Spr1.5

profileAanil
ApplicationSecurity.zip

AssignementThree1.docx

ACTIVE DIRECTORY ON NETWORK

ACTIVE DIRECTORY ON NETWORK

Active Directory on Network: Report

Student name:

Affiliated Instruction:

Course:

Instructor name:

Month, day, year:

Introduction

Technical variability within organizations accommodates essential changes in workstation, networks, and system management to promote information management and security issues. According to the authors, security changes such as computer systems and application software, computer netbooks and wearables such as chips and sensors have a significant influence on organizations’ network and workstation management towards robust security management (Cascio and Montealegre, 2016). Similarly, Always Fresh Food Inc. runs Microsoft Windows 10 on the workstations, accommodating two database servers, four application servers, two web servers, and twenty-five workstations at the headquarter. Significantly, the organization's choice to leverage network and systems security solid multilayered defense strategy to protect the business by provides information security. As the entry-level security administrator adding Active Directory to the Always Fresh Food Inc. network is underscoring. Thus, the report provides significant points regarding an addition to an active directory on the Always Fresh Food Inc.'s network.

Creating Users in AD by Systems Administrators

Unlike the current, system, need to create users in Active Directory users and computer programs for effective and robust network security system. Notably, the systems administrators need to access Active Directory users and computers to identify a folder in the administrators need to crates an account and select” new” option and provide users names and initials in AD platform for robust network security in Always Fresh Food Inc. According to the authors, creating AD user accounts in Active Directory Users and Computer programs provides a platform to create, organize and manage network security within an organization pathway for effective access control management (Iyer, Kabbur, and Wali, 2019). For example, system administrators in the Always Fresh Food Inc. manage growing newton through extensive provision on organized users in AD users accounts and computer programs for user’s logical group's workstations and customers, ensuring significant access control through the Active Directory application in the organization.

Similarly, applying the ADUC enables systems administrators to manage AD objects such as users, unit attributes, computers, and organizations for effective network security and architecture (Microsoft, 2019). Consequently, installing the ADUC is achievable through the RSAT for Windows 10 in security management within the AD recommendations. Specifically, system administrators in windows 10 can access the RSAT in the administrative tools for Active Directory users and computer programs site for the user’s creation in the AD platforms. Admittedly, creating windows 10 embraces stepwise articulation including selecting settings. Managing optional features and clicking adds a feature and RSAT installation for the effective user’s accounts management in the AD suggestion for a robust network and operating systems security, without interfering with significant user’s access control demands. Thus, the systems administrators will require Active Directory Users and computer programs for effective users’ creation.

Procedures in making changes Differences in Active Directory

Making changes such as passwords to users' accounts in Active Directory accommodates significant differences from traditional workstation password changing platforms. For instance, changing a password does not occur in the Always Fresh Food Inc.’s station; instead, it is achievable through a set of policies in the Group Policy Object Editor for password sophistications, resetting password, new password, and guidelines. According to (Microsoft, 2019), the GPO embraces password policies, disenabling guest users, password length, setting a maximum number of user authentication failures, and specifying duration on maximum authentication failures for effective password management in the Active Directory user accounts change management. Similarly, in Always Fresh Food Inc., system administrators should employ GPO for effective user account changes management in the AD applications for a robust choice on addicting Active Directory on the organization’s network.

Administrators Actions for Existing Workgroup User in AD Platform

Active Directory migration is a stepwise process that accommodates auditing, planning, implementation, and management to ensure robust network security (Francis, 2019). Significantly, managing the existing workgroup user account requires a robust articulation such as joining the workgroup account with the DA account for an integrated platform to ensure information consistency and security in the Always Fresh Food Inc. choice in adding AD in the organization network. Admittedly, system administrators at Always Fresh Food Inc. should embrace stepwise AD migration such as auditing physical topology and applications planning, implementations, accommodating checklists, design topology, installation phases, and verification and, maintenance. Thus, joining the workgroup user’s account with the AD users provides significant migration consideration.

