Final Assignment - Rosa Pereira
.docx
keyboard_arrow_up
School
University Of Arizona *
*We aren’t endorsed by this school
Course
371
Subject
Computer Science
Date
May 1, 2024
Type
docx
Pages
12
Uploaded by LieutenantStar15454 on coursehero.com
1
Final Assignment: Risk Assessment
Rosa Pereira
University of Arizona
NETV 371: Network Security
Professor Misti Payton
February 24, 2024
2
The intention of this assignment is to create a risk assessment that leads to a comprehensive examination of vulnerabilities and potential threats in a specific home network given specific network defense points, consequentially leading to a safer network given the awareness of its vulnerabilities. A network diagram will be provided, as well as the specific network defense points (such as built-in firewalls, etc.). Once the assets are identified, three of those specific key assets will be chosen to list threats, threat sources, and vulnerabilities. A comprehensive analysis will be conducted, which will give us enough information to create a risk register with specific categories, including a risk priority for each vulnerability chosen for the specific asset, this priority will be pragmatically selected; once completed, a risk treatment plan will be established. First, the creation of our home network diagram, which will take place in the logical space of Cisco’s Packet Tracer. The analysis performed will be based on the assets specific to the
network provided in the following image:
3
Amongst the network defense points that cannot be visually appreciated in the diagram we have the wireless router with a built-in firewall, which helps control access to the network. The PC is configured with Windows, which means it is currently operating with the default Windows Defender Firewall with user specific settings. These settings also apply for the laptops; however, the MacBook pro has iOS specific firewall protections in place. The tablet, phones, and console directly benefit from the firewall built into the wireless router, these assets do not have intrusion detection/prevention systems, or host-based firewall tools. To perform an appropriate security assessment there is a series of steps we must follow, with the first one being the identification of all assets found within the network in the diagram provided. The assets in the network go as follows:
Modem: Device which connects the entire network to the internet.
Wireless Router: Device that functions as a central hub that connects all devices in the network to the internet.
PC: Device connected via ethernet, main workstation in the home network.
Console: Device is a gaming console connected wirelessly, primarily used for entertainment.
Phones: Two mobile devices connected to the wireless network, mainly used for communication, and other applications.
Tablet: Device connected wirelessly, mainly used for art, and other personal projects.
Laptops: There are two of these devices connected wirelessly to the network, mainly used
on the go. These assets are crucial to the network, all of them having their own specific usage, facilitating data flow and storage.
4
Continuing with our analysis, we will choose three key assets from the network and identify three risks for each of the three assets. The risks will be chosen in threats, threat sources,
and vulnerabilities manner. The three specific assets chosen will be the wireless router, the main workstation (PC), and the mobile devices (phones), we will be breaking down the three risks separately for each asset chosen.
Wireless Router:
Threats: 1.
Unauthorized access to the router’s interface.
2.
Denial of Service attack.
3.
Exploitation of vulnerabilities found in the firmware.
Threat Sources:
1.
Hackers trying to control the network.
2.
Botnets.
3.
Attackers looking to interrupt network services.
Vulnerabilities:
1.
Default (or weak) passwords.
2.
Lack of appropriate security settings.
3.
Unpatched firmware with existent security vulnerabilities.
PC:
Threats:
1.
Malware infections.
2.
Unauthorized access to sensitive information.
5
3.
Ransomware attacks.
Threat Sources:
1.
Questionable websites targeting vulnerabilities in web browsers (or plugins). 2.
Insider threats.
3.
Phishing emails containing harmful files or links.
Vulnerabilities:
1.
Outdated software or operating system with known risks.
2.
Weak passwords.
3.
Lack of antivirus or any effective security software.
Phones:
Threats:
1.
Mobile malware aiming to affect the device.
2.
Unauthorized access to private data stored on the device.
3.
Wi-Fi or Bluetooth attacks abusing weaknesses in wireless communications protocols.
Threat Sources:
1.
Fraudulent applications downloaded from untrusted sources (unofficial stores or websites).
2.
Misplacement of the device, or stolen device.
3.
Wireless networks set up by individuals with malicious intent to catch private data.
Vulnerabilities:
1.
