Spr1.5
AssignementThree1.docx
ACTIVE DIRECTORY ON NETWORK
ACTIVE DIRECTORY ON NETWORK
Active Directory on Network: Report
Student name:
Affiliated Instruction:
Course:
Instructor name:
Month, day, year:
Introduction
Technical variability within organizations accommodates essential changes in workstation, networks, and system management to promote information management and security issues. According to the authors, security changes such as computer systems and application software, computer netbooks and wearables such as chips and sensors have a significant influence on organizations’ network and workstation management towards robust security management (Cascio and Montealegre, 2016). Similarly, Always Fresh Food Inc. runs Microsoft Windows 10 on the workstations, accommodating two database servers, four application servers, two web servers, and twenty-five workstations at the headquarter. Significantly, the organization's choice to leverage network and systems security solid multilayered defense strategy to protect the business by provides information security. As the entry-level security administrator adding Active Directory to the Always Fresh Food Inc. network is underscoring. Thus, the report provides significant points regarding an addition to an active directory on the Always Fresh Food Inc.'s network.
Creating Users in AD by Systems Administrators
Unlike the current, system, need to create users in Active Directory users and computer programs for effective and robust network security system. Notably, the systems administrators need to access Active Directory users and computers to identify a folder in the administrators need to crates an account and select” new” option and provide users names and initials in AD platform for robust network security in Always Fresh Food Inc. According to the authors, creating AD user accounts in Active Directory Users and Computer programs provides a platform to create, organize and manage network security within an organization pathway for effective access control management (Iyer, Kabbur, and Wali, 2019). For example, system administrators in the Always Fresh Food Inc. manage growing newton through extensive provision on organized users in AD users accounts and computer programs for user’s logical group's workstations and customers, ensuring significant access control through the Active Directory application in the organization.
Similarly, applying the ADUC enables systems administrators to manage AD objects such as users, unit attributes, computers, and organizations for effective network security and architecture (Microsoft, 2019). Consequently, installing the ADUC is achievable through the RSAT for Windows 10 in security management within the AD recommendations. Specifically, system administrators in windows 10 can access the RSAT in the administrative tools for Active Directory users and computer programs site for the user’s creation in the AD platforms. Admittedly, creating windows 10 embraces stepwise articulation including selecting settings. Managing optional features and clicking adds a feature and RSAT installation for the effective user’s accounts management in the AD suggestion for a robust network and operating systems security, without interfering with significant user’s access control demands. Thus, the systems administrators will require Active Directory Users and computer programs for effective users’ creation.
Procedures in making changes Differences in Active Directory
Making changes such as passwords to users' accounts in Active Directory accommodates significant differences from traditional workstation password changing platforms. For instance, changing a password does not occur in the Always Fresh Food Inc.’s station; instead, it is achievable through a set of policies in the Group Policy Object Editor for password sophistications, resetting password, new password, and guidelines. According to (Microsoft, 2019), the GPO embraces password policies, disenabling guest users, password length, setting a maximum number of user authentication failures, and specifying duration on maximum authentication failures for effective password management in the Active Directory user accounts change management. Similarly, in Always Fresh Food Inc., system administrators should employ GPO for effective user account changes management in the AD applications for a robust choice on addicting Active Directory on the organization’s network.
Administrators Actions for Existing Workgroup User in AD Platform
Active Directory migration is a stepwise process that accommodates auditing, planning, implementation, and management to ensure robust network security (Francis, 2019). Significantly, managing the existing workgroup user account requires a robust articulation such as joining the workgroup account with the DA account for an integrated platform to ensure information consistency and security in the Always Fresh Food Inc. choice in adding AD in the organization network. Admittedly, system administrators at Always Fresh Food Inc. should embrace stepwise AD migration such as auditing physical topology and applications planning, implementations, accommodating checklists, design topology, installation phases, and verification and, maintenance. Thus, joining the workgroup user’s account with the AD users provides significant migration consideration.
