Acknowledgement:

I am the student Souad Taha. We will present Network Security and Cryptography. We
have been given this opportunity to work on the project Aptech Qatar Computer
Education Centre

We learned a lot of information and enjoyed the design of the project very clearly in the
work and how to use it. The teacher who helped us in this professor Jaspal where we
encouraged this period and encouraged us and note the tips

We have succeeded in designing the site to work accurately and professionally to

achieve all the necessary goals and standards.
Table of Contents
Acknowledgement:.................................................................................................................1

Task 1 – Risk Assessment.................................................................................................3

Task 2 Controlling the risks................................................................................................4

Task 3 Controlling the risks – Network Diagram............................................................6

Task 4 Maintaining Security...............................................................................................9

Task 5 Reflection...............................................................................................................10

References.........................................................................................................................11
Task 1 – Risk Assessment

Data security is crucial in any organization. The MD director should ensure that all the

information is safe from both external and internal interference to make the organization

maintain integrity and the availability of data. Escape has many users within its LAN network

that threatens the data shared or stored within the computers or even in the network. which

requires a highly beefed security. The breakdown of threats, their likelihood and impacts are as

shown in the table below

ASSET THREAT CIA LIKELIHOOD IMPACT RISK

Staff members Unauthorized access C Medium Medium Low
to their date

Finances Manipulating data I High Medium Low

Managers Data manipulation C medium High High

Instructor Data theft. I/ A High High high
Students Access to their C Medium Low Medium
information

Likelihood Impact
High Twice a month Affects privacy of employees
Medium Three times a year Inconvenience operations for at least two days.

High Once a month Theft of funds can paralyze the company and cause
adverse financial losses.
High Twice a month Can lower education integrity.
Low Once a year Students privacy can be invaded.
 Impact

Likelihood Medium High Low

High High Medium
Medium High Very high
High High High
Medium Medium Low

Task 2 Controlling the risks

The Escape Local Area Network (LAN) has several critical information like the employees’

payroll. When a malicious entry or access is made into the system, the data will either be tamper

with hence affecting the data’s integrity or even viewing other peoples’ pay which affects

confidentiality through breaching the privacy of the organization’s employees.

The other threat is on students’ data. Since escape has a school system, they need to protect both

the instructors and the learners. The information leakage can lead to both breaches in integrity

and confidentiality of the information. The instructors usually store their data about examinations

and other essential schemes within the LAN that when accessed can lead to a lack of integrity

within the institution. Unauthorized access will lead to cheating and even erasing of specific data

which causes availability problems. On the other hand, students require to have some level of

privacy in their information like projects and fees statements as well as their grades. In such

cases, security is the only way to ensure that both of them have trust operating in the

organization. Therefore, creating necessary authentication rules and procedure might be

sufficient but preventing some malicious attacks like syphoning and eavesdropping are critical in

ensuring safer operations.

The managers often store their information within their computers which are accessible within

the local area network setup. When malicious individuals access the information, great losses or

manipulation of data will lead to poor working conditions.

Data protection aids in protecting information and making them available they are needed at the

right time and with integrity. To protect the data in a LAN network then security measures are

crucial to protect the data integrity, the confidentiality of the users and availability of the

information when they are required and the manner.

The measures include network sniffers. The method puts Network Interface Card into

promiscuous mode. The sniffers usually capture the traffics and records information like logins

and passwords the pullout and use them for malicious gain. A sniffer like TCP dump can be run

from the command line. The other way to protect computer in networks is via creating firewalls.

A firewall is a user-defined rule of filtering both the outgoing and incoming network traffics. The

primary purpose of a firewall is to restrict or eliminate unwanted communication within a

network while allowing for the free flow of all legitimate communication. The firewall provides

server infrastructures that when combined with other measures, prevents malicious penetration

into servers.

The other methodology is by using data encryption. Encrypting of data is putting the data in a

scrambled format before passing it to the receiver. The scrambled data weight does not make

sense to the person of eavesdrop or syphons it as they will lack the appropriate decryption tool to

decrypt and synthesize the information wrapped.

The best way is to use cypher texts. The sender decodes messages and then sends unlock key

separately for decryption. When the intruders access the information, then they will not be able

to decode the message.

Network transfers information through packets. When the packages are sent from various

persons, then they cause traffic within the network. The traffic then makes it easy for intruders to

gain unauthorized access to information. Therefore, the methodologies suggested are critical for

protecting the data.

The firewall acts as a physical barrier to gain access to intranet information within the institution.

It is, therefore, crucial to understand the potential threats and find better means of curbing the

crimes. Setting passwords and login credentials private will save in maintain the integrity and

boost confidence.

Further, scrambling messages makes them fail to make sense to introducers. It is sufficient since

when someone listens to a traffics and illegally taps the data they will not be able to encrypt and

use such data. Generally, data security involves a series of events that should be taken seriously,

implemented and finally maintained to ensure that all the organization’s data are safe secure and

with integrity.

