Would You Recommend Using a Firewall? Coursework Example

Yes. For a business operation to operate fully under a working network, it is important to make sure that the whole system is protected especially from intruders that usually come in through the worldwide web to which the organization is connected with. Such protection secure important data that is kept by the company for the sake of providing outstanding service to their clients and other stakeholders to whom they have particular responsibilities to. Likely, the firewall makes sure that every information encoded into the system is well protected from every single intrusion both from internal and external anomalous users trying to access private information that the company keeps.

Would you recommend using antivirus filtering?

Anti-virus filtering is also important for operating business as this option protects the overall database and computer systems of the organization as these networks operate for the organization’s major concerns. Nevertheless, even though there is an anti-virus filter installed on the main server and all the other computer units used by the organization, it is still safer to have backup location for the files that the organization secures.

Would you recommend an intrusion detection system?

Yes. An Intrusion Detection System is highly important both for small and large companies. This is especially true for instances when a small organization is still at the process of growth when trademark and copyright issues to their work and product blueprints play an important role on how they handle industry competition. The entrant of an intruder in the computer system used by the  company jeopardizes the whole system that runs the business and might even endanger private documents being leaked out causing serious damage to the competitive stance of the organization.

When an IDS generates alerts, it can send them to a console in the security center, to a mobile phone, or via e-mail. Discuss the pros and cons of each.

The pros of such operation is that the user/s who have set up the alert system are able to be given specific warning when their system is being hacked or if its integrity and security is in danger no matter where they are. However, it should be noted that such alerts are programmed to be triggered by the encoding of particular commands or phrases or repetitive actions that intruders often get involved with. With these triggers coming in a handful, there are instances when such alerts come in uncontrollably, hence making it harder for the receivers of such alerts to distinguish a real threat against a common mistake that users commit when entering the system.

Examine the integrated log file shown in Figure 10-21 of the text.

Identify the stages in this apparent attack.For each stage, describe what the attacker seems to be doing.Decide whether the actions in this stage work at human speed or at a higher speed, indicating an automated attack.Decide whether the evidence in each stage is suggestive of an attack or conclusive evidence.Overall, do you have conclusive evidence of an attack?Do you have conclusive evidence of who committed the attack?

The case in itself proposes a presentation of a situation when a supposed intruder intends to enter the business’ network. Trying to access an authorized website, the intruder tries several codes to key into the system. This then is detected by the IDS and the firewall programs thus sending alerts to the main administrators of the system. Although it is not clear as to who the intruder is, it could be assumed that he is actually trying to attack the system and is trying to access prohibited data. On the other hand, it should be realized that there are also some instances when an ordinary user might have forgotten the needed password. Although there could be an option placed in the website or the system in itself for instances when password recovery is needed, It should be understood that sometimes, remembering things is not that easy to accomplish.

Overall, it could be said that the case has an undecided judgment as to whether or not the intruder is actually attacking the system. What is clear is that the series of actions he has committed places him in question thus making it necessary to investigate on the situation and prove whether or not the person intruding is after something or if it was a mere honest mistake.

A firm is trying to decide whether to place its backup center in the same city or in a distant city. List the pros and cons of each choice.

Same City: The pros of this option is that when the system goes down and the need for immediate recall of data arises, the transfer of information need not be tedious nor should it be hindered by distance. However, at the same time, while the intruder of the data system was able to destroy the database, it would be much easier for him to track down the location of the backup and immediately disable systems one he gets hold of the network as it is located nearby.

Distant City: The backup files would be much protected if they are in a distant city. Intruders cannot access both locations immediately thus lessening the damage brought about by the said intrusion. On the other hand, the cons of this option is that the transfer of data would be much harder to accomplish and at some point even dangerous especially of the transfer is to be made online due to the concern over distance.

To get out of taking exams, students occasionally phone in bomb threats just before the exam. Create a plan to deal with such attacks. This should take one single-spaced page. It should be written by you (a policy advisor) for your dean to approve and post in your college.

Phone signals could register in a particular program that distinctively determines the recent activity of phones within a particular location. Detection of such activity during a bomb-threat incident is important as it would be able to point out who among the students have actually sent the threat through signal detection.

To avoid such instances, it is best to note a policy that when it comes to scheduling tests and undergoing the said activities, students should be advised to leave their mobile phones under the care of their teacher or other assigned custodian before the test begins and get the gadgets after taking the exams. It is also during these instances that an IDS should be set along with a signal detector that would allow school officials to monitor telephone activity among students, thus using such data for investigation in case the said threats do occur.

After you restore files following an incident, users complain that some of their data files are missing. What might have happened?

During the restoration period, some of the files might be redirected to another port especially if they are not properly labeled. In this case, memory retrieval would be hard to fully complete. What makes such operation hard to accomplish is when users intend to save files within a general format that tends to be easily lost in between data-transfer operations.