Pearson Set Assignment

Activity -1
UNIT 11 CYBER SECURITY AND INCIDENT MANAGEMENT
ASSESSOR – HIMANSHU BABBAR

STUDENT NAME: Ibrahim Zitouni

PEARSON ID: 20000351

DATE: 1 JUNE 2021

TIME: 10:00 AM – 3:00 PM

Contents
Different cyber security threats to which organizations are exposed to as well as system vulnerabilities
which could affect IT systems......................................................................................................................3
Understanding the Scenario....................................................................................................................3
Definition of cybersecurity......................................................................................................................3
How Internal Threats occur.........................................................................................................................3
How external threats function.....................................................................................................................5
System vulnerabilities which could affect IT Systems..................................................................................7
How organizations could use physical hardware and software security measures to counteract security
threats.........................................................................................................................................................9
User authentication...................................................................................................................................12
Topic 2 - Impact of Cyber Security threats while taking legal requirements into account.........................13
The Impact of Threats................................................................................................................................13
Legal requirements................................................................................................................................14
Topic 3 - How different network types and infrastructure of Davies Enterprises can be secured............16
Different network types............................................................................................................................17
Component................................................................................................................................................19
Securing Network components and infrastructure...................................................................................19
Intranet, Extranet, Internet and Cloud..................................................................................................20
Modern Trends & Interpreting Schematics...............................................................................................21
Network Components...............................................................................................................................23
Connection Media.....................................................................................................................................23
management & Troubleshooting Tools.....................................................................................................24
Network Application Software:.................................................................................................................25
Network & Device Operating Systems.......................................................................................................25
Network Infrastructure..............................................................................................................................25

1|Page
Packets

.................................................................................................................................................................. 27
Network Services.......................................................................................................................................29
Topic 4 – Evaluating the effectiveness of the measures used to protect organization from cyber security
while taking legal requirements into account...........................................................................................31
References.................................................................................................................................................33

2|Page
Different cyber security threats to which organizations are exposed to as
well as system vulnerabilities which could affect IT systems

Understanding the Scenario

I have been recently hired at “Techno security” specializes in providing security products and services.
The company produces multiple cyber security software programs such as firewalls, anti-virus
applications as well as many other types of protection. One of the clients called “Davies Enterprises Ltd”
has asked my employers to find the security implications of a e-commerce business which allows people
to buy products digitally. The director has asked me to make a report . The director of techno security
has asked me to create a report about the current threats of cybersecurity.

Definition of cybersecurity
The process of protecting computers, servers, mobile devices, communications systems, databases,
including information from security threats is known as cyber protection. It 's commonly recognized as
electronic data security or information systems protection.

How Internal Threats occur

An internal threat corresponds towards the possibility of someone within an organization exploiting a
device in order either trigger harm or install malware. Employees are supposed to consider trustworthy
people who are given expanded rights what could potentially become exploited therefore certain types
of attacks are especially concerning.

Employee sabotage

The employees of an organization like Davies Limited provide exposure towards a broad variety of
hardware components within an organization, having just confidence as a safeguard against it
destroying as well as taking it. Which implies whether organization equipment, such as storage devices
comprising a variety of valuable information, may get potentially seized; instead, the information on the
storage device could be relocated through an USB drive, which could therefore be exposed but instead
reproduced publicly. Staff members may also purposefully destroy the Davies Enterprises if we would
relate it to the scenario infrastructure and information, including by removing information or destroying
an USB stick.

3|Page
Unauthorized access from staff members

If Davies Limited have employees which currently possess connections into the corporation 's network
might be eligible to gain exposure towards parts throughout certain systems that others should not,
including a worker mistakenly allows oneself signed into as well as a door that could been kept
unattended giving anyone exposure through a network Individuals could often gain escalated
authorization which enable them to conduct additional administration tasks including such modifying
certain clients' permissions and otherwise disabling vulnerability management software, which
individuals might acquire or vindictively gain. Similar problems could serve as a steppingstone towards
other assaults.

Weak cyber security measure and practices

Davies Limited lacks adequate virtual and analog protection, it enhances the risk towards a weakness
becoming compromised, particularly throughout light of recent problems such as robbery. For instance,
whenever their networking resources is placed inside an unprotected space, anyone can come in there
or even harm or capture resources. Moreover, an average staff member might inadvertently trigger
certain weak points through performing anything as basic as accidentally exposing confidential
information about Davies Limited – a malware should be inadvertently installed, affecting the whole
system.

4|Page
Accidental loss or disclosure of data

As previously mentioned, the exact data breaches which enable destructive behavior can often enable
easy mistakes to develop, resulting in significant harm. A further illustration would be a worker
removing information within a directory by mistake or dropping a beverage onto a machine. Any of such
mishaps could become any product of insufficient resources spent adequately preparing as well as
controlling employees. To avoid this I would recommend to Davies enterprises to start training their
employers (if they haven’t done so already)

How external threats function

An external threat involves anyone operating outside an organization like Davies enterprises that uses
computer viruses, malware, manipulation, including psychological manipulation to leverage device
weaknesses. Which are far more difficult to interact about unlike insider attacks because users cannot
watch individuals through the exterior as users could staff, and therefore cannot foresee whatever those
who will try next.

