CYB 220 PROJECT 3 ANTHONY VELOTTI

.docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

220

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

5

Uploaded by avelotti1592

Report
Anthony Velot CYB 220-NETWORK SECURITY SNHU Evaluation of network protection technologies PROJECT 3
Security design principles are techniques for achieving specific quality concerns. Implementing these principles protects the company’s network. The security design principles are used to protect the company’s confidentiality, integrity, availability. Within this company problems have been reported that people in acquisitions have tried to access the human resources network. Private information is stored in the human resource department that should not be accessed by anyone outside the HR department and IT. The networks a segmented into four different departments. Each department is only allowed to access information in their specific department except for the IT department who needs to be able to access all segments remotely. The focus of this report is to implement a security design principle that will protect the network and no longer allow individuals outside their segmented department access to other segmented departments. The security design principle that will provide this protection is least privileged. Least privilege refers to a security concept in which user is given the minimum level of access, or permissions needed to perform his/her job functions (CyberArk, 2022). Within the company there are between 150 to 200 employees that currently have access to the network. With personal information stored on the network it is vital we only have the employees who need access to this data have access. Not only will implementing least privilege stop unauthorized employees’ access to data, it will prevent attacks from causing extreme damage to the entire network. Implementing least privilege reduces the attack surface of a network helping defeat malware, ransomware attacks, phishing attacks, SQL injection attacks, Man-in-the-middle attacks, and zero-day exploits ( What Is the Principle of Least Privilege? - Illumio Cybersecurity Blog | Illumio , n.d.). A network protection approach that will be deployed is a Network-Based Intrusion Detection System (NIDS). This type of system is used to inspect and detect malicious activities
on a network system. NIDS is used to cover the entire network compared to a host-based that will be focusing on individual hosts. Within the company having over 150 to 200 employees using NIDS is more effective. The company prefers to use open-source tools as a first solution. One particular NIDS that is available free of cost is Snort. Snort analyzes network traffic in real- time and flags up any suspicious activity. Snort looks for anything that will indicate unauthorized access attempts and other attacks on the network (McKay, n.d.). Snort will work in accordance with the implementation of least privilege eliminating employees’ access to unauthorized segments and notifying and stopping attacks on the network. Having the appropriate amount of resources to implement these changes is key to success. A team will need to be setup to determine what access each employee should have. Once it is determined that team will implement security access based on what access they need. Implementing NIDS to the network and using Snort can be time consuming. With limited time to have the network non-operational why these changes take place, the changes will need to occur over the weekend why business is non-operational. In order to install Snort, you need to have the latest rules which will allow to download and install form a source. Once installed you will need to configure Snort and update the rules. Finally, to make Snort’s computer network interface listen to all network traffic it needs to be set into promiscuous mode. Now that the changes have been implemented. The previous issues that were being reported regarding access to the human resource segment should have been halted by using least privilege. Installing and using Snort a version of NIDS will help detect any type of attack that occurs over a network. Within the standards of using open-source tools we are fixing a problem at a small cost and protecting the network from any type of attack as are IT team will be ready if anything is detected through Snort.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help