All posts must be (4) substantive responses with a minimum of 150 words each for Question 1, 2, 3 and 4. Ensure you list and break down each response in a word document, along with its reference. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.
There are numerous ways that a network can be attacked, which also means that there are so many small things you can do to plan against those attacks. Here are a couple of easy ways that I’ve encountered 🙂
The first thing you’d want to do is secure the physical hardware as much as possible. You can do all you want to secure the hardware, but it doesn’t matter if the attacker can physically access your equipment. Make sure to store the equipment in a restricted room and possible add a biometric lock. Keep logs of those who enter the room. These logs can be used to see unusual activity just in case you have an insider threat.
Another thing you will want to do is change all the default passwords for any of your hardware. You want to also make sure that the passwords are complex to reduce the chance of attackers cracking it. Most people like to keep the regular passwords because they are easy to remember and if they forget, they can look it up. However, these passwords are usually the first to try for attackers and can be an easy ticket into your network.
Configuration of your ports will also be very important. As per our last week’s assignment, you can logically separate devices into VLANs so that you can have smaller domains, secure traffic and reduce horizontal movement. You can also make sure that unused ports are shut down, so that no devices can reach the switch while connected to them. If you want really strict port settings, you can implement MAC address-sticky and make sure that no other devices other than the one with that specified MAC address will be able to utilize the port. If you are planning to remotely access the devices, use SSH for secure connections.
While there are three main ways to mitigate threats (Active Detection, Passive Detection, and Proactive Defense). While the first two focus simply on the detection, the latter of the three discusses how to actually protect or defend against attacks. The first step involved in making your system strong is to ensure all your systems are current. This means that if you are running operating systems with known and easily exploitable bugs then ensure that you patch them to most up to date version that has fixed said bugs. After ensuring that your systems are current, utilize tools to check for security holes. The Security Administrator Tool for Analyzing Networks can accomplish this. Once you find the holes in your security you can refer back to step one and ensure that they are made up to date with correct patches or fixes available.
Additionally utilizing a good set of security polices can help to actively mitigate the threats you can face from both attacks and insider threats. Things like hiring a third party to check your systems for anything that makes you vulnerable or conducting an exit interview with an employee you are about to release to see if there are any underlying threats from that employee.
Myself personally I would have a set policy of ensuring annual training for employees on proper handling of data and what our company’s procedures are for common threats like phishing or email scam. If we are a secure agency then ensuring everyone has current background investigations, proper badging and access systems in place. This will reduce insider threats. Conduct irregular security check s to ensure employees are following security policies. One such act could be sweeping for cellular devices in an area that does not allow them. Making the facility have wiring done in the ceiling will also prevent cables being damaged from people tripping on them or being accessed by those who do not have the requirements to do so.
Workstations are an area of security policy which should gain particular attention because, according to the textbook they are the most common way to access an organization’s resources and make changes. If a workstation is not secure, then the information they are authorized to access is not secure. Ensuring workstation security both increases information security by limiting access to corporate resources and this increased security limits the liability a company faces due to multiple breaches which could cause damage to third party vendors or clients. The workstation domain is one of the seven domains of IT infrastructure, and ensuring security within the domain helps to regulate that weakest element of human action in the chain of security. Regulating the workstation domain includes measures such as access controls and password policies. Securing the workstation domain is part of a defense in depth security strategy (Weiss, Solomon, 2015).
The LAN domain, another critical layer of IT infrastructure, connects a workstation to a local network. LANs are generally restricted to a small geographic area, like a network which connects all of the workstation devices in a corporate location. Security within the LAN domain, like in many of the other domains, is often concerned with limiting access to resources across the LAN. Security measures which enable this action include access controls, patch management, monitoring, and anti-virus software. As with any security controls it is important to find the balance between security and not affecting the productivity of the company by being too restrictive (Weiss, Solomon, 2015).
Weiss M. Solomon M. (2015) Auditing IT Infrastructures for Compliance. Jones & Bartlett.
1. Briefly discuss how the concept of workstation domains figure into your organization’s security policies, please list your references.
The workstation domain includes devices like computers, tablets, phones, and servers. It also is made up what resides on these devices and the operating systems that make them function. To secure this domain one would have to keep up with patching, software upgrades and hardware upgrades. Aging hardware has the same risk as a system that does not have patch management because a drive or system can fail and render a company useless with out that system or drive. Preforming back ups can help a company but that is only limiting damages caused by out-of-date hardware. An upgrade schedule should me managed and acted upon. Policy should be put into place that allows for a budgeting of funds to upgrade systems over time allowing for the cost to be spread out and not hinger a company all at once. Allowing for this kind of planning will allow any company to evaluate their needs for the future in real time and tailor their budgets the same way.
2. Briefly discuss how the concept of LAN domains figure into your organization’s security policies, please list your references.
The LAN domain is made up of any and everything that connects to the network at question. This normally starts at the curb with the telco provider if they provide a modem for you connect to, moving to what we hope is a firewall, a router, switches, hubs, and Wi-Fi access points. Yes the firewall is more in the lan to wan domain but I believe it resides here as well in some topologies. Lack of security here can allow unauthorized access to the network which means anyone can connect to it and listen to all network traffic.
Dan Wand, M. P. S. C. I. S. S. P. (2021, February 15). Securing the seven domains of IT infrastructure. cyberfore. Retrieved December 1, 2021, from https://www.cyberfore.com/post/securing-the-seven-domains-of-it-infrastructure.