Malicious software

Malicious software is a broad term that refers towards a variety of programs that appear designed to
harm a different technology Certain appear slightly dangerous among everybody else such as spyware,
whereas everyone else such as malware, could make a solid drive unusable.

5|Page
Hacking

Hacking involves a broad concept which refers towards any use of information systems weaknesses
which obtain unauthorized exposure towards another device as well as its information. The “attack
vector” refers towards the mechanism of assault, which almost always entails manipulating weaknesses
in aspects such as Wi-Fi, Bluetooth, the network link, either obtaining inner internet connectivity.
Depending upon which this is taken out between a person, Davies Enterprises (if it were to happen), the
government, these is a variety of potential motives. If Davies enterprises were on the verge of this
threat, they can utilize ransomware towards financial fraud purposes, such as learning regarding
potential competitors' strategies, items, including financing. There is also a potential of a rival of Davies
enterprises that would employ a third-part to hack into the company.

Sabotage

Sabotage is a broad concept which refers to any action what intentionally obstructs facilities, usually
involving the utilization with explosives.

1. Rejection of mass assaults

2. Malware distribution
3. Destruct electronic hardware completely

People, criminal organizations, businesses, and governments may all be involved. If this were to happen
to Davies Enterprises, there would be no way to defend themselves and will suffer consequences

Social engineering

6|Page
The tactics utilized to trick users towards sharing sensitive as well as responsive data are referred
described as social engineering. Which could instead be exploited to commit banking and fraudulent
activities, as well as acquire exposure to computer networks Spam attacks are a typical example towards
this through which another emails becomes passed by a robot or individual appearing to be someone
they were not. This emails may frequently request the recipient to respond through classified material
or even to click through a connection to a website section Which Davies enterprises website would then
instead prompt the client through information or compromise their device from ransomware.

System vulnerabilities which could affect IT Systems

A system vulnerability is a flaw throughout a program which provides the capacity could be exploited
These seem to be several common types of vulnerabilities which may emerge through various aspects of
an organization's IT structures.

Network Vulnerabilities

Attempts towards a company's IT networks are often caused by network vulnerabilities. Points on a
shield provide another instance of this the source within a wireless connection is referred to as a system
connection. Accessible memory appliances is another type of network vulnerabilities. Such appliances
may be utilized to unwittingly introduce computer viruses through an organization 's infrastructure Any
worker, for instance, could use a malware-infected USB stick onto everyone’s personal computer.

Operating systems vulnerabilities

An operating system represents a component of fundamental, basic technology that runs various
development tools on computers. An operating system, on the other hand, may contain flaws which
render it susceptible, including viruses. Such bugs become typically the result of a combination of
weaknesses throughout the operating system program plus inadequate implementation from the

7|Page
organization that uses it. If Davies enterprises, for example, tend to utilize an outdated operating
system even though the creator no longer supports it. This ensures that no further firmware upgrades
would be released by designers to address potential weaknesses which might occur. . Such operating
system improvements also contain critical security fixes, making the operating system vulnerable to
assault if rendered unpatched.

Software vulnerabilities

Vulnerabilities could be caused by software mounted on the device. While many software is reasonably
safe, there could be defects which could be manipulated, or particular software could be built with the
intent of manipulation in mind. This weakness is exemplified by software through unreliable outlets,
such as installed software that also frequently emerges through unreliable domains. Malicious code,
including a worm or virus, could be included within the software users install, infecting the device and
spreading across every network. Fake versions of applications could pose the same risks as legitimate
versions since they could be contaminated through ransomware. Certain risks, including SQL injection as
well as zero-day vulnerabilities, could make even executable files susceptible. SQL injection constitutes
an application flaw in how users type a SQL statement through a field, and which is then executed on
the database. Which could be utilized to remove details throughout the database or erase it.

Physical vulnerabilities

8|Page
A further weakness is USB memory modules, which, as previously said, become susceptible to stealing
Which can include confidential data that will result in severe consequences with the company, such as
penalties, reimbursement, and reputational loss Nevertheless, by utilizing USB storage systems to move
documents between one system to another they often pose the risk of bringing malware into a device.
Social engineering techniques are a last physical weakness.

How organizations could use physical hardware and software security

measures to counteract security threats
Access Controls

To limit accessibility to assets including such documents, directories, devices, and interactive assets
access control is required. Verification, permission, and examination constitute the three primary fields
of electronic access control. Which involves the documents individuals have rights to as well as the
amount of accessibility clients have), the applications clients have exposure to, including the functions
they could conduct . Until authorization, there is an investigation. Users keep track of whether people
utilize the network, particularly whenever and wherever they do it.

