Security Assignment

lOMoARcPSD|35825746

Security Assignment

Computer Engineering (Tribhuvan Vishwavidalaya)

Scan to open on Studocu
Studocu is not sponsored or endorsed by any college or university

Downloaded by For jptuse ([email protected])
lOMoARcPSD|35825746
INTERNATIONAL SCHOOL OF
MANAGEMENT AND TECHNOLOGY
FACULTY OF COMPUTING
ASSIGNMENT COVER SHEET

This form is to be completed by students submitting assignments of level 4 and level 5.
Students are required to complete all sections and attach to your assignment.
STUDENT DETAILS
STUDENT NAME BIBEK SAH
STUDENT ID 2022HNDIT133
UNIT AND ASSIGNMENT DETAILS
UNIT TITLE Unit 5: Security
UNIT NUMBER D/618/7406
ASSIGNMENT Managing Network Security for an Organization

TITLE
ISSUE DATE 08/05/2023 DUE DATE 07/07/2023
ASSESSOR Siddhant Bhattarai

NAME
ESTIMATED 8000
WORD LENGTH
SUBMISSION
HAND IN DATE

lOMoARcPSD|35825746
DECLERATION AND ACKNOWLEDGEMENT

When submitting assignments, each student must sign a declaration confirming
that the work is their own.
Plagiarism and Collusion
Plagiarism: to use or pass off as one’s own, the writings or ideas of another
without acknowledging or crediting the source from which the ideas are taken.
Collusion: submitting an assignment, project or report completed by another

person and passing it off as one’s.
In accordance with the Academic Integrity and Plagiarism Policy:
1. I declare that:
a) this assignment is entirely my own work, except where I have included fully-
documented references to the work of others,
b) the material contained in this assignment has not previously been submitted
for any other subject at the University or any other educational institution,
except as otherwise permitted,
c) no part of this assignment or product has been submitted by me in another
(previous or current) assessment, except where appropriately referenced, and
with prior permission from the Lecturer / Tutor / Unit Coordinator for this unit.
2. I acknowledge that:
a) if required to do so, I will provide an electronic copy of this assignment to the
assessor;
b) the assessor of this assignment may, for the purpose of assessing this
assignment:
I. reproduce this assignment and provide a copy to another member of
academic staff;
II. communicate a copy of this assignment to a plagiarism checking
service such as Plagiarism Check (which may then retain a copy of this
assignment on its database for the purpose of future plagiarism
checking).
I am aware of and understand that any breaches to the Academic Code of Conduct
will be investigated and sanctioned in accordance with the College Policy.
SIGNATURE DATE

lOMoARcPSD|35825746
Security|2023
Table of Contents
General introduc琀椀on...................................................................................................................................6
Ac琀椀vity 1......................................................................................................................................................7
Introduc琀椀on.................................................................................................................................................7
Presenta琀椀on................................................................................................................................................7
Types of security risk...................................................................................................................................8
Malware and ransomware a琀琀acks..........................................................................................................8
Phishing and social..................................................................................................................................8
Insider threats.........................................................................................................................................9
Weak authen琀椀ca琀椀on and password policies...........................................................................................9
Organiza琀椀onal Security Procedures...........................................................................................................11
Security Policy for London College............................................................................................................13
Network Monitoring System.....................................................................................................................15
Bene昀椀ts of implemen琀椀ng Network Monitoring System........................................................................15
Poten琀椀al Security Impacts of Incorrect Con昀椀gura琀椀on of:.........................................................................16
Firewall Policies.....................................................................................................................................16
DMZ...........................................................................................................................................................17
Sta琀椀c IP......................................................................................................................................................18
NAT............................................................................................................................................................18
Improving Network Security Using DMZ, Sta琀椀c IP, and NAT.....................................................................19
Example of implemen琀椀ng DMZ.............................................................................................................19
Example of implemen琀椀ng Sta琀椀c IP........................................................................................................25
Example of implemen琀椀ng NAT..............................................................................................................29
Suppor琀椀ng Notes.......................................................................................................................................34
Proposal.....................................................................................................................................................36
Introduc琀椀on...............................................................................................................................................36
IT Security Risks.........................................................................................................................................36
Techniques for evalua琀椀ng IT Security Risks...........................................................................................36
Physical and Virtual Countermeasures......................................................................................................36
Physical Countermeasures.....................................................................................................................36
BIBEK SAH 3

lOMoARcPSD|35825746
Security|2023
Network Monitoring System.....................................................................................................................38

Bene昀椀ts of Implemen琀椀ng Network Monitoring System........................................................................39
Evalua琀椀on of Countermeasures for Organiza琀椀onal Integrity....................................................................41
Data Security Countermeasures............................................................................................................41
Countermeasures for Con琀椀nuity of Opera琀椀ons....................................................................................45
A process for evalua琀椀ng and managing IT security issues.........................................................................47
Conclusion.................................................................................................................................................48
Ac琀椀vity 2....................................................................................................................................................49
Introduc琀椀on...............................................................................................................................................49
Review of London College's exis琀椀ng risk assessment process...................................................................49
Current risk assessment procedures......................................................................................................49
Analysis of Strength and weakness........................................................................................................50
Recommenda琀椀on for improvement......................................................................................................50
IT System Iden琀椀昀椀ca琀椀on.........................................................................................................................51
Iden琀椀昀椀ca琀椀on of Risks............................................................................................................................51
Risk Likelihood De昀椀ni琀椀on..................................................................................................................55
Risk Likelihood Ra琀椀ng................................................................................................................................55
Risk Impact Ra琀椀ng.....................................................................................................................................56
Risk Impact Analysis..................................................................................................................................56
Overall Risk Ra琀椀ng matrix..........................................................................................................................57
Overall Risk Ra琀椀ng Table...........................................................................................................................58
Data protec琀椀on processes and Regula琀椀ons Applied to London College...................................................59
Data protec琀椀on process........................................................................................................................59
Data protec琀椀on regula琀椀ons...................................................................................................................60
An appropriate risk management strategy or applied ISO standard.........................................................61
Applica琀椀on of ISO/IEC 27001 to IT security...........................................................................................61
IT security audit.........................................................................................................................................62
Impact on security following the result of an IT security audit..............................................................62
London college’s organiza琀椀onal policy......................................................................................................63
Recommenda琀椀on on how the IT security at London College can be aligned with its organiza琀椀onal
policy.....................................................................................................................................................63
BIBEK SAH 4

lOMoARcPSD|35825746
Security|2023
Security Impact of Misalignment with Organiza琀椀onal Policy.................................................................63

Conclusion.................................................................................................................................................64
Ac琀椀vity 3....................................................................................................................................................65
Introduc琀椀on...............................................................................................................................................65
Security Policy...........................................................................................................................................65
Disaster recovery plan...............................................................................................................................65
Components of Disaster Recovery Plan.................................................................................................65
Stakeholders..............................................................................................................................................66
Designa琀椀on of stakeholders..................................................................................................................66
Iden琀椀昀椀ca琀椀on of their roles in implemen琀椀ng security audit..................................................................67
Selected Physical, Virtual and Policy elements..........................................................................................67
Selected Physical Elements....................................................................................................................67
Justification for Physical elements.................................................................................................68
Selected virtual elements:.....................................................................................................................68
Justification for Virtual elements...................................................................................................68
Selected Policy Elements:......................................................................................................................69
Justification for Policy Elements....................................................................................................69
Tools used in security policy......................................................................................................................69
Analysis of how the tools meet the needs of London College...............................................................70
Recommenda琀椀on for future......................................................................................................................70
Conclusion.................................................................................................................................................71
References.................................................................................................................................................72
BIBEK SAH 5

lOMoARcPSD|35825746
Security|2023
General introduction
Prepare yourself for an engaging exploration of a noteworthy security incident that unfolded
within the confines of a London-based company. Brace for impact as we delve into the aftermath
of a ransomware siege that unleashed havoc, resulting in a substantial loss of invaluable data. As
a zealous Junior Network Security Specialist operating under the esteemed banner of Phoenix
Security Solutions Limited (PSS), my solemn duty entailed scrutinizing the organization's risk
assessment practices, fashioning a robust security blueprint that adheres to pertinent legislation,
and proffering tangible solutions to fortify the impregnable fortress of London College's IT
security. With bated breath, I shall unveil the crux of my most recent investigation, accompanied
by a symphony of sagacious conclusions and astute suggestions. Thus, let the journey commence
forthwith!
Activity 1
Introduction
In this presentation tailored for establishments such as London College, we shall engage in an in-
depth discourse on plausible hazards that pose threats to IT security and explore effective
countermeasures. Our comprehensive assessment will encompass an evaluation of existing
security protocols, a careful consideration of the merits of network monitoring, and the provision
of strategies aimed at diminishing risks. Vital topics at the forefront include the establishment of
a secure DMZ (Demilitarized Zone), the implementation of Static IP addresses, NAT (Network
Address Translation), fortifying firewalls, and the utilization of VPNs (Virtual Private
Networks). Equally critical will be our focus on ensuring uninterrupted operational continuity
and safeguarding data integrity. With a sense of urgency, let us now immerse ourselves in the
realm of IT security for London College.
BIBEK SAH 6

