Question

OPTION #1: Assist in creating a Proposal: ......... XYZ Corporation XYZ Corporation is a small organization of roughly 20 to 30 employees working in a simple office space using basic peer-to-peer type networking in which all employees keep their data on their own PCs and each has his or her own devices (i.e., printers, scanners, and other peripherals). In the last few months, XYZ developed a revolutionary widget that will change technology as we know it. The company received a substantial investment and will quickly ramp up to 100 employees. They moved into a new building that was wired and set up for a local area network (LAN). They have implemented a client server-based network in which all printers, folders, and other resources are shared but everyone has access to everything and there is no security outside of the defaults in place when the system was set up. You have been hired to secure XYZ Inc’s network and ensure that the company has the highest levels of security to prevent internal or external attacks. In an 8-10 page proposal, address the following items to provide a comprehensive secure environment: 1. A plan to provide secure Access Control Methods for all user access 2. A viable Password policy, which includes complexity, duration, and history requirements 3. A cryptography method to ensure vital data is encrypted 4. A remote access plan to ensure that users that access the network remotely do so in a secure and efficient manner 5. A thorough plan to protect the network from Malware and other Malicious attacks Your proposal should address all of the elements noted above with support, detail, and elaboration for each section explicitly grounded in knowledge from the assigned readings and media, along with any outside sources you may choose to bring into your writing. Your paper should be 8-10 pages in length, conform to CSU-Global Guide to Writing and APA, and include 3-5 scholarly references in addition to the course textbook to support your views. The CSU-Global Library is a good place to find these references.

Answer 1

1. plan to provide secure access control methods to all user access

Access control :- Access control is a technique that regulates who or what can view or use resources in a computing environment. It is a fundamental concept in security that minimizes risk to business organization.

There are many different types of access control: Network access Control(NAC), identity management(IDM), Web access control, remote access control and device or endpoint access control.

The following steps to provide secure access control

• Implement Authentication to confirm the users credentials in order to allow access, Authorization allow user access to particular application or server or database or any and Accounting and Audit to create a user activity trail.
• Deploy Active Directory and authenticate users before they connect to the network.
• Each user will be provide a username and password for login. Take an example if user don't have any userId or password then anyone can login and utilize those resources. If it was provided then it can more secure
• Authorization is implemented by administrator because Admin can analyze the audit trails and identify access anomalies that might reveal inappropriate access on the part of admins
• The user is only able to access the resources which he is allowed by the administrator
• Accounting is enabled and all users activity is monitored by administrator and logs are generated

2. A viable Password policy, which includes complexity, duration, and history requirements

A password policy is often part of an organization's official regulations. Password policy is set of rules designed by enhance computer security.Strong password provide strong security.

Some Typical components of password policy include:

• Password length and formation : - set a minimum and maximum length of the password like password length would be 8 to 15 characters and the formation of password means password setting with some rules for more secure like
  • use both upper and lower case letters
  • include one or more digits
  • include special characters
  • password do not match with any date , telephone number or any other common numbers
  • password should not contain any abbreviations
  • password was not found in blacklist.
• Password blacklists : - It is the list of passwords that are always blocked from the usage. these passwords are not acceptable for secure purpose because those passwords can easily guessed by other users . common example are password1, abcd123, etc.,
• password duration : - some policies required users to change passwords periodically. Change the password for every 30 days, 90 days or 180 days. Due to change in the passwords periodically the access will be more secure.
• Provide the strong passwords that can be easily memorable and cannot be track with other. for example hard to track -- H@rd2{rack
• sanction :- progressive sanctions begin with warnings and ending with possible loss of computer privileges

Follow those steps mentioned above to provide strong and secure password to your account

3. A cryptography method to ensure vital data is encrypted

Encryption : - Encryption is a technique for transforming information on a computer in such a way that it becomes unreadable.

Different Encryption methods :

• Hashing
• Symmetric methods
• Asymmetric methods

The Data stored in the servers should be encrypted with Advanced Encryption Standards (AES) encryption.

Advanced Encryption Standards (AES) : -

AES is a subset of the Rijndael block cipher developed by two Belgian cryptographers, Vincent Rijmen and Joan Daemen, who submitted a proposal to NIST during the AES selection process.

The more popular and widely adopted symmetric encryption algorithm likely to be encountered nowadays is the Advanced Encryption Standard (AES). It is found at least six time faster than triple DES.

The features of AES is Symmetric key symmetric block cipher, 128-bit data, 128/192/266 bit keys, Stronger and faster than triple DES, Provide full specification and design details.

The Operation of AES is an iterative rather than Feistel cipher. It is based on ‘substitution–permutation network’. It comprises of a series of linked operations, some of which involve replacing inputs by specific outputs (substitutions) and others involve shuffling bits around (permutations). Interestingly, AES performs all its computations on bytes rather than bits. Hence, AES treats the 128 bits of a plaintext block as 16 bytes. These 16 bytes are arranged in four columns and four rows for processing as a matrix. the number of rounds in AES is variable and depends on the length of the key. AES uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys. Each of these rounds uses a different 128-bit round key, which is calculated from the original AES key.

4. A remote access plan to ensure that users that access the network remotely

Remote Access : - Remote access is the ability to access a computer or a network remotely through a network connection. Remote access enables remote users to access files and other system resources on any devices or servers that are connected to the network at any time, increasing employee productivity and enabling them to better collaborate with colleagues around the world.

• Implement Remote Access Virtual Private Network (VPN) on Edge Network. An VPN creates a safe and encrypted connection over a less secure network, such as the internet.
• Remote users will use VPN client to connect securely to the network. Remote access VPNs are used to connect individual users to private networks. With a remote access VPN, each user needs a VPN client capable of connecting to the private network's VPN server
• This will create a virtual tunnel between remote client and the local network. A computer must have software that enables it to connect and communicate with a system or resource hosted by the organization's remote access service. Once the user's computer is connected to the remote host, it can display a window with the target computer's desktop.
• Remote users will securely access the network as well as all the resources as if they were connected locally.

5.A thorough plan to protect the network from Malware and other Malicious attacks

Regardless of your broader objectives, keeping your device healthy is a critical first step down the path toward better security. Before worrying too much about data encryption, private communication and anonymous browsing, for example, you should protect your device from malicious. Malware can dramatically reduce the effectiveness of any other security precautions you might take.

Malicious code: - Malicious code is the term used to describe any code in any part of a software system or script that is intended to cause undesired effects, security breaches or damage to a system. Malicious code is an application security threat that cannot be efficiently controlled by conventional antivirus software alone. Malicious code describes a broad category of system security terms that includes attack scripts, viruses, worms, Trojan horses, backdoors and malicious active content.

Some examples of Malware are Viruses, Screen-locking ransomware, Trojan Horses, Rootkits,Backdoors, Evasion, etc.,

Malware attack: - Some malware is created or purchased by criminals who release it onto the Internet and help it spread as widely as possible in order to make money. This might include malware that searches for credit card numbers on your device and sends them back to the criminal. Some malware takes over your computer and uses it to mine cryptocurrency or interact with online ads to exploit pay-per-click advertising networks. And some malware is designed to infect other devices to which its victims are connected.

The following steps to protect the network from Malware and other Malicious attacks

• An next generation application firewall should be deployed at the network edge
• all the incoming traffic could be monitored before entering the network
• Traffic rules are applied on both incoming as well as outgoing network traffic
• The firewall should be a Unified Threat Management device with all the features
• Intrusion Prevention System should be enabled on the firewall
• Quality of Service should be Implemented