WLAN Precautions

Cyber criminals attempting to link to wireless connections may not require physical security towards
certain devices, making them particularly susceptible to assault Those who would even be able to
communicate outdoors of the office block. As a result, they are inherently less reliable with wireless
connections. As a result, clients must implement steps to guarantee that only approved users link to the
wireless local area network.

9|Page
Network cloaking and MAC address filtering:

MAC address filtering allows separate machines to be denied connection to a connection depending
through personal MAC addresses. However, MAC addresses could become impersonated, fooling the
filter towards allowing a computer to link whenever it must not. Ones wireless channel's SSID is its title.
Through stopping others through accessing the network, which might deter any assaults.

Wireless encryption:

Wireless encryption safeguards the infrastructure by guaranteeing that data sent over the air remains
encrypted therefore inaccessible to unauthorized users. The following represent the two key forms of
wireless encrypted data:

1. WEP (Wired Equivalent Privacy) becomes one of the first wireless encryption protocols. Which
becomes currently widely regarded as extremely vulnerable, because a WEP code is quickly broken As
such, something that is nevertheless widely utilized owing to individuals utilizing obsolete wireless
networks or not knowing how to modify their authentication category.

2. WPA 2 is the most powerful incarnation of WPA, that substituted WEP. It employs AES authentication
that is regarded completely protected and is used by the US authorities while mailing confidential files
Certain security implications include requiring lengthier passcodes.

Consideration of issue during network and system design

Clients could perhaps construct the network and structure with security measures in place prior to
enacting a WLAN. The following are main aspects which must be taken into consideration and contained
in their project:

1. Network firewalls, security measures, as well as virtual private network security are all available.

2. Anti-malware, anti-spam, as well as Web address filtering technologies are examples of information
scanning techniques.

3. Network rationality, or the division of a network into various districts depending on potential risk
vulnerability.

4. The concept of access controls states that users and administrators should just possess direct
exposure to data which is required for others to perform their duties.

Encryption

Encryption seems to be the methodology of transferring plaintext through an encrypted model which
seems to be unintelligible to humans. The sender of, the signal on the other hand, involves a security
code, that could indeed then be utilized to decipher the message back to its original form. Encrypted
communications is a critical technique for data security. Especially such as information transferred over
a network such as the internet.

10 | P a g e
File, Folder & Disc Encryption

Securely encrypted files, folders, and discs has been occasionally utilized for added protection For
instance, if users store private information on a shared drive, along with bank documents, the machine
might also be utilized by users that must not possess direct exposure to that financial information. As a
result, users require a method to prohibit everyone else from obtaining the information in the system.
Users accomplish the above by encoding particular areas with the computer even though which other
users with the computing device cannot obtain them.

Encryption of data in Transit

Data in transit seems to be information which is getting sent among two equipment via a computer
system. Encryption key has been typically used to encrypt data in transit. It therefore implies which a
separate key has been utilized to encrypt information.

Because once transmitting data, over a system user utilize a number of various technologies to encrypt
it.

The Onion Router (TOR)

TOR seems to be a strategy for organization to utilize the world wide web anonymously. TOR encodes
the information several times before passing it via numerous transmission web server, every of that
removes a security layer. After every other component has been taken away, the actual document could
be carried forward to the location. The quantity of ensuring the confidentiality transmitting required to
gradually erase it allows tracing the initial starting point of data impossible (without manipulating any
other weakness), so clients all seem to be entirely secure, which is how it is utilized as well as correlated
with several other quite malicious web purposes. I would highly suggest Davies Enterprises to use this.

11 | P a g e
VPN

A VPN securely encrypted to establish a stable connection over a network connection. This is
accomplished by reconnecting with a VPN server in which the data exchanged among one’s desktop as
well as the VPN is encoded utilizing lopsided encryption software including IPsec or SSL. VPNs have been
frequently utilized by companies to enable clients to safely obtain the company's network connection
whilst distance from the office building. Davies Enterprises would have a VPN server to which users
could connect, but rather that VPN server will be connected to the corporation's LAN.

User authentication
User authentication schemes, including those that utilize a username and password, allow users to sign
in towards the network which grant them permission to specific sections as well as features. The
account consists of utilized to recognize every user individually which is never safeguarded.

Two step verification

Which is also utilized to introduce an extra measure of protection this would require for a employer of
Davies Enterprises to confirm their identification several times, each following the other A user
generally enters a passwords but instead receives a security number via instant message, where they
should submit to obtain entry. Those have often applications which have a time-based one-time
encryption which could become utilized as a supplementary encryption method Through two-step
identification, every two authentication techniques, including fingerprint scanning accompanied through
a code, may be utilized simultaneously. This increases protection because the intruder needs exposure
towards a backup device which as the recipient's account, sms, or the passwords application, in
comparison to the passwords.