lOMoARcPSD|35825746
Security|2023
Presentation
Risks of IT Security Threats

Presented by:
Bibek Sah
Types of security risks

Malware and Ransomware Attacks:
• putting a device in a locked or inoperative state.
• data loss, deletion, or encryption.
• using your equipment as a launchpad to attack other companies.
• getting access toinformation for the systems or services that your company uses.
• cryptocurrency mining.
Phishing and Social Engineering:
• Phishing and social engineering are dangerous techniques for deceiving people and gaining sensitive
information.
• Phishing is the practice of deceiving people into disclosing personal information by impersonating
trustworthy companies.
• Social engineering refers to the practice of influencing behavior in order to gain unauthorized access.
• Make sure websites are trustworthy, use caution while using social media, create strong passwords,
educate yourself, and put security measures in place to keep oneself safe.
• Use cautious to prevent falling for these tactics.
BIBEK SAH 7

lOMoARcPSD|35825746
Security|2023
Types of security risk

Malware and ransomware attacks
Phishing and social
Insider Threats:
• a frustrated or irate associate, supplier, or contractor.
• attempts to avoid being discovered.
• working into the early morning.
• shows hostility toward coworkers.
• ongoing disrespect for the company's rules .
Weak Authentication and Password Policies:
• Important security concerns are raised by lax password and login policies.
• Accounts may be exposed to attacks if weak passwords are used, such as ones that are short or simple to guess, or if
multi-factor authentication is not used.
• Security is at risk due to ineffective password rules, such as those with lax complexity requirements or inconsistent
updates.
• Strong password restrictions, two-factor authentication, password hygiene training for users, monitoring for
compromised credentials, and routine policy updates can all help to reduce these risks.
• To safeguard sensitive data and stop unwanted access, authentication and password security must be strengthened.
BIBEK SAH 8

lOMoARcPSD|35825746
Security|2023
Insider threats
Weak authentication and password policies
BIBEK SAH 9

lOMoARcPSD|35825746
Security|2023
BIBEK SAH 10

lOMoARcPSD|35825746
Security|2023
Organizational Security Procedures
BIBEK SAH 11

lOMoARcPSD|35825746
Security|2023
BIBEK SAH 12

lOMoARcPSD|35825746
Security|2023
Security Policy for London College
BIBEK SAH 13

lOMoARcPSD|35825746
Security|2023
BIBEK SAH 14

lOMoARcPSD|35825746
Security|2023
Network Monitoring System

Weak Password and Authentication Policies:
• Weak authentication and password rules may emerge as a result of setup mistakes.
• Systems are vulnerable to brute-force attacks, credential theft, and illegal access in the absence of
strong password constraints, multi-factor authentication (MFA), or password storage security
measures.
• To guard against these security issues, it is crucial to establish strong password rules, enforce
password complexity, activate MFA, and store passwords securely using strong encryption.
Insufficient Encryption:
• Sensitive data might be revealed by inadequate encryption brought on by setup mistakes.
• Ineffective encryption techniques, antiquated protocols, or wrong encryption settings might lead to
unauthorized access or data interception.
• Using strong encryption techniques that work is essential for protecting sensitive data, as is
following secure encryption guidelines.
Instability and downtime of the system:
• Configuration mistakes may result in system instability and downtime.
• Servers, networks, or applications that are not correctly configured can cause crashes and service
failures. Accurate and ideal setup, ongoing evaluation, and other safety measures assure system
reliability.
Benefits of implementing Network Monitoring System
BIBEK SAH 15

lOMoARcPSD|35825746
Security|2023
Potential Security Impacts of Incorrect Configuration of:

Firewall Policies
BIBEK SAH 16

lOMoARcPSD|35825746
Security|2023
DMZ
BIBEK SAH 17

lOMoARcPSD|35825746
Security|2023
Static IP
NAT
BIBEK SAH 18

lOMoARcPSD|35825746
Security|2023
Improving Network Security Using DMZ, Static IP, and NAT
Example of implementing DMZ
Below are the steps applied:

DMZ Configuration
Step 1:
Configuration of the setup in the cisco packet tracer.
BIBEK SAH 19

lOMoARcPSD|35825746
Security|2023
Step 2: Configure IP address to PC, Router and Servers.
Step 3: Configure NAT and DHCPD
BIBEK SAH 20

lOMoARcPSD|35825746
Security|2023
BIBEK SAH 21

lOMoARcPSD|35825746
Security|2023
BIBEK SAH 22

lOMoARcPSD|35825746
Security|2023
Configure DMZ by the given CLI commands
BIBEK SAH 23

lOMoARcPSD|35825746
Security|2023
Testing the DMZ configuration by ping and packet sent.
BIBEK SAH 24

lOMoARcPSD|35825746
Security|2023
Example of implementing Static IP
BIBEK SAH 25

lOMoARcPSD|35825746
Security|2023
Below are the steps followed:
Step 1: Connect all the PCs and Routers
Step 2: Assign Static IP Address to all the PCs and Routers as shown in the figure below
BIBEK SAH 26

lOMoARcPSD|35825746
Security|2023
Step 3: Static Routing between the routers
Step 4: Check the connection
BIBEK SAH 27

lOMoARcPSD|35825746
Security|2023
Hence Configuration is successful.
BIBEK SAH 28

lOMoARcPSD|35825746
Security|2023
Example of implementing NAT
Below are the steps followed:

Step 1: Configure the setup and assign IP Address to routers and PCs as shown in the figure.
BIBEK SAH 29

lOMoARcPSD|35825746
Security|2023
Step 2: Add IP addresses to the routers using the given commands in the figure below
BIBEK SAH 30

lOMoARcPSD|35825746
Security|2023
BIBEK SAH 31

lOMoARcPSD|35825746
Security|2023
Step 3: Add RIP table in Routers
Router :2
Router: 3
BIBEK SAH 32

lOMoARcPSD|35825746
Security|2023
Step 4: Configure NAT with the given commands in the figure and do the test with the
command.
BIBEK SAH 33

lOMoARcPSD|35825746
Security|2023
Supporting Notes
Security Risks to London College:
London College is susceptible to various security risks, including malware and ransomware
attacks, unauthorized access and data breaches, insider threats, social engineering, physical
security breaches, weak authentication and password policies, network vulnerabilities, and data
loss and corruption. These risks can lead to financial losses, reputational damage, and
compromise the integrity of sensitive data. Real-world examples, such as the WannaCry
ransomware attack and the Equifax data breach, illustrate the potential consequences of these
threats.
Assessment of Organizational Security Procedures:

We will evaluate the current security procedures presented in the given scenario (Appendix 1 -
Current Security Policy for London College). This assessment will help us identify the strengths
and weaknesses of the policy. While the policy clearly defines acceptable and unacceptable use,
additional measures may be necessary to address emerging threats. Regular review and updates
to security procedures are essential to ensure they remain effective and aligned with evolving
risks.
Benefits of Implementing Network Monitoring Systems:
BIBEK SAH 34

lOMoARcPSD|35825746
Security|2023
Implementing network monitoring systems offers numerous benefits for London College. These
systems provide real-time visibility into network activities, enabling the detection of suspicious
behavior or security incidents. They facilitate timely incident response by alerting administrators
to potential threats, allowing for immediate action. Network monitoring systems can detect
unauthorized access attempts, malware infections, data exfiltration, and other security issues,
reducing the impact of security breaches and enhancing overall network security.
Potential Security Impact of Incorrect Configuration:

The incorrect configuration of firewall policies and third-party VPN clients and servers can have
severe security implications. Misconfigurations can result in vulnerabilities, unauthorized access,
data breaches, or inadequate protection against external threats. For instance, misconfigured
firewalls can allow unauthorized network access, while improperly configured VPN servers can
compromise data transmission security. Real-world examples, such as high-profile security
incidents caused by misconfigured network components, emphasize the importance of proper
configuration to mitigate these risks.
Improving Network Security with DMZ, Static IP, and NAT:

Implementing a De-Militarized Zone (DMZ) can enhance network security by segregating
internal and external networks, limiting direct access to critical systems. Using a Static IP
address provides more controlled access and reduces the risk of unauthorized connections.
Network Address Translation (NAT) obscures internal IP addresses and adds an extra layer of
protection against external threats. By implementing these measures, London College can
improve network security and reduce the risk of unauthorized access or data compromise.
Method to Assess and Treat IT Security Risks:

To effectively assess and treat IT security risks, London College should adopt a comprehensive
method. This involves conducting regular risk assessments to identify vulnerabilities, prioritize
mitigation efforts, and allocate resources accordingly. The method should include steps such as
threat identification, vulnerability assessment, impact analysis, and the implementation of risk
treatment strategies. This systematic approach ensures a proactive and strategic response to
potential security risks.
BIBEK SAH 35

lOMoARcPSD|35825746
Security|2023
Range of Countermeasures for Organizational Integrity:

