Premium Essay

Firewall Solution

In: Computers and Technology

Submitted By houskadance
Words 1780
Pages 8
Chapter 1 Solutions File

Review Questions

1. What is the difference between a threat agent and a threat? A threat is an object, person, or other entity that poses a risk of loss to an asset—i.e., the organizational resource that is being protected. A threat agent is a specific instance of a general threat. 2. What is the difference between vulnerability and exposure? A vulnerability is a weakness or fault in the protection mechanisms that are intended to protect information and information assets from attack or damage. An exposure is a weakness that is revealed or exposed to the attack environment. 3. What is a hacker? What is a phreaker? A hacker is a person who uses information systems or data networks without permission or in ways that violate the owner’s intentions, usually by bypassing controls or ignoring policy. A phreaker is a hacker on the voice telecommunication network. 4. What are the three components of the C.I.A. triangle? What are they used for? The C.I.A. triangle, an industry standard for computer security since the development of the mainframe, is based on the three characteristics of information that make it valuable to organizations: confidentiality, integrity, and availability. Confidentiality is the protection of information from disclosure or exposure to unauthorized individuals or systems. This means that only those with the rights and privileges to access information are able to do so. Integrity is when information remains whole, complete, and uncorrupted. The integrity of information is threatened when the information is exposed to corruption, damage, destruction, or other disruption of its authentic state. Availability enables authorized users—persons or computer systems—to access information without interference or obstruction, and to receive it in the required format. 5. If the C.I.A. triangle no…...

Similar Documents

Premium Essay

Security Assessment for Aircraft Solutions

...Security Assessment for Aircraft Solutions Table of Contents Executive Summary 3 Company Overview 3 Security Vulnerabilities 4 Hardware Vulnerability – Absence of a Firewall 4 Policy Vulnerability – Lack of Timely Updates 5 Recommended Solutions 6 A Hardware Solution 6 Impact on Business Processes 9 A Policy Solution 9 Impact on Business Processes 10 Summary 10 References 12 Executive Summary This report will seek to evaluate and address security weaknesses with the Aircraft Solutions company. As security weaknesses are pointed out relating to hardware and policy weaknesses, recommendations will be made to Aircraft Solutions to be examined and hopefully implemented to improve IT security operations. Aircraft Solutions, located in Southern California, recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. In reviewing Aircraft Solutions and its operations, uncovered were security vulnerabilities. Two vulnerabilities that were evident were issues with a lack of firewalls and the current security policy in place that is reviewed only every two years. Recommendations have been made that made help to remedy these vulnerabilities through the use of virtualization and by changing the security policy to be evaluated semi-annually instead of every two...

Words: 2450 - Pages: 10

Premium Essay

Aircraft Solutions

...According to information reviewed as part of this project, Aircraft Solutions is a recognized leader and highly respected equipment and component fabrication company. Aircraft Solutions provides full spectrum design and implementation solutions to multiple industries including the electronics, aerospace, commercial, and defense industries. In addition to the background information presented in the course assignment, additional information on geographic layout, business process, and IT architecture were presented. With the information provided, and based on additional research, the primary objective in this assessment was to identify the possible presence of vulnerabilities within the overall framework of Aircraft Solutions operations. Based on the presence on weaknesses, an evaluation of the associated threats was conducted, followed by an analysis of any risks that may be present and potential outcomes. Overview Three areas of potential security weaknesses in Information Technology (IT) for Aircraft Solutions, or any company are hardware, software, and IT policy. In terms of hardware, the provided Network Architecture Map detailed that Aircraft Solutions lacks a firewall between the Commercial Division and the Internet, while all other branches of the company are protected through a firewall in one manner or another. This is a significant vulnerability to the entire system. For Software, Aircraft Solutions uses a Business Process Management System (BPM) that handles......