12 | P a g e
Biometric Authentication

In current history, several mobile models provide built-in fingerprint scanners, although several also
include facial recognition capabilities. Which represent the two most popular biometric encryption
methods. Such knowledge remains extremely personal to each individuals which therefore is challenging
to imitate Which renders it more safe than credentials in common, especially the basic credentials which
many employees prefer. Nevertheless, certain authentication technologies, especially smart phones
with unstable hand images including complicated surroundings remain susceptible to error. Often, since
developers can't alter that biometric information, if the facial recognition information is breached,
which will be a major problem.

Topic 2 - Impact of Cyber Security threats while taking legal

requirements into account

The Impact of Threats

Operational Threats

In relation to the scenario this would defect toward an Davies enterprise’s operational capabilities are
referred to as operational losses. Industrial production, availability of service, and customer information
are all affected. It's evident that, given how sensitive numerous firms remain on IT systems these days,
cybersecurity risks could severely impede business operations.

Reputation Loss

13 | P a g e
People 's faith in a company is eroded, and their perception of it is diminished, because of becoming
exposed to a threat. Likewise, unless a Davies have been compromised as well as confidential
information about workers or consumers have been obtained, users might not desire them to store
personal data throughout the future because users are worried which they will also neglect to safeguard
that data repeatedly, putting you at risk. As a result, users might choose not to furnish them with the
information they seek and otherwise they would got to a rival of Davies enterprises.

Financial Loss

Such loss might have long-term consequences for Davies’s enterprises, including significant financial
losses and bad publicity. Regarding financial loss, meaning actual costs or revenues lost as a result of the
threat. Which may include repairing sabotage-damaged equipment or losing profits as a result of
company website being unavailable due to a criminal cyberattack.

Legal requirements
Since cybersecurity remains considered a big challenge in today 's environment a number of legislations
having subsequently enacted to help defend towards these risks. Such having continuously updated as
well as modified throughout time to guarantee which they represent existing vulnerabilities.

Data protection Act (1998)

In 1998, the Data Protection Act becomes enacted to safeguard individual property through
guaranteeing which their sensitive data is stored ethically. Which does not only apply to electronic
information processed within a device Which includes information on document and audio signals. It,
also nevertheless, proven even further important as a result of the ease with which knowledge can now
be exchanged according to IT networks. The Information Commissioners Office (ICO) is a non-profit
organization accountable besides prosecuting potential data privacy breaches. Unless a company is
deemed to be in violation of the Data Protection Act (1998), individuals might pay a penalty of upwards
to £500,000.

Protection regulations:

Which necessitates the implementation of adequate steps and documents in order to show
enforcement throughout the GDPR The two factors that were left out of the General Data Protection
Regulations has been given its separate provisions of the establishment clause The information subject's

14 | P a g e
privileges, in general, are being extended and established, including the ability to demand, correction,
marginalization, including personal decision making.

Fraud Act 2006

The Theft Act's deception-related offenses were substituted by the Fraud Act (2006). The former Theft
Act is chastised throughout its scope, that included problems throughout deciding that fraudulent
charge should pursue, resulting in several offenders avoiding prosecution. The Fraud Act, luckily,
streamlined the conduct of fraud, making it considerably easier to prosecute.

The offenses are divided across three categories There are the following:

1. Fake identification fraud

2. Failure to report data constitutes a type of fraud.

3. Misuse through authority is a form of fraud.

Computer Misact 1990

The Computer Misuse Act first enacted during 1990 to prevent individuals from the manipulation and
destruction with data stored on computing devices. Most cybersecurity offenses, like intrusion, just
weren't generally unlawful prior to this period This law, in general, includes malware and the
transmission of ransomware. And unless users are unsuccessful, they will be fined for attempting to
exploit. Users would not appear must demonstrate sinister intention to be disciplined unless users
obtain unapproved entry through a device however do little about it.

15 | P a g e
The following are the three initial offences protected by this act:

1. Unauthorized exposure to computer data is the first offense. This is about breaking into a personal
computer and manipulating it. Which will result throughout a sentence of up to two years in jail and/or
a hefty penalty.

2. Unauthorized exposure with the intention to undertake or assist throughout the conduct of
additional crimes. Which may include blackmailing others with information gathered from intrusion.
Which will result in a sentence of upwards to 5 years in jail as well as a hefty penalty.

3. Unauthorized actions with the purpose of recklessness to obstruct the activity of a device. Which may
include tampering with information discovered during a security breach or transmitting a malware that
causes data loss. It could result in a sentence of up to ten years in jail and/or a hefty penalty.

Topic 3 - How different network types and infrastructure of Davies

Enterprises can be secured.

Antivirus and Firewalls

Anti-virus protection including firewalls remain the two main critical computer applications for
protecting themselves against cyberthreats. If properly implemented as well as managed such two
applications would be rather successful towards avoiding certain ransomware including intrusion
attempts.

