Module 2 | Team Notes & My Reflections

Unit 1 Team Notes

Objectives:

• Discuss planning of project.
• Sign Team Contract

Notes:

• We discussed the team contract and how we want to roughly plan the module. Plan to meet weekly to discuss progress and any other assignments. Each of the main essay points will be split into five 200-word sections between the group members.
• Discussion One Initial Post (e-portfolio)

My Unit Reflection:

Information security management is a field that has three basic principles; Confidentiality, availability, and integrity. Integrity helps the data be safe and not accessible to unauthorized individuals. Thus, unauthorized individuals have no obligation to alter any data. On the other hand, availability ensures that data is available and protects the functionality of support systems. It also makes sure that information is available when needed. Confidentiality ensures that the data is private; thus, unauthorized users cannot access it. Threats and vulnerability are two concepts that are closely related. A threat refers to an adverse event, whereas vulnerability is the weakness in applications that exposes one to threats. These cyber security threats can be prevented by ensuring that the computer is not exposed to unauthorized users.

 

References

Glisson, W., Andel, T., McDonald, T., Jacobs, M., Campbell, M. & Mayr, J. (2015) Compromising a Medical Mannequin. Sighealth.

Meier, J., Mackman, A., Dunner, M., Vasireddy, S., Escamilla, R. & Murukan, A. (2003) Threat Modelling.

Smith, C. & Brooks, D. (2013) Security Science. 1st ed. Amsterdam: Elsevier, BH.

 

 

Unit 2 Team Notes

Objectives:

• Discuss Project
• Seminar 1: Stride & Dread Tools

Notes:

• Discussed Austin starting the first part of the project. He will attempt to have it done before next week. Afterword’s Qasim will take over.
• Discussed the first seminar preparation assignment: Stride & Dread Tools. The consensus was that network security solutions are the most vulnerable of the three. Followed by network protocols and unsecure software. Another suggestion was insecure programming. We gave network security solutions a level 3-high risk and the other two-level 2-medium risk. We produced seven other mitigations that could be used. Them being zero trust, IPS/IDS, packet filtering, honeypot, account lockout, cyber training, two-factor authentication.
• Discussion # 1 – Responses (e-portfolio)

My Unit Reflection:

Information security management is a crucial role every person should play to protect their data from unauthorized individuals. This involves personal email data like passwords saved on google and all personal information. Sometimes passwords saved on google can be at a high risk of being accessed by cyber thieves; therefore, putting end-to-end encryption is also a significant factor one should consider. Confidentiality, integrity, and availability should be regarded every time one wants to protect their data from accessibility by unauthorized users. Also, company information can be at a high risk of being accessed by people who work for the company. Therefore, the company should follow the proper criteria to avoid losing its secret to other companies who might want the information.

 

References

Glisson, W., Andel, T., McDonald, T., Jacobs, M., Campbell, M. & Mayr, J. (2015) Compromising a Medical Mannequin. Sighealth.

Meier, J., Mackman, A., Dunner, M., Vasireddy, S., Escamilla, R. & Murukan, A. (2003) Threat Modelling.

Smith, C. & Brooks, D. (2013) Security Science. 1st ed. Amsterdam: Elsevier, BH.

 

Unit 3 Team Notes

Objectives:

• Discuss Project
• Practical & Team Activity

Notes:

• Reviewed Austin’s progress on the project and made changes. Qasim will take over and write the next 200 words. Will review it again next meeting.
• Doing the scans there were a few issues we all had. The main one seemed to be getting blocked on the website by its reverse proxy. We discovered using a VPN can bypass it. Other than that it was just basic issues associated with the commands. We were able to research online and watch tutorials to get a better idea about what to do. The results found will be valuable for the final report given, and they will be used as a starting point for the research. 
• Discussion # 1 – Summary (e-portfolio)

My Unit Reflection:

There are typical roles that information security plays, and this is data loss prevention, whereby the data is prevented from being lost. Therefore, Network security, application security, and incident response allow the company to know when there is insufficient security for its data. Threat intelligence and vulnerability management can understand what it can undergo through exposure to threats. Therefore, being exposed to hazards means the company will lose its data because it is exposed to viruses open to cyber threats.