Resolving Differences in User Accounts in Computers

Security identifiers present peculiar values of different lengths for trustee identification in different user accounts. Similarly, in the Always Fresh Food Inc. migration to AD users, applying SIDS for security descriptors, access control, and access tokens are necessary to manage differences in users' accounts within the organizations’ computers (Francis, 2019). Specifically, security elements such as access tokens are significant in identifying users and groups for effective difference management in users' differences within computers. Similarly, the system administrators can manage differences through security descriptors to allocate object owners and primary group. Accommodating function such as AllocateandInitializeSid places and initializes SID with specific sub-authority’s numbers s in AD management. Thus, system administrators require significant articulation on the SIDS for discrepancies management in computer users.

References

Cascio, W, and Montealegre, R, 2016). How Technology Is Changing Work and Organizations. The Annual Review of Organizational Psychology and Organizational Behavior: DOI: 10.1146/annurev-org psych-041015-062352

Francis, D. (2019). Mastering Active Directory. (Second Edition). Packt Publishing

Iyer, N., Kabbur, A., and Wali, H. (2019). Implementation of Active Directory for efficient management of networks. Procedia Computer Science 172, 112–114

Microsoft. (2019). Operational and Administrative Guidance: Microsoft Windows 10 and Windows Server 2019

AssignementTwo1.docx

Multilayered defense strategy

Multilayered defense strategy

Multilayered defense strategy

Student name:

Affiliated Instruction:

Course:

Instructor name:

Month, day, year:

The Internet applications in business organizations, institutions, and government services acclaim ubiquitous application in the recent digital era. Admittedly, Cybersecurity and cyber-attack occur in information technology applications within an organization, leading to data breaches and security concerns that require robust proactive and architecture information security systems. Significantly, a Multilayered defense strategy provides a robust platform is significant and secured learning management that manages a secure environment in data security and application within organizations, especially cloud computing environment (Khan, Naz, and Medani, 2019). Security issues accommodate significant articulation on authorization, verification and authentication, availability, confidentiality, and information integrity that manages notable intruder's access control strategies. Multilayered defense strategy accommodates physical, network, systems, and human security that mitigates attacks on an organization's information as a fundamental asset. Importantly, the authors articulate that Cybersecurity and organizations' information security accommodates consistent threats and attacks due to pervasive usage in cloud computing systems that carets vulnerabilities for possible attacks despite the Multilayered defense strategy in organization information system (Khan, Naz, and Medani, 2019). Thus, employing multilayered defense strategies provides a significant platform for solid security with notable vulnerabilities to attacks.

Noteworthy the multilayered defense strategies accommodate physical, network system, and human layers in a security system that provides a leveraged defense against attacks in Cybersecurity. According to the researcher, the multilayered defense starlet provides benefits such as the right defense for a significant period, improving Cybersecurity and information security systems, and accommodates comprehensive players in defense systems (Hale, 2018). For example strategies such as malware defense, border protection, proxy, third-party network, network designs physical security, and access control techniques provide a solution-based suggestion on cyber-attacks. Thus, the multilayered defense approach encapsulates physical, systems, network, and human security for robust protection against attacks with notable vulnerabilities.

References

Hale, 2018). Security in Depth. Isaca Journal Vol.3. https://www.isaca.org/resources/isaca-journal/issues/2018/volume-3/security-in-depth

Khan, M., Naz, T., and Medani, M. (2019). A Multi-Layered Security Model for Learning Management System. International Journal of Advanced Computer Science and Applications, Vol. 10, No. 12. Pp.201-211

backup strategies.docx

Running head: 1

3

Student’s name

Institution affiliation

Instructor’s name

Date

Backup Strategies

The best backup strategy to use and that will ensure data isn’t lost in any way is a redundant array of independent disks (RAID). This is a backup technique that keeps data in different or distinct drives. It’s considered the best strategy because of the advantages it offers security professionals with. For instance, in terms of speed, it is fast and provides the best security for data. Some of the primary RAID levels include RAID 0, I, 5, 6, and 10. In the RAID 0 level, a pair of disks is used. At this level, a drive can read and write in an array (Mcelhearn, 2017). This level is the best known for speed though it doesn’t offer any extra data protection. Unlike In the RAID 0 level where striping is used, in RAID 1, mirroring, a process of duplicating and writing data on a separate disk is used, which means a similar disk will be created.

