Avail CMIT 425 Advanced Information Systems Security Assignment Help And Put An End To All Your Academic Worries!!

Home   Course  
Previous << || >> Next

EXPERTSMINDS.COM ACCEPTS INSTANT AND SHORT DEADLINES ORDER FOR CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENT - ORDER TODAY FOR EXCELLENCE!

CMIT 425 Advanced Information Systems Security - University of Maryland Global Campus

CASE - GLOBAL FINANCE, INC.

1. Inventory assets

From the devices and systems identified in the GFI Corporate Network Topology, conduct a thorough asset inventory, assign monetary values to each asset (quantitative), and assign a priority value for each asset (qualitative) that could be used to determine which assets are most critical for restoral in the event of a catastrophic event or attack

GETTING STUCK WITH SIMILAR CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENT? ENROL WITH EXPERTSMINDS'S CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENT HELP SERVICES AND GET DISTRESSED WITH YOUR ASSIGNMENT WORRIES!

1.1 Asset inventory

            4 Cisco routers, One PBX, One VPN gateway, 3 Layer 3 switches, 6 layers 2 switches, two wireless access points are used.4 Cisco routers, One PBX, One VPN gateway, 3 Layer 3 switches, 6 layers 2 switches, and two wireless access points are used.

1.2 Monetary value to each of the asset

            Various components and their monetary value are explained in the table given below. Here the components are sequenced based on their importance.

SI. No.

Component Name

Expected Price

1

Oracle Database server

35000 AUD

2

Customer database

20000 AUD

3

10 PCs

10000 AUD

4

Firewall Installation

16000 AUD

5

Cisco routers

3000 AUD

6

Layer 3 Switches

300 AUD

7

Layer 2 Switches

100 AUD (per switch)

8

One PBX

30 AUD (per month)

9

Wireless access points

400 AUD

10

Printers cost

15000 AUD

 

Total

99830 AUD

1.3 Assigning priority value to each of the asset

            Cisco routers are critical devices. Layer 3 switches are the next critical devices. Layer 2 switches are low critical devices.

NEVER BE CAUGHT IN PLAGIARISM, AVAIL CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENT HELP SERVICE OF EXPERTSMINDS.COM AND SAVE HIGHER MARKS!

2.    Enterprise Topology and Perimeter Protection

Evaluate the perimeter security, make a list of access points internal and external(remote), identify vulnerabilities and make suggestions for improvements to perimeter and network security.

            The protective boundary often laid between the intranet side of an organization, i.e., the section of a network that is managed locally or in private and the internet part that faces the public side of the firm is called the Network Perimeter. For the reason of preventing some sort of cyber-attacks, the business authorities of the present times have increased the user's reliance on the security of the network, as the reliance of the online devices in our interconnected ecosystem is getting increased gradually. The security of the data that is collected, accumulated and interpreted on a large scale depends completely on the security measures that are surrounded by a massive scale. The prime concept of network perimeter and its evolution kindles the organization to think and act in an effective manner to protect their internal data from cyber theft ("A Case Study on various Network Security Tools", 2018).

  • The internal users of an organization are not just connected within the organizational circle that includes the building and network, but they are connected to the entire outer network in order to access the internal resources of the network using some mobile devices.
  • Software like Data Warehouses and Cloud Computing helps in storing the private data and applications of an organization within them by assuring its security including immediate access that challenges the security of the data stored in the private server owned by the organization that can be easily accessed by both internal and external users.
  • Web Services provide a wide opportunity in building the security boundaries as there is a lot of chance for internal as well as the external interactions that are totally insecure, persists all-time in the external platform. These web services can serve numerous clients at a time that increases the risk of cyber-attacks.

            To protect a software application, its service or the qualities of it in an individual manner is really challenging (Turnbull, 2005). As "network perimeter" is the concept that provides network configurations, it should not be treated as a specific setup but in an abstract manner in the present environment.

2.1 Internal and external access points present in the GFI's Network System

            Routers are external access points. Internal layer 2 switches and wireless access points are internal access points.

