The president of the university has asked you to examine the current university

Question

The president of the university has asked you to examine the current university network and to identify possible security threats. He has asked for a recommendation on improvements that must be made to protect the university from various threats. The following are areas that should be considered in your recommendation:

Explanations regarding your approach to secure wired and wireless networks

Descriptions for securing Windows and UNIX operating systems

Specifics regarding identification, authentication, and access control mechanisms

Potential consequences if actions are not taken to protect the listed aspects

Prepare ur recommendations in a 3-4 pg, Word document, with references.

Explanation / Answer

Descriptions for securing Windows and UNIX operating systems:

Where there is a data, there is a possiblity of securty threat in the for of data stealing,hanging up bunch of systems,and making the entire network not working properly. In the recent times, we have seen "Ransome ware". It is a highly dangerous software virsus written by hackers which silently enters the system through browsers,or vie networks and it halts the system working and locks the system until we pay some ransome. This type of securtiy and virus problems will have in windows operations systems as well as UNIX operating systems.

So i take the best possible and potential acitons again those kind of threats especially in Windows operating system.Since many software viresues are executable with extension .ext, it is highly possible to Windows system get hacked and theft of confidential data.

Must do Potential Actions in Windows Operationg system:

1)Disable all unnecessary services. So the our windows operating system free from unnecessary services.Otherwise, sometimes few virsus, or programs enters into our system through these services.

2)Remove all unnecessary executables and registry entries. Forgetting to remove unneeded executables and registry entries might allow an attacker to invoke something that had previously been disabled.

3)Apply appropriately restrictive permissions to files, services, end points and registry entries. Inappropriate permissions could give an attacker an opening. The ability to launch CMD.EXE as "LocalSystem," for example, is a classic backdoor.

Securing UNIX operating system:

1)Use a current, supported operating system version. The type of install should be commensurate with the intended use of the system. Update patches regularly.

2)Configure the operating system to make it more secure. Ensuring that ownerships and modes of system directories and files are appropriate is a good initial step. Ensure that binaries and critical configuration files are not world writable.

3)Ensure that every account is password protected with a password that is at least 8 characters long and is difficult to guess. Change default passwords on default (preinstalled) accounts such as sys and daemon, and disable any default accounts that are not needed.

4)Guard against runaway root privileges by restricting access to the root account to as few users as possible. Have root users first login to their own unprivileged accounts, then go to root, rather than logging in directly to root. Ensure that all remote root sessions are encrypted with SSH (Secure Shell) or an equivalent program.

5)Configure additional application software to run at the minimal privilege required. Most do not require, and should not run with, root privileges.

6)Restrict network services to those that are required. Unnecessary services should either not be installed in the first place or disabled.

Specifics regarding identification, authentication, and access control mechanisms:

Inorder to indentify the person,or system,or a request of any kind over the web in the university, we must know the ip address of the system, each and every system will have an IP Address while accesing the internet. Based on the it, we can trace out everything possible with ip address. So I divide the university network into blocks, using Local area network(LANs) and best possible and potenial topology in the network(star,tree,mesh) make our univesity is threat free university.And I assign IP range for each and every block in the network of university. There will be servers which catalog everything done over the web.If any IP address comes from the outside the university, we can trace out easily. And to access the university authonticated systems,things,and stuff like confidentials each and every student will have his/her own userid and passoword as authentication details.

By using all the possible ways we can protect and catalog everthing going around in the university. Tehcnology has been increasing drawstically, using best security mechanisms, we can control accessiblity.

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.