Unit 10 Assignment 1: Controls

1902 WordsDec 18, 20138 Pages
Unit 10 Assignment 1: Controls IS 4560 Hacking and Countermeasures Thursday, December 19, 2013 Unit 10 Assignment 1: Controls Aim Higher College needs to ensure the safety of all its information. Recently we have seen suspicious and careless activity in the research data center. Data center technicians have reported lights left on, doors left open, successful logins to the research database, as well as login attempts in the backup business database after normal hours of operation. Because this is also the backup for our business information we need to keep this area as secure as possible. In order maintain control over who has access to what in the center we need first ensure that only those that need…show more content…
Safeguarding the confidentiality, integrity, accessibility, and the non-repudiation (CIA) is vital. As stated before an IDS and IPS will be put in to place to watch the system at all times to report and mitigate if not stop unauthorized activity to the business backup and research databases. This will help with monitoring the network and see what and where unauthorized traffic and attempts are coming from. Anti-virus and anti-malware programs will be installed on all systems in both databases to protect the information and programs. Firewall implementation between the networks is necessary to keep unauthorized attempts from getting in to the business side of the database. All information will be encrypted so that if the data is or any hardware is stolen then the information be more difficult to read and will hopefully discourage the thief. To prevent a brute force attack through a console connection after 3 attempts at a password the system will lock down that port and a flag will be sent to the data center technician on duty. To ensure that the person that is attempting to gain access to the server through a console connection a token that generates a random alphanumeric code will be used. As we all know people are where we see the biggest problems in security breaches and problems on any computer or network system. People need to understand what they are allowed and not allowed to do, this is where policies, procedures, and training come in to play.
Open Document