2.2 Identified Vulnerabilities

            Firewall, IPS, IDS, DMZ security features are not installed. WEP is used as wireless access protection.

2.3 Suggestions to improve the security

            Firewall, IPS, IDS, DMZ security features are needed to be installed. WPA2 should be used as wireless access protection.

NEVER LOSE YOUR CHANCE TO EXCEL IN CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENT - HIRE BEST QUALITY TUTOR FOR ASSIGNMENT HELP!

3.    Remote access infrastructure

Evaluate the remote access infrastructure, identify vulnerabilities and suggest security improvements to mitigate risks to remote access.

3.1 Vulnerabilities Identified in the system

            Firewall, IPS, IDS, DMZ security features are not installed. WEP is used as wireless access protection.

3.2 Suggestions to mitigate the risks

            The work discusses the networks such as IPS/IDP system. These are the network level defenses deployed worldwide. The basic differences between these networks are that they provide protection for detection and prevention terms. The IPS AND IDS were said to be the same because they are deployed the in-line network, among other networks that can take action on that malicious activity. The common difference between the IPS and IDS is that IDS is used for detecting the threats or instructions in the network segment. Where IPS is used for identifying these two terms. The main purpose of the IDS is to provide the auditing, monitoring, and reporting the malicious activities in the network. Whereas, IPS provide security for assets, data, and networks. The major main objectives are classified into four points,

  • The Network Stability and Performance for the IDS is deployed out of the band in a network. it is considered as the logging device which absorbs traffic bursts and average network loads. Whereas IPS are deployed in-line in a network. It has the tendency to perform applications faster and with the high processing capacity.
  • To find the Accuracy with false positives for the IPS and IDS, the three basic rules which include, The IDS minimizes the false positives, where IPS have no false positive. This can be identified by using the alert filters and the anomaly filters and cannot be used for blocking.
  • Similarly, Accuracy with false negatives is simply a missed attack. The IDS needed to detect the attack while IPS is for preventing the attack.
  • The data that is gathered for the analysis through the devices and the sensors from the network can be used for the event of correlation and network forensics in a post-attack scenario.

ORDER NEW CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENT & GET 100% ORIGINAL SOLUTION AND QUALITY WRITTEN CONTENTS IN WELL FORMATS AND PROPER REFERENCING.

4.    Mobility services and Security

Address the COO's concern over the mobility security and design a secure mobile computing (smart phones, tablets, laptops, etc.) in terms of authentication technologies and data protection.

4.1 Concerns related to the enterprise mobility

Though innovation and coordination is the basic form of the mobility of an enterprise, it also increases the risk in the security measures that creates un-noticed opportunities for the criminal who performs cyber-attacks. The benefit is that the enterprises can save the data of the corporate. Your business can be protected from cyber-crimes by understanding the areas of risk and taking the necessary steps to fix them up by employing some security approaches. The following are the top seven risks faced by the enterprise mobility ("An Effective Review of Various Routing Protocols in Wireless Sensor Network", 2017).

Heterogeneous Environment

Mobile devices display a diverse collection of operating systems and appliances that is entirely different from the traditional endpoints. The usage of multiple devices like the personal devices of the employees or the optional devices that are owned by the company increases the risk and the situation is made worse. This is proved by Forrester that nearly 53 percent of workers who handle information use more than three devices for a single work and more than 95 percent of the organization permits the employees to use their own devices for office use. These can be managed by some crucial measures for security that includes strict policies for the mobile operating system and by separating personal and corporate data (Turnbull, 2007).

Anytime, Anywhere Connectivity

The possibilities of accessing unsecured data by mobile devices due to hyper-connection increase the risk of the loss of data. Most of all mobile communication that ranges nearly 71 percent are now streamed through Wi-Fi where over 90 percent of Wi-Fi hotspots that used in public is of less security that can be traced or used by anyone. To control these types of risks, each connectivity should be ensured through network access that is based on some certificates and the usage of VPNs per app in which the data is encrypted in transit. Along with these control measures, the app should be deployed including the email proxies that help you in blocking unauthorized devices or apps.

