Premium Essay

Firewall Solution

In: Computers and Technology

Submitted By houskadance
Words 1780
Pages 8
Chapter 1 Solutions File

Review Questions

1. What is the difference between a threat agent and a threat? A threat is an object, person, or other entity that poses a risk of loss to an asset—i.e., the organizational resource that is being protected. A threat agent is a specific instance of a general threat. 2. What is the difference between vulnerability and exposure? A vulnerability is a weakness or fault in the protection mechanisms that are intended to protect information and information assets from attack or damage. An exposure is a weakness that is revealed or exposed to the attack environment. 3. What is a hacker? What is a phreaker? A hacker is a person who uses information systems or data networks without permission or in ways that violate the owner’s intentions, usually by bypassing controls or ignoring policy. A phreaker is a hacker on the voice telecommunication network. 4. What are the three components of the C.I.A. triangle? What are they used for? The C.I.A. triangle, an industry standard for computer security since the development of the mainframe, is based on the three characteristics of information that make it valuable to organizations: confidentiality, integrity, and availability. Confidentiality is the protection of information from disclosure or exposure to unauthorized individuals or systems. This means that only those with the rights and privileges to access information are able to do so. Integrity is when information remains whole, complete, and uncorrupted. The integrity of information is threatened when the information is exposed to corruption, damage, destruction, or other disruption of its authentic state. Availability enables authorized users—persons or computer systems—to access information without interference or obstruction, and to receive it in the required format. 5. If the C.I.A. triangle no...

Similar Documents

Premium Essay

Security Assessment for Aircraft Solutions

...Security Assessment for Aircraft Solutions Table of Contents Executive Summary 3 Company Overview 3 Security Vulnerabilities 4 Hardware Vulnerability – Absence of a Firewall 4 Policy Vulnerability – Lack of Timely Updates 5 Recommended Solutions 6 A Hardware Solution 6 Impact on Business Processes 9 A Policy Solution 9 Impact on Business Processes 10 Summary 10 References 12 Executive Summary This report will seek to evaluate and address security weaknesses with the Aircraft Solutions company. As security weaknesses are pointed out relating to hardware and policy weaknesses, recommendations will be made to Aircraft Solutions to be examined and hopefully implemented to improve IT security operations. Aircraft Solutions, located in Southern California, recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. In reviewing Aircraft Solutions and its operations, uncovered were security vulnerabilities. Two vulnerabilities that were evident were issues with a lack of firewalls and the current security policy in place that is reviewed only every two years....

Words: 2450 - Pages: 10

Premium Essay

Aircraft Solutions

...Introduction According to information reviewed as part of this project, Aircraft Solutions is a recognized leader and highly respected equipment and component fabrication company. Aircraft Solutions provides full spectrum design and implementation solutions to multiple industries including the electronics, aerospace, commercial, and defense industries. In addition to the background information presented in the course assignment, additional information on geographic layout, business process, and IT architecture were presented. With the information provided, and based on additional research, the primary objective in this assessment was to identify the possible presence of vulnerabilities within the overall framework of Aircraft Solutions operations. Based on the presence on weaknesses, an evaluation of the associated threats was conducted, followed by an analysis of any risks that may be present and potential outcomes. Overview Three areas of potential security weaknesses in Information Technology (IT) for Aircraft Solutions, or any company are hardware, software, and IT policy. In terms of hardware, the provided Network Architecture Map detailed that Aircraft Solutions lacks a firewall between the Commercial Division and the Internet, while all other branches of the company are protected through a firewall in one manner or another. This is a significant vulnerability to the entire system....

Words: 1847 - Pages: 8

Free Essay

Security Assessment and Recommendations for Aircraft Solutions

...Security Assessment and Recommendations for Aircraft Solutions Principles of Information Security and Privacy Keller Submitted: December 11, 2013 Executive Summary The purpose of this report is to investigate the vulnerabilities of Aircraft Solutions (AS) in the areas of hardware and policy. Furthermore, it provides recommended solutions to the security weaknesses mentioned in Phase 1. Aircraft Solutions is a well known leader in the design and production of component products and services for companies ranging from commercial industry to the aerospace industry. In addition, Aircraft Solutions maintains a large capacity plant filled with an extensive variety of equipment, which is mostly automated alongside skilled specialists in a range of fields to ensure they meet their customers’ needs. The weaknesses that are being addressed are hardware and policy. Company Overview Aircraft Solutions is a leader in the planning and production of component products and services for companies in the electronics, commercial, defense, and aerospace industry. The headquarters of Aircraft Solutions is located in San Diego, California. The goal of Aircraft Solutions is to use machined products and related services to supply customer success, and to achieve cost, quality, and schedule requisites. They have a Defense Division (DD) of Aircraft Solutions located in Orange County, California and a Commercial Division (CD) located in San Diego County, California....