To maintain organizational integrity, London College should employ a wide range of
countermeasures that encompass both physical and virtual security. Physical security measures,
such as access controls, surveillance systems, and visitor management, protect physical assets
from unauthorized access or theft. Virtual security countermeasures include robust authentication
mechanisms, encryption protocols, regular data backups, incident response plans, business
continuity plans, and comprehensive security awareness training. By implementing these
countermeasures, London College can safeguard its data, ensure operational continuity, and
minimize the impact of security incidents.
BIBEK SAH 36

lOMoARcPSD|35825746
Security|2023
Proposal
Introduction
In order to safeguard the integrity of their operations, organizations must place paramount
importance on identifying and rectifying IT security issues. By conducting a meticulous risk
assessment, incorporating a holistic blend of physical and virtual security solutions, and
judiciously allocating resources, businesses can enhance their overall security stance and
mitigate potential risks. This approach offers a comprehensive strategy for proactively tackling
IT security concerns and fortifying the resilience of their operations.
IT Security Risks
In the mysterious realm of information security, the enigmatic notion of risk manifests as a
shape-shifting specter, lurking in the shadows, poised to strike at the very heart of businesses and
their cherished stakeholders. It embodies the treacherous dance between the art of technology
utilization, the mastery of administration, and the ever-shifting landscape that envelopes them.
Like a cunning predator, information security risk prowls, awaiting the perfect moment to
unleash its devastating potential for harm. (Watson, 2013).
Techniques for evaluating IT Security Risks

Step 1: Based on analysis, compile a list of your information assets.
Step 2: Determine hazards
Step 3: Identify your areas of weakness.
Step 4: Think about internal policies
Step 5: Find out how likely it is that a circumstance will arise.
Step 6: Analyze the effects that a danger is likely to have.
Step 7: Put the threats to your data security in order of importance to prioritize them.
Step 8: design decisions
Step 9: Note the outcomes (hyperproof.io, n.d.).
BIBEK SAH 37

lOMoARcPSD|35825746
Security|2023
Physical and Virtual Countermeasures

Physical Countermeasures
Restrictions to access: To fortify the security of rooms and data centers, access control systems
provide an invaluable defense mechanism, employing techniques such as swipe card or
biometric-based server admission systems. By allowing only authorized personnel entry to these
fortified domains, the risk of physical tampering or theft is significantly minimized, ensuring the
sanctity of these critical spaces.
Monitoring equipment: As the watchful guardians of organizational sanctity, video surveillance

systems become allies when their sentinel-like cameras are meticulously positioned. These
vigilant electronic eyes render the task of monitoring and documenting activities within the
organization's confines a seamless endeavor. With their unwavering gaze, security incidents or
breaches are captured, transforming them into tangible records that stand as stark reminders,
discouraging any audacious thoughts of trespassing from would-be assailants.
A secure perimeter: A fortified shield encompassing the organization's premises, consisting of

robust physical barriers like fences, gates, and vigilant security personnel, acts as an effective
gatekeeper, enabling controlled access and deterring any unwelcome intrusion. Furthermore, the
strategic placement of ample lighting and prominent signage serves as an additional layer of
defense, bolstering the security of the perimeter.
Discreet Storage: To safeguard vital components such as servers, backup tapes, and other
critical equipment, it is imperative to secure them within designated safe havens fortified with
robust locks, vigilant alarms, and meticulous environmental controls. This comprehensive
approach serves as an impregnable fortress, fortifying against the malevolent forces of robbery,
theft, and criminal mischief.
Discretionary disposal: The sanctity of sensitive information demands meticulous adherence to

established protocols for the disposal of essential documents, technology, and storage media. By
diligently employing processes such as shredding printed materials, engaging trusted disposal
services, and performing physical deletion of storage media, the fortress of data security is
fortified, effectively thwarting any unauthorized access and preserving the confidentiality of
valuable information.
BIBEK SAH 38

lOMoARcPSD|35825746
Security|2023
Information and Education for Employees: Enlightening employees about the imperative
nature of implementing physical security measures is paramount. This entails fostering a deep
understanding of the significance of preserving access codes in utmost confidentiality, promptly
reporting any suspicious activities, and strictly adhering to access control policies. By instilling a
culture of security awareness through frequent training sessions and dedicated efforts to raise
awareness, an impenetrable shield of vigilance is forged, ensuring the collective safeguarding of
organizational assets.
Event planning and emergency readiness: In the grand tapestry of organizational resilience,
the art of crafting and scrutinizing incident response plans and emergency evacuation protocols
takes center stage. These masterpieces of preparedness pave the way for swift and formidable
responses to security-related incidents or dire crises. Through the prism of regular training and
rigorous testing of these response plans, hidden flaws are unmasked, fortifying the fabric of
preparedness and nurturing a culture of continuous improvement. Like skilled artisans honing
their craft, organizations can refine their readiness, painting a vivid portrait of efficiency and
efficacy in the face of adversity.
Network Monitoring System

Network monitoring, sometimes referred to as network management, is the act of routinely
checking a computer network for problems or vulnerabilities in order to maintain network
performance. Although the two ideas are similar in practice, network monitoring may be
conceptualized technically as a subset of network administration (Gillis, 2000).
BIBEK SAH 39

lOMoARcPSD|35825746
Security|2023
Fig: Network Monitoring Tools and Software
Benefits of Implementing Network Monitoring System

Detection of security risks quickly: Unveiling the veil of obscurity surrounding potential
security risks, such as insidious malware infections, illicit access attempts, and anomalous
network behavior, becomes an achievable feat through the vigilant lens of systematic network
traffic and device monitoring. This vigilant surveillance allows for the early detection of lurking
dangers, enabling a swift and proactive response, coupled with effective mitigation techniques.
BIBEK SAH 40

lOMoARcPSD|35825746
Security|2023
By intercepting these threats at their inception, organizations can ward off breaches and
safeguard against the harrowing specter of data loss.
Enhancing Incident Response: Like sentinels in the digital realm, network monitoring systems
stand ever watchful, swiftly sounding the alarm at the slightest hint of pivotal events or
anomalies within the network. By swiftly alerting IT personnel to the occurrence of these vital
triggers, the time required for detection and efficient mitigation of attacks is significantly
reduced. This proactive approach empowers IT employees to swiftly identify and address
security concerns as they materialize, curtailing the potential harm and peril that can be wrought
by security breaches. In the blink of an eye, rapid incident response emerges as the shield against
the malevolent forces lurking in the shadows of the digital domain.
Enhancing the performance of a network: Embarking on the journey of Network Performance

Optimization unveils a realm where bottlenecks, congested domains, and other latent pitfalls that
could impede network performance are laid bare. By maintaining a vigilant watch over network
traffic and performance indicators, organizations gain the prowess to swiftly identify these
potential stumbling blocks. Armed with this knowledge, businesses can navigate away from
these treacherous paths altogether, harnessing network resources to their fullest potential and
fostering an environment of dependable and efficient network operations. Through the discerning
evaluation of network data, the roadmap to seamless connectivity and optimized performance is
charted.
Regulations and Requirements for Compliance: Within the realm of network security and
data protection, the imperative of complying with regulatory obligations and industry standards
holds true, just as it does for other businesses and organizations. As a steadfast ally, network
monitoring solutions play a pivotal role in aiding organizations to demonstrate compliance.
Through their ceaseless vigilance, these solutions diligently monitor network traffic, promptly
detecting and reporting any security incidents or instances of non-compliant activity.
Additionally, they serve as custodians, preserving audit logs and records essential for meeting
compliance requirements. In this symbiotic partnership, network monitoring solutions become
formidable guardians, ensuring that organizations navigate the complex landscape of compliance
with unwavering confidence.
BIBEK SAH 41

lOMoARcPSD|35825746
Security|2023
Resource allocation and capacity planning: The existence of network monitoring systems
bestows upon organizations invaluable insights into critical facets such as resource utilization,
bandwidth consumption, and network usage patterns. Armed with this knowledge, businesses
can orchestrate the evolution of their network architecture, making informed decisions on
resource allocation to optimize effectiveness. Furthermore, this intelligence empowers firms to
proactively adapt to changing consumer expectations, positioning themselves for growth and
staying one step ahead in the ever-evolving landscape of demand.
Addressing issues and troubleshooting: Embracing the role of a knowledgeable guide, network
monitoring systems illuminate the intricacies of network performance, device well-being, and
connection issues, enabling swift and effective troubleshooting. Armed with this comprehensive
understanding, IT specialists embark on a journey of problem-solving, seamlessly identifying the
root cause, isolating faulty hardware or connections, and executing the necessary remedial
actions. Through their astute guidance, network monitoring systems serve as beacons of swift
restoration, rejuvenating network functionality with utmost efficiency.
Analyzing historical data: Within the realm of network monitoring systems, a treasure trove of
historical network data is meticulously gathered and preserved. This invaluable repository
empowers businesses to embark on a voyage of evaluation, unveiling trends and discerning
patterns that serve as guiding lights for choosing optimal capacity planning techniques, fortified
security measures, and refined network optimization strategies. Through astute analysis of this
historical data, businesses are equipped with vital insights that fuel strategic decision-making and
enable the seamless management of networks over the long haul.
Evaluation of Countermeasures for Organizational Integrity