Overdue security updates.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Related Questions
A network security design is necessary to enhance protection and security since servers on a flat network handle the majority of the company's business operations. This is the case since the network is flat. whenever the creation of a demilitarised zone. If you could change anything about the current network's structure, what would it be?
arrow_forward
A Network Security Design is necessary to strengthen protection and security since servers on a flat network handle the majority of the company's business processes. This is the case because the network is flat. Whenever and whenever a demilitarized zone is established. In what ways would you change the structure of the network that is currently in place?
arrow_forward
A Network Security Design is necessary to strengthen protection and security since servers on a flat network conduct most of the company's commercial processes. When and if a demilitarized zone is established. If you could change anything about the present network setup, what would it be?
arrow_forward
Question 2
"To deal with a given risk, a network administrator chooses to mitigate it. What does this exactly mean ?"
It means that the administrator will take preventive or proactive measures to reduce or minimize the risk.
It means that the administrator will do nothing regarding the risk.
It means that the administrator will charge a third party (another company) to take care of the risk instead of him.
It means that the administrator will accept the risk.
arrow_forward
Because servers on a flat network are responsible for the bulk of the business activities at an organization, it is essential to have a Network Security Design in order to increase protection and security. The flat nature of the network is to blame for this situation. once a demilitarized zone is formed and whenever it is established. How would you alter the structure of the network that is already operational and what would those changes be?
arrow_forward
The word "network security" refers to a wide range of technology, equipment, and procedures. In its most basic form, it is a collection of rules and settings that use both software and hardware technologies to safeguard the integrity, confidentiality, and accessibility of computer networks and data. Every company, regardless of size, sector, or infrastructure, needs network security solutions to defend itself from the ever-increasing panorama of cyber threats that exist today.
Today's network architecture is complicated, and it must contend with a constantly evolving threat environment and attackers who are always looking for and exploiting weaknesses. These flaws may be found in a variety of places, including devices, data, apps, users, and geographic locations. As a result, several network security management tools and apps are now in use to handle specific threats and exploits, as well as regulatory non-compliance.
Discuss why you believe network security is important. Are the…
arrow_forward
Explain the principles of Zero Trust Network Architecture (ZTNA) and how it transforms network security by assuming that threats exist both inside and outside the network.
arrow_forward
Because servers on a flat network are responsible for the bulk of an organization's business operations, that organisation needs a Network Security Design in order to increase the level of protection and security it provides. The possibility exists that a demilitarised zone will be constructed. What modifications would you propose to the existing structure of the network?
arrow_forward
Design a new network infrastructure for a five-hundred-employeeeducation & training firm. The design of the network should incorporate several elementsthat demonstrate a defense in depth architecture.The design of the network should incorporate protection against the following threats:1. Malicious software2. Phishing3. Spam4. Non-company-owned devices on the internal network (“bring your own device,” or BYOD)5. Rogue access pointsFor each type of threat, indicate the controls or features in the architecture that reduce or eliminate the threat.
arrow_forward
A health care centre suffers from very low information security in terms of maturity across many elements of infosec and information assurance, including cyber resilience and application of cybersecurity good practice. Patients expect a high level of protection of their data; however, data breaches can put the reputation of the institute at risk. It is highly recommended that a certain level of filtering is imposed for the network to be secure so as to sustain from threats and attacks. Let us assume that you are hired by the health care centre to develop an information security plan to identify the possible threats to the organization. For example, it is necessary to identify the important services (e.g., website, booking portal, electronic health equipments…) that the healthcare centre is running. The criteria that you need to address based on the given scenario is summarized into two parts: Part A: 1. Assessing the current risk of the entire business 2. Treat the Risk as much as…
arrow_forward
Since the bulk of the company's business activities are handled by servers on a flat network, a network security design is required to improve protection and security. The network is flat, thus that is why this is the case. whenever a demilitarized zone is formed, and whenever. What aspects of the present network's structure would you modify if you could?
arrow_forward
A Network Security Design is necessary to strengthen protection and security since servers on a flat network conduct most of the company's commercial processes. If and when a no-fly zone is established. If you could change anything about the present network setup, what would it be?
arrow_forward
Illustrate the model of network security and specify the 4 requirements of a security model.
arrow_forward
Explain why network security is crucial to you. Is the significance of it determined by the network's size or complexity? What are some examples of factors that you believe influence the importance of network security?