Words: 1847 - Pages: 8

Free Essay

Aircraft Solutions

...Aircraft Solutions Security Assessment Phase 2 Table of Contents Executive Summary ……………………………………………………………………..1 Company Overview ……………………………………………………………………..1 Assessment ……………………………………………………………………………….2 Security Vulnerabilities …………………………………………………………............2 A Hardware Firewall Vulnerability …………………………………………………....2 A Software Policy Vulnerability ………………………………………………………..3 Recommended Solutions ………………………………………………………………..5 A Hardware Firewall Solution …………………………………………………...........5 A Software Policy Solution …………………………………………………………….6 Impact on Business Processes …………………………………………………………6 Budget …………………………………………………………………………………....7 Summary ………………………………………………………………………………....9 References ………………………………………………………………………………10   Aircraft Solutions Executive Summary Aircraft Solutions (AS) desired a security assessment to highlight the company’s vulnerabilities. AS is a highly esteemed leader in the design and component manufacturing enterprise those solutions can be used within the business applicability of the electronics, commercial, defense and aerospace industries. There were discovered hardware and software vulnerability of non-firewall at the commercial division and software policy updates. The solutions that will be presented are to purchase a firewall system and update the policy update timeframe within the standards that will be introduced......

Words: 2065 - Pages: 9

Free Essay

Security Assessment and Recommendations for Aircraft Solutions

...Recommendations for Aircraft Solutions Principles of Information Security and Privacy Keller Submitted: December 11, 2013 Executive Summary The purpose of this report is to investigate the vulnerabilities of Aircraft Solutions (AS) in the areas of hardware and policy. Furthermore, it provides recommended solutions to the security weaknesses mentioned in Phase 1. Aircraft Solutions is a well known leader in the design and production of component products and services for companies ranging from commercial industry to the aerospace industry. In addition, Aircraft Solutions maintains a large capacity plant filled with an extensive variety of equipment, which is mostly automated alongside skilled specialists in a range of fields to ensure they meet their customers’ needs. The weaknesses that are being addressed are hardware and policy. Company Overview Aircraft Solutions is a leader in the planning and production of component products and services for companies in the electronics, commercial, defense, and aerospace industry. The headquarters of Aircraft Solutions is located in San Diego, California. The goal of Aircraft Solutions is to use machined products and related services to supply customer success, and to achieve cost, quality, and schedule requisites. They have a Defense Division (DD) of Aircraft Solutions located in Orange County, California and a Commercial Division (CD) located in San Diego County, California. Aircraft Solutions has a......

Words: 1560 - Pages: 7

Premium Essay

Wgu Itsecurity Capstone

...Capstone Project Cover Sheet Capstone Project Title: ABC Inc. Firewall upgrade Report Student Name: Michael Wakefield Degree Program: BS- IT Security Mentor Name: Dave Huff Signature Block Student’s Signature Mentor’s Signature Table of Contents Capstone Summary 3 Review of Other Work 13 Rationale and Systems Analysis 19 Goals and Objectives 25 Project Deliverables 28 Project Plan and Timelines 30 Project Development…………………………………………………………………………………………………………………………….31 Additional Deliverables………………………………………………………………………………………………………………………….35 Conclusion…………………………………………………………………………………………………………………………………………….35 References 37 Appendix 1: Competency Matrix 38 Appendix 2: Cisco ASA 5555-X Firewall Specifications…………………………………………………………….40 Appendix 3: ABC Inc. Project Schedule…………………………………………………………………………………….44 Appendix 4: High-Availability Design Screenshots……………………………………………………………………45 Appendix 5: Screenshots of inside to outside access; outside to DMZ access; NAT rules and configurations; and performance graphs and performance results….........................................51 Capstone Report Summary Internet of Everything (IoE) and “Big Data” equates to competitive advantages to the modern business landscape. Numerous white papers are circulating on the Internet highlighting the business case supporting the IoE initiative. For instance, in a white paper conducted by Cisco Inc. on the Value Index of IoE in 2013 reported the......

