SlideShare ist ein Scribd-Unternehmen logo

Presentation1 A.pptx

Als PPTX, PDF herunterladen
R
RabinBidari

for engineering student

Ingenieurwesen
1 von 11
ICTNWK546 MANAGE NETWORK SECURITY Anuj Thapa
NETWORK SECURITY PLANNING To plan, build and manage a network security design
Outlined below are the processes involved in planning, building, and managing a network security design to meet the requirements of IT Biz Solutions: a. Conduct a security assessment: Conducting a security assessment requires a thorough analysis of the organization's frameworks, procedures, and physical structures to pinpoint any susceptibilities, dangers, and deficiencies in its security status. This aids in the detection of possible security vulnerabilities, evaluation of the current security measures' efficiency, and identification of areas that necessitate enhancement. a. Define security requirements: To establish and maintain an acceptable level of security, determining the necessary measures, controls, and functionalities is necessary. The process involves aligning security objectives with the overall goals of the organization, identifying assets that need protection, evaluating risks, and ensuring adherence to legal and regulatory requirements.
c.Analysis of threats and risks: The procedure entails detecting potential hazards and evaluating the associated risks to the network and data of the organization. This aids in prioritizing security measures by determining the probability and consequences of different threats, empowering the organization to efficiently allocate resources. d.Development of a network security policy: A document called the network security policy details the regulations, protocols, and practices that an organization follows in regards to safeguarding their network. This sets up the structure for executing security measures, determining user obligations, and guaranteeing adherence to applicable guidelines. The protocol entails directives on how to regulate access controls, respond to incidents, safeguard data, and utilize network resources in an acceptable manner.
e.Risk management plan: A plan for managing risk describes a set of tactics and measures to recognize, evaluate, and diminish potential security vulnerabilities in an organization's network. One must engage in the process of recognizing, classifying, analyzing the possible consequences of threats, and creating measures to lessen or relocate these risks. The strategy involves the incorporation of risk control measures, consistent monitoring of risk levels, and routine assessments of the risk management methodology. f. The network architecture and processes: Designing and executing the structural framework of the network is an essential stage that is customized to match the security needs of the enterprise. This involves determining partitions within the network, setting up safe areas, and deciding where to position security tools such as firewalls, IDS, and VPNs. The measures of dividing the network, regulating access, verifying identities, and observing network activity are recorded and carried out.
ORGANISATION’S ASSETS THAT NEED PROTECTING Network Equipment’s High Servers and Data Centres High Data and Information High Software Applications and Systems Medium Databases Medium Communication Systems Medium Intellectual Property and Trade Secrets Medium Employee and Customer Personal Information Medium Physical Facilities Low Workstations and Laptops Low Assets are categorized based on their importance and impact on the organization, with high-value ones being critical to operations, reputation, and financial stability. Need strong protection for security. Medium-value assets are important but less critical than high-value assets. Low-value assets also need protection. Basic security measures should be in place.
THREATS AND THEIR CORRESPONDING SYSTEM VULNERABILITIES ARE: 1.Malware Attack: System Vulnerability: Exploitation of Software Vulnerabilities Explanation: Malware can exploit system weaknesses, such as OS, apps, or network firmware. Attackers exploit vulnerabilities to access unauthorized information, run harmful code, or harm systems and data. Neglecting updates and patches exposes systems to malware.
2. Distributed Denial of Service (DDoS) Attacks:  System Vulnerability: Insufficient Network and Infrastructure Resilience  Explanation: Distributed Denial of Service (DDoS) attacks are a malicious form of cyberattack that seek to inundate a targeted network or system with an excessive amount of traffic. The intended outcome of this tactic is incapacitation, whereby the targeted network or system is rendered inaccessible to users with legitimate access privileges. This phenomenon can arise because of the susceptibility of inadequate network and infrastructure durability. The exploit of said vulnerability is executed through the utilization of botnets, which are networks of compromised devices, to initiate extensive quantities of traffic directed towards a particular network or system. In the event that an organization's network infrastructure fails to incorporate sufficient protective mechanisms, such as traffic filtering, rate limiting, or scalable bandwidth capacity, it becomes increasingly vulnerable to menacing Distributed Denial of Service (DDoS) attacks.
3. Phishing Attacks  System Vulnerability: Human Error and Lack of User Awareness Explanation: Phishing attacks typically entail the deception of individuals by posing as a trustworthy entity, with the ultimate objective of eliciting sensitive information, including but not limited to user credentials, financial data, and related particulars. Frequently, such malicious attacks transpire via crafty emails, websites, or messages. The identified vulnerability is attributed to human fallibility and a dearth of user consciousness whereby individuals may inadvertently click on hazardous links, download corrupted attachments or furnish attackers with sensitive information. Through the exploitation of aforementioned vulnerability, malevolent actors can obtain illicit entrance to networks, systems, and confidential data
Risk management plan Threat Level of Risk Risk Control Malware Attacks High In order to secure your system, it is essential to utilize strong antivirus and antimalware software, keep all software updated and patched, and perform frequent vulnerability scans and penetration tests to pinpoint and address any potential security weaknesses. Phishing Attacks Medium Smartly implement measures such as email filtering and spam detection, educate employees on the identification and notification of phishing attempts, and apply two-factor authentication to boost account security. Distributed Denial of Service (DDoS) Attacks High Safeguard against DDoS attacks by implementing mitigation services or appliances, continuously observing network traffic and identifying any signs of potential threats. In order to prevent the negative effects of DDoS attacks on the network, it is wise to implement measures like limiting rates, filtering traffic, or adopting diversion techniques, and working together with ISPs or cloud-based DDoS protection services. Evaluate the effectiveness of DDoS protection methods.
Thank you