The history of networking goes back to 1969 when Unconventional Investigation Projects Intervention Network was first computer network connected to the web. Thus, it implemented the TCP protocol that became the internet later. The TCP is a set of data transfer protocol that engages interconnection network appliances via internet. Therefore, the TCP shows how information can be switched over the internet through giving stiff encrypted communication and giving communication its privacy. No third party can listen to the communication, even the computer itself. IP shows how to route every packet to ensure it gets to the correct destination, ensuring no third parties in the communication. Thus, TCP has four layers: application, transport, network, and the physical layer. The transport layer ensures end-to-end data transmission across the network and makes sure that third parties do not listen or read the conversation. The application layer gives the application data, which is standardized.

On the other hand, the network layer is used for reporting errors. It also connects the independent network to transport packets in all networks. Lastly, the physical layer is used to connect nodes and hosts networks. The IP4V and IP6V addresses differ in bits, more significant than the other. IPV4 has support for broadcast, while IPV6 does not support broadcast.

 

References

Parziale, L., Britt, D., Davis, C., Forrester, J., Lui, W., Matthews, C. & Rosselot, N. (2006) TCP/IP Tutorial And Technical Overview. 8th ed. New York: IBM.

 

Unit 4 Team Notes

Objectives:

• Discuss Project
• Seminar 2 Preparation: TCP/IP v ISO/OSI

Notes:

• Reviewed Qasim progress on the project. Aldo will take the next 200 words.
• The consensus was split regarding whether TCP or OSI was better. Regardless it was unanimous that it was hard to truly envision what the modern world could’ve been like. For those on the OSI side, it was said to be better because of its versatility. On the other side TCP, was argued to be better because of its rigidity. It provides a solid framework that doesn’t necessarily change as much. This allows it to be better standardized. Overall, it was a very split opinion, with plenty of valid opinions. 
• Discussion # 2 – Initial post (e-portfolio) 

My Unit Reflection:

The ping utility is one of the most potent networking commands used for troubleshooting. Therefore, it is a command that can know if a particular host is alive or not. The ping command usually uses the ICMP services and operates three-layered networks. Thus, it rarely uses the transport layer services, and it performs a look-up simple and for the host. Traceroute is another way to trace away between the sender and the host. Therefore, internet control message protocol helps in reporting back to the sender when there are unexpected that have occurred, giving out information to the receiver that there is something that is not right. Therefore, ICMP does not solve any reliability problems of the IP because that is work that belongs to the transport layer.

Consequently, it is necessary to troubleshoot while using ting, and this can be done by opening the command and typing it PING. Then the troubleshooting starts even though ping variations work the same way with cisco, windows, and UNIX. On the other hand, OSI initiates to uncluttered system of interconnection, and TCP follows a tactic horizontally. Therefore, both OSI and TCP/IP are connection-oriented, but TCP/IP can be connectionless and connection-oriented.

 

References

Russell, A.L. (2006) ‘Rough Consensus and Running Code’ and the Internet-OSI Standards War. IEEE Annals of the History of Computing.

Russell, A. (2013) OSI: The Internet That Wasn’t (How TCP/IP eclipsed the Open Systems Interconnection standards to become the global protocol for computer networking)

 

Unit 5 Team Notes

Objectives:

Notes:

• Reviewed Aldo’s progress and made any necessary changes. Thomas and Kingsley will finish the paper off before the next meeting.
• Discussion # 2 – Responses (e-portfolio)

My Unit Reflection:

Network tools are different and are necessary for the installation of the software. They include; NIC, switch, cable, router, and modem. It also depends on the type of network needed to be installed, and so some can be done away with if they are not necessary. There are also different tools for networking that are used, including traceroute and configuration, among many more. The network tools are used to test and troubleshoot the computer network. Also, computer components consist of both hardware and software needed to deploy computer systems at home and in organizations. The hardware includes the server, , broadcast medium, linking appliances, and user. Therefore, software ones are protocols and operational systems. The network comprises four essential elements: hardware, software, protocols, and connection medium. The network needs them to work with ease in all circumstances, and the network cannot function without them. Therefore, a network needs to have enough configuration. Sometimes a network can be at a high risk of getting cyber theft. When unauthorized persons obtain the information and passwords of a network, they can snoop on the company's private information, making it at the risk of cyber theft. A company to make sure that the internet installed does not have unauthorized people who will get access of any passwords. Therefore, if people get access to the company's data, it is easy to obtain any information about the company (Niemietz &Schwenk,2015,123). 