Words: 9337 - Pages: 38

Premium Essay

Upgrade Internet Edge

...reduce IT cost and simplify deployment of new services. Today, many are working from home as well as on the go. Due to the emergence of “Big Data” and Internet of Everything (IoE), businesses are relying more and more on technological advances in computing to extract actionable information, which fosters competitive advantages. A comprehensive network analysis to ascertain vulnerabilities in ABC Inc. enterprise revealed that the firewalls protecting the enterprise edge is antiquated and are no longer meeting the requirements of the Enterprise Security Policy. Current Situation Over the years, a siloed, very piecemeal approach to patching vulnerabilities at the Enterprise Edge created bottlenecks in the enterprise. ABC Inc. continued to experience profit at a very big hit to the IT budget. In order to not only eliminate the high IT cost, but to provisioned the IT infrastructure to meet the demands of Internet of Everything and meeting those governmental privacy and information security regulations, upgrading all firewalls at the Enterprise Edge is a looming priority. The attack landscape is complex, hacking is no longer a hobby by script kiddies or those wishing to demonstrate their abilities by bringing down a website for bragging rights. Today, hacking is an occupation and the practitioners are sometimes individuals from enemy nations. Like most companies, ABC Inc. relies on known operating systems and other applications such as the......

Words: 5523 - Pages: 23

Premium Essay

Aircraft Solutions

...AIRCRAFT SOLUTIONS SE571 Principles of Information Security and Privacy Phase II Course Project Company Overview Aircraft Solutions (AS) is a recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. Located in Southern California, AS has a dedicated, trained workforce and maintains a large capacity plant and extensive equipment to meet customer requirements. Much of the equipment is automated to increase production while reducing costs. The company's workforce has a large skill base: design engineers, programmers, machinists, and assembly personnel to work its highly-automated production systems. The mission of AS is to provide customer success through machined products and related services, and to meet cost, quality, and schedule requirements. The company strategy is to offer low-cost design and computer-aided modeling packages to customers to reduce their development expenses. AS will help the customer through all phases of new product deployment, from initial prototypes through final large-volume production and assembly. By involving itself in all phases of customer product development, AS hopes to establish long-term relationships and secure repeated follow-on business with its customers. In addition, AS continues to invest heavily in workforce education and training, so as to improve capability to serve its customers. Security Vulnerabilities Overall...

Words: 1895 - Pages: 8

Premium Essay

Aircraft Solutions

...Running head: AIRCRAFT SOLUTIONS AIRCRAFT SOLUTIONS Keller Graduate School of Management SEC 571 Principles of Information Security and Privacy Abstract An assessment of Aircraft Solutions (AS) as to what Security Vulnerabilities that might be found, two areas discussed are Hardware & Policy weakness and impact. Table of Contents Executive Summary 1 Company Overview 1 Security Vulnerabilities 2 Hardware Vulnerability …………………………………………………..…….....2 Policy Vulnerability……………………………………………………………….3 Recommended Solutions 5 Hardware Vulnerability 5 Policy Vulnerability 8 Impact on Business Processes 9 Summary 11 References 12 Executive Summary The purpose of this paper is to explore and assess computer security as it relates to Aircraft Solutions. When we talk about computer security, we mean that we are addressing one or all of the three important aspects of any computer-related system: confidentiality, integrity, and availability. One of the challenges in building a secure system is finding the right balance among the goals, which often conflict. Aircraft Solutions provides full spectrum design and implementation solutions to multiple industries including the electronics, aerospace, commercial, and defense industries. In addition to the background information presented in the course assignment, additional information on geographic layout, business process, and IT architecture were presented. With the information provided, and based on...

Words: 1902 - Pages: 8

Free Essay

Ceh Executive Proposal

...real-time network health and change management among other areas of today’s ever changing Information Technology (IT) data environment. This software assists the security manager in safeguarding vital business data through the compilation of network device information and real-time awareness of network health, firewall configuration and patch management with deployment. The software is modular and can be configured to meet the needs of the organization in which it supports while minimizing service interruptions which lead to the loss of productivity. Solarwinds offers a multitude of modules that range from configuration management to help desk trend analysis and firewall management. This is a non-platform dependent software solution which can manage firewalls and devices for proper patch management. This solution can be configured by the most novice IT professional while not breaking the bank. Its scalability can support anywhere from 10 users to many hundred users. The Solarwinds software solution can be a great addition to any network security solution. The benefits you will be getting from this software cover a large spectrum of security hardening techniques from the firewall configuration and management to end user patch management. Solarwinds modularity contributes to its capability to fulfill many security requirements. Solarwinds offers a scalable security information and events manager (SIEM) console module. The SIEM module will enhance the capability to maintain......