Words: 1560 - Pages: 7

Free Essay

Aircraft Solutions

...Aircraft Solutions Security Assessment Phase 2 Table of Contents Executive Summary ……………………………………………………………………..1 Company Overview ……………………………………………………………………..1 Assessment ……………………………………………………………………………….2 Security Vulnerabilities …………………………………………………………............2 A Hardware Firewall Vulnerability …………………………………………………....2 A Software Policy Vulnerability ………………………………………………………..3 Recommended Solutions ………………………………………………………………..5 A Hardware Firewall Solution …………………………………………………...........5 A Software Policy Solution …………………………………………………………….6 Impact on Business Processes …………………………………………………………6 Budget …………………………………………………………………………………....7 Summary ………………………………………………………………………………....9 References ………………………………………………………………………………10   Aircraft Solutions Executive Summary Aircraft Solutions (AS) desired a security assessment to highlight the company’s vulnerabilities. AS is a highly esteemed leader in the design and component manufacturing enterprise those solutions can be used within the business applicability of the electronics, commercial, defense and aerospace industries. There were discovered hardware and software vulnerability of non-firewall at the commercial division and software policy updates....

Words: 2065 - Pages: 9

Premium Essay

Aircraft Solutions

...Security Vulnerabilities Overall the network has solid hardware firewall protection at every public network connection but one. The Commercial Division(CD) in Chula Vista, CA does not have a hardware firewall protection, it is connected directly to the public internet. The CD is directly connected to the headquarters in San Diego which contains the IT, Finance and S&M servers. These servers are vulnerable to attack since...

Words: 1895 - Pages: 8

Premium Essay

Wgu Itsecurity Capstone

...Firewall upgrade Report Student Name: Michael Wakefield Degree Program: BS- IT Security Mentor Name: Dave Huff Signature Block Student’s Signature Mentor’s Signature Table of Contents Capstone Summary 3 Review of Other Work 13 Rationale and Systems Analysis 19 Goals and Objectives 25 Project Deliverables 28 Project Plan and Timelines 30 Project Development…………………………………………………………………………………………………………………………….31 Additional Deliverables………………………………………………………………………………………………………………………….35 Conclusion…………………………………………………………………………………………………………………………………………….35 References 37 Appendix 1: Competency Matrix 38 Appendix 2: Cisco ASA 5555-X Firewall Specifications…………………………………………………………….40 Appendix 3: ABC Inc. Project Schedule…………………………………………………………………………………….44 Appendix 4: High-Availability Design Screenshots……………………………………………………………………45 Appendix 5: Screenshots of inside to outside access; outside to DMZ access; NAT rules and configurations; and performance graphs and performance results….........................................51 Capstone Report Summary Internet of Everything (IoE) and “Big Data” equates to competitive advantages to the modern business landscape. Numerous white papers are circulating on the Internet highlighting the business case supporting the IoE initiative....

Words: 9337 - Pages: 38

Premium Essay

Aircraft Solutions

...Running head: AIRCRAFT SOLUTIONS AIRCRAFT SOLUTIONS Keller Graduate School of Management SEC 571 Principles of Information Security and Privacy Abstract An assessment of Aircraft Solutions (AS) as to what Security Vulnerabilities that might be found, two areas discussed are Hardware & Policy weakness and impact. Table of Contents Executive Summary 1 Company Overview 1 Security Vulnerabilities 2 Hardware Vulnerability …………………………………………………..…….....2 Policy Vulnerability……………………………………………………………….3 Recommended Solutions 5 Hardware Vulnerability 5 Policy Vulnerability 8 Impact on Business Processes 9 Summary 11 References 12 Executive Summary The purpose of this paper is to explore and assess computer security as it relates to Aircraft Solutions. When we talk about computer security, we mean that we are addressing one or all of the three important aspects of any computer-related system: confidentiality, integrity, and availability. One of the challenges in building a secure system is finding the right balance among the goals, which often conflict. Aircraft Solutions provides full spectrum design and implementation solutions to multiple industries including the electronics, aerospace, commercial, and defense industries. In addition to the background information presented in the course assignment, additional information on geographic layout, business process, and IT architecture were presented....

Words: 1902 - Pages: 8

Premium Essay

Sec571 Course Project

...Vulnerabilities Hardware vulnerability Aircraft Solution Company has a major weakness in the network architecture as we noticed within the AS’s headquarter there is insufficient number of firewalls. There are two routers with only...

Words: 4091 - Pages: 17

Premium Essay

Upgrade Internet Edge

...Technical Writing Project Cover Sheet Capstone Proposal Project Name: Upgrading ABC Inc. Internet Edge Student Name: Michael Wakefield Degree Program: Bachelor of Science IT-Security Mentor Name: Signature Block Student’s Signature Mentor’s Signature Table of Contents Capstone Proposal Summary 1 Review of Other Work 8 Rationale and Systems Analysis 16 Goals and Objectives 22 Project Deliverables 26 Project Plan and Timelines 27 References 28 Appendix 1: Competency Matrix 4 Capstone Proposal Summary Internet of Everything (IoE) and “Big Data” equates to competitive advantages to the modern business landscape. Numerous white papers are circulating on the Internet highlighting the business case supporting the IoE initiative. For instance, in a white paper conducted by Cisco Inc. on the Value Index of IoE in 2013 reported the following: In February 2013, Cisco released a study predicting that $14.4 trillion of value (net profit) will be at stake globally over the next decade, driven by connecting the unconnected –people-to-people (P2P), machine-to-people (M2P), and machine-to-machine (M2M) - via the Internet of Everything (IoE). Cisco defines the Internet of Everything as the networked connection of people, process, data, and things. The IoE creates new “capabilities, richer experiences, and unprecedented economic opportunity for businesses, individuals, and countries” (The Internet of Everything, Cisco, Inc. 2014). With such a...