Empfohlen

Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
jeanettehully
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
todd521
 
Simplifying IT Security for GDPR Compliance: Sharique M Rizvi
Simplifying IT Security for GDPR Compliance: Sharique M Rizvi Simplifying IT Security for GDPR Compliance: Sharique M Rizvi
Simplifying IT Security for GDPR Compliance: Sharique M Rizvi
Sharique Rizvi
 
Understanding Vulnerability Assessment.pdf
Understanding Vulnerability Assessment.pdfUnderstanding Vulnerability Assessment.pdf
Understanding Vulnerability Assessment.pdf
247 tech
 
Information Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfInformation Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdf
forladies
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe Guards
Sitamarhi Institute of Technology
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdf
Sitamarhi Institute of Technology
 
Safety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docxSafety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docx
Adeen Ali
 

Empfohlen

Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
jeanettehully
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
todd521
 
Simplifying IT Security for GDPR Compliance: Sharique M Rizvi
Simplifying IT Security for GDPR Compliance: Sharique M Rizvi Simplifying IT Security for GDPR Compliance: Sharique M Rizvi
Simplifying IT Security for GDPR Compliance: Sharique M Rizvi
Sharique Rizvi
 
Understanding Vulnerability Assessment.pdf
Understanding Vulnerability Assessment.pdfUnderstanding Vulnerability Assessment.pdf
Understanding Vulnerability Assessment.pdf
247 tech
 
Information Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfInformation Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdf
forladies
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe Guards
Sitamarhi Institute of Technology
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdf
Sitamarhi Institute of Technology
 
Safety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docxSafety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docx
Adeen Ali
 
46 102-112
46 102-11246 102-112
46 102-112
idescitation
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crime
muhammad awais
 
Network srcurity
Network srcurityNetwork srcurity
Network srcurity
sheikhparvez4
 
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
yoroflowproduct
 
Advanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfAdvanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdf
manoharparakh
 
Advanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfAdvanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdf
manoharparakh
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptx
TikdiPatel
 
Application security testing an integrated approach
Application security testing an integrated approachApplication security testing an integrated approach
Application security testing an integrated approach
Idexcel Technologies
 
CC ss.pptx
CC ss.pptxCC ss.pptx
CC ss.pptx
ShakthiShakthi13
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program
Tripwire
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
NeilStark1
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdf
NeilStark1
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
NeilStark1
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
Zara Nawaz
 
Cloud computing
Cloud computing Cloud computing
Cloud computing
ShakthiShakthi13
 
Webinar 2.1 - Network protection and devices.pptx
Webinar 2.1 - Network protection and devices.pptxWebinar 2.1 - Network protection and devices.pptx
Webinar 2.1 - Network protection and devices.pptx
RoyMurillo4
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
IJNSA Journal
 