 

Loss and Theft

It is vulnerable to lose and to steal the devices that are small and are portable. In data it is clearly proven that 3.1 million smartphones have been stolen during the year 2013 that is double the amount of the stolen smartphones in the year 2012. Among these millions of people, nearly eight of each ten people has used their device to get access to the corporate information. These lost or stolen devices could be protected by using certain passwords for the devices as well as the apps using some multi-factor authentication. The corporate apps should be provided to the employees with a single sign-on process and definite certificates. The apps and data of a corporation should be encrypted so that they can be protected even ID the device gets lost or stolen. At the end user full device wipe of selective wipes.

Compromised Devices

The operating system of a device can make the users confuse about it that paves way for gaining the advantages of installing unsecured apps from some app stores that are unauthorized. In the view of Forbes, 18 million iOS devices have tampered with the jailbreak to availability of about six weeks whereas 24 percent of mobile phones that are on corporate networks at present are jailbroken. The device compliance should be monitored continuously, the compromised devices should be identified and blocked from getting access to the network enterprises and apps so that the threats can be handled in the right way.

 

Data Leaks

The IT professionals will get alarmed when a large number of workers rely on a mobile app for both their personal and professional use. The majority 87 percent are more concerned about the mobile data leakage where according to 46 percent of IT leaders say that sharing a file through some unauthorized network is the cause for data leaks. These risks are made to pass further by implementing the DLP policies of the mobile that includes blocking the actions of copy and paste. "Open in" controls should be managed in order to prevent the data by getting accessed by unauthorized apps. It also has the capacity to control the data that is allowed to store either in the local server or on a Micro-SD card.

Bring Your Own Apps

The risk of losing data and potential braches gets increased when the employees depend on their personal apps like file sync and tools that are shared for the purpose of work. At present 25 percent of employees use their own mobile app in their workplace for filling the gap of apps that their employers fail to provide while in 2015, 75 percent of these apps got failed its basic security tests.  A guardian enterprise app store can be provided to get away from these kinds of risky apps so that your business can be protected from all these threats as it provides easy access to third-party apps as well as the in-built apps. Along with it, the user apps that are dependent on the role can be deployed and managed by implementing the security policies for DLP, its encryption, and authentication.

 

Malicious and Risky Apps

The easiest entry point for well-trained cybercriminals is the app that is helpful and seems fun to the users. These apps are normally installed by the users without knowing the risks they may face. Norton Mobile Insight says that there are over a million suspicious apps by October 2014 and more than eight million apps that are getting circulated among the people with risky behaviors. Hacking private and public information (19%), tracking (22%), traditional threats postage (26%), sharing content (13%) and configuration of the device (13%) comes under these risky behaviors of apps. These threats can be managed by implementing mobile threat protection that is managed centrally so that the protection of the device can be ensured and the threats can be detected and the malware can be blocked in advance. IT has the power of blocking access to the suspicious apps and they can be white or blacklisted if some malware is detected. Though the risks seem to be frightening, you can overcome them by providing exclusive mobile protection without any compromise with the experience of the user. Concise infographic clearly explains about the seven major risks with the ways to overcome or control those risks so that you can get a secured data, app, connectivity, production, and protection.

4.2 Mitigating mobility-related threats

The security by design is the first thing that every company should take into consideration during the configuration of the business application regarding mobile use. The development of the application should possess authentic tools from legitimate sources that have less or no vulnerabilities. During the phase of development, security and the function of the mobile user may come in equal proportion. More fluid and better user experience can be created by improving easy use, providing less security as well as login points. This also has the tendency of weakening security. The perfect balance should be maintained here. If users undergo poor usage, they can choose other alternatives that lead to more risks. This type of risk can occur in the medical and financial department that can cause damage to the lives of many innocent people once if their data gets stolen (Hargadon, 2015).