Data Security Countermeasures
1) Potential Security Impact of Improper Firewall Policy Configuration:
a) Unauthorized Access: Improper utilization of firewall policies could render the
company's network vulnerable to unauthorized intrusion, paving the way for unwelcome
visitors. This precarious situation may consequently result in compromising data security,
facilitating unauthorized modifications, or even enabling the illicit pilfering of personal
information.
BIBEK SAH 42

lOMoARcPSD|35825746
Security|2023
b) Weaknesses in the network: Inadequately designed firewall settings may lead to

network vulnerabilities by leaving ports or services open to the internet or an internal
network. These weaknesses might be exploited by attackers to carry out attacks, gain
unauthorized access, or jeopardize the security of the network infrastructure.
c) Viral contamination: Incorrectly set firewalls might not be able to prevent malware
from accessing the network. Data loss, system disruptions, and substantial monetary
losses might potentially occur from malware spreading throughout the company's
systems.
d) Breakdowns in the service: Inadequate firewall policies may mistakenly block
legitimate traffic, causing critical applications or services to stop working. The output,
client happiness, and general success of the business might all be impacted by this.
e) Transgressions of the law: Certain governmental constraints or industry standards may
place restrictions on how organizations deploy network security methods. A poorly
constructed firewall that results in noncompliance might result in legal and financial
problems for the company.
2) Potential Security Impact of Incorrect Configuration of Third-Party VPN Clients
and Servers:
a) A violation of data: Due to improperly configured VPN servers and clients, sensitive
data transmitted over a VPN may be accessed by unauthorized parties, resulting in data
breaches. Hackers may be able to steal, change, or intercept data due to poor access
restrictions, inadequate encryption settings, and insufficient authentication methods.
b) Inappropriate Access: It could be possible for unauthorized individuals to get access to
critical systems or business networks by employing unstable VPN clients and servers.
Attackers could be able to bypass established security measures if there are open network
ports, weak or default passwords, improperly configured user permissions, or weak or
default passwords.
c) The misuse of the internet: Inadequate VPN configurations might leave security gaps
that allow hackers access to the network infrastructure. To do this, network scanning,
distributed denial-of-service (DDoS) attacks, or assaults on other networked devices or
services would be necessary.
BIBEK SAH 43

lOMoARcPSD|35825746
Security|2023
d) Software distribution that is malevolent: On improperly configured VPN servers,

viruses may unintentionally propagate. By taking advantage of setup mistakes or server
damage, attackers can inject malicious code into VPN connections and spread malware to
connected clients.
e) ID theft and IP spoofing: Attackers could be able to forge IP addresses or steal user
identities using VPN servers that are improperly setup. Impersonation may result from
this, in which a criminal assumes the identity of a legitimate user to access restricted sites
by using their login information or fabricating their IP address.
3) Demilitarized Zone (DMZ):

The following are the main traits and goals of a DMZ:
a) Segregation: The DMZ divides the internal network from the external network, either
physically or theoretically. Sensitive internal resources are shielded from direct Internet
exposure and potential threats in this section.
b) Limited accessibility: The external network is given regulated access to particular

resources or facilities through the DMZ. Web servers, email servers, FTP servers, and
programs with a public interface are among the services that are frequently placed in
DMZs.
c) Security perimeters: One security perimeter separates the internal network from the
DMZ, while another security perimeter separates the DMZ from the external network.
Firewalls or other security tools that carry out access control regulations and keep an eye
on traffic surround each perimeter.
4) The following are key ideas about static IP addresses:
a) Standard Address: An administrator can manually assign a static IP address, which is

fixed until changed, to a device or network. Even when the device is rebooted or
unplugged from the network, nothing is altered.
BIBEK SAH 44

lOMoARcPSD|35825746
Security|2023
b) Justify Persistence: The permanence offered by static IP addresses allows other devices
or software to reliably connect to the device by utilizing its established IP address.
Network printers, servers, and other services that need a stable and predictable network
address would particularly benefit from this.
c) Remote hosting and access: For remote access reasons, such as connecting to a device
or network from outside the local network, static IP addresses are frequently employed. It
enables users to connect remotely using protocols like Remote Desktop Protocol (RDP)
or Virtual Private Network (VPN) without having to keep track of IP address changes.
d) Hosting Solutions: For hosting services like websites, email servers, FTP servers, or
gaming servers, static IP addresses are often necessary. They require a reliable and
consistent IP address so that customers or clients may frequently connect to these
services.
5) Network Address Translation (NAT):

At the network layer, or Layer 3 of the OSI model, NAT does a variety of essential
duties.
a) Maintaining a record of IP addresses: Thanks to NAT, several devices on a
private network can share a single public IP address, helping to save the few IPv4
addresses. According to RFC 1918, private IP addresses are not globally routable
and may only be used within the local network. These private IP addresses are
changed into public IP addresses via NAT before connecting to other networks.
b) Having access to a private network: Devices with private IP addresses may
connect to public networks like the Internet thanks to NAT. By converting the
private IP addresses of arriving packets into the public IP address of the NAT
router, it serves as a bridge between the local network and the Internet. As a
result, private network devices may be able to connect with servers and other
equipment on the Internet.
c) IP address concealment: By concealing the private IP addresses of local network

devices from other networks, NAT adds an extra layer of protection. The NAT
BIBEK SAH 45

lOMoARcPSD|35825746
Security|2023
router substitutes the source IP address with its public IP address when devices
connect to external networks, making it challenging for other parties to rapidly
access or identify the private devices.
Countermeasures for Continuity of Operations
1. The Possible Security Effects of Incorrect Firewall Policy Configuration:

a) Inadequate defence: Inadequately designed firewall settings may compromise the
security of critical data and assets and provide unauthorized access to the network.
b) A fictitious sense of security: Inadequate firewall policies may provide the organization
a false sense of security, preventing it from implementing further, vital security measures.
c) Network Performance Was Affected: Network lag and data transmission delays
brought on by inefficient firewall settings might hurt an organization's overall
productivity.
2. The Potential Security Effects of Inadequate Configuration of Third-Party VPN
Clients and Servers.
a) Without authorization: Unauthorized parties may get access to the company's
internal network through improperly configured third-party VPN clients and servers,
endangering precious assets and sensitive data.
b) Risk of Data Breach: Unauthorized parties might be able to view or intercept
sensitive data being transmitted across the VPN as a result of erroneous configuration
settings, which could lead to data leakage.
c) Defects with encryption security: VPN connections may use outdated encryption
methods or subpar encryption techniques as a result of faulty encryption settings,
making them vulnerable to eavesdropping and decryption by malicious parties.
3. DMZ: Demilitarized Zone:
A local area network (LAN) is separated from other untrusted networks, typically the
public internet, by a demilitarized zone (DMZ), which in computer networks can be
either a physical or logical subnet. Other names for DMZs include perimeter networks
and screened subnetworks (Lutkevich, techtarget.com, 2021).
BIBEK SAH 46

lOMoARcPSD|35825746
Security|2023
a) Network division: The DMZ serves as a barrier, establishing a distinct division

between the internal network and servers that are accessible from the outside.
Direct access to important internal resources like file servers and databases is
effectively prohibited.
b) Public Services Hosted: Web servers, email servers, and DNS servers are just a
few examples of the types of servers that are frequently housed in the DMZ. By
putting these servers in the DMZ, the risk of assaults on internal systems is
reduced.
c) Security Zones: Depending on the amount of trust, the DMZ is frequently
separated into a number of security zones. A "front-end DMZ" may contain
publicly accessible web servers whereas a "back-end DMZ" may house server
with limited visibility, such as app servers or database servers.
4. Permanent IP Addresses:
Network hardware is given a static IP address, also referred to as a fixed, permanent
numerical identity. Consistency, accessibility, and permanent identification inside the
network are provided. For applications like hosting servers and remote access, static IP
addresses are the ideal choice, but they need to be manually configured. Dynamic IP
addresses, on the other hand, are always in flux.
a. Consistent Recognition: Static IP addresses give devices or networks a stable,
constant identifier, ensuring continued network accessibility and recognition
throughout time. This is especially useful if consistent and dependable
connectivity is needed.
b. Getting on the server: Static IP addresses are widely used for hosting servers and
services that demand ongoing internet connectivity. Users may easily find and use
servers like web servers, email servers, and FTP servers when given static IP
addresses.
c. Streamlined Network Configuration: Static IP addresses may be assigned at
several network layers, including routers, gateways, and particular devices. This
offers dependable routing and efficient traffic management by simplifying
network configuration and management.
5. NAT:
BIBEK SAH 47

lOMoARcPSD|35825746
Security|2023
NAT, or Network Address Translation, is a networking technique that allows several

devices on a local network to share a single public IP address. It secures IP addresses and
provides a certain level of security by transforming private IP addresses to a public
address when interacting with the internet.
a) Translation of IP addresses: The public IP address issued by the Internet
Service Provider (ISP) and the private IP addresses used within a local network
are transformed via NAT. As a result, many private IP address-equipped devices
can access the internet using a single public IP address.
b) Use IP addresses efficiently: The limited supply of public IP addresses is
safeguarded by NAT. Businesses can cut down on the number of public IP
addresses needed to access the internet by employing private IP addresses within
a local network.
c) Additional network security measures: By protecting the devices on the local
network, NAT serves as a firewall and improves network security. Due to the
secrecy of their secret IP addresses, they are unreachable to outside sources. An
additional degree of security is introduced by using translation rules to direct
incoming internet traffic to the proper internal device.
A process for evaluating and managing IT security issues.

