Question

Course: Security Architecture & Design

Assignment - Executive Program Practical Connection Assignment

Provide a reflection of at least 500 words (or 2 pages double spaced) of how the knowledge, skills, or theories of this course have been applied, or could be applied, in a practical manner to your current work environment. If you are not currently working, share times when you have or could observe these theories and knowledge could be applied to an employment opportunity in your field of study.

Requirements:

Provide a 500 word (or 2 pages double spaced) minimum reflection.

Use of proper APA formatting and citations. If supporting evidence from outside resources is used those must be properly cited.

Share a personal connection that identifies specific knowledge and theories from this course.

You should NOT, provide an overview of the assignments assigned in the course. The assignment asks that you reflect how the knowledge and skills obtained through meeting course objectives were applied or could be applied in the workplace.

Answer 1

As the years are passing by, security is growing as one of the most effective fields in the history of computers. There is a need of getting each one of the things secured with the help of internet security with ethical actions. Many things are happening on the web and promising safety without taking any tough measures is one of the impossible tasks nowadays. Hence, companies and individuals have moved to security tools and technologies to keep their information safe while connected to the internet.

Risk Assessment & Threat Vulnerability:

Nowadays, companies have moved on to the Agile or Rapid Application Development SDLC(Software Development Life Cycle) which has been resulting in reducing the development timeframe. Now, starting with the risk assessment, here we go,

1. Collecting Information:
   • The collection of information is one of the major parts that plays in the security of the organization. The URL of the target must be accessible to gain information.
   • Information caught in wrong hands can turn out to be chaos for any organization. Hence, information must always be safeguarded with levels of security.
2. Risk Profiling:
   • Checking the website for each type of risks/threats is a very important task and must be carried on with each module of the organization's availability in the internet space.
   • There must be things carried out like:
     • Automated threat scanning
     • Penetration Testing
     • Black Box Testing of the source codes
     • Assigning Risk Ratings to the Security Flaws
     • Reporting to higher Authorities
3. Updating Technology:
   • In the current world scenario, it has become very important to update the technologies that are been actively used and must be balanced accordingly.
   • The use of older versions will come with a bunch of vulnerabilities and threats along with the destruction of certain aspects of the organization.
4. Application Fingerprinting:
   • In an organization, certain things must be checked for the known vulnerabilities and exposures. If there, one must always keep it the priority to overcome certain threats to run the organization smoothly.
   • The application fingerprinting consists of different levels of assessment. Here are some of the different scopes:
     • Defining Objectives
     • Devising Strategy to overcome threats
     • Role-Based Access Control Matrix
     • Choosing Appropriate Security Tools

Everyone must keep in mind that being safe on the internet is an integral part of the virtual life and must carry on managing the security each time there is any interference of threats or vulnerability. One must also stay updated if using any third-party application as many zero-day fixes are coming in the applications which help us to stay immune to malware and viruses that have affected the software in the past time.

IT Risk Management:

IT Risk Management is one of the major fields in the information technology and gaining the risk-free software or hardware is the only target at which people look for. Hence, here are some of the key principles in which the human factors work in this field. Here we go,

• The risk assessment is the technique in which the risks are minified using certain techniques. Hence, one of the certain task in it is to identify tasks which are being critical and expose hazards to the information.
• Involving the complete workforce in the identification and conserving the risks through appropriate methods which do not have any effect later on.
• To identify certain human failures which would further make the task tougher and also can lead to an accident with having performance issues at a certain level of use.
• To regularly view the risk of assessing and also making the control measures work completely fine for every task.
• The task that has been taken consists of risks, Hence, identifying the human failures in performing the tasks and also making the failures occurs less in the testing phase.
• Controlling the risk from making the whole system failure is also one of the tasks that must be completely focused on as there are certain conditions when people fail in controlling the processes.

Hence, these are the role of the human factors in identifying, controlling and managing the IT Risk Management to make the process work without any abruptions.

Firewall:

• A firewall is a software or hardware that has been configured with some protocols for the packets that enter or leave the network. The firewalls are been placed in a network to get the network secure.
• With the help of the firewall, the packets get filtered and there is less risk of getting malicious packets through the network which will make the network undergo certain risks.
• They are the software or hardware which can be manipulated by the admin to make the network behave as wanted under any circumstances. Hence, they are been installed for increasing the security inside the computer network.