            From the perspective of a user, it will be a better idea of providing the best security practices. Identity theft can be avoided by using password protection in all devices that may felt annoying by the users. Nowadays, many new types of smartphones require fingerprint ID to help users from typing passwords repeatedly. Another important benefit of using passwords are the data can be kept secure even if the device gets lost or stolen. This can be true in the case if users who use BYOD, the best practices policy of the business, i.e., using business application for work-related processes. Thus the best mobile security can be practiced fully as the importance of ensuring the design security of the business app is highlighted that is more user-friendly to use. Finally, there are some cloud networks that connect the mobile devices by which the work information can be accessed by the employees from outside their workplace.

GET GUARANTEED SATISFACTION OR MONEY BACK UNDER CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENT HELP SERVICES OF EXPERTSMINDS.COM - ORDER TODAY NEW COPY OF THIS ASSIGNMENT!

5.    Risks associated with wireless systems

Identify wireless vulnerabilities and recommend what safeguards, authentication technologies, and network security to protect data should be implemented.

            Though wireless technology brought many changes in the computing world, created many job opportunities like new business, it also increased the risk in security.  The wireless LANs that use radio frequencies to broadcast has fewer security as in the 2.4-GHz frequency band that is unlicensed. This connectivity can be done easily like connecting one or more computers within a wireless access point. This can be installed easily and is inexpensive. As this connectivity creates a large number of risks and challenges regarding security, it is important to take necessary measures to fix the risks. The following are the potential risks and the best ways that help you in getting a secure network and make you understand the characteristics of WLAN.

5.1 Identified Risks associated with the wireless systems

Risk No. 1: insufficient policies, training and awareness

Establishing various policies in order to govern wireless networks seems to be the basic requirement of protecting data. But most institution fails to take the necessary step over it or to inform their employees about the risk associated with not using the policies. It becomes more difficult to communicate the problem with the users if once the policy is implemented.

Risk No. 2: Access constraints

The users can initiate connectivity when the signals are repeatedly sent out by the wireless access points. This occurs when the Service Set Identifier of the access point that presents in the 802.11 beacon frames are sent unencrypted. Using this, the unauthorized user can find the name of the network so that he can attempt for an attack easily.

Risk No. 3: Lack of Privacy

Because of the insecurity of wireless networks, they can be attacked easily. Spreading of viruses, losing confidentiality, integration of data, data extraction without any data detection, violations in privacy and stealing the identity are included in such attacks.

Risk No. 4: MAC spoofing/session hijacking

The frames of Wireless 802.11 networks can be alarmed at the time when an imposter hijack or steal the authorized sessions or authentication credentials as the network never authenticate frames. As there is a security against forgery, the authenticity of the data cannot be assured for the data present in the frame. As the attackers can observe a network's Media Access Control addresses, those addresses can be adopted for malicious transmissions. The station address can be identified finally. This cannot be said as a perfect authentication technique as the device can be compromised by any unauthorized party.

Risk No. 5 Physical security deficiencies

            The devices like PDAs, Laptops and other access points that are wireless, handheld and used in common can be easily lost or stolen as they are small in size and are easily portable. In such cases, those devices can be compromised by the unauthorized party for obtaining your device's information.

5.2 Suggested prevention measures

Suggested mitigation measure for risk 1

            The policies that are institution wise which includes procedures about wireless devices and its usage in detail should be developed. These policies help in getting updated with the current technologies and trends if maintained properly. As a part of the overall security strategy, the registration of the WLANs should require minimum as each and every institution has its own specific requirements. It is important to monitor the network in order to know whether the users are following the policies or not, in the case when the policy becomes ineffective because the users are not in compliance. Both the systems administrators and the users should be provided with regular awareness on security and training sessions. The systems administrators should be kept informed about the technical advances and protocols. In addition to it, it is more important for the users to understand the protocol reasons. The importance of vigilance should be stressed with these various sessions of education.