 

References

Niemietz, M. and Schwenk, J. (2015) Owning Your Home Network: Router Security Revisited

 

Unit 6 Team Notes

Objectives:

• Final Review of Project
• Seminar 3 Preparation: Evaluation Exercise

Notes:

• Did a final read of the paper as a group. We made some minor changes related to the references. Lastly, we turned the project in.
• We discussed the results of us going over the 8 different vulnerability tools. As a whole, it was agreed that it was difficult to evaluate each one given the lack of experience with them. As a result, the lesser-known tools like SQLMap and Jawfish were given lower scores between all of us. Though we were able to agree that Kali Linux is a 5/5 tool. It is the most versatile, free, and fairly easy to use. Everything else besides SQLMap and Jawfish was given a 4/5 due to their great reputations.
• Submit team project

My Unit Reflection:

There are a lot of tools that can be used for scanning vulnerability; therefore, it is good to choose the best among them all. This does not mean the rest cannot be trusted. Choosing the best tool can also be challenging, so one must compare varieties. The vulnerability of a computer's weakness to detect threats can be difficult because the moment one cannot choose the best tool, the more their data would be in more cyber threats, and it can go to an extent whereby different unauthorized users see all the information. Thus, it would be the obligation of every company that wants to secure their data from other cyber theft and threat to choose the best tool for vulnerability scanning. Therefore, the device should first do testing then scanning later. This means that the testing would be done to detect the vulnerability, and then scanning will also follow to see and correct the vulnerability effects. Therefore, for good scanning, the vulnerability scanner chosen was tenable Nessus. This is because Tenable Nessus gives sharing of scanners scans policies, and also results in between different teams with workflows customization for network vulnerability efficiency. The scanner is more efficient and goes into details while detecting; it makes sure that it goes deep and in broad while noticing, unlike the other tools of scanning and testing vulnerability.

 

References

Geer, D. (2015) 8 Penetration Testing Tools That Will Do The Job. Network World

Hubbard, D. (2009) The Failure Of Risk Management. 1st ed. Newark: John Wiley & Sons, Incorporated.

Satria, D., Alanda, A., Erianda, A. and Prayama, D. (2020) Network Security Assessment Using Internal Network Penetration Testing Methodology.

Gardner, D. (2011) The Open Group, SABSA Release White Paper on Aligning Enterprise, Security Architecture to Achieve Business Goals. 

Kaur, G., Kaur, N. (2017) Penetration Testing - Reconnaissance with NMAP Tool. International Journal of Advanced Research in Computer Science  8  (3): 844-846.

 

Unit 7 Team Notes

Objectives:

• Plan Project 
• e-portfolio Activity

Notes:

• Planned out the schedule for the project. Each member will aim for about 400 words each. Austin will write the first part point and do the scans. Qasim will research vulnerabilities and begin draft.
• As a group, we decided that first carrying out scans in Kali Linux is fairly simple. We each did have some difficulties, mainly with just getting used to using the command line. We were all able to solve our issues by researching online. After reading the second article, we still all felt that our initial evaluation of Kali was accurate. It is simply too good of a tool to truly have any negatives about it that would make it unusable. Though compared to Nessus some of us could see why it would be used over Kali. It is simpler to use in some respects and can provide enterprise-level support. Overall, no one would give up using either of the tools.