The third level, RAID 5, uses three drives, striping, and parity. Distributed parity means data can be calculated in two drives then kept in the third. So, when one drive fails, all the information that was stored will still be recovered. RAID 6 and 5 are similar, but the difference between the two is that RAID 6 has more parity, which means that more than three drives will be needed. RAID 10 is the best of all levels because more data protection is offered. Using RAID systems is considered the best option because one can upgrade a disk or drive capacity. These systems are also known to be reliable given the number of disks used. These disks are kept safe even during natural calamities, and even when one drive is damaged, the remaining drives will be secure. Many organizations have been employing a redundant array of independent disks because they are worth being used in the office to backup critical data.

Reference

Mcelhearn. K (2017). Understanding RAID for Data Storage and Backups. Intego. Retrieved from https://www.intego.com/mac-security-blog/understanding-raid-for-data-storage-and-backups/

malwareprotecion.docx

Running Head: MALWARE PROTECTION 1

MALWARE PROTECTION 5

Malware Protection

Student Name

Institution Affiliation

1. Two Leading Antivirus:

· Bitdefender- this is the most and reliable in detecting of the virus. It does this through filtering and web boasting and through this one cannot access any site which are malicious. This anti-virus also makes sure that it has secured the browser and through this it helps in keeping of online banking and any other transaction into a mode which is safe. There is the presence of password that manages and makes sure that all auto credit cards which are complete have their details in web forms. There are high scores for this anti phishing mode which many describes it as very excellent. This is because its plays a part in ensuring that there are alerts one in case there is any link that can be malicious in the search engine and through blocking access from some very dangerous sites.

· The other antivirus is Norton Antivirus this is also a very top quality one and it makes sure that it has hunted through a process which is automatic in regard to protection the whole computer all by itself.

Steps for Antivirus Installation:

I. The first step is to go to myNorton.com then after this, one has to sign in if one does not have account with them already. For those with existing account all they have to do is to log in.

II. Typing of the email address is what follows in after signing in.

III. On the portal which is appearing what a person has to do is to choose the option of downloading.

IV. Selecting agree and download.

V.

VI. After downloading, the next thing that happens is locating a file and running the installer from a browser.

VII. The next step is clicking of continue after user control window appears on the screen.

VIII. There are instructions which should be followed to the later to make sure that installation process has come to an end, (Megahed & Ghoneim, 2020).

Two Leading Spyware:

· MacAfee’s security this is a spyware package that offers removal of a virus and any other malware of any kind. There are strong features that keeps the computer and this program to be safer which includes having features of safe web browsing and many others. This program has some anti-spy feature that is very effective in identifying and ensuring that all kind of theft have been protected. It does this through having a wide variety of tools for doing this. These include social number security monitoring and a system that works all through for identification of theft.

McAfee this is another package that is very strong in regard to ensuring that there is no theft. This is the best choice especially for those who would like to have a comprehensive package for the internet.

1. Describe the process of:

a. Ensuring anti-malware software and data is up to date. Mandate daily updates.

This happens through ensuring that there are anti-malware software that is up to date and this is through having an updated signature data bases and software about what happens on daily services. The update should be automatic so as incase a person can forget them the system itself can be in a position of ensuring that it is updated. Signature databases and software should be done almost all the days. This will is important in making sure that there is no data which is lost and there will be very minimal reasons after selection of frequency has been done.

b. Running regular malware scans. Mandate that automatic scans occur whenever the computer is idle. If that setting is unavailable, mandate daily fast scans and biweekly complete scans.

This is done through having frequent scans on the malware this can be in terms of weekly or biweekly and it is performed through media scans so as to be in a position of ensuring there is a complete hard drive. After this it is important that there should be a quick scan that should happen after having installed or updated any software. This is important because it will enable booting and checking virus in time through having some booting sectors and scans memory as well as having options for startups, (Ve, & Vaskova, (2017). 

2. Provide steps to follow any time malware is detected.

a. Immediate reaction—what to do with current work, leave the computer on or turn it off.

