Engr8762 Computer Networks And Cybersecurity Assessment Answer

Introduction:

Cyber security is a concern that is gaining more and more importance within the organizations in today’s world and needs to be addressed on an urgent basis. There are different kind of cybercrimes that take place across the organizations all across the world.

In this report, the different control measures for the different categories of threats will be discussed in details, which will give the reader a clear understanding of the threats and the associated mitigation techniques. By the end of the report, the reader will have an in-depth understanding of the different mitigation techniques as well as the categories of the different kind sof threats that are prevailing in the organizations in todays world.

ustify;">Accidental corruption of information:

• Usage of proper antivirus programs
• Regular troubleshooting of system and application issues.


Hardware as well as software should be properly updated.

This is the issue faced by many companies today, wherein the important data gets corrupted accidentally due to different reasons such as malware infection and improper troubleshooting of existing issues within the systems of the organizations. The data is corrupted or copied in multiple locations and are often decrypted causing them unable to be read or opened (Wu and Irwin 2016).

Classification and type:

Usage of proper antivirus can be classified as a product based solution for this issue, while regular hardware and software troubleshooting can be classified as physical control measures. These are aimed to prevent any kind of data corruption in the organizational systems and workstations.

• By using patents, trademarks, trade Secret as well as Copyrights.
• Incorporating a proper SLA (Service level agreement) with other third party organizations and doing proper research before sharing any confidential information with anyone..

Protection of intellectual property is aimed for protection of inventions, artistic as well as literary works such as symbols and images, which are created by the organizations out of creativity.

Classification and type:

Usage of patents and trademarks is for preventing the loss of intellectual data, It is classified as administrative in nature. An agreement or SLA is signed in the beginning with the third party organizations so that the third party companies’ to the parent company in case of any misconduct can provide proper compensations. Therefore, it is also an administrative feature.

• Licensed software’s should be used for enterprise purposes.
• Illegal download of software’s should be prohibited within the organizations.

This is an issue where software’s are illegally pirated or used in other systems by illegal download from the internet in order to avoid the license fees associate to its usage.

The control measures such as usage of license is administrative in nature, which should be incorporated by the system administrators. It helps in checking as well as identifying the authenticity of the software’s being used in the organizations.

Theft of information (hacker):

• Usage of network firewalls.
• Use of audit trail features in the enterprise data workstations.

The hackers are stealing confidential information of the organizations remotely by bypassing security measures of the organizations. They release Trojan horse, which is a kind of virus as well as phishing frauds into the organizational computers (Mahmood and Afzal 2013).

Network firewall is a product, which helps in preventing attacks from hackers. Audit trails are also a product-based feature, which can help in detecting who accessed what information and from which system in the organization.

Theft of information (employee)

• Ensure employee job satisfaction
• Introducing strict data policies within the organizations and ensuring that the employees abide by the same.

Employee vandalism occurs when the employees have a revengeful tendency towards a particular fellow employee or the organization as a whole and purposely wants the data of the organization to be corrupted for his own personal or professional interests.

Both the control measures are administrative in nature, which helps in preventing the acts of employee vandalism within the organizations.

Website defacement:

• Detection as well as defacement monitoring tools should be used.
• Adequate response techniques should be ready in case of any such incidences.

It is a malicious attack that a website can face which will in turn change the appearance of the website. The hackers break into the company servers and replace the appearance of the hosted website with their own.

Classification and type:

It is a product-based solution since the monitoring tools are specialized defacement testing products that helps in preventing such an incidence. Response techniques are administrative in nature in order to counter attack such indecencies once they have already occurred.

• Important data systems should be kept at elevated stores within the organizations.
• Fire extinguishers should be there on all floors of an office building

Description of the issue:

Flood is a natural calamity that can cause damage to the systems as well as the networks. Fire can cause massive burnouts of the systems and organizational infrastructures.

These control measures have to be carried out physically in order to prevent as well as counter attack the issues.

• Background verification of all system administrators should be carried out.
• Preventing escalations of privilege accounts.

Description of the issue:

This issue occurs when data, which is supposed to be accessed by officials of higher privilege, are actually accessed and illegally used by users of lower privilege, within the organization.

The control measures are administrative in nature and both the measures help in preventing users of lower privilege to access data meant for higher officials.

Theft of equipment:

• Ensuring more tight security features such as CCTV cameras in all rooms.
• Alarm systems in all floors of the workplace and tight security guards at every doors.
• Description of the issue:

This issue occurs when there are any kinds of threats of any physicals devices such as laptops or other sensitive equipment’s from the workplace that can contain sensitive organizational data.

Classification and type:

These are physical in nature and helps in preventing as well as identifying the thief in case a theft has already occurred within the organization.

Viruses, worms and Trojan horses:

• Use of antivirus programs.
• Description of the issue:

Virus infections can cause data theft as well as privacy breach by the hackers.

Classification and type:

This is a product-based solution such as usage of enterprise antivirus programs like Kaspersky internet security, which prevents such virus attacks.

Conclusion:

Therefore, it can be concluded that if the organizations have proper knowledge about the mitigation techniques of the data security issues as discussed above, they will be able to prevent all possible security threats. If the organizations can consider these threats at the time of implementing any new technology, it will be able to reach newer heights within their work culture in terms of their data and information security.

References:

Mahmood, T. and Afzal, U., 2013, December. Security analytics: Big data analytics for cybersecurity: A review of trends, techniques and tools. In Information assurance (ncia), 2013 2nd national conference on (pp. 129-134). IEEE.

Wu, C.H.J. and Irwin, J.D., 2016. Introduction to computer networks and cybersecurity. CRC Press.