My Unit Reflection:

Every computer and work needs risk assessment. Any work that is not assessed against risk management is threatened by cyber theft, and any confidential information can be at very high risk. Therefore, the main aim of risk assessment is to evaluate and eliminate or reduce the level of its risk by increasing control and preventive measures as needed. Thus there will be a better and healthier workplace because data will not be at any chance of being attacked by any unauthorized users. Therefore, the assessment should communicate any risk that might affect the workplace and inform all the workers. The risk assessment is not left out to the management and the other workers in the evaluation and knows how to prevent the risk from affecting anything. Bets can be avoided if the assessment shows that a particular problem could be avoided. It is better to avoid altogether the consequences than wait for them to destroy everything. Therefore, some summary risk mitigations can be applied to prevent such risks from destroying the company's data. Also, reduction of the problems that can cause the risk can be made for the chance to be avoided. Therefore, it can be done by all means because reduction is better than leaving the problem to continue growing, so the removal is helpful rather than letting the problem grow. The saying always goes by avoidance is better than letting any problem grow. Therefore, the risks can be made smaller by reducing and avoiding them. Therefore, acceptance can be a significant thing to consider after identifying the risks. Even though it can be hard to accept that a company's information is at a high risk of being accessed by other companies, the main thing after acceptance is an outstanding, risk-free company. Therefore, it is easy to deal with its dangers after acceptance and will be less challenging.

 

References

Campbell, T. (2016) Practical Information Security Management. 1st ed. APRESS.

Bhatt, D. (2018) Modern Day Penetration Testing Distribution Open Source Platform - Kali Linux - Study Paper. International Journal of Scientific & Technology Research 7(4): 233-237.

Bhingardeve, N. & Franklin, S. (2018) A Comparison Study of Open Source Penetration Testing Tools. International Journal of Trend in Scientific Research and Development 2(4): 2595-2597.

ICO (2020) Guide To The General Data Protection Regulation (GDPR)

PCI Security Standards.org (2020) Official PCI Security Standards Council Site - PCI Security Standards Overview.

HIPAA (2020) HIPAA For Dummies - HIPAA Guide.

 

Unit 8 Team Notes

Objectives:

• Discuss Project
• Seminar 4 Preparation

Notes:

• Aldo finished the second part of the project. We reviewed the status and Qaism will add vulnerability details.
• We discussed the seminar preparation assignment involving reading three different articles. Between all of us this was a topic we don’t have a lot of experience with. Though we were able to come to the agreement that GDPR only applies to our website. Ideas such as using a checklist or implementing annual reviews were suggested to evaluate the GDPR standards of the website. Suggestions to meet the standard included using third parties, specifically trained employees, or a software-based monitoring system. Lastly, we all agreed that these implementations would only be good if GDPR is the only standard that applies to the website. If another standards were included, it could change things. 
• Discussion # 3 – Initial post (e-portfolio)

My Unit Reflection:

Business continuity focuses more on keeping businesses still operating during a disaster. On the other hand, disaster recovery focuses on bringing data back and any IT infrastructure destroyed by the disaster. Therefore, a combination of the two makes a good business environment for all the workers and employees. So it is considered a good move because it ensures that the employees are safer. Disaster recovery can be defined as how software applications and operating systems are stored after a destroying event. The major objective of security standards is to ensure the infrastructure of IT and products used by the company are in excellent and improved standards. Therefore, the measures are put in different categories, including information security management, which consists of guidelines used to keep the standards of the company infrastructure. It aims at making the company's data follow the legal procedure. Standard criteria- this mainly holds the company's IT products in certification. Center of internet security- this helps enhance security benchmarking of mobile devices because they are provided freely by the government. ISO/IEC 18043-it helps an organization intrude detection within an organization's IT infrastructure. ISO/IEC 20243-1- this is a standard that allows the company to show counterfeit products that are malicious. ISO/SAE 21434 helps communicate risks related to security management and, lastly, cloud security alliance.

 

References

Campbell, T. (2016) Practical Information Security Management. 1st ed. APRESS.

Bhatt, D. (2018) Modern Day Penetration Testing Distribution Open Source Platform - Kali Linux - Study Paper. International Journal of Scientific & Technology Research 7(4): 233-237.

Bhingardeve, N. & Franklin, S. (2018) A Comparison Study of Open Source Penetration Testing Tools. International Journal of Trend in Scientific Research and Development 2(4): 2595-2597.

ICO (2020) Guide To The General Data Protection Regulation (GDPR)

PCI Security Standards.org (2020) Official PCI Security Standards Council Site - PCI Security Standards Overview.

HIPAA (2020) HIPAA For Dummies - HIPAA Guide.