In case there is detection of any malware in the process of a person working, it is important that the person should stop working immediately but the computer is not supposed to be switched off but it should be left on.

b. Who to contact? One is supposed to contact any service desk or customer care desk and make sure that they have received some information which could be of much importance to them in regard to what they are supposed to do next.

c. What information to collect

Those who are in the help desk are supposed to be told what exactly is happening and what the person was doing with the computer during the time that he noticed a malware giving true information will be helpful in ensuring that the person is helped fully. This can be whether the person was replying to emails, was on sms or was surfing any website. Then it is also important that there should be a description of symptoms about what has happened for instance what were the pop up message on the screen saying, what was the error message stating, freezing of the programs or did they move slowly and whether there was crushing of the system, (Huda, et al, 2019)

References

Huda, S., Abawajy, J., Al-Rubaie, B., Pan, L., & Hassan, M. M. (2019). Automatic extraction and integration of behavioural indicators of malware for protection of cyber–physical networks. Future Generation Computer Systems101, 1247-1258.

Megahed, N. A., & Ghoneim, E. M. (2020). Antivirus-built environment: Lessons learned from Covid-19 pandemic. Sustainable Cities and Society61, 102350.

Ve, M., & Vaskova, L. (2017). U.S. Patent No. 9,715,589. Washington, DC: U.S. Patent and Trademark Office.

SpreadsheetSecurityDiscussionDocument.doc

Running head: SPREADSHEET SECURITY DISCUSSION

1

PAGE

2

Running head: SPREADSHEET SECURITY DISCUSSION

Spreadsheet Security Discussion

Student’s Name

Institution Affiliation

Course Name

Professor’s Name

Date

Spreadsheet Security Discussion

When ensuring safety of the spreadsheets, BitLocker can get applied since it works on all Windows platforms. The majority of current computers use Trusted Platform Module (TPM) that comes preinstalled to provide the capability to work BitLocker. BitLocker does not encrypt a single folder or file like the spreadsheet. As such, it is imperative to have a combination of BitLocker that would protect the whole drive (Afonin, 2020) and EFS that would protect the spreadsheet. The human resource manager’s spreadsheet and entire hard drive has a high likelihood of getting protected using BitLocker. Encryption of the spreadsheet is suitable to enhance the protection of the sensitive data. BitLocker provides manage-bde and repair-bde that are used alongside command line tools, and cmdlets to connect to the Windows Power Shell. BitLocker provides a control panel that can get used to submit the spreadsheet for encryption. To unlock contents stored by BitLocker, repair-bde is used for the disaster recovery.

The application of EFS should be used to encrypt the spreadsheet. The technique should be used with BitLocker since it is more secure to use the two techniques. The human resource manager can save the spreadsheet in a folder then access the properties of the folder. The advanced section should be chosen then the next choice is the “Encrypt contents to secure data”. Windows the prompts the user using a pop-up window to choose whether they would like to encrypt the file. After the process is allowed, an icon appears at the corner of the screen prompting user to back up the EFS encryption key. The next step is to insert a USB into one of the ports on the PC, then to choose to EFS icon that appears. The user then clicks “Back up now (recommended)” and follows the prompts. The user is then asked to enter a preferred password, then to save the file containing the EFS key.

References

Afonin, O. (2020). Introduction to BitLocker: Protecting Your System Disk. Retrieved 12 January 2021 from https://blog.elcomsoft.com/2020/01/introduction-to-bitlocker-protecting-your-system-disk/

Hunt, C. (2017). How to use EFS encryption to encrypt individual files and folders on Windows 10. Retrieved 12 January 2021 from https://www.windowscentral.com/how-use-efs-encryption-windows-10

AccessControlDiscussion.doc

Running head: ACCESS CONTROL PROCEDURE

1

PAGE

6

ACCESS CONTROL PROCEDURE

Project Part 2: ACCESS CONTROL PROCEDURE GUIDE

Name: Shrey Bavaria

Student ID: 002843842

Institution: University of the Cumberlands

Course: ISOL534/A01 – Application Security

Date: 01/16/2021

Access Control Procedure Guide

Change of access control methods is required for Always Fresh management since it requires to protect its clients’ data and promote business continuity. The request to change the existent access control methods should be used to assess the existent techniques. During the assessment, it is possible to determine how the already functional techniques were effective or ineffective. It is possible to determine the kind of transformation that should be created. Change management usually occurs on large levels, as such, the changes in the company’s IT department require consideration of available resources to determine whether the company’s devices are capable of providing the required functions.

