Retain the risk
Besides the above, there are other ways that are simple but very effective:
• Install Anti-Virus Software and make sure that it is up to date.

• Instruct all clients and employees to be cautious about suspicious messages.
• Scan Internet Downloads.
• Try not to run projects of obscure origin.
• Make customary reinforcements of basic information.
• Build up an Information Security Policy.
• Screen logs and frameworks.
• Build up an Incident Response Plan.
• Limit end-client access to frameworks
• Implement a vulnerability management program. (bhconsulting.ie)
LO2. Describe IT security solutions
P3. Identify the potential impact to IT security of incorrect configuration of firewall policies and third-
party VPNs.
18 | P a g e
VPN represents Virtual Private Network which aides in averting the information break. It is a sort of the
network which once empowered keeps the information that is shared over the system encoding. This
the system builds up a safe association between the gadgets, on which the information is shared.
Figure 13 Showing how VPN works
A firewall can be characterized as a gadget that is introduced to monitor the traffic visiting or getting to
the information, checking if the client is approved to get to the system or not. According to the guidelines
set or structured, the firewall can permit or square unapproved clients from getting to the network.
If the configuration is not corrected, there could be a security breach that may lead to the case that
private file could be stolen.
Potential impact to IT security:
• There might lead to a data breach by creating a hole in the network and the third person could take
advantage of that breach and steal the sensitive files
• Desired traffic could not land it’s wanted destination.
19 | P a g e
• The traffic reaches a destination it should have not reached.
P4. How different techniques can be implemented to improve network security.

4.1. DMZ
4.1.1. Definition of DMZ
In computer networks, a DMZ (demilitarized zone), is a physical or legitimate subnet that isolates a local
area network (LAN) from other untrusted networks, generally the web. Outer confronting servers, assets,
and administrations are situated in the DMZ. Along these lines, they are open from the web, yet the
remainder of the interior LAN stays inaccessible. This gives an extra layer of security to the LAN as it
confines the capacity of programmers to straightforwardly get to interior servers and information
through the web. (searchsecurity.techtarget.com)
4.1.2. How DMZ works

DMZs are planned to work as a kind of cushion zone between the open web and the organizational
network. Conveying the DMZ between two firewalls implies that all inbound network parcels are
screened utilizing a firewall or other security machine before they touch base at the servers the
association has in the DMZ. This ought to be sufficient to hinder the most easygoing of risk on-screen
characters.
In the event that a superior arranged risk entertainer can get past the primary firewall, they should then
increase unapproved access to those administrations before they can do any harm, and those
frameworks are probably going to be solidified against such assaults.
20 | P a g e
Figure 14 Showing DMZ network architecture
Source: searchsecurity.techtarget.com
At long last, expecting that a well-resourced risk on-screen character can rupture the outer firewall and
assume control over a framework facilitated in the DMZ, they should even now get through the internal
firewall before they can achieve delicate venture assets. While even the best-verified DMZ engineering
can be ruptured by a decided aggressor, a DMZ enduring an onslaught should set off cautions, giving
security experts enough cautioning to deflect a full break of their association.
4.1.3. Real situation

DMZ is suitable for small and medium businesses that want to use independent LAN system. Limit the
loss of data from external or being stolen. This is a similar way to the firewall, protecting sensitive data
and resource
4.2. Static IP
4.2.1. Definition of static IP
A static IP address is an IP address that was physically designed for a gadget, versus one that was doled
out through a DHCP server. It's called static since it doesn't change. (www.lifewire.com)
21 | P a g e
4.2.2. How static IP works

At the point when Static IP Addresses are used. Static IP locations are essential for gadgets that need
steady access.
Figure 15 Showing the difference between Dynamic IP and Static IP
On the other hand, if the server were doled out a dynamic IP address, it would change infrequently which
would keep your switch from knowing which computer on the network in the right server. People can
use the static IP address to host private file or FTP server, host a private website or domain name server
or even a chat server.

Static IP would be great in the classroom. They can share a printer over a network by using static IP.
4.3. NAT – Network Address Translation

4.3.1. Definition of NAT
Network Address Translation (NAT) is where a system gadget, as a rule, a firewall, allocates a public
address to a computer (or gathering of computers) inside a private system. (techterms.com)
22 | P a g e
4.3.2. How NAT works

At the point when different computers on the Internet endeavor to get to computers inside the local
network, they just observe the IP address of the router. This includes an additional dimension of
security since the router can be designed as a firewall, just enabling approved systems to get to the
computers inside the network.
Figure 16 Showing how NAT works
When a framework from outside the system has been permitted to get to a computer inside the system,
the IP address is then deciphered from the router's address to the computer's one of a kind address. The
address is found in a "NAT table" that characterizes the interior IP addresses of computers on the system.
The NAT table likewise characterizes the worldwide address seen by computers outside the network.
Despite the fact that every computer inside the local network has a particular IP address, outer
frameworks can possibly observe one IP address when interfacing with any of the computers inside the
network.