Application layer awareness

A firewall which regulates the entry and exit of data toward a system is known as a software firewall
Which becomes critical since criminals can target a system at the protocol stack, leveraging protection
vulnerabilities in specific sites. As a result, unless an intruder manages to break through the network
firewall, this is an additional form of defense.

Network address

In packet filtering and device filtering, inbound and outbound guidelines have been utilizedAn IP address
is allocated to each computer throughout a network in order to specifically recognize them. Inside the
secure network, designers could utilize Network Address Translation to allocate private IP addresses to
certain computers. Without NAT, each device in any network will require an entirely different IP
address. as part of the filtering process.

Inbound and Outbound Rules

Inbound guidelines would specify whether data must be Accepted, rejected , or dropped before it enters
the network or device. Inbound rules would provide the equivalent regarding information exiting the
system or device, whereas outbound regulations would achieve the equivalent for information entering
the network or device.

1. Accepted –The traffic would be allowed to pass.

16 | P a g e
2. Rejected – Do not really enable traffic to pass across and respond with "unattainable."

3. Dropped – Do not permit traffic to pass across then do not respond.

Different network types

LAN

A local area network (LAN) is a network consisting a small geographical region typically a distinct
building or location. In a business, LANs are the most frequent type of network.

Features of LAN

Single department or unit often owns the local area network. It's simple to set up, manage, and grow, as
well as the platform has a lot of versatility.

1. Only a reasonably independent local area inside the partnership, including a main building, does have
a large geographic reach.

2. It utilizes specially laid transmission media for networking, providing high data transfer rates (10Mbs
to 10Gbs) with minimal network congestion. Exceptional dependability.

3. A number of data transmission can be supported by a LAN.

Security

The most common strategy to secure a Local Area Network is installing a firewall resource behind a
single access point such as an initial wireless router. Administrators can also secure routers and switches
that are required to create the network (both wired and wireless).

Storage Area network

17 | P a g e
This SAN is fully distinct with the LAN and is therefore mainly utilized for processing with no other data
transmission. Since developers provide a lot of data to store, particularly if it's growing, designers utilize
SAN.

Features

SAN can be beneficial for larger organizations as it allows as a adaptable framework Along these lines,
in the event that you need to increase or down the storage space in your framework, it is exceptionally
simple.

Security

Storage area network (SAN) privacy relates to all of the procedures, processes, devices, and innovations
which make it possible to set up a SAN system. It's a large-scale connection that ensures the SAN
architecture runs smoothly and is free of risks.

Wide Area network

The internet is the main popular instance of a WAN, which implies a network which covers a wide
regional region including an actual nation or the entire globe.

Features

Additionally, any Davies Enterprises is able to develop their global integrated network through WAN.
Moreover, a LAN network can also contain various different devices such as mobile phones, laptops,
tablets, and other various sort of devices.

Security

WAN protection is best maintained by forcing all users connecting to the WAN to use a Virtual Private
Network (VPN) . A VPN creates a private tunnel that personal data, allowing all traffic, speech, including
data to transit via a public WAN as if it were on a private circuit or LAN.

18 | P a g e
Component
Network Interface Card (NIC): A network interface card (NIC) comprises an integrated circuit but rather
card which allows a system to interact to multiple systems through a network.

Hub: A common device connection point in a network. Hubs are commonly utilized to connect LAN
segments. Various ports can be found inside a center.

Station: A station is a computer that connects to a server computer over a local area network (LAN) and
communicates with various peripherals.

Router: For LANs, routers establish a connection to the Internet. Manufacturers use a design table to
decide where packages should be placed.

Communication Server: A communication server is a PC architecture that can handle a variety of

communications-related activities.

File Server: A file server is a computer which keeps files, is linked to Davies Enterprises, and allows many
workstations PCs to access those data.

Securing Network components and infrastructure

How we can secure network infrastructure

Segment and Segregate Networks and Functions:

The complete infrastructure design, comprising segmentation and isolation, should be considered by
security architects. Another important security strategy for preventing an adversary from distributing
vulnerabilities or migrating laterally throughout an internal network involves proper network separation.
Segregation divides network segments into groups depending on their roles and functions.

Physical Separation of Sensitive Information

Local Area Network (LAN) sections could be separated using conventional network equipment such as
routers. Companies could utilize routers to define borders across networks, expand the number of
network segments, and screen users' broadcasting traffic efficiently. Such borders can be used to
prevent data breaches through confining traffic to distinct sections and even shutting down part of the
network throughout an attack, limiting attacker exposure.

Virtual Separation of Sensitive Information

The complete infrastructural design, comprising division and isolation, must be considered by security
designers. Attackers can get into a network that isn't well segregated

When technologies advances new solutions for improving information systems efficiency including
network security regulations become created. Virtual segmentation employs the same design ideas as
physically separation but does not necessitate the purchase of further equipment.