Status or Setting Prior to Change

At the moment, Always Fresh has website that allows employees to store their data and to access their work profiles. To allow users to access the company’s website, Always Fresh asks users to enter passwords that only contain alphanumeric characters. The system has encountered issues which the authentication method since it is easy for people and password hacking bots to access the user accounts. Always Fresh also allows users to access their accounts remotely. This allows the continuation of business operations from any locations that the users may be in. Remote access is suitable more so because the company aims to provide clients with required functionality at all times.

Reason for the Change

There are adverse effects of weak access control techniques. Always Fresh has encountered such issues whereby it lost data to a security breach. The situation was disadvantageous for the company since it lacked the capability to retrieve its data. It was difficult to provide clients with required operations since the communication that had been done via email was lost during the security breach. Company had reduced profits at the time since they could not continue their operations. The consequent effect of this action is civil law suits by clients who consider the company’s breach as an avoidable mistake. After internal assessment, it was discovered that the security breach occurred as a result of the remote access capability.

There is another issue whereby the company has different departments. Employees in the company’s departments require access control since there is communication between all company departments. The company has HR, accounts, operations, and IT departments. As such, each department requires different access credentials to access the same website so that the employees would provide required tasks at all times. This is ineffective since the occurrence of mistakes is common when the different departments access the same website content and have authority to change.

Change to Implement

Creation of System Use Detection

The first change that Always Fresh management requires is to create a technique for the computers to detect any user that logs in to the system. This step is imperative in access control since it instructs users that are not authorized to stop accessing the system. The next prompt is for users with log in credentials to enter the required data so that they can be allowed to access the system. The new authentication requirement would be that users create a password that contains alphanumeric characters and application of two factor authentication. This technique ensures the system’s contents would have a high level of security.

Remote Access Changes

The company’s remote access capability requires that new users get identified, the next step is authentication, then encryption of the data that gets sent through the internet to users at remote locations (Biz Tech Staff, 2019). The new security technique shall limit Always Fresh employees from login on to the company’s computer off-site. The remote users would be required to get authenticated using the site’s remote service authentication technique. The most appropriate technique is to use ssh server so that users would get authenticated using credentials stored previously in the server. The website’s firewalls would get assessed frequently to enhance overall security of the website.

Scope of the Change

The change in access control is required since the company has encountered software mishaps. The company requires security at all time on company site and off-site. This ensures business continuity at all times. Cyber-attacks are common as hackers apply cunning techniques like phishing to access user data. This requires transformation of the company’s operations to enhance adoption of an access control system that is pertinent with current technological advancements.

Impact of the Change

Always Fresh would always be accessible for its clients and employees to enhance the company’s business operations. Remote access would be facilitated in ways that do not affect the company’s operations. The passwords that users create would never be used to harm the company’s operations (Adeniran, 2019).

Status or Setting after the Change

Remote access of Always Fresh would only be accessible for user identified by the computer’s database. The application of ssh server is effective since when users access company data of unsecured ISP providers and WIFI, it is possible to have secure connections that would not be affected by malware or any phishing attacks.

Process to Evaluate the Change

The system shall get frequently monitored to determine whether any malware has infected the system. The firewalls would be used to assess whether any authorizes users attempt to access the system remotely. The consequent effect is fully functional system that contains factual data.

References

Adeniran, S. (2019). The Importance of Access Control Security Systems. Retrieved 12 January 2021 from https://techshopng.com/the-importance-of-access-control-security-systems/

Biz Tech Staff. (2019). Access Control Models: How to Navigate Changing Security Frontiers. Retrieved January 2021 from https://biztechmagazine.com/article/2019/08/access-control-models-how-navigate-changing-security-frontiers-perfcon