a) Risk assessment: Identify, evaluate, and rank any potential security threats to the IT
infrastructure, systems, and data.
b) Create a security plan: Establish comprehensive security policies and procedures that
adhere to the law and best practices.
c) Implementation of safety measures: Apply security measures such as firewalls,
encryption, and access controls based on the security needs.
d) Identifying circumstances and responding to them: In order to promptly identify and
minimize security occurrences, implement incident response and real-time monitoring
procedures.
e) Ongoing examination and observation: Security procedures must be routinely assessed
and monitored in order to identify vulnerabilities and guarantee fast remedies.
BIBEK SAH 48

lOMoARcPSD|35825746
Security|2023
f) Employee Education and Information: Employees should undergo thorough security

training that places an emphasis on following security procedures and encouraging a
vigilant culture.
g) Recurrent Evaluation and Updates: Review and update security protocols on a regular
basis to account for new threats and technological developments.
h) Managing Third-Party Risk: Identify and control security threats related to partners
and external vendors.
i) Observing and adhering: Utilize internal and external audits to assess compliance with
industry standards and security requirements on a regular basis.
j) Review of the incident and its lessons: Conduct a post-incident investigation, pinpoint
the root causes, and implement the necessary changes to stop incidents from happening
again (Cobb, 2020).
Conclusion
In order to increase security measures, London College has tight procedures in place to fix issues
including insufficient access controls and outdated software. In addition to emphasizing the
development of powerful VPNs and firewalls to prevent unwanted access, it places equal
emphasis on network monitoring's capacity to identify threats in real time. Network security can
be increased by the use of DMZ, static IP addresses, and NAT, among other techniques. Regular
risk assessments, physical security measures, and technological security measures all serve to
safeguard the organization's integrity. To reduce risk and defend against cyberattacks, a clear
security plan, educational activities, and proactive preventative measures are crucial.
BIBEK SAH 49

lOMoARcPSD|35825746
Security|2023
Activity 2
Introduction
This process evaluation essay examines the policies and procedures for data security at London
College. Along with a review of risk assessment methods and an introduction to data protection
laws and regulations, it also offers a summary of the ISO standard or suitable risk management
plan that was employed. A plan is created to align organizational policies with IT security once it
has been determined how an IT security audit might affect the college's security. In order to
protect sensitive information and lower risk, it is essential to follow data security standards and
best practices.
Review of London College's existing risk assessment process
Current risk assessment procedures

The likelihood, impact, risk assessment, and priority criteria are used in the current risk
assessment for London College to prioritize the risks associated with different assets and threats.
The assessment ranks hazards on a scale of 1 (Low), 2 (Medium), and 3 (Critical).
The risk assessment revealed a variety of dangers, including virus infections and data loss on
computer lab PCs, copyright violations on computer lab PCs, transmission of illegal materials on
computer lab PCs, virus infections and data loss on staff laptops, copyright violations on staff
laptops, virus infections and data loss on the file server, and potential distributed denial-of-
service (DDoS) attacks and virus infections on the network.
The likelihood and significance of these dangers are graded, with risks that could have major
repercussions receiving more attention. The risks that are given priority one is those that are
thought to be unlikely to materialize, priority two should be dealt as soon as financial resources
are made available, and priority three requires immediate attention.
By evaluating the most serious risks in terms of priority, the College is able to concentrate its
resources and make sure that the appropriate steps are done to reduce and manage risks
effectively. Ranking the risks and the relevant responses enables this.
BIBEK SAH 50

lOMoARcPSD|35825746
Security|2023
Analysis of Strength and weakness

Strengths:
Prioritized approach: The risk assessment's classification of threats into various priority levels
enables the prompt execution of a tailored strategy to deal with significant challenges.
A Variety of Applications: Virus infections, network attacks, data loss, infringement of

intellectual property rights, and other potential dangers are all covered in the assessment. As a
result, it offers a comprehensive assessment of the threats that London College faces.
Impact and Prospect Analysis: The evaluation takes into account each risk's likelihood and
effects, providing a framework for allocating resources and determining priorities for mitigation
strategies.
Weakness:
Absence of Particular Risk Mitigation Information: The absence of precise information on

particular steps or techniques to reduce risks highlighted in the risk assessment report may make
it more difficult to implement targeted and effective security controls.
Restrictive Scope: The evaluation may not fully address other potential security concerns, such
as physical security or social engineering attacks, because it primarily focuses on IT-related
weaknesses.
Failure to Follow Industry Standards: The assessment makes no mention of following best
practices or industry standards, which could cause a mismatch between the college's security
measures and established industry standards.
Recommendation for improvement

The following are specific and efficient risk-reduction measures: London College must
develop thorough risk mitigation plans with clear instructions on how to avoid, recognize, and
deal with security concerns for each risk that has been identified.
BIBEK SAH 51

lOMoARcPSD|35825746
Security|2023
The enlargement of the scope of risk assessment: The risk assessment should consider not
only IT-related vulnerabilities but also other security components like physical security, social
engineering attacks, and human factors to get a full view of the college's overall security posture.
Complying with industry standards: London College should adopt and implement industry
standards like the NIST Cybersecurity Framework and ISO 27001. This ensures that security
techniques are trustworthy, up to date, and in line with industry standards.
Risk evaluation and effect: The proper metrics or scales should be used to analyze risks and
their potential impacts in order to increase the objectivity and accuracy of the risk assessment. As
a result, risks can be prioritized by being ranked in order of priority.
IT System Identification
IT System Inventory and Definition Document
IT System Identification and Ownership
IT System ID LGT-354 IT System
Common Name
Owned By College Student Information System
Physical London College Data Centre
Location
Major Business Management of student information, contact details, assessment data,
Function attendance, and Special Educational Needs (SEN) data.
System Owner James Smith System 78776777777
Phone Number 98898989898 Administrator(s)
Phone Number
Data Owner(s) 65656565656 Data Custodian(s) 43434343434
Phone Phone Number(s)
Number(s)
Other Relevant Critical application managing student data with secure and reliable access.
Information
ss
Identification of Risks
By connecting known vulnerabilities to actual threats, risk assessment involves assessing
potential risks. Vulnerabilities are any weak points or flaws that could have a detrimental effect
on the IT system, the data it administers, or the business as a whole. A vulnerability is anything
that could adversely affect any of the following:
BIBEK SAH 52

lOMoARcPSD|35825746
Security|2023
 IT systems
 Its data managementthe company
BIBEK SAH 53

lOMoARcPSD|35825746
Security|2023
Risk Risk of
Vulnerability Threat Risk Summary
No. Compromise of
Outdated Operating Virus High Due to old operating

Systems and systems and software,
software there is a high chance
1 of compromise, which
leaves the systems
open to malware and
viruses.
Data backup issues Deletion of Data Moderate Due to inadequate

data backup
procedures, there is a
2 marginal chance of
data compromise,
which could lead to
data deletion or loss.
Inadequate Breach of Copyright Moderate Due to insufficient

Network Security network security
Measures measures, there is a
little chance of
compromise
3 involving copyright
infringement, making
it simpler for
unauthorized access
and exchange of
copyrighted data.
BIBEK SAH 54

lOMoARcPSD|35825746
Security|2023
Risk Risk of
Vulnerability Threat Risk Summary
No. Compromise of
Insecure File Virus Medium Due to an unsecured

Server file server
Configuration configuration, there is
a medium risk of
compromise,
4
rendering it
vulnerable to malware
infections and
potential data
breaches.
Control analysis
In-Place/
Control Area Description of Controls
Planned
System Patch In-place All operating systems and applications receive routine security
Management patch updates to fix known vulnerabilities and lower the risk of
virus infestations.
Data Backup and Planned Implementing planned data backup methods and testing and
Recovery validating the backup and recovery procedures will ensure that
crucial data is regularly backed up.
Network Access In-place Implementation of strong network access controls, such as user
Controls authentication, role-based access control, and content screening
tools, to stop unauthorised access and unauthorised distribution
of protected content.
File server Security In-place Regular security audits and hardening of file server setups,
including access controls, file permissions, and encryption, are
necessary to reduce the risk of virus infections and
unauthorised access.
Risks-Control-Factors Correlation
BIBEK SAH 55

lOMoARcPSD|35825746
Security|2023
Risk Correlation of Relevant Controls & Other

Risk Summary
No. Factors
Because of the outdated operating Regular updates and patches applied to
systems and software, there is a address vulnerabilities. Monitoring software
1 high danger of compromise, which vendors for timely updates.
leaves the systems open to malware
and viruses.
Due to inadequate data backup Scheduled backups with testing and
procedures, there is a marginal monitoring for reliability.
2
chance of data compromise, which
could lead to data deletion or loss.
Due to insufficient network security Robust authentication, role-based access, and
measures, there is a little chance of content filtering. Education programs on
compromise involving copyright copyright policies and responsible digital
3
infringement, making it simpler for content use.
unauthorized access and exchange
of copyrighted data.
Due to an unsecured file server Regular assessments and hardening for virus
configuration, there is a medium protection and access control. Continuous
4 risk of compromise, rendering it monitoring and auditing for adherence to
vulnerable to malware infections security practices.
and potential data breaches.
BIBEK SAH 56

lOMoARcPSD|35825746
Security|2023
Risk Likelihood Definition

Probability of Threat Occurrence (Natural or Environmental Threats) or
Effectiveness of Threat Motivation and Capability (Human Threats)
Controls Low Moderate High
High Low Low Moderate
Moderate Low Moderate High
Low Moderate High High
Risk Likelihood Rating
Risk Risk Likelihood

