Name Unit 7 IT Systems Security and Encryption Learning Aim C & D

Introduction: My name is Melly and, in this assignment, I will be examining

the techniques used to protect an IT (Information Technology) system from
security threats and Implementing strategies to protect an IT system from
security threats
 Network room security
 Back up
 Disaster recovery plans
 Internet and network usage policy
 Security audits
 Default settings and backdoors
 Installation of software updates and hardware patches
 Rules
 Anti-virus software
 Firewall and IDS
 Domain management
 User Authentication and log-on procedures
 Access control

Method Explanation Justification

Network room security A network room is a physical A Network Room is a shared
area in a building devoted to hosting facility for storing or
hosting all network operating network equipment.
communication devices such Because of its shared nature,
as routers, switches, firewalls, any network equipment
computers, servers, storage requiring physical isolation and
devices, database servers, DSL protection from other
routers, and so on. A network employees is safely housed
room is a regulated room, there.
which means that only specific
personnel in the firm have
access to it for security
purposes.
Back up Backup is the process of Backing up is essential for
creating duplicates of data or everybody who uses a
data files for use in the event computer since files and data
that the original data or data might become damaged,
files are lost or destroyed, as overwritten, or erased
well as to fulfil the criteria of a accidentally. Backups are
data retention policy. typically done on separate
storage devices or on a
separate server.
Disaster recovery plans A disaster recovery plan, in When your Business Continuity
short (DPR) is usually a Plan fails, you'll need a
formalized, organized strategy Disaster Recovery Plan.
that outlines how an Because, no matter how
organisation may resume carefully you defend your
operations swiftly after an systems against downtime, a
unanticipated occurrence. A calamity or human mistake can
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D

disaster recovery plan (DRP) is always disrupt your IT

a crucial component of a infrastructure (intentional or
business continuity strategy unintentional). Because of
(BCP). your backups, Disaster
Recovery makes it simple to
rapidly get back on your feet
and go on in such scenarios.
Internet and network usage An internet and network usage The idea of establishing
policy policy are a written document and internet and network
used by business owners to usage policy are to completely
convey the acceptable usage eradicate any confusion and
of technology in the potential abuse that could
workplace. The document prevent the company from
outlines the organizational functioning productively. A
requirements of its employees solid internet and network
while using the internet and usage policy contributes to a
other company-provided more pleasant work
devices. environment that is more
conducive to getting the
necessary work done in order
to run a successful business.
Security audits A security audit is a systematic Security audits will aid in the
review of a company's protection of critical data, the
information system's security identification of security
by assessing how well it policies, and the monitoring of
corresponds to a set of the efficacy of security
standards. A comprehensive strategies. Regular audits can
audit often evaluates the help ensure that employees
security of the system's follow security best practises
physical setup and and detect new vulnerability
environment, software,
information handling
practices, and user habits.
Default settings and backdoors A default is a pre-existing value Default settings help decrease
of a user-configurable setting mistakes by educating and
that is assigned to a software guiding users. As a result, it is
application, computer critical to choose useful
program, or hardware in defaults rather than those
computer science. In the case based on the first letter of the
alphabet or the first item on
of electrical equipment, such
your original list. Defaults can
settings are often known as
also have an impact on your
pre-sets or factory pre-sets company's bottom line and A
and Backdoor is a word that backdoor is a system shortcut
refers to unauthorized access that allows a user to log in
to a computer system's without passing through
software or hardware. The security checks (such as
backdoor may be constructed username/password
by the developer so that they authentication). After
can make modifications to the breaching a system, attackers
system fast and simply without frequently install a backdoor.
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D

needing to log in to the An attacker, for example,

system. acquires shell access to a
system by exploiting a flaw
introduced by a missing patch.