While this guides in network security, it additionally restrains the quantity of IP tends to required by
organizations and associations. This will help the large company with hundred or even thousands of
computers using a specific IP address for connecting to the internet and sharing data.
23 | P a g e
M2. Three benefits of implement network monitoring systems with supporting reasons.
2.1. Ensuring the system against hackers/attackers.
System checking frameworks can recognize suspicious traffic, in this way enabling proprietors to act
quick. A system checking administration can give an expansive review of an SMB's whole IT framework
so nothing is missed. Today, misuses are increasingly complex and progressed and can focus on a
framework in an assortment of ways. Checking antivirus and firewall arrangements independently may
leave security holes.
2.2. Keeping educated without in-house staff.

A network observing administration will send cautions and data to an SMB proprietor as issues emerge.
Something else, an SMB may need to either endeavor to screen their system security themselves or
contract a full-time IT employee - which could be all around exorbitant. Information breaks can be all the
more harming and progressively costly the more they abandon being recognized.
2.3. Advancing and checking the system.

Numerous entrepreneurs are gone for quick development. This development can't be conceivable if parts
of their IT framework are over-troubled or moderated. System observing administrations will guide out
the framework of an independent company, demonstrating an SMB proprietor zones of progress and
any issues that as of now should be tended to. (www.cwps.com)
D1. How a ‘trusted network’ can be part of a security system

According to www.careerride.com a trusted network is a network of devices that are associated with one
another, open just to approved clients, and considers just secure information to be transmitted. Such
networks enable information to be moved straightforwardly. The machines utilizing a trusted network
are typically directed by an administrator to guarantee that private and verified information isn't spilled.
Access to this system is constrained. Computers using a trusted network are more verified and classified
as a result of solid firewalls.
A trusted network should include four essential parts:
• Authentication: the policy of using is a must if the user wants to log into the system
24 | P a g e
• Private network: VPA is Virtual Private Network ought to be designed in a Trusted system in
request to control the traffic and to distinguish the unapproved clients for getting to the
information.
• Firewall: deny the traffic of the public network to enter the information of private network
• Encryption: in order to prevent the third people to see the information that information must be
encrypted and enclosed.
Moreover, a trusted network connect has the policy decision points use a standard protocol named IF-
PEP to talk to the policy enforcement points for each network. Security automation, on the other hand,
operates by having all our security systems share information through standard protocols so they can
provide automated analysis and response.
Figure 17 Showing Network Access Control
25 | P a g e
Information is shared through a common protocol named IF-MAP. The security systems use IF-MAP to
store information in a database called a metadata access point and to query that database or subscribe
to changes to a specific record. For example, a policy decision point can share information about a user
who is logged into the network and subscribe to any events pertaining to that user. If the user starts
attacking other people, a network intrusion detection system can publish an event about the problem
and the policy decision point will be notified via the IF-MAP protocol. Then the policy decision point can
tell the policy enforcement point to quarantine that user.
Figure 18 Showing security automation
The attackers are automated, always stand a chance to steal something from us. That is why we need
to be secured and why a security system needs a trusted network.
26 | P a g e
Conclusion
In conclusion, the world is a dangerous place. Everyone could be the enemy who will possibly steal data
from our information. That is why we need to truly understand what is basic about security in order to
protect our personal life. Furthermore, security may be a useful weapon in running a business in the near
future.
Presentation – Slides
Figure 19 Introduction - slide
27 | P a g e
Figure 20 Ten common security risks - slide
Figure 21 Computer virus - slide
Figure 22 Rogue security software - slide
28 | P a g e
Figure 23 Trojan horse - slide
29 | P a g e
Figure 24 Spyware and Adware - slide
Figure 25 Computer worm - slide
30 | P a g e
Figure 26 DoS and DdoS attack - slide
Figure 27 Phishing - slide
31 | P a g e
Figure 28 Rootkit - slide
Figure 29 SQL injection attack - slide
32 | P a g e
Figure 30 Man-in-the-middle attacks - slide
Figure 31 An example of publicized security breach - slide
33 | P a g e
Figure 32 Definition of security procedures - slide
Figure 33 Why security procedures are important - slide
34 | P a g e
Figure 34 Method to access and treat IT security risks - slide
Figure 35 The potentail impact to IT security of incorrect configuration of firewall policies and third-
party VPNs - slide
35 | P a g e
Figure 36 DMZ - slide
Figure 37 Static IP - slide
36 | P a g e
Figure 38 NAT – Network Address Translation - slide
Figure 39 The first benefit of implement network monitoring systems - slide
37 | P a g e
Figure 40 The second benefit of implement network monitoring systems - slide
Figure 41 The third benefit of implement network monitoring systems - slide
38 | P a g e
Figure 42 A trusted network - slide
References
Microsoft. (n.d.). Secure the Windows 8.1 boot process, viewed June 7 2019
Novetta Threat Research Group. (2016, February 24). Operation Blockbuster: Destructive Malware
Report, viewed June 7 2019
Securitytrails, Top 10 common network security threats explained, viewed June 7 2019, from
https://securitytrails.com/blog/top-10-common-network-security-threats-explained
Searchsecurity, Ten ways to prevent insider secutity threats, viewed June 7 2019, from
https://searchsecurity.techtarget.com/feature/Ten-ways-to-prevent-insider-security-threats
Attack.mitre, Bootkit, viewed June 7 2019, from https://attack.mitre.org/techniques/T1067/
Csoonline, The biggest data breaches of the 21st century, viewed June 7 2019, from
https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html
Linfordco, Security procedures, viewed June 7 2019, from https://linfordco.com/blog/security-
procedures/
Imperva, Man-in-the-middle-attack, viewed June 7 2019, from
https://www.imperva.com/learn/application-security/man-in-the-middle-attack-mitm/
39 | P a g e
Searchsecurity, DMZ definition, viewed June 7 2019, from