Risk Summary Risk Likelihood Evaluation
No. Rating
Because of the outdated Low 1
operating systems and
software, there is a high
1 danger of compromise,
which leaves the
systems open to
malware and viruses.
Due to inadequate data Moderate 2
backup procedures,
there is a marginal
2 chance of data
compromise, which
could lead to data
deletion or loss.
3 Due to insufficient Low 1
network security
BIBEK SAH 57

lOMoARcPSD|35825746
Security|2023
measures, there is a little

chance of compromise
involving copyright
infringement, making it
simpler for unauthorized
access and exchange of
copyrighted data.
Due to an unsecured file Low 1
server configuration,
there is a medium risk
of compromise,
4
rendering it vulnerable
to malware infections
and potential data
breaches.
Risk Impact Rating

Magnitude of Impact Definition
Impact
High The risk's occurrence could lead to serious harm or impediments to the
purpose, reputation, or interest, as well as human death or serious injury, loss
of important tangible assets, resources, or sensitive data.
Moderate If the danger materializes, there could be human casualties, significant

financial losses in terms of resources or tangible assets, as well as potential
harm or obstruction to the mission, reputation, or interest.
Low If the danger materializes, it might lead to the loss of some material resources
or assets or have a significant impact on the mission, reputation, or interest.
Risk Impact Analysis
BIBEK SAH 58

lOMoARcPSD|35825746
Security|2023
Risk Risk Impact

Risk Summary Risk Impact
No. Rating
Because of the outdated operating High 3

systems and software, there is a
1 high danger of compromise, which
leaves the systems open to malware
and viruses.
Due to inadequate data backup Moderate 2

procedures, there is a marginal
2
chance of data compromise, which
could lead to data deletion or loss.
Due to insufficient network Moderate 2

security measures, there is a little
chance of compromise involving
3
copyright infringement, making it
simpler for unauthorized access and
exchange of copyrighted data.
Due to an unsecured file server Moderate 2

configuration, there is a medium
4 risk of compromise, rendering it
vulnerable to malware infections
and potential data breaches.
Overall Risk Rating matrix
BIBEK SAH 59

lOMoARcPSD|35825746
Security|2023
Risk Impact
Risk Likelihood Low Moderate High
(10) (50) (100)
High Low Moderate High

(1.0)
10 x 1.0 = 10 50 x 1.0 = 50 100 x 1.0 = 100
Moderate Low Moderate Moderate

(0.5)
10 x 0.5 = 5 50 x 0.5 = 25 100 x 0.5 = 50
Low Low Low Low

(0.1)
10 x 0.1 = 1 50 x 0.1 = 5 100 x 0.1 = 10
Overall Risk Rating Table

Risk Risk
Risk Impact Overall Risk
Risk Summary Likelihood
No. Rating Rating
Rating
Because of the outdated 1 3 3

operating systems and software,
there is a high danger of
1
compromise, which leaves the
systems open to malware and
viruses.
Due to inadequate data backup 2 2 4

procedures, there is a marginal
2 chance of data compromise,
which could lead to data
deletion or loss.
Due to insufficient network 1 2 2

security measures, there is a
little chance of compromise
3 involving copyright
infringement, making it simpler
for unauthorized access and
exchange of copyrighted data.
BIBEK SAH 60

lOMoARcPSD|35825746
Security|2023
Risk Risk
Risk Impact Overall Risk
Risk Summary Likelihood
No. Rating Rating
Rating
Due to an unsecured file server 1 2 2

configuration, there is a medium
risk of compromise, rendering it
4
vulnerable to malware
infections and potential data
breaches.
Data protection processes and Regulations Applied to London College
Data protection process

Numerous procedures and safety checks are carried out as part of the data protection process to
preserve sensitive data and guarantee its confidentiality, integrity, and availability. A summary of
the data protection procedure is provided below:
Data categorization: You can choose the required level of protection by classifying data
according to its sensitivity and criticality. This makes it simpler to set up the appropriate security
measures and prioritize resources.
Risk evaluation: The security of the data may be threatened by unauthorized access, data
breaches, loss, or corruption. Identify and evaluate these risks. You can prioritize your mitigation
strategies by figuring out how likely these threats are and what they might mean in terms of
outcomes.
BIBEK SAH 61

lOMoARcPSD|35825746
Security|2023
Data security policies: Make and implement data security policies that describe how to govern
and protect data handling procedures. These guidelines ought to include everything, including
access restrictions, data encryption, data retention regulations, and disposal practices.
Access Management: Install trustworthy access control systems to guarantee that only people
with permission can access and edit data. This includes ongoing user privilege audits, role-based
access control, and user authentication.
Data protection: To prevent unauthorized access and interception, encrypt sensitive data both in
transit and at rest. Industry standard procedures should be followed while using encryption
techniques and protocols.
Data protection regulations

Data protection laws and regulations are the procedures created to guarantee the security and
privacy of personal information about persons. Any organizations that gather, handle, keep, or
transfer personal data are subject to these limitations. The following are some important pieces of
data protection legislation:
An overview of the General Data Protection Regulation (GDPR): The European Union (EU)
has approved a comprehensive data protection law known as the GDPR, which imposes strict
guidelines on businesses that handle the personal data of EU citizens. It creates guidelines for
data controllers and processors and gives users more control over their data.
Consumer Privacy Act of California (CCPA): The CCPA, a data protection law, strengthens
consumer protection and privacy rights in California, the United States. It limits corporations'
data collection, usage, and disclosure while also giving Californians particular rights to their
personal information and protecting consumer rights.
Act governing the portability and accountability of health insurance: The confidentiality and
security of personal health information are protected by US law known as HIPAA. It includes
healthcare suppliers, insurers, clearinghouses, and their business associates.
Personal Data Protection Act (PDPA): The collection, use, and disclosure of personal data are
all subject to Singapore's PDPA data protection law's regulations. It places emphasis on
BIBEK SAH 62

lOMoARcPSD|35825746
Security|2023
organizations' responsibilities regarding permission, data accuracy, data protection regulations,

and human rights (Lavery, 2023).
An appropriate risk management strategy or applied ISO standard

An excellent risk management method is ISO/IEC 27001:2013, an acknowledged ISO standard
for information security. It offers a reasonable strategy for handling the dangers to an
organization's information security. The following are the main elements of this criteria:
Establishing Context:
Know the organization's background, including its goals for information security, legal
obligations, and risk management strategy.
Risk evaluation: When identifying and assessing information security risks, take into account
weaknesses, internal and external factors, and potential effects on the company's assets.
Risk management: In order to address the risks that have been identified, develop and put into
action a risk management strategy. To decrease or completely eliminate the threats, this
necessitates choosing and implementing the necessary security measures.
Recognizing risk: After implementing the chosen controls, evaluate the remaining risks to see if
the organization can accept them.
Monitoring and evaluation: Monitor the effectiveness of the security safeguards you've put in
place. Review your risk assessments frequently and make any necessary modifications.
Application of ISO/IEC 27001 to IT security

At London College, ISO/IEC 27001:2013 is used to implement IT security. This makes it
feasible to manage risks effectively and implement data security controls, asset management,
access control, incident response, and continuous improvement. The college is better prepared to
handle emergencies, manage resources, impose access limits, identify threats, and improve
security overall by adhering to this criterion. The availability and integrity of data are ensured by
ISO/IEC 27001:2013, which offers a rigorous approach to protecting IT infrastructure, data, and
systems.
BIBEK SAH 63

lOMoARcPSD|35825746
Security|2023
IT security audit
A security audit determines how closely the system adheres to established requirements in order
to assess the security of an organization's information system. A thorough audit routinely
assesses the setup and environment, physical setup, user behavior, information handling
methods, software security, and setup and environment.
Impact on security following the result of an IT security audit

Added security precautions: The audit's findings aid in locating operational and IT system
flaws and vulnerabilities within the firm. The organization can put stronger security measures in
place by addressing these problems, such as updated policies, improved access restrictions,
improved network security, and data encryption. The company's security posture subsequently
improves.
Risk reduction: The audit identifies weaknesses and potential threats, enabling the company to
take proactive steps to lower such risks. The business can lessen the possibility of security
events, data breaches, and unauthorized access to sensitive information by plugging any gaps
discovered.
Higher adherence: In IT security audits, compliance with relevant legislation and industry
standards is frequently checked. By acting on audit recommendations, the organization can
increase compliance with legal and regulatory requirements, avoiding fines and reputational
damage brought on by non-compliance.
Improvement of Incident Response: During the audit, the organization's incident response
capabilities might be evaluated. By implementing recommendations and improving incident
response procedures, the company may be better able to identify, resolve, and recover from
security vulnerabilities.
Greater education and training: The audit's findings may increase staff awareness of potential
security risks and the need of observing security procedures. A staff that is accordingly more
security-conscious and better training programs can reduce the incidence of security incidents
caused by human error (Vergesa, 2023).
BIBEK SAH 64

lOMoARcPSD|35825746
Security|2023
London college’s organizational policy

London College has put in place a business policy that ensures a safe and lawful workplace. This
policy assigns responsibilities, specifies information security objectives, and emphasizes risk
management heavily throughout. The inclusion of data classification, access control, incident
management, and regulatory compliance as well as the promotion of security awareness are all
included.
By adhering to this policy, the college is able to maintain the information's accessibility,
integrity, and confidentiality. In addition to establishing standards for data storage, access
management, and incident response, it also promotes a security-aware culture across the board
for the entire organization. This policy contributes to a safer and more lawful environment at
London College.
Recommendation on how the IT security at London College can be aligned with its
organizational policy
The organizational policies of London College can be coordinated with IT security.
 Conduct continual policy training and awareness campaigns.