 

Unit 9 Team Notes

Objectives:

Notes:

• Qasim finished his section and we reviewed it. We made some minor changes to the paper, including adding more graphs. Next Kingsley will take over writing the next section. 
• Discussion # 3 – Response posts (E-portfolio)

My Unit Reflection:

The purpose of the login is to signal every time a bad thing occurs, so it also helps identify attacks to the system, which alerts one through emails. Different tools can analyze logs, including solar winds paper trail, Graylog, and Stackify. These are just a few among the many more. DNA analysis is a gold standard because it has been used to identify perpetrators in a crime. 

 

References

Campbell, T. (2016) Practical Information Security Management. 1st ed. APRESS.

Swift, D. (2010) Successful SIEM and Log Management Strategies for Audit and Compliance. SANS Information Security Reading Room.

 

Unit 10 Team Notes

Objectives:

• Discuss Project
• Seminar 5 Preparation

Notes:

• Kingsley finished his section of the project. Thomas will finish the paper by writing the conclusion.
• As a group, we went over our experiences going through the data breach case studies. We had studies such as LinkedIn and Equifax. Both studies had similar premises in that personal data was exposed. The exposure was due to a lack of procedures and bad management. As a result, there were significant fines and loss of reputation. Overall, we concluded that unfortunately, data breaches like this are fairly common. Despite how simple they could have been to stop.  

My Unit Reflection:

A data breach is a cyber-attack whereby sensitive and confidential data has been exposed to unauthorized users. Hence, the data is at serious risk of getting lost. Different tools include swot analysis, early warning scans, wargaming, and pest analysis. Therefore, assessment needs to be done step by step. Consequently, necessary steps are required, for instance, by identifying the author's thesis and purpose and identifying the structure by identifying main ideas.

 

References

Swinhoe, D. (2020) The 15 Biggest Data Breaches Of The 21St Century. CSO Online

 

Unit 11 Team Notes

Objectives:

• Final Review of Project
• Team Activity: Debate

Notes:

• Reviewed the project as a group. Made minor changes to the formatting and referencing.
• We reviewed our positions for the debate topic, in which we defended peer-to-peer networking. We came to the conclusion that peer-to-peer has several advantages. Those advantages being lack of centralization and privacy. Compared to the other technologies it is far more privacy focused. In a modern world that lacks privacy it is very important.
• Qasim didn’t submit peer review. Suggested he email student services.

My Unit Reflection:

Artificial intelligence and robotic process automation are emerging technologies in the new world. Therefore, these technologies continue to affect how people live and work, increasing productivity because they make work easier and faster. Even though the new solutions increase productivity, they also bring many challenges because people are not used. They take time to adapt to the latest technology, so it has to train staff and utilize the new technology.

 

References

Rawat, D. & Reddy, S. (2017) Software Defined Networking Architecture, Security and Energy Efficiency: A Survey. IEEE Communications Surveys & Tutorials 19(1): 325-346.

Ding, W., Yan, Z. & Deng, R. (2016) A Survey on Future Internet Security Architectures. IEEE Access.

Clarke, I., Miller, S., Hong, T., Sandberg, O. & Wiley, B. (2002) Protecting free expression online with Freenet. IEEE Internet Computing 6(1): 40-49.

 

Unit 12 Team Notes

Objectives:

Notes:

My Unit Reflection:

Future Internet architecture is a module that exposes the student to current problems of the internet. Therefore, people can be put different points against architecture because people have other views against it. Therefore, architecture can be challenging while battling stereotypes, and making time for hand sketching can be pretty time-consuming. Thus, information security management aims to implement countermeasures to minimize the effects of security-related threats that can harm the organization's data.

In conclusion, cyber security should be taken seriously because it can ruin or build a company's good work. Therefore, the company has every obligation to ensure that any incoming viruses or unauthorized users do not attack the security. The company can risk losing all its data if it does not take cyber security with caution and know that it is supposed to manage it. Therefore, when a company does not take such a thing with precaution, it may lose its private and confidential data to cyber thieves and unauthorized users.

 

References

Soomro, Z., Shah, M. & Ahmed, J. (2016) Information security management needs a more holistic approach: A literature review. International Journal of Information Management 36(2): 215-225.