1answer.
Ask question
Login Signup
Ask question
All categories
  • English
  • Mathematics
  • Social Studies
  • Business
  • History
  • Health
  • Geography
  • Biology
  • Physics
  • Chemistry
  • Computers and Technology
  • Arts
  • World Languages
  • Spanish
  • French
  • German
  • Advanced Placement (AP)
  • SAT
  • Medicine
  • Law
  • Engineering
viva [34]
3 years ago
11

For this assignment: Analyze and describe the network infrastructure. Describe and explain the various policies that will be nee

ded to defend the network Describe the system vulnerabilities and potential exposures on the network. Examine and describe the software and hardware risks. Provide a list of security measurement per device you will implement. Mention any unnecessary ports to make the network secure. TCP/IP (IPSec) Router Ports Firewall Ports VPN Access Layer 3 Switches/Vlans
Computers and Technology
1 answer:
mamaluj [8]3 years ago
7 0

Answer:

Explanation:

The Network infrastructure shown here are LAN and WAN. Wired and wireless communications.

The Various policies are:

1. Group related items together, for instance, grouping all Windows servers, into one virtual LAN (VLAN). Other asset groups might include infrastructure (routers, switches, VPNs and VoIP) in one VLAN and security assets (IDS, firewalls, web filters and scanners) may be grouped in another.

2. In general, it is good to adopt a default deny access posture for each VLAN.

3. Network segmentation is a very significant, long-term project, but each step along the way increases security. Log all traffic between segments to determine what is normal and needed for effective functioning.

4. Network segmentation is undeniably and unquestionably an effective component in a defense in depth strategy. Organizations that implement it must be prepared to manage scores of firewalls, switches and routers, each with hundreds of rules, all of which may be affected by the network segmentation process and potentially by updates and changes, even after it is in place.

5. Contribute to a secure WAN environment for all connected departments, offices,

agencies, boards, and commissions

6. Provide a uniform security framework to secure the integrity, confidentiality, and availability of info and info systems, at the WAN level.

7. Provide, in balance with operational requirements, legislative requirements, and information sharing agreements, the minimum WAN security requirements.

8. Raise awareness of information and information technology security needs for all users of the WAN by providing the security principles, requirements.

9. Define the clear roles and responsibilities of all users of the WAN, particularly WAN security staff.

* Vulnerabilities and exposures

1. Data requiring special protection such as credit card numbers that need to comply with PCI-DSS or patient information that is subject to HIPAA should be isolated from other data and put in their own VLANs.

2. Your aim is to limit access to sensitive information to those who need it within the organization and to create roadblocks to stop or slow intruders, who may have broken through one layer of security, from doing further damage.

3. Network segmentation is not a “set and forget” undertaking. The network access policy, defined in firewalls, routers and related devices, changes constantly to cater to new business requirements. Ensure that new changes do not violate your segmentation strategy requires a good degree of visibility and automation.

4. Reducing internal breaches and the infiltration of malicious software(malware). This

internal defense requires significant involvement with individual devices

on a network, which creates greater overhead on network administrators.

*Risks

1. Malicious software, also known as malware,makes its way onto a network through

employees, contractors and visitors. Personal laptops, wireless gadgets,

and of course the USB flash drives, all these provide excellent vectors through which

malware can enter the workplace.

2. Hackers, worms, spammers and other security dangers of the Internet via LAN.

3. The various vulnerabilities on your network represent potential costs — time, money and assets — to your library. These costs, along with the chance someone will exploit these vulnerabilities, help determine the level of risk involved.

4. Since the cost of adding another Internet connection, increasing the speed of the current connection or purchasing complex network monitoring equipment might be too prohibitive, the library has a higher tolerance for a periodically slow Internet connection.

5. External flash drives and other media are also concern when those enters the network.

6. The lost or stolen handheld device poses some serious risks if not incorporated into your network security policy. Such devices are often capable of being formatted of all company content remotely in the case of theft or robbery.