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Mohammed Abdul Lateef
 
Vulenerability Management.pptx
Vulenerability Management.pptxVulenerability Management.pptx
Vulenerability Management.pptx
ThavaselviMunusamy1
 
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
mphochane1998
 
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptxCOST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
JIT KUMAR GUPTA
 

Weitere ähnliche Inhalte

Ähnlich wie Presentation1 A.pptx

46 102-112
46 102-11246 102-112
46 102-112
idescitation
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program
Tripwire
 
Webinar 2.1 - Network protection and devices.pptx
Webinar 2.1 - Network protection and devices.pptxWebinar 2.1 - Network protection and devices.pptx
Webinar 2.1 - Network protection and devices.pptx
RoyMurillo4
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
IJNSA Journal
 
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Mohammed Abdul Lateef
 

Ähnlich wie Presentation1 A.pptx (20)

46 102-112
46 102-11246 102-112
46 102-112
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crime
 
Network srcurity
Network srcurityNetwork srcurity
Network srcurity
 
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
 
Advanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfAdvanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdf
 
Advanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdfAdvanced Approaches to Data Center Security.pdf
Advanced Approaches to Data Center Security.pdf
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptx
 
Application security testing an integrated approach
Application security testing an integrated approachApplication security testing an integrated approach
Application security testing an integrated approach
 
CC ss.pptx
CC ss.pptxCC ss.pptx
CC ss.pptx
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdf
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
Cloud computing
Cloud computing Cloud computing
Cloud computing
 
Webinar 2.1 - Network protection and devices.pptx
Webinar 2.1 - Network protection and devices.pptxWebinar 2.1 - Network protection and devices.pptx
Webinar 2.1 - Network protection and devices.pptx
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
 
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
Traditional Reconnaissance and Attacks, Malicious Software, Defense in Depth,...
 
Vulenerability Management.pptx
Vulenerability Management.pptxVulenerability Management.pptx
Vulenerability Management.pptx
 

Kürzlich hochgeladen

"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
mphochane1998
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdf
Kamal Acharya
 
Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdf
Kamal Acharya
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
AldoGarca30
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Call Girls Mumbai
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Kandungan 087776558899
 
DeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesDeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakes
MayuraD1
 

Kürzlich hochgeladen (20)

"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
 
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptxCOST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
 
Moment Distribution Method For Btech Civil
Moment Distribution Method For Btech CivilMoment Distribution Method For Btech Civil
Moment Distribution Method For Btech Civil
 
Computer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesComputer Networks Basics of Network Devices
Computer Networks Basics of Network Devices
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdf
 
Introduction to Serverless with AWS Lambda
Introduction to Serverless with AWS LambdaIntroduction to Serverless with AWS Lambda
Introduction to Serverless with AWS Lambda
 
Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdf
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsAIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech students
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 
PE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and propertiesPE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and properties
 
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced LoadsFEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
 
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
 
DeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesDeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakes
 
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxHOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 