Harden Network Devices

19 | P a g e
Protecting networking devices through secured settings provides a basic method of improving network
infrastructure protection. The development plan must be implemented in combination with legislation,
guidelines, site security protocols, certifications, including industry standards by managers.

Intranet, Extranet, Internet and Cloud

An intranet seems to be a network which utilizes TCP/IP and other popular internet protocol. It connects
the local area network (or maybe a private WAN) to the internet, allowing users to reach internet-based
resources including an internal mail server or individual sites.

An extranet is a private intranet which only some external organizations (such as providers) or
consumers have links to. Just a portion of the intranet remains accessible, enabling users to exchange
data among external entities despite giving them full exposure to the company's network.

An individual, for instance, might use the internet to connect to the LAN through residence. Individuals
can often interact between distributors as well as consumers via emails and VoIP.

The Cloud represents a catchword which applies towards data storage as well as retrieval on servers
accessible through the internet instead of on a regional storage system such as a hard drive.

Peer to peer:

Rather than using a central server, every computer serves like a server for the data it holds inside a peer-
to-peer network.

20 | P a g e
Thin Client:

A thin client is a computer within a client/server network which performs certain functions primarily
through the use of other devices on the network (such as the server). The server can handle the bulk (if
not all) of the handling and preparation.

Client/server:

In a client/server network, a central server connects to other computers (users). The server keeps track
of who has exposure to what assets or facilities.

Modern Trends & Interpreting Schematics

Virtualization

This is a method of separating the operating system against the hardware it runs on. This enables users
to download an operating system version so that they can operate several software applications onto
the main computer. Which has several advantages which is widely used in servers. Users could, for
instance, capture screenshots from a virtual machine to support the whole virtual machine. By allocating
server programs onto a wide physical server, researchers may break it into several virtual machines and
make better utilization of the existing assets.

Bring Your Own Device

21 | P a g e
Bring your own device (BYOD) becomes a strategy that a growing number of companies are
implementing to enable employees to utilize their personal devices within the workspace Since users
begin operating with their own computers, this is thought to improve efficiency while also giving
workers more versatility about where they work. Nevertheless, this raises the possibility of security
threats. In particular, user systems could possibly have virus that could therefore distributed across the
network when linked. Clients might also have programs implemented to try to obtain unauthorized
exposure to data.

Software-Defined Networking (SDN)

SDN is a networking software which distinguishes the network's knowledge with the hardware. Which
allows for centralized network and network device setup and maintenance, as well including certain
optimization to render tasks simpler . Rather than needing to customize each network system manually,
you can do it all at once.

Cloud Computing

The distribution of resources via the "cloud" is referred to as cloud computing. With activities like
collection and handling, this entails using computational capabilities on a remote server instead than a
local system.

Cloud services can be divided into three categories:

1. Infrastructure as a service (Iaas) - is a term which applies towards servers which could be reached for
the purpose of storing data.

2. Software as a Service (Saas) - relates towards a form of delivering software programs across the
Internet which could be reached using the browser on a regional computer

3. Platform as a Service (Paas) - relates to servers which provide a development and processing
framework including software programs (such as web and mobile apps).

22 | P a g e
Network Components

Distinct hardware and networking devices would have a variety several characteristics that render them
suitable for their intended use and enable themselves to perform their function in a network.
Consumers are supposed to have a thorough comprehension of each of certain elements and whether
they function as cybersecurity experts.

End-User Devices

Which is a general concept that applies towards the network's user devices including such personal
computers and mobile devices. Those become the devices that connect to the network to access
resources like printers, data, and email. When developing, a network various end device provide various
capabilities to remember. ]

Connection Media
Wired

Ethernet cables are a type of UTP/STP cable that typically arrive in two varieties. Cat5e and Cat6 are the
two types. Cat6 offers quicker data transmission across short ranges (10x faster for up to 164ft) and
other advantages including reduced crosstalk. Cat5e, on the other hand, is relatively costly.

23 | P a g e
Fibre optic cables are another specific method of wired link. This wire consists constructed up of small
transparent fibres that send data in the form of electrical rays. Fibre is typically utilized in a WAN even at
the heart of the telecommunication system. Storage Area Networks make use of them as well.

Wireless

Wi-Fi becomes the main popular component of wireless link. This is the most popular method of
connecting wirelessly towards an Access Point in LANs. Wi-Fi links today are extremely high, with
potential speeds of up to 7Gbps. Bluetooth is still utilized throughout networking, but mostly in personal
area networks owing to its limited reach and sluggish transmission rates and is frequently utilized to link
wireless handheld devices Infrared light is used to relay information (as opposed to the previous two
wireless technologies which use radio waves). It 's a wireless technology with a short range, includes
field of vision and moves data slowly.

management & Troubleshooting Tools

Such tools were all developed having a particular intent in mind when it came to network maintenance,
so there are a lot of options. The following are some of the most important techniques:

1. Performance Monitor: This software keeps track of important network metrics including the number
of connections, upload/download rates, latency, frame rate, and network congestion. This aids in the
evaluation of network efficiency and the identification of network problems.