*Security measurements:

1. Address Resolution

Protocol (ARP) spoofing, Denial of Service (DoS) attacks such as Tear Drop

or Ping of Death.

2. In addition, network administrators can form a policy whereby network

users are required to install and maintain anti-malware scanners in their devices.

3. Many tools exist to check the existing security state of your network. The Microsoft Baseline Security Analyzer, Nmap .

4. Risk assessment is a combination of both quantifying (the cost of the threat) and qualifying (the odds of the attack).

5. Firewalls.

6. Antivirus systems.

7. Intrusion-detection systems (Host-based IDS,Network-based IDS)

8. Port scanners.

9. Network sniffers.

10. A vulnerability scanner is like a port scanner on steroids.

*Unnecessary Ports

1. It is not easy to say which ports exactly but we should know that the service ports which are open among 65,535 ports and although not exactly sure what service is running , it is safer to check the port and close it as "A Closed Port is a Safe Port".

You might be interested in
What permissions are needed in order to use a work online that is in the public domain?
Maurinko [17]
<h2 /><h2>⇒Written  \: permission  \: from \\  the  \: creator</h2>

The term “public domain” refers to creative materials that are not protected by intellectual property laws such as copyright, trademark, or patent laws. ... Anyone can use a public domain work without obtaining permission, but no one can ever own it.

5 0
2 years ago
Q Basic program write a program in Q Basic to find the cost of 10 pens when the cost of 15 pens is 75 use unitary method to find
Ne4ueva [31]

give the function of cpu

5 0
3 years ago
c++ Write a statement that increments (adds 1 to) one and only one of these five variables: reverseDrivers parkedDrivers slowDri
Mazyrski [523]

Answer:

The following statement are:

if(speed < 0) // if statement

{

reverseDrivers++; //if the speed is less than 0, then increment in "reverseDrivers"

}

else if(speed < 1) //else if statement

{

parkedDrivers++; //speed is less than 1, than increments in "parkedDrivers"

}

else if(speed < 40)

{

slowDrivers++; //speed is less then 40, than increment in "slowDriver"

}

else if(speed <= 65)

{

safeDrivers++; //speed is less than or equal to 40, then increment in "safeDriver"

}

else

{

speeders++; //else increment in speeders

}

Explanation:

From the following statement their are certain condition arises

If the speed is less than 0, then increments the “reverseDrivers” variable by 1.

If the speed is less than 1, then increments the “parkDriver” variable by 1.

If speed is less than 40, then increment in "slowDriver" variable by 1.

If speed is less than or equal to 40, then increment in "safeDriver" variable by 1.

Otherwise increment in "speeders"

7 0
3 years ago
Is prediction harmful or not , why​
Marrrta [24]

Answer:

It's Not At All Because It's Just Like Yku Thinking Of Something

Explanation:

not at all

8 0
3 years ago
Matt goes to an Internet café and tries to access his emails. The email client asks Matt to enter his email address along with t
Radda [10]

Answer:

acknowledging

Explanation:

it has to be d

6 0
3 years ago
Other questions:
  • What is computer virus?
    8·1 answer
  • It is better to know the main components of all computer programming languages
    9·1 answer
  • Which of the following sentences uses the correct verb tense?
    8·2 answers
  • Software referd to the physical parts of the computer True or False
    9·2 answers
  • A queueing system has four crews with three members each. The number of "servers" is:
    5·2 answers
  • An organization is assigned a Class-C network 200.120.80.0 and wants to form subnets for its threedepartments: D1 (60hosts), D2
    7·1 answer
  • Is it safe to tape down cords such as internet cables to the floor?
    14·1 answer
  • When discussing the business requirements of a WLAN design, what is the first question that should be posed
    15·1 answer
  • 4.8 code practice question 2
    10·1 answer
  • Radio spectrum is the part of the complete range of electromagnetic waves that is used for radio communication from
    14·1 answer
Add answer
Login
Not registered? Fast signup
Signup
Login Signup
Ask question!