Suggested mitigation measure for risk 2

  • The security features that are available should be enabled and in the meantime, the security features that are embedded should be disabled in default.
  • The default settings should be changed as it is the responsibility of the manufacturer to set default SSID. Cisco's default SSID "tsunami" and Linksys' "Linksys" are the best examples of this. If this is not changed, the possibilities of the unauthorized user to get access becomes easier. An SSID naming convention should be defined. The SSID should not be changed in order to reflect identifiable information as it also gives chances for an unauthorized user to obtain access. It is better to use letters, numbers, and symbols that make a long and meaningless string of different characters.
  • Dynamic Host Configuration Protocol should be disabled and the static IP address should be used instead of it. The usage of DHCP provides P address automatically to anyone though they are authorized or not by making an attempt to obtain access to your private network that is wireless that increases the risk of unauthorized penetration in return.
  • The SSID and the WEP (Wired Equivalent Privacy) that are stored in the Windows registry file should be moved or encrypted to make the files harder for the hackers to gain privileged information. This helps in preventing and delaying the intrusion until the authority detects the claim of intrusion.
  • A closed network should be used so that SSID is typed by the users in the place of typing SSID in the client application. This makes gaining the access more difficult and at the same time the potential resistance can be reduced by providing proper education on risk-mitigation strategy.

SSID can be changed regularly so that the maximum benefit if he closed network can be obtained that prevents the employees from getting access to the network. SSID can be changed regularly by developing and implementing an SSID management process. This also helps in informing the new SSID's authorized employees. The employees who possess WLANs in their private as well as in public places should be traced. The wireless networks can be shut off by the institution if necessary if they are located behind the interface that is main routed. Specific security configurations should be required if the employees use WLANs in their home with encryption and VPN tunneling.

Suggested Mitigation measure for risk 3

  • A network-based intrusion should be deployed along with a detection system and weekly log review of a wireless network.
  • Proper antivirus software should be used and maintained and it should be pushed to the clients from the network servers.
  • Frequent data backups should be created and periodic restorations should be performed.

Suggested Mitigation measure for risk 4

            The access provided to specific MAC addresses can be limited and filtered through a firewall. Even though this technique is insecure in many ways as there is the possibility of duping MAC addresses, the overall strategy of security can be improved by the technique. The required effort maintained is also another difficulty regarding the technique. It is necessary to register the MAC addresses into the database each and every time when an authorized device is added to the network or gets removed from it, as it is integrated into a hardware device.

  • The logs are monitored weekly and the critical host logs are scanned daily.
  • SSH, Transport-Level Security or IPsec type of cryptography should be used as their data link layer are proven.

Suggested Mitigation measure for risk 5

  • Heavy physical security controls like barriers and guards should be implemented so that the theft of various equipment and the unauthorized access of a network can be prevented.
  • New inventions of fielded wireless and other devices that are handheld should be labeled and maintained properly.
  • The devices that are stolen or lost can be prevented by getting access to the WLAN by using device-independent authentication.

DO WANT TO HIRE TUTOR FOR ORIGINAL CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENT SOLUTION? AVAIL QUALITY CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENT WRITING SERVICE AT BEST RATES!

6.    Authentication Protocols

Evaluate the authentication protocols and methodologies within the wired, wireless, mobility and remote access environments and suggest improvements to secure authentication for GFI.

6.1 Authentication protocols for wired network system

            Simple password-based authentication can be used. User name and passwords can be controlled using the active directory (Lagouardat, Wine & Carre, 2017). For wired internet access proxy servers with password protection can be used. Only authorized users can access fully controlled internet resources using firewalls.

6.2 Authentication protocols for wireless network system

            WEP is used at present. It is easily hackable. It is almost like open authentication. Anyone can access the company network. Some of the other powerful authentication types are WPA1, WPA2, EAP, MAC Based, CCKM. For the given environment WPA2 can be used.

6.3 Authentication protocols for mobility system

            WPA2 should be used for mobile devices as discussed above. WEP is an older encryption algorithm used in Wireless network systems. The advantages and disadvantages for WEP technique are given below.

