3.3Discussion.docx

Post 1 By Aditya

Principles of Computer Security

Data and information can be prevented from malicious attacks by setting up security components. Such components needed to protect the organization's information systems infrastructure, according to Bourgeois et al. (2019), are confidentiality, integrity, and availability. Confidentiality restricts access to only the authorized personnel while integrity assures that the data accessed has not been altered. On the other hand, availability ensures that the information can be accessed and modified by an authorized user. Firewalls are installed to ensure that the components above are implemented, and this is the necessary hardware used in achieving it.

To ensure authorized personnel access the systems, authentication is needed by using something you know, such as passwords, something you have, such as smart cards, and something you are, such as biometrics. Users must be authenticated to ensure that the systems are secure as only permitted users are allowed into them. By doing so, confidential information and reports do not land in unauthorized persons' hands. To achieve this authentication, access controls need to be set. Such levels of access control are standard access control set to access a specific host for a particular service and extended access controls that filter users to give more granular controls.

To further increase security, intrusion detection systems need to be installed. These are devices or software applications used to monitor computer networks for any malicious activities or intrusion. Any malicious activity or violation is reported and collected centrally using security information and an event management system that integrates outputs from multiple sources and uses alarm filtering techniques to differentiate malicious activity from false alarms. The main difference between the two types of intrusion detection systems, as stated by Weissman (2021), is that while the network level is set at a planned point within the network to analyze incoming network traffic, host-based IDS is run on independent devices on the network to monitor the incoming and outgoing packets.

References

Atieh, A. T. (2021). Assuring the Optimum Security Level for Network, Physical, and Cloud Infrastructure.

Bourgeois, D. T., Smith, J. L., & Wang, S. (2019). Information systems for business and beyond.

Weissman, J. S. (2021). Principles of computer security: CompTIA Security+ and beyond lab manual (Exam SY0-601). McGraw-Hill Education.

less

Post 2 by Mubbasher

Security Components Necessary to Protect the Information Systems Infrastructure

Information security is the protection of information through information risk management. Usually, the purpose is to prevent or at least reduce the possibility of unauthorized/improper access, use, disclosure, interference, deletion/destruction, corruption, tampering, inspection, recording, or devaluation, but mitigate the negative impact of the incident.

Different security components necessary to protect the information systems infrastructure are:

Firewalls

A firewall is a system that prevents unauthorized Internet users from accessing private networks connected to the Internet, especially intranets, and can be in either hardware or software format (Fraud, 2019).

Encrypting Tools

The encrypting tool enables to access the private keys delivering the data securely by providing an extra layer of protection.

Authentication Software

Authentication software authenticates the users through software to know the identity of accessing the information.

Password Examining Tools

Password examining tools ensures regular examining the user’s password against the hackable login credentials.

Antivirus or Anti-malware Systems

It ensures the security of information by scanning hardware devices, email messages and web traffic.

Access Control Lists(ACL)

Access control lists act as a deciding factor whether to pass or drop the access of information to firms.

Security Devices

Security devices enable intrusion detection for enabling network accessing control between workstation and server.

Key Hardware Components of Information Security Infrastructure

The key hardware components while constructing information security infrastructure are as follows: 

Devices

Devices such as routers, hubs, bridges, switches, and VPN (a virtual private network) has a specific network function. It plays a vital role in network infrastructure security maintenance.

Workstation

A workstation is the machine or client computer used in the client/server model.

Security Devices

A server is a computer on our network that hosts applications and data that everyone can share.

Network Attached and Removable Storage Accounts Devices

These devices allow reconfiguring default accounts before exposing to external traffic.

Network Interface Cards

This hardware system connects the server and workstation to the network.

Firewall

Firewalls are the front-line defence of network security. These network applications or devices monitor and control the flow of inbound and outbound network traffic between trusted internal and untrusted external networks.

Concentrators

Concentrators are the network devices that regulate the flows of multiple points into a single stream of networks acting as traffic management of networks.

Importance of Authentication Methods

Both authentication and authorization are required to process sensitive data assets. Without them, it keeps our data vulnerable to data breaches and unauthorized access. Protected resources require additional security steps such as authentication and authorization. For example, User A can only access relevant information and cannot view User B’s sensitive information. Cybercriminals can access the system and steal information if user authentication is not secure.

Classification of Levels of Access Control

There are three levels of access control:

Mandatory Access Control (MAC)

It is mostly used in military and government firms. This can be accessed by only system administrators like modifying, creating and deleting the data wherein the end-user can only view the data.

Discretionary Access Control (DAC)

This access control enables only certain identification to the user during authentication for securing our information safely.

Role-Based Access Control(RBAC)

This access control secures important role-based information.

Intrusion Detection System (IDS)

An Intrusion Detection System (IDS) is a system that monitors network traffic for suspicious activity and issues alert when such activity is discovered (Rahman & Admin, 2022). It is a software application that scans a network or a system for a harmful activity or policy breaching (Witzemann, 2020). For identification of intrusion, it monitors the network and alerts the system administrator using Security Information and Event Management system (SIEM)  

Intrusion Prevention System Benefits

 

· Fewer security incidents. 

· Selective logging.

· Privacy protection.

· Reputation-managed protection.

· Multiple threat protection.

· Dynamic threat response (Boyd, 2022). 

  

Difference Between Network-Based Intrusion and Host-Based Intrusion

 

 In network-based intrusion, systems detect uninitiated network-related inquiries. It monitors network traffic by comparing it to known attack patterns and well-configured patterns. The users/webserver needs to request information from an external server whereas a host-based intrusion system automatically blocks an attempt to log in after three failed attempts. Usually, we can break into hosts by attempting to log in through a guess. With a host-based intrusion system, we can detect and respond to malicious or anomalous activities that are discovered in your environment (Vault, 2021).

 

References

Fraud. (2019, October 31). Firewall. Fraud.net. Retrieved March 25, 2022, from https://fraud.net/d/firewall/

Rahman, M., & Admin, B. (2022, January 23). Which security mechanism can be used to detect attacks that originate on the internet? Whoat Where Why. Retrieved March 25, 2022, from https://whoatwherewhy.com/which-security-mechanism-can-be-used-to-detect-attacks-that-originate-on-the-internet/

Witzemann, G. (2020, April 9). Which tool is an intrusion detection system ids? Retrieved March 25, 2022, from https://askinglot.com/which-tool-is-an-intrusion-detection-system-ids

Boyd, E. (2022). Intrusion Prevention System Benefits. U. Retrieved March 25, 2022, from https://its.umich.edu/enterprise/wifi-networks/network-security/ips/benefits

Vault, A. (2021). Alienvault intrusion detection intrusion detection plus everything you need to detect and respond to threats. AlienVault Intrusion Detection | UnifiedThreatWorks.com. Retrieved March 25, 2022, from http://web.archive.org/web/20210612143221/https://www.unifiedthreatworks.com/Intrusion-Detection.asp