 Analyze risks and put risk management techniques into practice.
 Implement stringent user management and access control policies.
 Create a successful incident response strategy.
 Implement categorization and data protection mechanisms.
 monitoring adherence to standards and guidelines.
 The company's policy has to be often examined and revised.
 Check to see if outside providers follow security rules.
Security Impact of Misalignment with Organizational Policy

Inconsistencies in organizational policy may have the following security repercussions:
 bigger holes and security issues.

 fewer effective safety measures.
 a disregard for the laws and regulations.
BIBEK SAH 65

lOMoARcPSD|35825746
Security|2023
 inconsistent security measures.

 greater internal threat.
 inadequate ability to adapt to the situation.
 lack of security responsibility.
 a negative impact on reputation.
Conclusion
The corporate policy must be followed by London College's IT security procedures in order to
provide strong data protection and reduce security threats. Vulnerabilities, legal violations, and
inadequate incident response skills can result from inconsistencies. The college can lessen these
risks and create a secure work environment by regularly conducting risk analysis and promoting
a culture of security awareness. London College may improve data protection, accomplish
compliance, and grow stakeholder trust in its commitment to information security by integrating
IT security with organizational policy.
BIBEK SAH 66

lOMoARcPSD|35825746
Security|2023
Activity 3
Introduction
Designing a comprehensive security strategy for London College that includes a disaster
recovery plan and a risk assessment process that complies with ISO standards is the subject of
activity 3. This effort attempts to solve the flaws found in the current risk assessment processes
and offer efficient countermeasures to possible IT threats. Stakeholders and their responsibilities
for carrying out a security audit will be named and discussed. The physical, virtual, and policy
aspects chosen for inclusion in the security plan will be justified based on their applicability and
efficacy. It will also be evaluated to see how well the tools selected fit London College's
particular requirements. The main goals are to strengthen the college's security framework,
protect sensitive data, and develop a robust system that guarantees continuous operations.
Security Policy
A security policy is a written document or collection of guidelines that specifies the policies,
processes, and best practices to be followed inside an organization to guarantee the privacy,
availability, and integrity of its data and resources. By outlining the duties and expectations of
staff, users, and stakeholders with regard to information security, it serves as a foundation for
creating and maintaining a safe environment (Lutkevich, techtarget.com, 2020).
Disaster recovery plan

A disaster recovery plan (DRP) is a written and organized strategy that specifies the steps to be
taken in the case of a catastrophe or disruptive events. It is intended to lessen the effects of the
catastrophe and guarantee the restoration of vital company operations and IT systems.
Components of Disaster Recovery Plan

Risk assessment: It is the process of identifying and assessing possible hazards and threats that
can impair corporate operations and IT systems, such as natural catastrophes, cyberattacks,
hardware malfunctions, or human error.
BIBEK SAH 67

lOMoARcPSD|35825746
Security|2023
Company Impact Analysis (BIA): Evaluation of a disruptive incident's potential effects and
outcomes on crucial company systems, processes, and resources. Effective resource allocation
and prioritization are aided by this.
Recovery Time Objective (RTO): The maximum amount of time that a business process or
system can be down. For the organization's impact to be as small as possible, it specifies the time
limit within which operations should be resumed.
Recovery Point Objective (RPO): The highest amount of data loss that can be tolerated in the
event of an emergency is known as the recovery point objective (RPO). The time period from
which data must be recovered in order to prevent significant data loss is specified.
Stakeholders
Stakeholders are people or organizations with an interest in a certain project, procedure, or
company. Stakeholders are significant individuals or organizations who have a role in ensuring
the efficacy and success of the audit in the context of implementing one at London College.
Designation of stakeholders
College Administration: The Chief Executive Officer (CEO) and top administrators of the
college are in charge of establishing the overall security objectives and policies. They guarantee
that the security audit is aligned with the college's strategic goals and provide the resources and
assistance required for its implementation.
IT Department: In order to implement the security audit, the IT department, which consists of
IT managers, network administrators, and technicians, is essential. They are in charge of
evaluating the current IT infrastructure, spotting weaknesses, and putting the required security
measures in place. To efficiently complete the audit, they work with outside auditors and security
experts.
Security experts: External security consultants or specialists contribute experience in

conducting security audits and assessing the college's security posture. They assess threats, offer
insights into industry best practices, and suggest suitable security controls and preventative
actions. Their responsibility is to oversee the security audit's execution and guarantee adherence
to all pertinent standards and laws.
BIBEK SAH 68

lOMoARcPSD|35825746
Security|2023
Faculty and Staff: Faculty and staff personnel are significant stakeholders who should be
included in the security audit process. They are responsible for following security regulations,
taking part in security awareness training, and reporting any security-related occurrences or
issues. Their collaboration is necessary for upholding a secure environment and integrating
security procedures into their regular operations (Hilliard, 2018).
Identification of their roles in implementing security audit

College Administration: The college administration is essential in determining the overall
security priorities and objectives. They offer the tools and assistance required for putting security
measures into place, guaranteeing adherence to rules and specifications, and encouraging a
climate of security knowledge and accountability.
IT Department: The IT department is in charge of overseeing the upkeep of the college's IT

infrastructure. They are crucial to the implementation of security measures like firewalls,
antivirus programs, and intrusion detection systems. Additionally, they are in charge of incident
management, vulnerability assessments, network monitoring, and user access controls.
Security experts: Security experts from either an internal team or outside consultants provide
their experience in conducting security audits. They evaluate the security measures in place at
the college currently, look for weaknesses and potential dangers, and suggest the best security
controls and defenses. They offer direction on security policies, strategies, and best practices as
well.
Faculty and Staff: Faculty and staff members are responsible for following the security
guidelines set forth by the college. When managing and accessing sensitive data, they should be
trained in security awareness and use secure procedures. They must also be accountable for
reporting any security lapses or vulnerabilities they discover.
Selected Physical, Virtual and Policy elements

Selected Physical Elements
Controlled Entry Systems: Implementing access control systems, such as keycard or biometric
access, helps limit physical access to critical areas and devices, lowering the danger of unwanted
entrance.
BIBEK SAH 69

lOMoARcPSD|35825746
Security|2023
Placing video surveillance cameras in key locations enables real-time monitoring and recording
of activity, serving as a deterrent to possible security breaches and assisting with investigations.
Secured Client Room: Setting up a secure server room with limited access ensures the physical
security of servers, network equipment, and storage systems, protecting vital data and
infrastructure.
Justification for Physical elements

In order to reduce physical security risks and safeguard sensitive assets, London College's
security policy's physical components, such as access control systems, video surveillance, secure
server rooms, locked IT labs, secure storage for backup media, and equipment disposal
procedures, are crucial. They limit illegal access, fend off potential dangers, protect vital
infrastructure, stop unauthorized tampering, and guarantee correct disposal of outdated
technology. The overall security of the college's resources and facilities is greatly improved by
these physical safeguards.
Selected virtual elements:

Routers: Setting up firewalls aids in securing the college's network by keeping track of and
filtering incoming and outgoing traffic, preventing illegal access, and blocking potential threats.
Intrusion Detection and Prevention Systems: Implementing intrusion detection and prevention
systems (IDPS) can assist identify and stop unauthorized access attempts and malware
infestations within a network.
Antiviral and anti-Malware Software: Making use of dependable antivirus and anti-malware
software assists with the detection and elimination of harmful software, lowering the likelihood
of data breaches and system compromises.
Justification for Virtual elements

To reduce digital security risks and defend against cyberthreats, London College's security
strategy has chosen virtual components such firewalls, intrusion detection systems, antivirus
software, endpoint protection, data encryption, and virtual private networks (VPNs). These
components guarantee network security, identify and stop illegal access and malware
infestations, protect particular devices and sensitive data, and offer secure remote access. London
BIBEK SAH 70

lOMoARcPSD|35825746
Security|2023
College can strengthen its cybersecurity defenses and successfully fend off future cyberattacks
and data breaches by integrating these virtual components.
Selected Policy Elements:

Acceptable Use Policy (AUP): Implementing an AUP creates standards and regulations for the
proper use of college resources, such as computers, networks, and internet access, while also
encouraging responsible and secure behavior.
Developing an incident response: It describes the measures to be done in the case of a security
issue, guaranteeing a prompt and effective reaction to reduce damage and speed up recovery.
Security Awareness and Training: By regularly conducting security awareness programs and
training sessions, faculty, staff, and students are made aware of the risks to security, the best
practices, and their responsibilities for keeping a secure environment.
Justification for Policy Elements

In order to provide clear standards, methods, and best practices that guarantee efficient security
measures, policy aspects are crucial to London College's security policy. They offer a framework
for specifying protocols for data protection, incident response, and permitted use. Policies
encourage security awareness, inform employees and students of their duties, and guarantee
adherence to legal and regulatory standards. London College can build a solid security
foundation, reduce risks, and protect sensitive data by putting thorough rules into place. This will
also protect the college's personnel, students, and reputation.
Tools used in security policy

The tools used in the security policy of London College have been carefully evaluated to ensure
their suitability in addressing the college's security needs. Physical elements such as access
control systems, video surveillance, and secure server rooms provide robust physical security
measures to protect critical infrastructure and data. Virtual elements such as firewalls, intrusion
detection and prevention systems, antivirus software, endpoint protection, data encryption, and
virtual private networks offer strong defense against cyber threats, unauthorized access, and data
breaches. These tools are designed to detect and mitigate potential risks, safeguard sensitive
information, and ensure secure remote access for staff. Policy elements establish clear guidelines
BIBEK SAH 71

lOMoARcPSD|35825746
Security|2023
and procedures for acceptable use, incident response, and data protection, promoting security
awareness and compliance. The combination of these selected tools forms a comprehensive
security framework that aligns with the college's needs and enhances its overall security posture
(CIRELLY, 2023).
Analysis of how the tools meet the needs of London College

The tools selected in the security policy of London College effectively meet the institution's
needs by providing robust protection against various security threats. The physical elements,
such as access control systems, video surveillance, and secure server rooms, ensure that physical
access to sensitive areas is restricted, reducing the risk of unauthorized tampering or theft.
The virtual elements, including firewalls, intrusion detection and prevention systems, antivirus
software, endpoint protection, data encryption, and virtual private networks, address the college's
cybersecurity requirements. These tools work together to safeguard the college's network
infrastructure, detect and prevent unauthorized access, identify and mitigate potential cyber
threats, and protect sensitive data from unauthorized disclosure or manipulation. The policy
elements, such as acceptable use policies, incident response procedures, and data protection
guidelines, provide clear guidance and expectations for staff and students regarding the
appropriate use of college resources, the steps to follow in case of security incidents, and the
measures to ensure the confidentiality and integrity of data. By integrating these physical, virtual,
and policy elements, the security policy of London College establishes a comprehensive
framework for mitigating risks, protecting assets, and maintaining a secure environment for
students, staff, and sensitive data.
Recommendation for future

To enhance the security posture of London College, several key recommendations should be
considered. First, regular security audits should be conducted to assess the effectiveness of
existing security measures and identify any vulnerabilities. This will ensure that the college stays
proactive in addressing potential risks. Second, it is crucial to keep software and systems updated
to leverage the latest security patches and features, as outdated software can be susceptible to
attacks. Third, employee training should be provided to raise awareness about cybersecurity best
BIBEK SAH 72

lOMoARcPSD|35825746
Security|2023
practices among staff and students, empowering them to make informed decisions and avoid
potential security pitfalls.
Conclusion
In conclusion, the third activity has been crucial in helping London College create a thorough
security policy. To address the security requirements of the college, stakeholders were included
and suitable physical, virtual, and policy aspects were chosen. The instruments employed in the
security policy have been evaluated, and this has proven their applicability. London College
should place a high priority on routine audits, ongoing training, and remaining up to speed with
the most recent security procedures in order to further improve security. The college may
improve its security posture and safeguard its systems, data, and stakeholders by putting these
recommendations into practice.
BIBEK SAH 73

lOMoARcPSD|35825746
Security|2023
References
CIRELLY, J. (2023). comparitech.com. Retrieved from
h琀琀ps://www.comparitech.com/net-admin/network-security-policy-management-tools/
#:~:text=ManageEngine%20Firewall%20Analyzer%20is%20a,Support%20for%20policy
%20crea琀椀on
Cobb, M. (2020). techtarget.com. Retrieved from h琀琀ps://www.techtarget.com/searchsecurity/琀椀p/How-

to-perform-a-cybersecurity-risk-assessment-step-by-step
Gillis, A. S. (2000). techtarget.com. Retrieved from

h琀琀ps://www.techtarget.com/searchnetworking/de昀椀ni琀椀on/network-monitoring
Hilliard, J. (2018). Retrieved from techtarget.com:

h琀琀ps://www.techtarget.com/searchdisasterrecovery/de昀椀ni琀椀on/Network-disaster-recovery-plan
hyperproof.io. (n.d.). Retrieved from h琀琀ps://hyperproof.io/resource/it-risk-assessment/
Lavery, R. C. (2023). techtarget.com. Retrieved from

h琀琀ps://www.techtarget.com/wha琀椀s/de昀椀ni琀椀on/General-Data-Protec琀椀on-Regula琀椀on-GDPR
Lutkevich, B. (2020). techtarget.com. Retrieved from

h琀琀ps://www.techtarget.com/searchsecurity/de昀椀ni琀椀on/security-policy#:~:text=A%20security
%20policy%20is%20a,vulnerabili琀椀es%20and%20security%20requirements%20change.
Lutkevich, B. (2021). techtarget.com. Retrieved from

h琀琀ps://www.techtarget.com/searchsecurity/de昀椀ni琀椀on/DMZ
Vergesa, J. (2023). getastra.com. Retrieved from h琀琀ps://www.getastra.com/blog/security-audit/it-

security-audit/
Watson, D. (2013). sciencedirect.com. Retrieved from h琀琀ps://www.sciencedirect.com/topics/computer-

science/informa琀椀on-security-risk#:~:text=Informa琀椀on%20security%20risk%20comprises
%20the,in%20which%20those%20systems%20operate.
BIBEK SAH 74

Security Assignment

Uploaded by

Copyright:

Available Formats

Security Assignment

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Security Assignment

Uploaded by

Copyright:

Available Formats

lOMoARcPSD|35825746

Computer Engineering (Tribhuvan Vishwavidalaya)

Scan to open on Studocu

Studocu is not sponsored or endorsed by any college or university

ASSIGNMENT COVER SHEET

STUDENT NAME BIBEK SAH

UNIT AND ASSIGNMENT DETAILS

UNIT TITLE Unit 5: Security

UNIT NUMBER D/618/7406

ASSIGNMENT Managing Network Security for an Organization

ISSUE DATE 08/05/2023 DUE DATE 07/07/2023

ASSESSOR Siddhant Bhattarai

Downloaded by For jptuse ([email protected])

DECLERATION AND ACKNOWLEDGEMENT

Plagiarism and Collusion

Collusion: submitting an assignment, project or report completed by another

In accordance with the Academic Integrity and Plagiarism Policy:

Downloaded by For jptuse ([email protected])

Downloaded by For jptuse ([email protected])

Network Monitoring System.....................................................................................................................38

Downloaded by For jptuse ([email protected])

Security Impact of Misalignment with Organiza琀椀onal Policy.................................................................63

Downloaded by For jptuse ([email protected])

Downloaded by For jptuse ([email protected])

Risks of IT Security Threats

Types of security risks

Downloaded by For jptuse ([email protected])

Types of security risk

Downloaded by For jptuse ([email protected])

Downloaded by For jptuse ([email protected])

Downloaded by For jptuse ([email protected])

Organizational Security Procedures

Downloaded by For jptuse ([email protected])

Downloaded by For jptuse ([email protected])

Security Policy for London College

Downloaded by For jptuse ([email protected])

Downloaded by For jptuse ([email protected])

Network Monitoring System

Benefits of implementing Network Monitoring System

Downloaded by For jptuse ([email protected])

Potential Security Impacts of Incorrect Configuration of:

Downloaded by For jptuse ([email protected])

Downloaded by For jptuse ([email protected])

Downloaded by For jptuse ([email protected])

Improving Network Security Using DMZ, Static IP, and NAT

Example of implementing DMZ

Below are the steps applied:

Downloaded by For jptuse ([email protected])

Step 2: Configure IP address to PC, Router and Servers.

Step 3: Configure NAT and DHCPD

Downloaded by For jptuse ([email protected])

Downloaded by For jptuse ([email protected])

Downloaded by For jptuse ([email protected])

Configure DMZ by the given CLI commands

Downloaded by For jptuse ([email protected])

Testing the DMZ configuration by ping and packet sent.

Downloaded by For jptuse ([email protected])

Example of implementing Static IP

Downloaded by For jptuse ([email protected])