  • In WEB technique security is the major issue. There are no incidents were observed related to the crack key generation.
  • It uses only one key for the authentication process.
  • In WEB technique the master key modification must be completed in all devices. All they are to be done manually.
  • WEB system restricts users to see the network. It requires a key for viewing.
  • This technique is the most useful technique for wireless connection establishment on the older devices.

            WPA is one of the most commonly used encryption algorithms in network systems. This passage brings an overview of the positive as well as negative aspects of the WPA.

  • It has a highly robust algorithm than all of its predecessors. It ensures the safety to be transmitted through the network.
  • For changing key dynamically it uses TKIP. It gives additional security to the network. It is more difficult to crack the continuously modifying key.
  • In WPA the new key is shared to all the system automatically.

6.4 Suggestions to improve the security of GFI

            The firewall should be used for centralized authentication. WPA2 should be used for wireless devices and mobile devices.

7.    Web Access Protocols

Evaluate the web system protocols and vulnerabilities within the Intranet server and suggest secure protocol improvements to improve security for web authentication.

7.1 Vulnerabilities within the Intranet server

            Intranet servers are not protected at present. There is no specific powerful firewall mechanism to control access (Peng, 2013).

7.2 Suggestions to improve security for web authentication

            Web servers should be kept in the DMZ zone. ADS / Authentication servers should be kept in the internal LAN network. Only authentication protocols can be allowed to reach ADS server from web servers.

EXPERTSMINDS.COM GIVES ACCOUNTABILITY OF YOUR TIME AND MONEY - AVAIL TOP RESULTS ORIGINATED CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENT HELP SERVICES AT BEST RATES!

8.    Vulnerabilities of the various assets in the network system

Design a cloud computing environment for the company with a secure means of data protection at rest, in motion and in process.

  • To gain access to new network resources, hackers target on Mail Services. The potential targets are the companies that get accessed to the e-mail over the internet. It should be ensured whether the latest security patch is applied to the operating system as well as the e-mail application to prevent the cyber-attack on a mail server.
  • Vulnerabilities in a firewall are scanned by the network hackers those have no proper configurations and proper updates regarding configurations. The hacker can be prevented by a firewall that is properly configured from attacking a network.
  • The hackers mostly target Filtering routers with SNMP scanners that are more aggressive. The network can be accessed easily by an unauthorized network as the router turns as a bridge due to the effect of the attack.
  • The data that is transmitted by a network to the mail services can be intercepted by network hackers. This can be prevented by the network administrators with the usage of 128-bit key encryption during the time of data transfer to mail services over the Internet.
  • A router is the main part of all the network systems. According to the FBI report, nearly half a million routers are infected by malware. This kind of vulnerabilities is noticed in 54 countries. Till now the security experts can't have identified who is vulnerable. Older firm wares are highly vulnerable to these kinds of attacks. Companies, as well as individuals, must focus on this issue. Because of all the information like confidential data of the organization, emails, messages, and bank details, etc. VPN Filter is the malware which is responsible for the router hacks. In starting, hackers only targeted the home routers to find the bank details. But now they also target the organization routers to collect sensitive information. In network system router hacking is one of the biggest threat.

9. Cloud computing design

Assess all known vulnerabilities on each asset in this environment and impacts if compromised.

  • Cloud security is an up-growing service. It provides the types of similar functions as traditional IT Security. It's protecting information from deletion, theft and data leakage.
  • Advantages of cloud services are to keep our information as safe and also providing a new way of preventing our information's as secure.
  • Cloud security does not change its approach from how to manage security from preventive to detective and corrective actions.
  • All the data will be secure in the data centers
  • There were multiple data centers to keep our information as secure.
  • The benefits of cloud services. Storing data information is cannot be seen by the third party it was full of safe and secure in the cloud security.