arrow_forward
The following illustrations show how a suggested scheme may be of aid in the process of designing and carrying out the implementation of a security apparatus. What exactly are we referring to when we speak about network security regulation, and how does the system really function? Who inside the company has to take the responsibility for making the essential preparations, and how can they do so?
arrow_forward
Because servers on a flat network are responsible for the majority of a company's business processes, the company need a Network Security Design to boost the amount of protection and security it offers. There is a potential that a demilitarized zone will be established. What adjustments would you make to the network's current structure?
arrow_forward
When it comes to the protection and safety of a network, a vulnerability assessment is absolutely necessary.
arrow_forward
Discuss why you believe network security is
important. Are the reasons for its importance
different depending on the size or complexity of
the network? What are some examples of what
you believe creates the level of importance to the
security of a network?
arrow_forward
Explore the concept of network intent verification and its significance in maintaining network integrity and security.
arrow_forward
What aspects need to be considered while choosing a solution for a physical
network's protection?
It's a good idea to compare and contrast three alternative methods to IT physical
security.
arrow_forward
Discuss why network security is crucial to you. Are the reasons for its significance varied depending on the network's size or complexity? What are some instances of what you believe determines the value of a network's security?
arrow_forward
Explain the concept of zero-trust networking and its implications for network security and recovery. How does a zero-trust model improve network resilience against cyber threats and breaches?
arrow_forward
Describe how the OSI model is used for security analysis and implementation in modern networks.
arrow_forward
Discuss the advantages and challenges of implementing a "zero-trust architecture" (ZTA) for network security. How does ZTA differ from traditional network security approaches?
arrow_forward
A Network Security Design is necessary for a corporation to effectively protect its servers, since most of its operations are performed by servers on a flat network. A demilitarised zone is an option that has not been ruled out. If you could redesign the network from the ground up, what would you change?
arrow_forward
Which characteristics are most important to take into account when selecting a solution for the physical network security?
arrow_forward
SEE MORE QUESTIONS
Recommended textbooks for you
Database System Concepts
Computer Science
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:McGraw-Hill Education
Starting Out with Python (4th Edition)
Computer Science
ISBN:9780134444321
Author:Tony Gaddis
Publisher:PEARSON
Digital Fundamentals (11th Edition)
Computer Science
ISBN:9780132737968
Author:Thomas L. Floyd
Publisher:PEARSON
C How to Program (8th Edition)
Computer Science
ISBN:9780133976892
Author:Paul J. Deitel, Harvey Deitel
Publisher:PEARSON
Database Systems: Design, Implementation, & Manag...
Computer Science
ISBN:9781337627900
Author:Carlos Coronel, Steven Morris
Publisher:Cengage Learning
Programmable Logic Controllers
Computer Science
ISBN:9780073373843
Author:Frank D. Petruzella
Publisher:McGraw-Hill Education
Related Questions
- A network security design is necessary to enhance protection and security since servers on a flat network handle the majority of the company's business operations. This is the case since the network is flat. whenever the creation of a demilitarised zone. If you could change anything about the current network's structure, what would it be?arrow_forwardA Network Security Design is necessary to strengthen protection and security since servers on a flat network handle the majority of the company's business processes. This is the case because the network is flat. Whenever and whenever a demilitarized zone is established. In what ways would you change the structure of the network that is currently in place?arrow_forwardA Network Security Design is necessary to strengthen protection and security since servers on a flat network conduct most of the company's commercial processes. When and if a demilitarized zone is established. If you could change anything about the present network setup, what would it be?arrow_forward
- Question 2 "To deal with a given risk, a network administrator chooses to mitigate it. What does this exactly mean ?" It means that the administrator will take preventive or proactive measures to reduce or minimize the risk. It means that the administrator will do nothing regarding the risk. It means that the administrator will charge a third party (another company) to take care of the risk instead of him. It means that the administrator will accept the risk.arrow_forwardBecause servers on a flat network are responsible for the bulk of the business activities at an organization, it is essential to have a Network Security Design in order to increase protection and security. The flat nature of the network is to blame for this situation. once a demilitarized zone is formed and whenever it is established. How would you alter the structure of the network that is