Words: 5523 - Pages: 23

Free Essay

Ceh Executive Proposal

...This software assists the security manager in safeguarding vital business data through the compilation of network device information and real-time awareness of network health, firewall configuration and patch management with deployment. The software is modular and can be configured to meet the needs of the organization in which it supports while minimizing service interruptions which lead to the loss of productivity. Solarwinds offers a multitude of modules that range from configuration management to help desk trend analysis and firewall management. This is a non-platform dependent software solution which can manage firewalls and devices for proper patch management. This solution can be configured by the most novice IT professional while not breaking the bank. Its scalability can support anywhere from 10 users to many hundred users. The Solarwinds software solution can be a great addition to any network security solution. The benefits you will be getting from this software cover a large spectrum of security hardening techniques from the firewall configuration and management to end user patch management. Solarwinds modularity contributes to its capability to fulfill many security requirements. Solarwinds offers a scalable security information and events manager (SIEM) console module. The SIEM module will enhance the capability to maintain real-time situational awareness through alerts and active monitoring....

Words: 1221 - Pages: 5

Free Essay

Afafasf

...(eg:192.168.0.100) Click “Next” DDS – Diskless Solutions | Networking Solutions | QNO 2 WAN - 8 Multi-WAN VPN Firewall Router | Computer Sales & Services | Streamyx Authorized Reseller | IT Maintenance Services | CC Link CC VPN Services | Auto Update Server | MICHAELSOFT DDS SDN BHD 11-2,Plaza Danau 2, Jalan 2/109F, Off Jalan Klang Lama, Taman Danau Desa, 58100 Kuala Lumpur, Malaysia. Phone: +603–79820872, +603-79816878 Fax: +603–79807668 E-Mail: enquiry@michaelsoft.com.my Website: www.michaelsoft.com.my Click “Next” DDS – Diskless Solutions | Networking Solutions | QNO 2 WAN - 8 Multi-WAN VPN Firewall Router | Computer Sales & Services | Streamyx Authorized Reseller | IT Maintenance Services | CC Link CC VPN Services | Auto Update Server | MICHAELSOFT DDS SDN BHD 11-2,Plaza Danau 2, Jalan 2/109F, Off Jalan Klang Lama, Taman Danau Desa, 58100 Kuala Lumpur, Malaysia. Phone: +603–79820872, +603-79816878 Fax: +603–79807668 E-Mail: enquiry@michaelsoft.com.my Website: www.michaelsoft.com.my *Uncheck “Start the Smartlaunch Client” and click Finish. DDS – Diskless Solutions | Networking Solutions | QNO 2 WAN - 8 Multi-WAN VPN Firewall Router | Computer Sales & Services | Streamyx Authorized Reseller | IT Maintenance Services | CC Link CC VPN Services | Auto Update Server | MICHAELSOFT DDS SDN BHD 11-2,Plaza Danau 2, Jalan 2/109F, Off Jalan Klang Lama, Taman Danau Desa, 58100 Kuala Lumpur, Malaysia. Phone: +603–79820872, +603-79816878 Fax: +603–79807668...

Words: 848 - Pages: 4

Free Essay

Aircraft Solutions Risk Assessment

...AS has a current network architecture that employs four (4) firewalls that prevent AS headquarters, DD, contractors, suppliers, and customers from directly connecting through the Internet. CD is positioned in such a way that they have direct exposure to the Internet, which in turn could expose AS headquarters and DD. This lack of a firewall for CD is a major security concern and needs to be addressed immediately. The lack of a...

Words: 2620 - Pages: 11

Premium Essay

Assignment #3

...Compared to a firewall, which offers protection from outside attacks but limits the actions a user can perform, Kerberos allows a user to continue to safely operate over an unsecured connection by encrypting the data transfer without limiting a user's abilities. Because Kerberos requires mutual client and server verification, it prevents phishing by keeping malicious entities from posing as the server and fooling the client into giving the entity the means for access. The encrypted data transfer prevents unwanted third parties from seeing sensitive information, thereby preventing man in the middle attacks. Kerberos establishment as an Internet standard has resulted in its wide usage, and it continues to grow as more companies and technologies adopt it for security. Kerberos comes installed on...

Words: 1290 - Pages: 6

Premium Essay

Importance of Firewall

...An Internet firewall is important for many reasons. Some value a firewall for its ability to keep private information secure. Identity theft is a growing crime and many see firewalls as a good defense against these specific types of predators. Others, such as small business owners, think...

Words: 1017 - Pages: 5

Premium Essay

Aircraft Solutions

...The other weakness relates to the firewall as well, but in regards to the security policy. The policy dictates that the firewall and router rule sets are evaluated every two years. This means...

Words: 1260 - Pages: 6