Resolving Differences in User Accounts in Computers
Security identifiers present peculiar values of different lengths for trustee identification in different user accounts. Similarly, in the Always Fresh Food Inc. migration to AD users, applying SIDS for security descriptors, access control, and access tokens are necessary to manage differences in users' accounts within the organizations’ computers (Francis, 2019). Specifically, security elements such as access tokens are significant in identifying users and groups for effective difference management in users' differences within computers. Similarly, the system administrators can manage differences through security descriptors to allocate object owners and primary group. Accommodating function such as AllocateandInitializeSid places and initializes SID with specific sub-authority’s numbers s in AD management. Thus, system administrators require significant articulation on the SIDS for discrepancies management in computer users.
References
Cascio, W, and Montealegre, R, 2016). How Technology Is Changing Work and Organizations. The Annual Review of Organizational Psychology and Organizational Behavior: DOI: 10.1146/annurev-org psych-041015-062352
Francis, D. (2019). Mastering Active Directory. (Second Edition). Packt Publishing
Iyer, N., Kabbur, A., and Wali, H. (2019). Implementation of Active Directory for efficient management of networks. Procedia Computer Science 172, 112–114
Microsoft. (2019). Operational and Administrative Guidance: Microsoft Windows 10 and Windows Server 2019
AssignementTwo1.docx
Multilayered defense strategy
Multilayered defense strategy
Multilayered defense strategy
Student name:
Affiliated Instruction:
Course:
Instructor name:
Month, day, year:
The Internet applications in business organizations, institutions, and government services acclaim ubiquitous application in the recent digital era. Admittedly, Cybersecurity and cyber-attack occur in information technology applications within an organization, leading to data breaches and security concerns that require robust proactive and architecture information security systems. Significantly, a Multilayered defense strategy provides a robust platform is significant and secured learning management that manages a secure environment in data security and application within organizations, especially cloud computing environment (Khan, Naz, and Medani, 2019). Security issues accommodate significant articulation on authorization, verification and authentication, availability, confidentiality, and information integrity that manages notable intruder's access control strategies. Multilayered defense strategy accommodates physical, network, systems, and human security that mitigates attacks on an organization's information as a fundamental asset. Importantly, the authors articulate that Cybersecurity and organizations' information security accommodates consistent threats and attacks due to pervasive usage in cloud computing systems that carets vulnerabilities for possible attacks despite the Multilayered defense strategy in organization information system (Khan, Naz, and Medani, 2019). Thus, employing multilayered defense strategies provides a significant platform for solid security with notable vulnerabilities to attacks.
Noteworthy the multilayered defense strategies accommodate physical, network system, and human layers in a security system that provides a leveraged defense against attacks in Cybersecurity. According to the researcher, the multilayered defense starlet provides benefits such as the right defense for a significant period, improving Cybersecurity and information security systems, and accommodates comprehensive players in defense systems (Hale, 2018). For example strategies such as malware defense, border protection, proxy, third-party network, network designs physical security, and access control techniques provide a solution-based suggestion on cyber-attacks. Thus, the multilayered defense approach encapsulates physical, systems, network, and human security for robust protection against attacks with notable vulnerabilities.
References
Hale, 2018). Security in Depth. Isaca Journal Vol.3. https://www.isaca.org/resources/isaca-journal/issues/2018/volume-3/security-in-depth
Khan, M., Naz, T., and Medani, M. (2019). A Multi-Layered Security Model for Learning Management System. International Journal of Advanced Computer Science and Applications, Vol. 10, No. 12. Pp.201-211
backup strategies.docx
Running head: 1
3
Student’s name
Institution affiliation
Instructor’s name
Date
Backup Strategies
The best backup strategy to use and that will ensure data isn’t lost in any way is a redundant array of independent disks (RAID). This is a backup technique that keeps data in different or distinct drives. It’s considered the best strategy because of the advantages it offers security professionals with. For instance, in terms of speed, it is fast and provides the best security for data. Some of the primary RAID levels include RAID 0, I, 5, 6, and 10. In the RAID 0 level, a pair of disks is used. At this level, a drive can read and write in an array (Mcelhearn, 2017). This level is the best known for speed though it doesn’t offer any extra data protection. Unlike In the RAID 0 level where striping is used, in RAID 1, mirroring, a process of duplicating and writing data on a separate disk is used, which means a similar disk will be created.