Presentation1 A.pptx

  • 2. NETWORK SECURITY PLANNING To plan, build and manage a network security design
  • 3. Outlined below are the processes involved in planning, building, and managing a network security design to meet the requirements of IT Biz Solutions: a. Conduct a security assessment: Conducting a security assessment requires a thorough analysis of the organization's frameworks, procedures, and physical structures to pinpoint any susceptibilities, dangers, and deficiencies in its security status. This aids in the detection of possible security vulnerabilities, evaluation of the current security measures' efficiency, and identification of areas that necessitate enhancement. a. Define security requirements: To establish and maintain an acceptable level of security, determining the necessary measures, controls, and functionalities is necessary. The process involves aligning security objectives with the overall goals of the organization, identifying assets that need protection, evaluating risks, and ensuring adherence to legal and regulatory requirements.
  • 4. c.Analysis of threats and risks: The procedure entails detecting potential hazards and evaluating the associated risks to the network and data of the organization. This aids in prioritizing security measures by determining the probability and consequences of different threats, empowering the organization to efficiently allocate resources. d.Development of a network security policy: A document called the network security policy details the regulations, protocols, and practices that an organization follows in regards to safeguarding their network. This sets up the structure for executing security measures, determining user obligations, and guaranteeing adherence to applicable guidelines. The protocol entails directives on how to regulate access controls, respond to incidents, safeguard data, and utilize network resources in an acceptable manner.
  • 5. e.Risk management plan: A plan for managing risk describes a set of tactics and measures to recognize, evaluate, and diminish potential security vulnerabilities in an organization's network. One must engage in the process of recognizing, classifying, analyzing the possible consequences of threats, and creating measures to lessen or relocate these risks. The strategy involves the incorporation of risk control measures, consistent monitoring of risk levels, and routine assessments of the risk management methodology. f. The network architecture and processes: Designing and executing the structural framework of the network is an essential stage that is customized to match the security needs of the enterprise. This involves determining partitions within the network, setting up safe areas, and deciding where to position security tools such as firewalls, IDS, and VPNs. The measures of dividing the network, regulating access, verifying identities, and observing network activity are recorded and carried out.
  • 6. ORGANISATION’S ASSETS THAT NEED PROTECTING Network Equipment’s High Servers and Data Centres High Data and Information High Software Applications and Systems Medium Databases Medium Communication Systems Medium Intellectual Property and Trade Secrets Medium Employee and Customer Personal Information Medium Physical Facilities Low Workstations and Laptops Low Assets are categorized based on their importance and impact on the organization, with high-value ones being critical to operations, reputation, and financial stability. Need strong protection for security. Medium-value assets are important but less critical than high-value assets. Low-value assets also need protection. Basic security measures should be in place.
  • 7. THREATS AND THEIR CORRESPONDING SYSTEM VULNERABILITIES ARE: 1.Malware Attack: System Vulnerability: Exploitation of Software Vulnerabilities Explanation: Malware can exploit system weaknesses, such as OS, apps, or network firmware. Attackers exploit vulnerabilities to access unauthorized information, run harmful code, or harm systems and data. Neglecting updates and patches exposes systems to malware.
  • 8. 2. Distributed Denial of Service (DDoS) Attacks:  System Vulnerability: Insufficient Network and Infrastructure Resilience  Explanation: Distributed Denial of Service (DDoS) attacks are a malicious form of cyberattack that seek to inundate a targeted network or system with an excessive amount of traffic. The intended outcome of this tactic is incapacitation, whereby the targeted network or system is rendered inaccessible to users with legitimate access privileges. This phenomenon can arise because of the susceptibility of inadequate network and infrastructure durability. The exploit of said vulnerability is executed through the utilization of botnets, which are networks of compromised devices, to initiate extensive quantities of traffic directed towards a particular network or system. In the event that an organization's network infrastructure fails to incorporate sufficient protective mechanisms, such as traffic filtering, rate limiting, or scalable bandwidth capacity, it becomes increasingly vulnerable to menacing Distributed Denial of Service (DDoS) attacks.
  • 9. 3. Phishing Attacks  System Vulnerability: Human Error and Lack of User Awareness Explanation: Phishing attacks typically entail the deception of individuals by posing as a trustworthy entity, with the ultimate objective of eliciting sensitive information, including but not limited to user credentials, financial data, and related particulars. Frequently, such malicious attacks transpire via crafty emails, websites, or messages. The identified vulnerability is attributed to human fallibility and a dearth of user consciousness whereby individuals may inadvertently click on hazardous links, download corrupted attachments or furnish attackers with sensitive information. Through the exploitation of aforementioned vulnerability, malevolent actors can obtain illicit entrance to networks, systems, and confidential data
  • 10. Risk management plan Threat Level of Risk Risk Control Malware Attacks High In order to secure your system, it is essential to utilize strong antivirus and antimalware software, keep all software updated and patched, and perform frequent vulnerability scans and penetration tests to pinpoint and address any potential security weaknesses. Phishing Attacks Medium Smartly implement measures such as email filtering and spam detection, educate employees on the identification and notification of phishing attempts, and apply two-factor authentication to boost account security. Distributed Denial of Service (DDoS) Attacks High Safeguard against DDoS attacks by implementing mitigation services or appliances, continuously observing network traffic and identifying any signs of potential threats. In order to prevent the negative effects of DDoS attacks on the network, it is wise to implement measures like limiting rates, filtering traffic, or adopting diversion techniques, and working together with ISPs or cloud-based DDoS protection services. Evaluate the effectiveness of DDoS protection methods.