Thursday, May 28, 2020

Information security

If you order your research paper from our custom writing service you will receive a perfectly written assignment on information security. What we need from you is to provide us with your detailed paper instructions for our experienced writers to follow all of your specific writing requirements. Specify your order details, state the exact number of pages required and our custom writing professionals will deliver the best quality information security paper right on time.


Our staff of freelance writers includes over 120 experts proficient in information security, therefore you can rest assured that your assignment will be handled by only top rated specialists. Order your information security paper at affordable prices!


FAO C.E.O. SmallCompany Holdings Ltd.


SenderFrank Loan 61681


R.E. Needs and concerns relating to computer security.


Dear Sir,


Write your information security research paper


Security threats can be classified into two primary areas, natural disasters (i.e. floods, fires, earthquakes, hurricanes) and human. The latter can be again divided into malicious (Hackers, Insiders) and non-malicious (ignorant employees). In the following memo I will try to address these issues and highlight possible solution to same.


Identification and authentication, and access control.


The primary threat to data integrity comes from authorized users who are not aware of the actions they are performing.


· The selection of a password by a user is problematic owing to the number of different that each user may conceivably need to remember to access each section of a system (network, e-mail, etc.).


· User will inevitably choose passwords that are easy to remember (birthdays, names of famous people).


· This will aid malicious attackers in giving them a good chance of guessing the correct password.


· Choosing a less obvious password can give rise to problems of it's own however. For instance users have been known to keep their password and user ID written down to aid memory this can easily fall into the wrong hands.


· Users can unintentionally introduce viruses to the company's system by installing software of their on their workstation.


Security aspects of UNIX servers.


UNIX came into existence in the early 170's designed to exist in a non-hostile environment but since the advent of the internet brought these systems into an international arena new tools, patches and practices have been developed to make these systems much safer.


· Correct passwords and restriction of services


· TCP Wrappers allow the administrator to log and restrict access to services on a computer


· SSH is a secure shell that can completely prevent the passing of cleartext passwords across a network by allowing fully encrypted communications between two hosts.


Network security and firewalls.


It may be desirable for this company to connect its private LANs to the Internet in order to give convenient access to various services. This could leave said LANs vulnerable to misuse and attack. A firewall is a strategy for protecting an organization's Internet reachable sources; it serves as a gatekeeper between the Internet and trusted internal networks.


Firewalls provide several types of protection


· They can block unwanted traffic


· They can direct incoming traffic to more trustworthy internal systems.


· They hide vulnerable systems that cannot easily be secured from the Internet.


· They can log traffic to and from the private network.


· They can hide information such as system names, network topology, network device types, and internal user IDs from the Internet.


· They can provide more robust authentication than standard applications might be able to do.


However, firewalls can be rendered ineffective for example if remote users can access the company's internal networks without going through the firewall (i.e. if a user who works from home can dial into the network, an attacker who can dial into that computer has circumvented the firewall.


TCP/IP.


The TCP/IP protocol stack has some weak points that allow


· IP address spoofing


· TCP connection request (SYN) attacks


Recommendations


1. Firewall software should be installed at all external/internal interface points where this company's internal networks meet the Internet.


. Users should be warned of the dangers of viruses and how they might be introduced to the system.


. Access to the company network by remote users should be restricted where possible.


4. Regularly updated backup files should be kept at a secure, remote location.


5. A password policy should be implemented with appropriate training given to staff. This policy should include


a. A password must be initially assigned to a user when enrolled on the system.


b. A users password must be changed periodically.


c. The system must maintain a password database.


d. Users must remember their passwords.


e. Users must enter their passwords into the system at authentication time.


f. Employees may not disclose their passwords to anyone. This includes administrators and IT managers.


6. Ports that are not being used should be blocked at all times.


7. Disable all unneeded services limiting the possibility of a known security hole being exploited by reducing the number of different services running.


8. Log all attempts at all services, whether successful or not.


References


Practical Security in a Networked UNIX Environment, Bruce Potter


Gollmann, Dieter. Computer Security. John Wiley and Sons, August 1


Garfinkel, Simson, and Gene Spafford. Practical Unix and Internet Security. OReilly & Associates, Inc., April 16.


TechNet Security Threats, Christopher Benson, Inobits Consulting (Pty) Ltd.


Please note that this sample paper on information security is for your review only. In order to eliminate any of the plagiarism issues, it is highly recommended that you do not use it for you own writing purposes. In case you experience difficulties with writing a well structured and accurately composed paper on information security, we are here to assist you. Your persuasive essay on information security will be written from scratch, so you do not have to worry about its originality.


Order your authentic assignment and you will be amazed at how easy it is to complete a quality custom paper within the shortest time possible!