Words: 1221 - Pages: 5

Free Essay

Aircraft Solutions Risk Assessment

...Aircraft Solutions (AS) Security Assessment Submitted to: Professor SEC-571 Principles of Information Security and Privacy Keller Graduate School of Management Submitted: Overview Aircraft Solutions (AS) is a southern California company specializing in cutting edge design and manufacturing. AS supplies products and solutions in the fields of electronics, commercial, defense, and aerospace to a wide variety of customers. AS not only has a highly skilled and trained workforce, but they also utilize state of the art equipment that provides efficiency and productivity rarely seen in this industry. AS’s headquarters is located in San Diego, California while their Commercial Division (CD) is located 40 miles east of San Diego in Chula Vista, California. The AS Defense Division (DD) is located between Los Angeles and San Diego in Orange County, California. AS uses Business Process Management (BPM) to integrate customers, vendors, and suppliers in order to create a successful product. The success of the BPM is closely dependent on the success and efficiency of the Information Technology (IT) process of AS. Customer data, design engineering, and Proof For Production (PFP) are all examples of how AS’s IT success directly impacts their BPM. Vulnerabilities Hardware vulnerability AS has an obvious hardware vulnerability that could potentially have a catastrophic effect on the Chula Vista CD and the rest of AS. AS has a current network architecture that...

Words: 2620 - Pages: 11

Premium Essay

Assignment #3

...to mutually verify each other's identity in order to safely transfer data over an otherwise unsecured connection. Since its inception, Kerberos has gained the acceptance of numerous major entities and continues to grow. When a user logs in, an authentication service verifies the user's identity and grants an encrypted ticket, which contains identification credentials (such as a randomly-created session key) and only works for a limited time of eight hours. A user decrypts the ticket with his password and the credentials are stored in the user's cache to gain access to the intended service. Once the time is up, the user will have to log in once again and request a new ticket. The ticket is destroyed when a user logs out. Compared to a firewall, which offers protection from outside attacks but limits the actions a user can perform, Kerberos allows a user to continue to safely operate over an unsecured connection by encrypting the data transfer without limiting a user's abilities. Because Kerberos requires mutual client and server verification, it prevents phishing by keeping malicious entities from posing as the server and fooling the client into giving the entity the means for access. The encrypted data transfer prevents unwanted third parties from seeing sensitive information, thereby preventing man in the middle attacks. Kerberos establishment as an Internet standard has resulted in its wide usage, and it continues to grow as more companies and technologies adopt it for......

Words: 1290 - Pages: 6

Free Essay

Afafasf

...Smartlaunch Installation *Before proceed to Smartlaunch client installation,please make sure client PCs IP address start from XXX.XXX.XXX.100 . (eg:192.168.0.100) Click “Next” DDS – Diskless Solutions | Networking Solutions | QNO 2 WAN - 8 Multi-WAN VPN Firewall Router | Computer Sales & Services | Streamyx Authorized Reseller | IT Maintenance Services | CC Link CC VPN Services | Auto Update Server | MICHAELSOFT DDS SDN BHD 11-2,Plaza Danau 2, Jalan 2/109F, Off Jalan Klang Lama, Taman Danau Desa, 58100 Kuala Lumpur, Malaysia. Phone: +603–79820872, +603-79816878 Fax: +603–79807668 E-Mail: enquiry@michaelsoft.com.my Website: www.michaelsoft.com.my Click “Next” DDS – Diskless Solutions | Networking Solutions | QNO 2 WAN - 8 Multi-WAN VPN Firewall Router | Computer Sales & Services | Streamyx Authorized Reseller | IT Maintenance Services | CC Link CC VPN Services | Auto Update Server | MICHAELSOFT DDS SDN BHD 11-2,Plaza Danau 2, Jalan 2/109F, Off Jalan Klang Lama, Taman Danau Desa, 58100 Kuala Lumpur, Malaysia. Phone: +603–79820872, +603-79816878 Fax: +603–79807668 E-Mail: enquiry@michaelsoft.com.my Website: www.michaelsoft.com.my *Uncheck “Start the Smartlaunch Client” and click Finish. DDS – Diskless Solutions | Networking Solutions | QNO 2 WAN - 8 Multi-WAN VPN Firewall Router | Computer Sales & Services | Streamyx Authorized Reseller | IT Maintenance Services | CC Link CC VPN Services | Auto Update Server | MICHAELSOFT DDS SDN BHD 11-2,Plaza......

