Question

1. A technician, Joe, needs to troubleshoot a recently installed NIC. The PC has limited Internet connection although all other nodes on same network have Internet connections. Describe p practically in in clear steps four Methods Joe must adopt to troubleshoot and resolve the issue.

2. A company has implemented the capability to send all log files to a central location by utilizing an encrypted channel. The log files are sent to this location in order to be reviewed. A recent exploit has caused the company’s encryption to become unsecure.

Describe fully three implementations the company can adopt to resolve this.

(9marks)

3. A system administrator has been tasked to ensure that the software team is not affecting the production software when developing enhancements. The software that is being updated is on a very short SDLC and enhancements must be developed rapidly. These enhancements must be approved before being deployed. Discuss four implementations that will mitigate production outages before the enhancements are deployed.

Answer 1

(a). Step 1: What exactly is the problem?

Getting to the bottom of a computer issue can sometimes feel like playing 20 questions, so it’s crucial to ask the right questions first if you want to discover the root problem quickly.

Step 2: Gather more details, eliminate variables

In many instances, what was reported as a general issue (e.g., the Internet is down) is actually something very particular, such as a specific website being offline.

Step 3: Reproduce the problem, develop hypothesis of root cause

Now that you’ve gathered basic background info, it’s time to get hands-on with the problem. Reproducing an issue simply means verifying you can recreate the same error the user reported.

Step 4: Attempt a fix based on findings

The evidence you’ve already gathered should have narrowed down possible root causes and positioned you to fix the issue. At this point, focused experimentation is the name of the game. You can try tweaking changing settings related to the problem, swapping out faulty parts, repairing corrupted files, updating drivers and software, etc. until you solve the problem (or at least get closer).

Problem Solved? Prepare for future issues

(b). If the encryption is unsecure then we must look forencryption software updates or patches.

If they are available we must install them.

As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability in a piece of software.

A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more features to the software being updated.

(c). The four phases are-

Phase 1 – Development

This is where the application or software is ideated and created. Finding and fixing application security issues in this early stage is far less costly than waiting until after an application has been deployed, so empowering developers to create secure software from inception is critical.

Phase 2 – Testing

Once an application is created, it should be further tested before it’s released in a live environment. Even if you included security in your design, it may meet new challenges in a real-world situation.

Phase 3 – Deployment

With these tests completed, it’s time for deployment. But inevitably, not all vulnerabilities can be remediated for every application before it goes live. Misconfigurations in production environments can introduce issues not present in pre-production, and new zero-day vulnerabilities arise in between release cycles.

Phase 4 – Monitoring

Because technologies and cybersecurity threats constantly evolve, you’ll also want to ingrain security via monitoring.

These tasks, plus the security testing required in the early stages of application development, are critical. But they can be time-consuming and they require expertise to deploy correctly. That’s why many agencies leverage application security services.