https://searchsecurity.techtarget.com/definition/DMZ
Lifewire, Using static ip address on private computer, viewed June 7 2019, from
https://www.lifewire.com/using-static-ip-address-on-private-computer-818404
Techterms, NAT definition, viewed June 7 2019, from https://techterms.com/definition/nat
Smartdatacollective, Businesses handle cyber security risk assessment, viewed June 7 2019, from
https://www.smartdatacollective.com/businesses-handle-cyber-security-risk-assessment/
Itgovernance, 5 steps to an effective iso 27001 risk assessment, viewed June 7 2019, from
https://www.itgovernance.eu/blog/en/5-steps-to-an-effective-iso-27001-risk-assessment
Cwps, The advantages to using a network monitoring service, viewed June 7 2019, from
https://www.cwps.com/blog/the-advantages-to-using-a-network-monitoring-service
Careerride, Networking trusted and untrusted network, viewed June 7 2019, from
https://www.careerride.com/Networking-trusted-and-untrusted-networks.aspx
40 | P a g e

Security

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Security

Transféré par

Droits d'auteur :

Formats disponibles

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit 5: Security

Submission date Date Received 1st submission

Re-submission Date Date Received 2nd submission

Student Name Nguyễn Phi Hùng Student ID GCH18211

Class GCH0711 Assessor name Michael Omar

LO1. Assess risks to IT security

P1. Identify types of security risks to organizations.

There are ten common security risks:

1.1. Computer virus

Figure 1 Showing computer virus

1.2. Rogue security software

Figure 2 Showing rogue security software

1.3. Trojan horses

Figure 3 Showing symbolic of trojan horse

1.4. Adware and spyware

Figure 4 Showing an example of spyware - keylogger

Figure 5 Showing an example of adware

1.5. Computer worm

Figure 6 Showing symbolic of computer worm

1.6. DOS and DDOS assault

Figure 7 Showing how DoS and DdoS attacks

Figure 8 Showing computer phishing

Figure 9 Details rootkit

1.9. SQL Injection attack

Figure 10 Showing attack overview of SQL injection attack

1.10. Man-in-the-middle attacks

Figure 11 Showing how man-in-the-middle attacks work

*. An example of a recently publicized security breach

According to www.csoonline.com, in September 2016, the once-prevailing Internet Goliath, while in

Figure 12 illutrates that Yahoo! had been hacked

P2. Organisational security procedures.

2.2. The Purpose of Security Procedures

• Human resources policy

• Incident response policy

M1. Method to assess and treat IT security risks.

There are fours steps to treat IT security risks:

4. Choose risk treatment options:

• Avoid the risk by disposing of it totally

• Modify the risk by applying security controls

• Offer the risk with an outsider (through protection or by redistributing it)

• Retain the risk

• Install Anti-Virus Software and make sure that it is up to date.

LO2. Describe IT security solutions

Figure 13 Showing how VPN works

Potential impact to IT security:

• Desired traffic could not land it’s wanted destination.

• The traffic reaches a destination it should have not reached.

P4. How different techniques can be implemented to improve network security.

4.1.2. How DMZ works

Figure 14 Showing DMZ network architecture

4.1.3. Real situation

4.2.2. How static IP works

Figure 15 Showing the difference between Dynamic IP and Static IP

4.2.3. Real situation

4.3. NAT – Network Address Translation

4.3.2. How NAT works

Figure 16 Showing how NAT works

4.3.3. Real situation

2.2. Keeping educated without in-house staff.

2.3. Advancing and checking the system.

D1. How a ‘trusted network’ can be part of a security system

A trusted network should include four essential parts:

Figure 17 Showing Network Access Control