Words: 848 - Pages: 4

Premium Essay

Sec571 Course Project

...Aircraft Solution (AS) Company Ali Hassan Submitted to: John Michalek SEC571 Principles of Information Security and Privacy Keller Graduate School of Management Submitted: April 21, 2013 Table of Contents Company Overview ……………………………………………1 Company Assets ………………………………………………..1 Vulnerabilities ………………………………………………….2 Hardware Vulnerability………………………………….......2 Policy Vulnerability …………………………..……………..3 Recommended Solutions…………………………………….... 5 Hardware Solutions ……………………...………………..…5 Policy Solutions ……………………………...……………...10 Budget ………………………………………………………….12 Summary ………………………………………………………13 References……………………………………………………...14 Company Overview Aircraft Solutions (AS) company located in Southern California design and fabricates component products and provide services for companies in the electronics, commercial, defense, and aerospace industry. The mission of AS is to provide customer success through machined products and related services, and to meet cost, quality, and schedule requirements. AS uses Business Process Management (BPM) to handle end-to-end processes. BPM system is designed to connect customers, vendors, and suppliers. Security Weakness In the communication between AS’s headquarter and its two departments make the AS’s headquarter assets are targeted, I will discuss here about the vulnerabilities in software and the policy. Company’s Assets The assets for AS are the Business Process Management, BPM, system and......

Words: 4091 - Pages: 17

Premium Essay

Aircraft Solutions

...Aircraft Solutions, headquartered in San Diego, California, is a company specializing in business-to-business products and services. Their customers are primarily in the electronic, commercial, defense and aerospace industries. They specialize in offering low-cost design and computer-aided packages to help their customers lower their costs for development and involve their customers in every step of the fabrication process while utilizing the Business Process Management System (BPM). With this method they hope to keep repeat business and attain long-lasting customer relationships. They have two remote locations outside of San Diego: The commercial division is 40 miles east in Chula Vista, California and the defense division is 90 miles away in Santa Ana, California. Aircraft Solutions prides itself on being recognized as an industry leader. However, after assessing the company’s information security, they may not be a leader for much longer. Two major security weaknesses have been identified: a hardware configuration problem and an unsound security policy for the firewalls. The company has five servers, a database, one switch, two routers, and a firewall. All of the hardware is behind the firewall except the main router. This router connects directly to the Internet, which is also the connection the commercial division in Chula Vista uses to connect to the headquarters. This configuration is set up in such a way where all Internet traffic hits the main router first...

Words: 1260 - Pages: 6

Free Essay

Aircraft Solutions

...Aircraft Solutions: Security Assessments And Recommendations Session: March 2012 Security in Computing Professor: Randy Strauber BACKGROUND Aircraft Solutions (AS) located in beautiful southern California has become a recognized leader in the electronics, commercial, defense and aerospace industries. This is due their design and fabrication of component products and services available to their customers in the various industries. What set Aircraft Solutions apart from other design and fabrication companies are their dedicated, trained workforce and the maintenance of a large capacity plant and extensive equipment that enables the company to meet customer requirements. The company is made up of a large highly skilled work force that works its highly automated production systems from design engineers, programmers, machinists and assembly personnel. Aircraft Solutions goals are to provide excellent customer service and success through its machined products and services. This is achieved while at the same time keeping their cost, quality and scheduled deliveries in check. The main headquarters for Aircraft Solutions is currently in San Diego, California, while their Commercial Division is located 40 miles east of headquarters and the Defense Division is located in Santa Ana, California. Security Weakness In reviewing the current business process, geographic layout, current IT architecture and network infrastructure there were some security...

Words: 677 - Pages: 3