            Cloud security provides multiple levels of control in network infrastructure to give continuity and protection. The cloud computing security solution which includes five benefits which include,

  • Protection against Distributed Denial of service - It focuses on measures to stop huge amounts of traffic aimed at the company's cloud serves. to minimize risk it entails monitoring,absorbing and dispersing.
  • Data Security - A top cloud computing security solution has security protocols in place to protect sensitive information and transaction in the ever-increasing era of data breaches which prevents a third party from tampering with data being transmitted.
  • Regulatory compliance - To protect personal and financial data the top cloud computing security solutions helps companies in regulated industries by managing and maintain infrastructures.
  • Flexibility - By scaling your cloud solution during high traffic periods you have the flexibility to avoid server crashes. It provides with the security while turning up or down capacity.
  • High availability and support - To ensure your company's website and applications redundancies are built. A best practices cloud computing security solution offersconstant support for a company's assets. This include lived monitoring 24 hours a day, 7days a week, and every day of the year.

ENROL WITH CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENT HELP AND HOMEWORK WRITING SERVICES OF EXPERTSMINDS.COM AND GET BETTER RESULTS IN CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENTS!

10. Risk Mitigation procedures suggested for GFI's network

Using the asset inventory and the assigned values (monetary and priority) conduct a quantitative and qualitative risk assessment of the GFI network.

  • Confidentiality, Integrity, and Availability problems in outsourcing. Separate rules should be defined and these parameters should be improved.
  • Outsourcing leads to cyber-attacks (????????-???????, 2017). So the services can be outsourced to any well-established IT infrastructure management companies which are good in network security.
  • Outsourcing - oracle database hacked. The database is not in the DMZ zone.
  • Outsourcing - users USB brought virus inside. This should be stopped.
  • Unprotected laptop stolen, Customer financial information stolen
  • Network sniffer in LAN is found. Outsiders can insert their devices into the network easily. This should be stopped.
  • It is apparent from the number of successful cyber-attacks that GFI is an organization severely lacking in information security maturity. COO Willy has commissioned you to perform a quantitative and qualitative risk assessment of GFI's infrastructure to determine where improvements could be made to reduce the risk of future attacks.
  • Encrypting VPN is not done.
  • WEP is used as a wireless authentication protocol. WEP can be compromised easily. WPA2 should be used.
  • Bring your own device is not well secured.
  • MSCHAP v2 protocol is used. Advanced protocols can be used.
  • No Firewall used at present. Cisco firewalls should be used.
  • Database servers are not in DMZ Zone
  • Each department is physically separated. Not using different VLAN
  • DDOS Attack is happening now (Sollars, 2016). That needs to be arrested using Cisco firewalls.
  • Remote applications are slow. Keep a copy of the database and copy of ADS for authentication
  • Secure Bring your own device
  • Secure mobility access
  • WEP is used. WPA2 should be used
  • Cloud computing security
  • Perimeter network security
  • Wireless security should be done
  • Secure authentication for Wired, Wireless and all

24/7 AVAILABILITY OF TRUSTED CMIT 425 ADVANCED INFORMATION SYSTEMS SECURITY ASSIGNMENT WRITERS! ORDER ASSIGNMENTS FOR BETTER RESULTS!

Avail finest University of Maryland Global Campus Assignment Help Service for its major courses and academic units, such as:

  • CMST 341 Principles of Multimedia assignment help
  • CSIA 350 Cybersecurity in Business and Industry assignment help
  • CMST 351 Motion Graphics assignment help
  • CMST 311 Advanced Electronic Publishing assignment help
  • CMST 325 Image Editing assignment help
  • CSIA 360 Cybersecurity in Government Organizations assignment help
  • CMST 425 Advanced Image Editing assignment help
  • CSIA 413 Cybersecurity Policy, Plans, and Programs assignment help
  • CMST 320 Illustration Graphics assignment help
  • CSIA 459 Evaluating Emerging Technologies assignment help
Tag This :- MWS88ADE429INF, CMIT 425 Advanced Information Systems Security Assignment Help

get assignment Quote

Assignment Samples

    VPN Network Design Assignment Help

    vpn network design assignment help - Design a network for an SME. Build VPN services for the users. The network solution would be built on a simulator

Get Academic Excellence with Best Skilled Tutor! Order Assignment Now! Submit Assignment