The third level, RAID 5, uses three drives, striping, and parity. Distributed parity means data can be calculated in two drives then kept in the third. So, when one drive fails, all the information that was stored will still be recovered. RAID 6 and 5 are similar, but the difference between the two is that RAID 6 has more parity, which means that more than three drives will be needed. RAID 10 is the best of all levels because more data protection is offered. Using RAID systems is considered the best option because one can upgrade a disk or drive capacity. These systems are also known to be reliable given the number of disks used. These disks are kept safe even during natural calamities, and even when one drive is damaged, the remaining drives will be secure. Many organizations have been employing a redundant array of independent disks because they are worth being used in the office to backup critical data.
Reference
Mcelhearn. K (2017). Understanding RAID for Data Storage and Backups. Intego. Retrieved from https://www.intego.com/mac-security-blog/understanding-raid-for-data-storage-and-backups/
SpreadsheetSecurityDiscussionDocument.doc
|
Running head: SPREADSHEET SECURITY DISCUSSION |
1 |
PAGE
2
Running head: SPREADSHEET SECURITY DISCUSSION
Spreadsheet Security Discussion
Student’s Name
Institution Affiliation
Course Name
Professor’s Name
Date
Spreadsheet Security Discussion
When ensuring safety of the spreadsheets, BitLocker can get applied since it works on all Windows platforms. The majority of current computers use Trusted Platform Module (TPM) that comes preinstalled to provide the capability to work BitLocker. BitLocker does not encrypt a single folder or file like the spreadsheet. As such, it is imperative to have a combination of BitLocker that would protect the whole drive (Afonin, 2020) and EFS that would protect the spreadsheet. The human resource manager’s spreadsheet and entire hard drive has a high likelihood of getting protected using BitLocker. Encryption of the spreadsheet is suitable to enhance the protection of the sensitive data. BitLocker provides manage-bde and repair-bde that are used alongside command line tools, and cmdlets to connect to the Windows Power Shell. BitLocker provides a control panel that can get used to submit the spreadsheet for encryption. To unlock contents stored by BitLocker, repair-bde is used for the disaster recovery.
The application of EFS should be used to encrypt the spreadsheet. The technique should be used with BitLocker since it is more secure to use the two techniques. The human resource manager can save the spreadsheet in a folder then access the properties of the folder. The advanced section should be chosen then the next choice is the “Encrypt contents to secure data”. Windows the prompts the user using a pop-up window to choose whether they would like to encrypt the file. After the process is allowed, an icon appears at the corner of the screen prompting user to back up the EFS encryption key. The next step is to insert a USB into one of the ports on the PC, then to choose to EFS icon that appears. The user then clicks “Back up now (recommended)” and follows the prompts. The user is then asked to enter a preferred password, then to save the file containing the EFS key.
References
Afonin, O. (2020). Introduction to BitLocker: Protecting Your System Disk. Retrieved 12 January 2021 from https://blog.elcomsoft.com/2020/01/introduction-to-bitlocker-protecting-your-system-disk/
Hunt, C. (2017). How to use EFS encryption to encrypt individual files and folders on Windows 10. Retrieved 12 January 2021 from https://www.windowscentral.com/how-use-efs-encryption-windows-10
AccessControlDiscussion.doc
|
Running head: ACCESS CONTROL PROCEDURE |
1 |
PAGE
6
ACCESS CONTROL PROCEDURE
Project Part 2: ACCESS CONTROL PROCEDURE GUIDE
Name: Shrey Bavaria
Student ID: 002843842
Institution: University of the Cumberlands
Course: ISOL534/A01 – Application Security
Date: 01/16/2021
Access Control Procedure Guide
Change of access control methods is required for Always Fresh management since it requires to protect its clients’ data and promote business continuity. The request to change the existent access control methods should be used to assess the existent techniques. During the assessment, it is possible to determine how the already functional techniques were effective or ineffective. It is possible to determine the kind of transformation that should be created. Change management usually occurs on large levels, as such, the changes in the company’s IT department require consideration of available resources to determine whether the company’s devices are capable of providing the required functions.