already operational and what would those changes be?arrow_forwardThe word "network security" refers to a wide range of technology, equipment, and procedures. In its most basic form, it is a collection of rules and settings that use both software and hardware technologies to safeguard the integrity, confidentiality, and accessibility of computer networks and data. Every company, regardless of size, sector, or infrastructure, needs network security solutions to defend itself from the ever-increasing panorama of cyber threats that exist today. Today's network architecture is complicated, and it must contend with a constantly evolving threat environment and attackers who are always looking for and exploiting weaknesses. These flaws may be found in a variety of places, including devices, data, apps, users, and geographic locations. As a result, several network security management tools and apps are now in use to handle specific threats and exploits, as well as regulatory non-compliance. Discuss why you believe network security is important. Are the…arrow_forward
- Explain the principles of Zero Trust Network Architecture (ZTNA) and how it transforms network security by assuming that threats exist both inside and outside the network.arrow_forwardBecause servers on a flat network are responsible for the bulk of an organization's business operations, that organisation needs a Network Security Design in order to increase the level of protection and security it provides. The possibility exists that a demilitarised zone will be constructed. What modifications would you propose to the existing structure of the network?arrow_forwardDesign a new network infrastructure for a five-hundred-employeeeducation & training firm. The design of the network should incorporate several elementsthat demonstrate a defense in depth architecture.The design of the network should incorporate protection against the following threats:1. Malicious software2. Phishing3. Spam4. Non-company-owned devices on the internal network (“bring your own device,” or BYOD)5. Rogue access pointsFor each type of threat, indicate the controls or features in the architecture that reduce or eliminate the threat.arrow_forward
- A health care centre suffers from very low information security in terms of maturity across many elements of infosec and information assurance, including cyber resilience and application of cybersecurity good practice. Patients expect a high level of protection of their data; however, data breaches can put the reputation of the institute at risk. It is highly recommended that a certain level of filtering is imposed for the network to be secure so as to sustain from threats and attacks. Let us assume that you are hired by the health care centre to develop an information security plan to identify the possible threats to the organization. For example, it is necessary to identify the important services (e.g., website, booking portal, electronic health equipments…) that the healthcare centre is running. The criteria that you need to address based on the given scenario is summarized into two parts: Part A: 1. Assessing the current risk of the entire business 2. Treat the Risk as much as…arrow_forwardSince the bulk of the company's business activities are handled by servers on a flat network, a network security design is required to improve protection and security. The network is flat, thus that is why this is the case. whenever a demilitarized zone is formed, and whenever. What aspects of the present network's structure would you modify if you could?arrow_forwardA Network Security Design is necessary to strengthen protection and security since servers on a flat network conduct most of the company's commercial processes. If and when a no-fly zone is established. If you could change anything about the present network setup, what would it be?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Database System ConceptsComputer ScienceISBN:9780078022159Author:Abraham Silberschatz Professor, Henry F. Korth, S. SudarshanPublisher:McGraw-Hill EducationStarting Out with Python (4th Edition)Computer ScienceISBN:9780134444321Author:Tony GaddisPublisher:PEARSONDigital Fundamentals (11th Edition)Computer ScienceISBN:9780132737968Author:Thomas L. FloydPublisher:PEARSON
- C How to Program (8th Edition)Computer ScienceISBN:9780133976892Author:Paul J. Deitel, Harvey DeitelPublisher:PEARSONDatabase Systems: Design, Implementation, & Manag...Computer ScienceISBN:9781337627900Author:Carlos Coronel, Steven MorrisPublisher:Cengage LearningProgrammable Logic ControllersComputer ScienceISBN:9780073373843Author:Frank D. PetruzellaPublisher:McGraw-Hill Education
Database System Concepts
Computer Science
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:McGraw-Hill Education
Starting Out with Python (4th Edition)
Computer Science
ISBN:9780134444321
Author:Tony Gaddis
Publisher:PEARSON
Digital Fundamentals (11th Edition)
Computer Science
ISBN:9780132737968
Author:Thomas L. Floyd
Publisher:PEARSON
C How to Program (8th Edition)
Computer Science
ISBN:9780133976892
Author:Paul J. Deitel, Harvey Deitel
Publisher:PEARSON
Database Systems: Design, Implementation, & Manag...
Computer Science
ISBN:9781337627900
Author:Carlos Coronel, Steven Morris
Publisher:Cengage Learning
Programmable Logic Controllers
Computer Science
ISBN:9780073373843
Author:Frank D. Petruzella
Publisher:McGraw-Hill Education