Question

Write a 2- to 3-page paper (500 to 825 words), double-spaced, in APA format focused on designing an ICS/SCADA system, including a network diagram depicting the system components. Identify the major concepts, technologies, components, and security issues related to communications and data networks. Examine the architecture of a particular system and identify significant vulnerabilities, risks, and points at which specific security technologies/methods should be employed.

Instructions

First, choose an ICS/SCADA system to depict. This may be a real or fictitious system. If it is a real system, please include citations for the organization and system design. Then, present the following sections in your paper:

Introduction/System Organization: Describe the organization that owns the system. What is the name of the organization? How large is the organization? Where is the headquarters? Are there additional sites?

Components: Explain the components of the system and include the network diagram in this section.

Future Challenges: Examine the architecture of this system and identify significant vulnerabilities and risks. Be sure to document what you believe will be difficult to manage in terms of security for this system. [MO1.3, MO1.4, MO1.5]

Submit the paper to your mentor for grading.

Note:

This assignment corresponds to or addresses the following Cybersecurity Program outcomes for a bachelor of science degree:

Students apply cybersecurity design best practices and technologies to prevent and mitigate cyberattacks and vulnerabilities.

Students design, implement, and administer networks in a secure manner by integrating network defense technologies, monitoring tools, and measures.

Your work on this assignment should reflect your ability to:

Examine the architecture of a typical, complex system and identify significant vulnerabilities, risks, and points at which specific security technologies/methods should be employed. (System architecture)

Describe the fundamental concepts, technologies, components, and security issues related to communications and data networks. (Fundamental concepts, technologies, components, and security issues)

Answer 1

Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.

Security management

Security management for networks is different for all kinds of situations. A home or small office may only require basic security while large businesses may require high-maintenance and advanced software and hardware to prevent malicious attacks from hacking and spamming.

Types of attacks

Networks are subject to attacks from malicious sources. Attacks can be from two categories: "Passive" when a network intruder intercepts data traveling through the network, and "Active" in which an intruder initiates commands to disrupt the network's normal operation or to conduct reconnaissance and lateral movement to find and gain access to assets available via the network.

Passive

Network

• Wiretapping
• Port scanner
• Idle scan
• Encryption
• Traffic analysis

Active:

• Virus
• Eavesdropping
• Data modification
• Denial-of-service attack
• DNS spoofing
• Man in the middle
• ARP poisoning
• VLAN hopping
• Smurf attack
• Buffer overflow
• Heap overflow
• Format string attack
• SQL injection
• Phishing
• Cross-site scripting
• CSRF
• Cyber-attack