Status or Setting Prior to Change
At the moment, Always Fresh has website that allows employees to store their data and to access their work profiles. To allow users to access the company’s website, Always Fresh asks users to enter passwords that only contain alphanumeric characters. The system has encountered issues which the authentication method since it is easy for people and password hacking bots to access the user accounts. Always Fresh also allows users to access their accounts remotely. This allows the continuation of business operations from any locations that the users may be in. Remote access is suitable more so because the company aims to provide clients with required functionality at all times.
Reason for the Change
There are adverse effects of weak access control techniques. Always Fresh has encountered such issues whereby it lost data to a security breach. The situation was disadvantageous for the company since it lacked the capability to retrieve its data. It was difficult to provide clients with required operations since the communication that had been done via email was lost during the security breach. Company had reduced profits at the time since they could not continue their operations. The consequent effect of this action is civil law suits by clients who consider the company’s breach as an avoidable mistake. After internal assessment, it was discovered that the security breach occurred as a result of the remote access capability.
There is another issue whereby the company has different departments. Employees in the company’s departments require access control since there is communication between all company departments. The company has HR, accounts, operations, and IT departments. As such, each department requires different access credentials to access the same website so that the employees would provide required tasks at all times. This is ineffective since the occurrence of mistakes is common when the different departments access the same website content and have authority to change.
Change to Implement
Creation of System Use Detection
The first change that Always Fresh management requires is to create a technique for the computers to detect any user that logs in to the system. This step is imperative in access control since it instructs users that are not authorized to stop accessing the system. The next prompt is for users with log in credentials to enter the required data so that they can be allowed to access the system. The new authentication requirement would be that users create a password that contains alphanumeric characters and application of two factor authentication. This technique ensures the system’s contents would have a high level of security.
Remote Access Changes
The company’s remote access capability requires that new users get identified, the next step is authentication, then encryption of the data that gets sent through the internet to users at remote locations (Biz Tech Staff, 2019). The new security technique shall limit Always Fresh employees from login on to the company’s computer off-site. The remote users would be required to get authenticated using the site’s remote service authentication technique. The most appropriate technique is to use ssh server so that users would get authenticated using credentials stored previously in the server. The website’s firewalls would get assessed frequently to enhance overall security of the website.
Scope of the Change
The change in access control is required since the company has encountered software mishaps. The company requires security at all time on company site and off-site. This ensures business continuity at all times. Cyber-attacks are common as hackers apply cunning techniques like phishing to access user data. This requires transformation of the company’s operations to enhance adoption of an access control system that is pertinent with current technological advancements.
Impact of the Change
Always Fresh would always be accessible for its clients and employees to enhance the company’s business operations. Remote access would be facilitated in ways that do not affect the company’s operations. The passwords that users create would never be used to harm the company’s operations (Adeniran, 2019).
Status or Setting after the Change
Remote access of Always Fresh would only be accessible for user identified by the computer’s database. The application of ssh server is effective since when users access company data of unsecured ISP providers and WIFI, it is possible to have secure connections that would not be affected by malware or any phishing attacks.
Process to Evaluate the Change
The system shall get frequently monitored to determine whether any malware has infected the system. The firewalls would be used to assess whether any authorizes users attempt to access the system remotely. The consequent effect is fully functional system that contains factual data.
References
Adeniran, S. (2019). The Importance of Access Control Security Systems. Retrieved 12 January 2021 from https://techshopng.com/the-importance-of-access-control-security-systems/
Biz Tech Staff. (2019). Access Control Models: How to Navigate Changing Security Frontiers. Retrieved January 2021 from https://biztechmagazine.com/article/2019/08/access-control-models-how-navigate-changing-security-frontiers-perfcon