Task 3 Controlling the risks – Network Diagram

Network Components

The components of a network include servers which serve all the connected components within

that system. It is also central to all communications when several clients are connected to it.

Then we have the clients who are to tap information from the central server. The connectors and
links through which information passes are also components of the network sharing. The

connectors, switch, router and LAN capable are all components that often are vulnerable to

security threats.

The components of a network include a server, several computers connected to it, routers, switch

or hub.

Suitable IP addresses with supporting explanations

The Internet Protocol Address is composed of a network component and a host component. The

subnet mask has a single purpose: to identify which part of an IP address is the network

component and which part is the host component. The IP Address should have a subnet, the

network field and class address range.

 Class High-Order Bits 1st Octet Range
A 0 1-126
B 10 128-191

B has 255.255.0.0
Firewall rules in a table
Source Address Source Port Destination Address Destination Port
10.10.10.0 Any Any 7
Any Any 10.10.10.0 7

The Simple Mail Transport Protocol rule. In the rule the data is allowed to pass through the
firewall but directed to a properly configured SMTP gateway.
Source Address Source Port Destination Destination Action
Address Port
Any Any 10.10.10.6 25 Allow

The clean Up rule

Sources Address Source Port Destination Destination Action
Address Port
Any Any Any Any Deny

Justification on how and why it applies to escape scenario.

Encryption site uses cipher. After the message is encrypted, a key is send separately for

decrypting the message. The entire idea is on making cipher text and the reverse cipher

algorithms similar. When this is achieved, then the information would be interpreted correctly

by the senders.

The Escape has a lower number of people. The access to servers can successfully be limited via

firewalls and other security means. There are two sets of filtering routers or firewalls. The rules
are mostly geared towards protecting attacks that usually result from traffic within the network.

Since Escape records an increase in the number of network use and increased traffic, it would be

prudent to apply the rules diligently in ascertaining security. The network works in an external-

internal manner. The external communications are handled by the NAT server responsible for

mapping internal addresses to external addresses. The knowledge curbs compromising of data

by preventing a hacker from compromising inner boxes as well as accessing the internal

networks from within. It is essential also to note that there are no ping and Telnet since the

external firewall filters the external requests out. The clean is equally important as it enables in

permitting only authenticated information to go through while blocking the malicious ones.

Task 4 Maintaining Security

Security is crucial for any form of organization. The following activities should be considered

while beefing up the security.

The need to maintain the institution’s integrity. The ability of the company to maintain its

standards especially when critically data is involved. Honesty helps in ensuring the organization

achieves its objectives and end goals with diligence. Escape needs to protect the payroll

information, keep their finances safe and provide for quality education within the system.

The employees and staff members need to have confidence in their places of work. The MD is

worried about the increase in the number of insecurity cases. Although such incidents happen,

the MD should ensure that she beefs up the security for her organization. When confidentiality is

assured, then the workforce shall channel their energy in attaining better output for the company.
Finally, knowing that critical data will be available is also essential. Erasing crucial data can be

very disappointing and frustrating especially if there are no backups. Hence having them will

make the staff members consolidate their work in achieving the best results.

Task 5 Reflection

Throughout the process of finding the best security measures, some challenges resulted from the

research. The problems include difficulty in estimating the period that the security is at stake.

Determining the exact number of people expected in the system has is more probable making it

challenging to tell the most suitable way to administer the security. In some instances, using

firewalls might not be friendly in terms of pricing and implementation. Equally the cyphers texts

and making scrambled information might appear challenging to decipher to understand.

Nonetheless, being that there is no single way of creating the solutions, it would require that all

the process and attempts be tried, including hiring a professional to try and find flaws in the LAN

network.

Making assumptions that the threat lies within the LAN connection and not leaving any chance

to those who might attempt to eavesdrop from outside aided the process. However, in both cases,

it proved both cumbersome and expensive to provide security for the institution successfully. If I

were to start all over again, I would ensure that viable raw data is available for the process.

Questioning the kind of data, they would love to protect most how safe they feel within then

LAN and if they ever expected any malicious attempts to gain unauthorized access or attempted

it before.

The Managing Director is right. All institutions need to take chances with their security. When

instruction into the network occurs either from internal or external users, it will imply failure in
management. Further, some losses can be so adverse that it can lead to total failure or closure of

the company altogether. Generally, it is crucial not to take chances with the company’s assets.

References
Bal, R. G. (2016). Hash Data Structure for IPv6 Filters. European Journal of Advances in

Engineering and Technology, 3(10), 32-35.

Richardson, D. R., Cormie, J., MacCarthaigh, C., & Redman, B. W. (2015). U.S. Patent No.

9,160,703. Washington, DC: U.S. Patent and Trademark Office.