Provide recommendations to secure the computers in the Marketing department of t

Question

Provide recommendations to secure the computers in the Marketing department of this organization. These computers travel outside of the network, so you need to consider how they will connect to the home server, and what should be done to protect them. You should consider the level of access they have to the network and the consequence if they are stolen or used by someone outside of the organization.

Provide recommendations for securing network traffic between the workstations within the building and the server. Identify trust boundaries for the organization and recommend security measures for each trust boundary. Characterize which trust boundaries represent the highest level of trust and those that represent the lowest; what is the distinction between these levels?

Recommend measures to harden the server OS to prevent outsiders from accessing the networked computers. Identify the services for your recommended OS that will aid in the security effort. Explain the policy that should be used for patches and updated on both the server and the workstation OSs. Why is this an important consideration?

Secure the database of the organization and assign the required permissions to the users. You should create a chart of groups and permissions for this portion of the assignment (you do not need to identify specific tables, just information groups).

Describe the implementation process and timeline for your recommendations. Try to give as reasonable a timeline as possible and explain the timeframe you choose.

Expand the section of your report for verifying the implementation of the previously suggested security recommendations from Week 1 and 2. Identify what is being tested for each verification activity and what is proven by each activity. This should include testing activities to make sure the security system is working properly. An example of this would be using an intentionally incorrect password to make sure the system does not allow the login.

Explanation / Answer

Marketing department computers work with the help of wireless connections.The server and router is present in the company and the computers cna access the network though authenticated username and password which is only known to the employees of the amrketing department and no one else.To secure the computers in the marketing department:

1.Install antivirus software in each computers.

2.Connecting to the network using an encrypted username and password decided by the department

3Keeping a backup of data.

4.Monitoring traffic flow and packet inspection to know who is exchanging information and what is the type of info.

To secure network traffic between work stations:

1. Implement a firewall in order to make sure to anlyse data being exchanged.

2. Complete packet inspection should be done of the incoming data and the out going data between the work stations.

3. Passwords of the network should be encrypted along with important data and access should be given to only employees at higher levels.

4.Use WPA key to secure networks.

In order to secure the operating system:

1.Install antivirus software to get rid off any bugs or virus.

2.Install anti-spyware to get rid off any spyware.

3.Dont open unknown emails.

4. Dont trust job offers and open them.

5.keep the softwares up to date and keep updating them every month using updates.

The policy that should be used for patches and updated on both the server and the workstation OSs is called

system update policy.This policy is required to establish a minimum process for protecting the organizational computers on the network from security vulnerabilities. This policy shall determine how updates are done for both servers and workstations, and who is responsible for performing the updates along with specifying the tools used to perform system updates. It includes:

1.Update checking:It includes a review of the patches for each type of update available. and automatic scanning of system to determine which updates are there and not yet have been applied to system.

2.It includes update vulnerabilities fixes which include code errors and misconfigurations not covered by patches

Inorder to secure a database we must do the following:

1.The web servers and databses should be kept seperately:If they are kept together attacker can gain access to one and use all the entire information.Database should be kept on a database server behind firewall.

2.Encrypt the various files: The stores files should be encrypted using keys so that attackers cannot access the database as they wont know the key.Also encrypt the data backups.

3. Security controls: Security controls of the databse should be switched on and made sure it is protecting all the information.

4.Use current patches only:The patches should be uptodate and current and we shouldnt use the past patches.

For example a student database has student information and it can be updated by the school teachers only or student can use it to see the result or insert their names.

However the database of student must be encrypted with all private information and and passwords should be encrypted for every student.The key is the unique username and password given to every student to access their result.The teachers have their own password to update the database. Other than the teachers and students no one should know anything neither the usernames,passwords,keys ,results ,roll numbers or anything related to the student.This is how database is secured by keeping a backup of all the student related information on a hard disk only known to the teachers This ensures the data is kept private and secret to all the hackers and intruders who might try to gain access with a key so the password should be long and unique so that no one can access the databse except these two.

Related Questions

Navigate

• Browse (All)
• Browse P
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.