2. Vulnerability scanner: identifies potential exploitable flaws in a computer system, network, or

program. Organizations do this to define technical flaws so that these could be addressed. A hacker, on
the other hand, will using it towards locating an attack vector.

3. Packet sniffer: accesses data packets when they travel through a network. A packet sniffer seems to
be a program which helps a machine to see data that's not submitted to it. Which is intended to figure
out what's causing the transmitting problems An intruder, on the other hand, may utilize this to gain
exposure to confidential information

4. Event viewer: enables users to observe the event logs, which detail essential hardware and software
incidents. Which may be due to a system which didn't configured properly or an invalid login effort, for
instance. This could aid protection by detecting several unsuccessful login efforts for example.

24 | P a g e
Network Application Software:

Inside of networking, there remain software applications which is widely utilized. Most programs, for
instance, can be operated on a server yet accessed across the network.

1. Document Management: This retains data onto a server within a standardized format ensuring that
clients could manage it through the network. A websites message method represents a good
representation of this. Whenever a client leaves a message, which is transferred towards the server's
database. After that, the message could be downloaded through the database being shown to other
online users.

2. Network Discovery Tools: Tests networks across every devices linked towards the network and
collects data regarding them, which including their IP address, device username, including system
software. IT divisions utilize something for network auditors. This, could nevertheless, be utilized among
hacker to identify weaknesses.

3. Document Management: Powers users to, build transmit, archive, and scan documents meaning that
they could be viewed conveniently across the internet. Which will help companies handle records more
efficiently and securely.

Network & Device Operating Systems

This is the software which enables users to communicate through a computing device while also
controlling its function. It offers a wide array of resources, such as:

1. Authentication process and data encryption are examples of security features.

2. management and syncing is used to delegate storage and filtering to applications.

3. Supplying a user interface which makes communication among the user and the computer easier.

4. Device drivers must be managed in order for applications to communicate against various hardware.

Network Infrastructure

25 | P a g e
Transmission Control Protocol/Internet Protocol

Whenever sending data, across a network users employ the TCP/IP paradigm. Once delivering data via a
network like the internet, this paradigm comprises several layers which should all be obeyed.

1. Application Layer: This comprises the top layer, which communicates immediately to ones software
applications, including ones internet browser, as well as transfers data through the program through the
transport layer.

2. Transport Layer: TCP is utilized in the following layer. TCP would divide the data into packets, which
are little bits of data. This would additionally include a header with details about the producer and
receiver ports, packet sequence, and a verification for errors identification once delivered. After that,
the packets would be forwarded to the internet layer.

3. Internet Layer: The IP protocol is employed at this layer. The packets will be transformed forming an
IP datagram as well as the current location IP addresses would be attached. It often guarantees that the
info gets forwarded to the intended recipient. The network interface layer could subsequently use this
information.

4. Network Interface Layer: This bottom layer would append mac addresses onto every packet in order
to guarantee that the data reaches the intended physical device. This would additionally transform the
data to a format which could be transmitted across the network's physical connections.

TCP would split the data getting transmitted across smaller data packets as well as offer data about
decompression including fault verification while transferring data. The IP ensures that the packets
acquire IP addresses, allowing the data packets to find their intended destinations.

Ports

The destination of a network communication is referred to as a network port. The network port specifies
the program currently utilized, allowing ones system to manage data through multiple apps at the same
time (e.g. surfing the web & sending an e-mail message).

1. The HTTP port - 80 primarily utilized to send and receive web pages.

2. FTP Ports 20/21 — These comprise of the FTP ports utilized to publish as well as acquire files.

3. IMAP port 143 - utilized to retrieve emails from a server.

26 | P a g e
4. Port 25 provides an SMTP port which is utilized to transmit and receive emails

5. Port 443 — This represents the HTTPS port, which is utilized to protect website transfers.

Users might just be permitted to utilize one program at a time unless users didn't possess ports since the
recipient will not recognize whether application required the data.

Packets

A packet is a little amount of data or a communication which users send via a network. Each packet,
therefore, comprises far more simply a portion of the data. The data currently transferred is contained
throughout the payload section of a packet. The following information would be included in the header:

Packet switching is the more common method of data transmission in modern networks.

Network Structure

27 | P a g e
Network Address Translation

The IP address comprises a set of digits which can be used to distinguish a device linked onto the
internet (as well as any a network using the IP protocol). Initially utilizing IPv4, IP addresses originally
composed of a 32-bit number, that we commonly represent in dot-decimal terms, consisting of four
integer numbers ranging from 0 to 255. This resulted in a total of 4.3 billion addresses.