Installation of software Installation of software These might involve patching

updates and hardware patches updates is updating a software found security gaps and
with an update (sometimes addressing or deleting
known as a patch), which is a computer faults. Updates can
series of modifications made offer new features to your
to a piece of software in order devices while also removing
to update, correct, or improve obsolete ones. While you're at
it. Changes to software often it, ensure sure your operating
correct bugs, address security system is up to date.
risks, add new features, or
enhance speed and usability. Patches are required to
Patches are occasionally used improve the overall stability of
to limit functionality, delete or an operating system or
deactivate features. application. Resolve a security
flaw. Patches, along with
A hardware patch is a series of additional updates such as
changes released by a dot-releases to (or entire
developer or firm to update, overhauls of) an operating
correct, or enhance it. This system, are part of the critical
generally includes addressing preventative maintenance
security flaws and other issues, required to keep machines up
as well as enhancing usability to date, stable, and secure
or performance. from malware and other
dangers.
Rules Rules are one of a collection of Following standards in the
written or accepted rules or workplace is critical for
principles controlling employee health and safety.
behaviour or procedure in a For example, in organizations
certain area of activity where computers are used for
communication, personnel
must be professionally trained
to utilize these technologies
responsibly.
Anti-virus software Anti-virus software is a Antivirus software is the last
program or collection of level of protection. Viruses
applications meant to prevent, must pass past that defence to
search for, identify, and reach you, which is no simple
eliminate software viruses as task. A good antivirus program
well as other dangerous protects you from hazardous
software such as worms, viruses and keeps them off
trojans, adware, and others. your hard drive.
Domain management Domain administration, also Corporate Domain Name
known as domain name Management (CDM) is often
management, is the continuing regarded as a must-have for
process of keeping a personal businesses seeking to manage
or business domain (or and secure their key domain
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D

domains) stable, safe, and name assets. The most basic

capable of supporting service provided by CDM is the
connected websites. The automatic renewal of domain
domain name not only creates names, guaranteeing that they
its owner's Internet presence; do not expire.
it also acts as a doorway to a
commercial or personal
website tailored to that
owner's specific needs.
User Authentication and log- User authentication validates a User authentication, which
on procedures user's identification while uses unique usernames and
seeking to get access to a passwords, assists
network or computer resource organizations in protecting
by permitting a human-to- their customers' privacy and
machine transfer of information confidentiality.
credentials during network
contacts to ensure a user's Logging into a system or
validity and the log-on application should be designed
procedure on a computer to reduce the possibility of
system used by more than one illegal access. To prevent
person identifies the permitted giving an unauthorized user
users and the protocols of with needless help, the log-on
users' access time. These login procedure should give as little
processes are designed to information about the system
keep the system secure by or application as possible.
controlling access to sensitive
data and actions.
Access control Access control (AC) is the Access control is crucial for
selective limitation of access to information, data, and
a location or other resource in network security. Access
the disciplines of physical control, which is integrated
security and information into all three components of
security, whereas access the IT infrastructure, reduces
management defines the the risk of cyber threats
process. The act of accessing caused by allowed access to
might refer to eating, entering, devices and servers.
or utilising something. The
term authorisation refers to
the ability to access a
resource.
Firewall and IDS A firewall is a network security Your home may have a
technology that analyses and software-based firewall, but
regulates incoming and your company need a
outgoing network traffic in hardware-based firewall to
accordance with predefined prevent all undesirable traffic
security rules. A firewall is from entering your network. A
used to create a barrier powerful firewall will allow
between a trusted network as you to regulate what
well as an untrusted network, computers send and receive
such as the Internet. on your network from outside
sources
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D

An intrusion detection system

(IDS) is a hardware or software There are numerous
program that examines a compelling reasons to
network or systems for purchase and operate an
malicious behaviour or policy intrusion detection system: To
breaches. Any intrusion discourage harmful behaviours
activity or violation is often by raising the perceived
notified to an administrator or danger of detection and
centralized via a security punishment for those who
information and event might assault or otherwise
management (SIEM) system. abuse the system. To identify
assaults and other security
violations that existing security
measures cannot prevent. To
identify and deal with pre-
attack activity (such as
network probing and other
'doorknob rattling'
operations).
To record the current threat to
an organisation.
To provide quality assurance
for security design and
management, particularly in
big and complex companies.
To give relevant information
regarding intrusions that do
occur, enabling for better
diagnosis, recuperation, and
correction of causal variables.

