************ ********** ********** *** ******************** ************** ** Information ******************** nameInstructor’s ************************************** ** **************** ************* ********* of ******* ******** ************ ******** ****** *** issues 4Updates ******* *** keep patches ******** *** 5Security threats *** issues ******** ******** *************** 6Office space ******* 7Defensive ********* ***** ************* 10Encryption technologies ** *** network/ Devices ******* ******** *** ****** **** organization 11Strategies *** ******* to ***** ******* ******* ******** *************** 12Conclusion ************ 13    Information Security *** data centre: A ****** of ******************** ****** years ****** makers *** ****** ***** ********* ******* ***** security ** **** ** a ***** ** ******** ** ** ** very ********* **** the ******* government *** ** *** attention towards ***** ******** and its ************** *** *** government thinks **** *** ***** ******** ** ******** ************** ** ******** ******** ******* *** sophisticated ****** *********** internet approach and ******* ********** ***** ** ********** for * single ****** ** any ***** entity **** *** the ******** ** cyber ************** *** ********** *** ********* ************* ***** collectively ** **** *** years ********** bodies *** ******* ************* **** ********* * strong *********** for *** ********** ** cybercrimeThe **** points ** **** ***** are ******** ****** ***** ********* confidence *** ******* **** ***** **** shows * *********** ** IT ********* **** **** methodology *** the ********** ** ***** ********* *** ******* ** *** ********** **** framework ****** ************* to ***** **** ********* *** ********** ** risk **** *********** *** the ******** ** critical infrastructure different standards *** **** ** *** government There are **** ************* ********* which *** **** ******* for the ******** ** ******** **************** ********** **** ******** and protection ** all *********** ****** ** *** ****** *** our ************ is ** important **** Our all ********* ********** *** *********** ** **** **** *** ********* ** We ****** *** ************** *** *************** ** *** ****** **** ***** ** take ***** ******** measures to ******* *** **** ** ****** **** may **** *** confidentiality ** *** ****** ************* **** highly ******* employees *** **** secured policesIntroductionThe ******** ********* ***** *** **** ** different ************* ** minimize *** ************* *** ***** as ***** ******** ********* These ********* ******* an ******* *** specific methods *** ****** implementation ** ***** ******** As ***** ******** ** an ************* ***** so *** ********* standards ****** ** of ************* ***** *** *** ***** *** *** ***** are ************* ********* *** ***** security ***** standards *** ****** by *** ************** Organization *** ********** *** *** ************** ******* technical *********** collectively (Humphreys ******** *** ********** ** ************* * ************ ******** ********* ** *** ******** ** *** ********** *** main ******* ** **** ******** ** to ******* *** ******* ********** **** cyber-attacks *** ** ****** any type of ************ ** ******* ** ************ **** ******** the ******** ** *** can ** protected **** *** ********************* ** ******* security fundamentals security threat *** ********** increasing cybercrime ******* ******** has ****** *** **** ******* ** ********* ****** ********* or cyber ********* can bring **** ********* computer ******* *** **** **** *************** Network security involves hardwaresoftwareprocedures and **** ******** ***** are ******** in * *** ** protect company’s computer ****** ******** *** ******** **** ******** layers ***** ******** company’s ******** ****** **** ******* damaged ******** ***** ********* 2006)There *** **** basic ******** ************ **** *** ********* to ******** ********** **************** ********** regulation ***************** current *** **** patchesVulnerabilities ** ******** ************ *********** ********* ****** *** ******* ******** *** ********* ** cyber ********* **** ************** are *** ******* about ******* *** ******** **************** in a company ****** ** ***** current ******** ** ******** that are **** **** which *** Microsoft ******** ******** ***** ***** Oracle java ********* office ***** ***** ******* and Reader * ********* ****** ** **** ** ****** **** each ****** ** ******* ********* ********* ******* ******** *** ****** devices *** automatic updating ****** ** ******* on ******* *** apple *************** ************* ***** *** not ***** of writing ********* on post –It ***** ***** gets ********* to ******** monitorsPasswords *** ** secured by ****** **** strong ** using ** ***** *** charactersnumbers *********** of ***** *** ***** case letters *** ********** ****** secured ********** ***** **** dictionary ****** noun *** foreign ***** ****** ** ******* Numbers ****** *** ** **** ** password ** ** ******* easy to detect using user’s ************ ******* to ******* **** ******** **** should ** avoidedA phrase ****** ** ******** that ***** ********* to ******* *** then first ****** ** each word and **** ******* ****** ** **** *** ********* **** ********* ************ ***** ** **** ********* ****** ** ************ should *** be ******* ** ***** ***** ******** **************** ****** * ******* VPN identity authentication *** **** ********** *** two ********* ********** ** **** *** hackers to exploit **** networkmore **** **** **** is ********** **** ******** ** **** **** ********** *** and ****** ******** documentation should be reviewed ** **** ********* protocols for ************** and ********** are in ****** more ****** ****** for ******** ************** ************ ************** should be **** **** ***** should ** ***** *** identity ************** for **** ******** *** ******* ***** should ** asked ** ***** *** ** any ****** **** generated ** ************* ***** * minute with passwordFirewall can also ** **** ** ******** VPN network **** other ******** More **** **** cloud ***** **** ******* *** ***** should ** **** instead ** *********** ****** ******** ****** ** created *** ******** *** ****** ** ******* while grating employeescontractors ** ******** *********** *************** ****** know *** ** ****** ***** ******** **** ******** Any malicious ******** **** ***** ***** **** ******* device can **** ******* ******* through ** **** connection of ********* devices should ** ****** **** ***************** software *** firewall before ****** them ****** ** *************** threats and *************** ****** ********** ** internal data:If ****** *** ***** ** ********* position *** ***** ****** ****** in * company ***** or system ************** **** been granted **** ****** ** ******* **** ** becomes threat ** **** ** against ************* ************ ****** *********** is ** longer ******* ** ***** *** ***** **** ** social network *** information shared ** ****** network **** *** ** a **** **** * scammer needs for informationThird party ********* *** **** *********** data *************** ********* own ********** ******* the ****** for **** ******* Cloud ********* *** no transparency ** services; this can’t be trusted *** ****** ********** ******** Attackers *** have **** fake ************ ** ********************* *** surveillance *** ** **** by anyone ******* *** ***** **** ************** ************ *********** motivated ******* is on ******* can **** this hacking ********* if *********** ******** are ********* policies are *** clarified *** defined **** ****** ***** ************ ******** ********************** security ********* ** ******** *** **** ******** ********** ** software based ******** ** ******* that controls out ***** *** in ****** of network traffic ** ** a **** ******* * ******* and ******* ******* and ******* ******* that ** not ************** ***** ********* are **** ** **** operating ******* ** ******** ********* ** *** ********** against ******* ******** ** also **** ** ************* ******* two ******** *** ** **** ** ******* a ******* ***** ** ***** ********** **** the *** ** ******* ********** dedicated connections *** ******* ********** ************ securely ******** *** ******* ** ** ************ **** *** geographically separated *** ******** a network *** is **** **** by ****** ** ******* ***** ******** *** ********** many **** firewalls *** **** to ******** ******** ** a ************* ******* ********* *** **** by ***** corporations ** **** their ********* ******** *** protectedIt *** also ** ********** ** * ******* **** **** ******** sensitive or ************ ******* ** sent *** ** **** ** * ****** of **** ** *** security ** ******** ***** corporations often **** **** ******* firewalls in place to protect ***** ********* networks ******** *** *** ******** side *** ** configured ** addition firewall can **** ** used ** ***** certain ***** on * ******** **** *** fire wall ******* computer can’t *** access ** internal ********* can ** ********** ** **** **** ** ******** ******** ***** requires ********* IT ******************* Firewall is * ********** *********** ******** It offers ******** that *** ** ******** **** Intrusion Prevention ****** (HIPS)it ******** ******** ****** resources changes *** can adjust **** ******** ** ones ***** (Raja et ** 2011)Company ****** use *** ** ****** a ****** ********** **** ****** ******* ** private ******* ** a remote locationWith the *** ** *** ************** *** ** *********** through a ******* ******* ******* **** **** ****** to ****** ****** *** technology uses ******** **** **** ************* ******************** protocolscertified connections **** are **** ** ******* identityVPN provides *** benefits of *** ****** **** Network) ******* using **** **** ************* in ******** to secured ************* providesprivacy ** ********* ******** to browsing ******** *** access ** ***** ** contents that *** ************* ***** ********** ****** ***** diagram *** **** ***** is ** ***** ************ floor ** the ******** will **** same ************ ** this floor plan can ** ******* ** *** **** ****** ** the buildingDefensive ************** *** ******* ******* that can **** ******** ******** **** ****** threats include **************************** viruses hacker *********** ***** etcThese ******* *** ****** unsecured ***************** wireless ************ ************* ******* ***** ******* such ******* ******** ******** *** taken ** ******* *** example:keeping patches and ******** ************** VPNstrong passwords *** For * ******* ******* firewalls *** **** *** **** *** ******* ************* ********** ******* security ********* **** enforcing right **************** unused **************** ******* *********** *********** ***** **** ******* ***** only *** ******* new ******** on ******* ******* is ********* are ******** ******* that *** ****** for the network setup: ************* ** ** ************* ** need a router ** ** ********* ** *** **** ** *** network ***** are ******** ******* *** *** major ones *** Cisco and ******* ***** *** ******* **** * **** ****** ** ******** *** ******* ******* ******** **** ******** *** ***** 2900 ****** ****** ******* ******* routerSwitches: ** need ** ******* multiple ******** ** *** ******* We **** ** have switches **** *** be placed and **** ****** *** some ***** ******** **** *** ** ****** ** ****** switches We **** need the ******** ** have PoE ************ **** ********** *** purchasing ******** are ***** ******* and ** **** products ** *** **** ************ are ***** **** *** access ***** Cisco 4500-X *** Core ********* network ******* ****** ******* ****** ************ ******** *** **** *** ******** **** ** *** ******* **** *** ****** ** ******** technology there ** **** **** ****** in ******* ******* *** *********** * ****** firewall ***** to ** ******** ** the ******* which ** ******* of ********** ****** ******* ******* **** major ******* firewall ******* *** ********** ******** ***** Juniper ********* Fortigate *** **** products ******* ** ***** ******* ******** *** **** Institute *** Cisco ****** ******* *** *** ******** PA3500 ********* ******* ****** ************ A ******** bridge ***** ** ** ******* ******* the two ********* ** need ******* ******** ****** ****** ** ******* **** We **** need to ******* ****** access points ** provide ******** ************ *** the end ***** Some ******* what ******* Outdoor *** ****** ****** ****** *** ***** ******* ***** etc Wireless ******* ****** ****** ***** Aironet 1570 ****** ***** ******* **** ****** Aruba *** ****** Netgear ****** *** *** ****** ****** ****** we *** use ***** *** or *** ****** ***** **** ***** Phones: *** ** ****** replaces *** old ****** ********* ******* *** ******* ** ******* **** ** ******* Some ***** vendors *** ** Phones *** ***** Avaya *** PolycomWiFi **************** ****** **** network configuration ******* *** the ******* ** the ************ ** ** ***** *********** ***** to **** *** ******* ******** ************ for *** ************ for ****** ******* is as given ****************************** ************ ******** *** ********* ** every ***** of the ************ for ******** ********************* *** **** ** connect various components ** ****** *** *** ***** RJ45 ** **** ** ******* *** ********************* ** ******** ** every ***** ** *** ************ to **** ******* ******************** ****** the ******* ******** ******* ********** ******** are ******************* *** ******** ** ******* ****** ********* will ** ******************** ************ on the ******** DevicesEncryption is *** of **** *** ** **** **** *** ************ ****** from the ************ **** ************ ********** *** ** **** ** ******* **** information ********** also ***** *** importance of *** *** of ******* ********** ** ************** in order ** ****** ******* **** ********** ** a ******* ** ****** ** ********** **** **** ****** *** two common ***** ** encryption are as ********* ******* **** ** **** both *** ******** *** the sender are ******** **** *** *** which is ******** ** ******* *** ******* **** ** ***** ************ ****** **** ** uses *** ******* ** two keys one is a ******* *** *** ******* *** ** * ****** *** ***** user will **** ********* ****** **** *** each user ********* ***** ********* ******* keyThus ********** is ******** *********** for ******* *** *** ******* ********** *** depend ** *** level *** work ** *** organizationCloud ******** *** ****** **** ***************** ********* ********* ****** ** the ***** ** ********* the ************* ********* *** most ********** ****** ** ********** with *** *** ** *** ******* ****** ********* ** computing (such ** ******** ******* various services *** ***************** ** the ***** ************ ***** **** ** the important characteristics **** ***** ********* ************** Access ** broad ********** Pooling *** Resources· ***** ******** ************ ******* of used *********** **** ******* **************** ** *** ******* ***** ************ *** ********* ** *** following ******* ** ***** below:1 ************** as a ******* (IASS): **** ** an arrangement that ********* ******** the *** of *********** technologies (such ** *** servers ******** *** the ******** **** *** ******** ********* of ******* ** **** *** company *** ** ********* **** to *** ******** *** run *** ******** equipment’s **** this level ** the ***** computing ** usually reflects to *** various ****** ** ******** *** ******** ****** *** *********** ******* ********************* ******* This ** ** *********** that ******** the *** ** *** company’s grouping ** the ******* ************* ********* **** *** ******* ******** ********* ** ******** Thus **** **** ** ********* ***** ******* ******* *** *********** servers database technologies *** ******* web ******** ********************** ******* **** ** an *********** **** ******** *** ********* ** *** *********** entire *********** ** *** ***** ** the application ** ***** *** ** *** ********** ******** ****** than on *** ******** ************** ** the ******* Example of **** ******** *** CRM ****** of ************* *** *** ****** in *** ********* IASS PASS *** **** *** *********** *** *** ****** **** ********************** and devices to ***** threat: Network ******** ********************** ******** ********* ** ******** *** **** Firewall ********** ** ******** based security ** ******* that ******** *** going *** ** ****** of network traffic It is * **** between a ******* and ******* ******* *** ******* ******* that ** *** ************** ***** ********* *** **** ** many operating ******* ** personal computers ** *** ********** ******* ******* ******** is **** **** in ************* ******* *** routersA *** is made by ******* a ******* point ** ***** ********** **** *** *** ** ******* ********** ********* *********** *** ******* tunnelling ************ ******** ******** *** ******* ** ** ************ that *** ************** ********* *** creating a ******* *** ** also used by ****** to ******* ***** ******** and ************** ******** ** * well-known recommended ******** It ****** ******** that *** ** ******** **** ********* Prevention ****** (HIPS)it ******** ******** system ********* ******* *** *** ****** this software ** ones ***** (Raja ** ** ******************** *** various ******* that *** **** ******** networks **** ****** ******* ******* ***************************** viruses hacker *********** ***** ******** ******* *** damage ********* websitesunsecured ******** networksweak ************* devices ****** ********* ** systematic answer to ****** failing ***************** *********** ****** privacy leaks ** authentication ****** ********** that **** exposed the *** ***** to *** ****** *** middle ******* *** ************* *** those ******* ********* World ****** ************ square ******* ******** **** can ** ** honest ****** ** ******* ******** ******** of *** *** **** **** ****** ** ******** **** **** ******* **** ********* ***** ******* **** ********** ****** **** can be ******* for the protection ********* we will **** ******* **** ************** ** the ***** ********* and their ******* are exposed ******************************* T ****** **************** *********** ******** management systems **** ISO/IEC ****** 2005ISO ********** ******** 1Raja * ****** * *** * Wang K * C ************* * ***** ***** * ***** wall a ****** **** *** * ******* * ******** ******** ******** *** ******** ******** ************* ** *** ******* ********* ** Usable ******* *** ********** 1)ACMWilliam * ***** Stallings * ****************** *** Network Security 4/E ******* ********* IndiaChandra * ******* * ********** * (2002)Network ******** **** OpenSSLO’Reily ********* * (2014) *** **** ** Exploit Heartbleed Bug *** ************ *** ************** from ********** www ********* *************************************************************************** **** Accessed *********** * * K *** * * ***** **** * * ***** ********* ******** ** wireless ****** ********* ****** and ********** ********** ************* ********** ********* 2006The 8th ************* ************** * pp ***********

Click here to download attached files:
CIS552 Cybercrime Techniques and Responses.docx