Question

Considering the scenario of a business organization, explain in detail how the organization could apply four different types of measures to ensure that employees can prevent unauthorized access to the internal organizational network؟

Answer 1

There are many ways to that -

1) White and Black listing- The network administrator can do White listing of IP address which allow those ip address to access network which are approved or white listed by the network administrator to access the internal organization network. Also the network administrator can block the certain suspicious IP address so they can never get access to the internal Network organization.

2) Monitoring of network- The network administrator should do continuous monitoring of network to see if there is any suspicious activity and also check logs continuously to find suspicious activity and can take action on the any suspicious activity. Fir this , network administrator can also use Intrusion detection system in which administrator can define certain rules to check any suspicious activity and the Intrusion detection system will automatically monitors the network and raise alarm if any intrusion is there in network to hack it.

3) Proper authentication using login page- There should be proper login page whenever anyone tries to get access to internal organization network with proper authorities. Each employee should get login through this page to get access to the internal network. This add an extra layer to security of internal network. And it should be make sure that every employee should have strong password so it can't be hacked by hackers and still if any hacker get access to any employee details and do any suspicious activity then network administrator should disable account for that employee so other employees can continue to access network with ease of availability and there is no need to down the whole network.

4) Security testing of network - There should be proper testing of network by ethical hacker to find vulnerability in network if any and can be patched as soon as possible before any hacker get access to it and do some serious damage to it.Also there should be proper sudy of risk management and method should be apply to network configuration to guarantee security.