Plan to protect the current System

Connect to Wi-Fi The first step is to connect to WI-FI using

WPA3 encryption because it is the most recent
version and has more benefits than WPA2.
Download and install an antivirus program and
check for computer updates using the WI-FI
connection.
Download Anti-virus Next, I download a free and efficient antivirus
from a trusted website for absolute protection
to all computer systems. Set up a scan
schedule, preferably every 24 hours during
non-working hours. I will download Kaspersky
since it free and effective and can also protect
computers from viruses.
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D

Configure a Firewall I ensure that all ports are closed because any
open ports can be accessed and exploited by
hackers.
OS Update Patching operating systems are necessary
because it reduces the number of flaws in the
operating system. If there are any updates
available for the operating system, it must be
updated ton the latest version because update
patches usually include significant
improvements to the system’s security and
patch vulnerabilities, which improve the
overall system performance
Log on rules The next step is log on rules. Log on rules must
be implemented. These rules mostly apply to
passwords. These include password security,
how long passwords are legitimate before
they must be modified, and the number of
recalled passwords. They are also required to
ensure that employees make strong
passwords which in turn makes their accounts
difficult to access by hackers.
Shared folders After log on rules have been implemented the
next step is to create shared folders. These
folders must have the capability to be used
and accessed by multiple people at a given
time or even at the same time

Creating User account This step is where multiple accounts are

created for managers and employees so each
person has a designated account. These
accounts will be made with different levels of
permission
File permission File permissions are the last step of the
computer protection plan. File permissions
will be added to alter, read and write file and
folder.
This section could be created using steps or presented in a table.

Test Plan

Test No Feature Test Expected outcome Actual Comments

outcome regarding results
1 Ensuring that WI- The Wi-Fi is WPA3 There was no No comments
FI is on WPA3 WPA3
encryption encryption
because
there is no
internet
access.
2 Ensuring that the The computer can There is no No comments
internet can be access the internet internet
accessed easily using Wi-Fi access.
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D

3 Ensuring that There should be no Antivirus No comments

there are no viruses couldn’t be
viruses on the downloaded
system by since there
running scans. was no Wi-Fi

4 Configuring There are no flaws or Port 3389 No comments

firewall by open ports. was blocked
ensuring all ports
are closed

5 Checking for any There are no new No new No comments

OS updates updates. updates
because
there is no
internet
connection.

6 Making sure that It should be rejected It works No comments

all the with an error properly
requirements message if it does not
needed for the meet requirements
logon rules are
met such as
mixture of
letters, numbers
and symbols
when making
passwords,
minimum
number and so
on.
7 Ensuring that its It is possible for files It can be No comments
possible for to be accessed accessed
employees to
logon
successfully
8 Checking the Files can be accessed Shared folder No comments
shared folder. by employees. was
Making sure that accessible
staff or
employees can
easily access
specific files.
9 Checking that Make sure that Access is No comments
specific files employees can given to
require access can exactly specific staff
employees to what they need to
have permission. access
10 Making sure that It should be stated Antivirus No comments
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D

a scheduled exactly when a couldn’t be

scans is enabled computer scan will downloaded
be performed
11 Only specific staff Can be accessed by Shared folder No comments
can access employees with can need
specific folder permission permission
from specific
employees

Evidence of implementing the plan

Name Unit 7 IT Systems Security and Encryption Learning Aim C & D
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D
Name Unit 7 IT Systems Security and Encryption Learning Aim C & D

Review

I believe all the lack of internet connection was a massive hindrance. I couldn’t ensure that I was
using a WPA3 encryption because I couldn't get connected to the internet. Computer scans also
couldn’t be made since I couldn’t download antivirus to scan for flaws and viruses and there also
couldn't be scheduled security scans due to unavailability of antiviruses. There were no open ports
since 3389 port was blocked meaning the firewall was successfully configured. Logon
requirements were also met and it worked perfectly. And it was possible for staff to logon
successfully. Files could be accessed by staff and managers could also access files that staffs would
require permissions for. There were also no OS updates since there was no internet connection to
check for new updates.