Windows/Linux Analysis:

• The question consists of a very broad topic let's narrow the whole process. There are some questions which arose to me after reading the above requirements from which some I have listed below:
  • What is the budget for building such workstation?
  • What tools and techniques are going to be used?
  • How fast is the requirement of the passwords to be cracked?
  • What type of password cracking is going to take place, i.e. brute-force attacks, dictionary attacks,etc.?
  • Which language passwords are being cracked?
• Now let's start with answering each of the above questions. The first question is budget, assuming that this is a big organization the budget would be great to move on with the finest hardware and software configuration.
• Hence, the hardware will be based on the budget which can go from good overclocked processors such as i7 processors or fast servers which can consist of the high-end GPU's or we can use supercomputers with a power plant it all depends on the budget. The faster the better for such a process.
• For, software there is certain software in the market which is recommended as one of the best password cracking software. Some of them are listed below:
  • John- The Ripper
  • Hashcat
  • Hydra
  • Rainbowcrack
  • Aircrack-ng (For Wireless Passwords)
  • Cain & Abel
• The Operating system that I would be recommending here would be Linux as it is faster than other operating systems and also it comes with many of the above-listed software in some of their operating system like Kali Linux, Backtrack5r3, etc.
• It is one of the most used operating systems when it comes to vulnerability and penetration testing and as we know password cracking is a form of penetration testing. Linux can come in handy for such a process.

Hence, these are the requirements for building a digital lab for performing password cracking process in more details.

Hence, these are all the things required.

Actions For Effective Risk Management Capabilities:

The actions that one must take to make the risk management effectiveness and up to the mark in management capabilities are as follows:

• Preparing:
  • One must always prepare for the risks and also keep the systems checked for the vulnerabilities.
  • The best approach is to plan and make changes to the system as soon as the updates are launched to a particular system.
  • The planning must work accordingly so that the risks are being minified at the user's end.
• Verifying & Eliciting:
  • Verifying each & every potential risk in the system and if found critical then eliciting the risk will ensure that the risks are eliminated properly.
  • The elimination of the risks is also being done on a certain level so that no further risks are remaining in the system to check.
• Analyzing gaps & Evaluating:
  • Analyzing for risks is the major activities that must be taken on the developing end because if a risk is analyzed in the earlier stage it is less destructive for the system.
  • Evaluating the level of the risks also become important for the users to make the risks less effective on the systems.

Hence, these are actions that could lead to the development of effective risk management capabilities.

Guidelines For Security Policies:

For the security policies, there are certain things to be always taken into consideration, we will discuss all of them as we dive in deep. So here we go,

1. Knowing The Risks:
   • It is the most important part while creating security policies to know what risks are there in the system.
   • How the information is been manipulated at the client as well as the server end. Hence, making the process more secure as data is the part for which security is always compromised.
2. Knowing The Wrongs Done By Others:
   • Knowing that the organizations who have been gone through the certain risks which reside in your system. Learning from the mistakes made by others is always the most effective way of setting guidelines.
   • The guidelines to the security policy consist of the most probable wrong things that every organization with similar risks are been doing.
3. Keeping Legal requirements in mind:
   • Many times organizations completely forget about the legal requirements that are been required by the officials.
   • Hence, keeping the legal jurisdictions, data holdings and the location in which you reside is also most important.
   • Recently, this has been the case with Facebook's most controversial data theft.
4. Setting the level of security:
   • The level of the security that is been planned must always be kept in mind with the level of risks that are been residing in the system.
   • Excessive security in the system can also cause hindrance to the smooth business operations and hence, overprotecting oneself can also be a cause to the problem.
5. Training Employees Accordingly:
   • The training of the employees in a certain part of the security is also a major part of the security policy as the employees are the one who makes mistake.
   • So, if one trains their employee in such an order that they minimize the mistakes that are been made it will become great for the system.

Hence, these are the guidelines for creating an effective and functional security policy.

Port Security:

Maintaining the ports according to the needs is one of the most important things which one should consider while listing down the systems to be secure. As it is going to be one of the most important and major parts of port security.

There are certain steps which one should follow for port security which I believe works for every organization:

• Limiting the number of devices on most of the switch ports is to be done in each organization.
• Also using MAC ADDRESSES in the organization must be limited to a certain level of work procedure.

Now, coming to the techniques in securing ports are as follows:

• Making Use of Dynamic MAC Addresses:
  • It becomes important to dynamically configure and also secure the MAC addresses of the devices which are been connected to the certain ports.
  • The addresses must always be stored in the address table to keep the data secure and also in working mode.
  • In this technique, we also stay away from forwarding traffic from unspecified devices or devices which are not known to the network.
• Using Static MAC Addresses:
  • It is one of the most useful methods as it secures the MAC addresses by statically configuring each of them with the switch port.
  • The MAC Addresses are also stored in the address table.
  • The static configuration of the network is been stored by default while using port security.
  • The table which stores addresses can be made permanent by actually saving them to the startup configuration.
• Using Sticky MAC Addresses;
  • In this, a technique the MAC addresses are used as hybrid addresses which are being dynamically learned from most of the devices which are being connected with the switch port.
  • The addresses are also being put in the address table and are also been entered into most of the running configuration that is static secure MAC addresses.
  • The MAC addresses are also lost if they are not saved in the startup configurations.

Hence, these are technologies that can be used to reduce port vulnerability.

Thus, these are things one can take care off in the work environment to keep oneself safe by making the work environment the safest place to stay around the cyber space.