Domains

The network operating system's primary responsibility is to remotely manage as well as limit
accessibility across our network for privacy reasons. Users may accomplish this by creating domains with
the NOS. A domain represents a collection of data-sharing desktops, scanners, network equipment,
servers, and clients. Every user attempting to link a device into the network via domains would be
required to identify themself (via a login information) in order to gain entry to the domain, as well as
hence the network.

Network Segmentation

28 | P a g e
Users could divide a network among numerous subnetworks instead of constructing an unified huge
network. Network segmentation seems to be the term for this. Every segment with a physically
segmented network would possess its unique switch through which users, servers, and other
subnetwork members could link. A link among segments is typically made by a bridge, router, or perhaps
an extra switch. To guarantee that the segments are safely separated, each segment might maintain its
unique firewall using its unique set of security settings. Although residing under the identical switch, that
could nevertheless necessitate the use of a physical device such as a router to send information among
the virtual segments.

Network Services

Domain Name System

Domain names are converted into IP addresses using the Domain Name System (DNS). It therefore
enables users to utilize text-based identifiers of web pages instead of IP addresses, which are harder to
memorize.

Directory Services

Directory services organize data from network items like users and computers. This allows enabling
centralized administration, authorization, including verification because every network information
becomes available through a single source as well as therefore conveniently exposed to users.

The following are several examples of popular directory services:

1. The directory service provided with another Windows Server NOS is Active Directory.

29 | P a g e
2. Several Linux NOS integrate OpenLDAP, a public source directory service.

3. The directory provider provided within the macOS Server NOS is Open Directory.

Authentication Services

Authentication services enable username/password user authorization depending upon the information
within the domain controller's directory services. Before connecting a device to a network, the user
must initially verify themselves. This keeps malevolent individuals from linking unapproved equipment
into the network and launching an attack. These could enable individuals from beyond the organization
to join to the network domain, allowing for working remotely.

Dynamic Host Configuration Protocol

DHCP provides a technology which enables a network administrator can remotely control devices linked
with a network by routinely assigning IP addresses to them. The DHCP server provides the device which
is responsible for assigning IP addresses. This is most probably the router in a tiny home network.
Complex systems managed by businesses, on the other hand, would require a specialized DHCP server.

Routing

Routing was also the procedure with directing data packets across different networks in order to arrive
at their location. Routing has been done with the help of "Routing Tables." Every other router keeps a
routing table with a few items of data, the most important of which is the ultimate destination as well as
gateway. It therefore occurs as the data packet travels from router to router once it attains its location.

Remote Access Services

Remote access systems allow users to connect to a network from beyond the company. Numerous
network operating systems include this feature. To accomplish this, the network would then arranged
up a distant access server to that the user must verify in order to gain access to network services.

30 | P a g e
Topic 4 – Evaluating the effectiveness of the measures used to protect
organization from cyber security while taking legal requirements into
account

Advantages

Because attackers or an internal danger to the Davies Enterprises will not be allowed to easily view all of
the documents if password protection are used, there will be fewer threats. I'd adopt a security policies
that required a combination between capital and lower-case characters, digits, and graphics, with a
duration of between eight and 12 characters and two-factor authentication.

Additional benefit is getting accessibility to the control panel. This ensures authentication clients could
only access content and data that which they have been granted permission. For example,
administrators of Davies Enterprises can control physical access to the site, while the PCs network
restricts access to unauthorized clients. In the company, clients can allocate roles. Once a director of
department has been verified, users can entrust them with all of the crucial access they require.

Upgrading Davies Enterprises' hardware is critical since it reduces the risks of the systems being
compromised by an intruder attempting to steal data. Security protection revamps are included in
upgrades to assist protect against known flaws and flaws. I’d ensure Davies Enterprises keep their
products and equipment up to date in order to avoid falling prey to violators. They should upgrade any
of the machines inside the office without reluctance even when an upgrade is available.

Disadvantages

With some individuals, placing all of their information inside the control of a department might cause
insecurity and confidence difficulties. One never understand if the Davie's Enterprises CEO is trustworthy
enough to entrust all of the essential data to.

Upgrading the Davies Enterprises equipment is critical, however users must stop working as well as
upgrade their device every time there is an upgrade, that might increase the load to grow because it will
not proceed as quickly, causing traffic afterwards.

Conclusion

31 | P a g e
Implementing all of these restrictions comes with several slight risks, but these drawbacks can be
overcome. Other users could use secure applications to preserve their documents private including from
attackers provided the passcode is difficult to memorize If users do not possess sufficient trust in
their colleagues to transmit the knowledge to the top, users can still ask colleagues whom they believe
the most, rather than elevating the most competent, they also can verify whoever the colleagues trust
the most. They  must also be certified, therefore evaluating them is also required.

32 | P a g e
References

33 | P a g e
BTEC LEARNER ASSESSMENT SUBMISSION AND DECLARATION

Learner Name: Ibrahim Zitouni

Assessor Name: Himanshu Babbar

Pearson BTEC Level 3 Extended Diploma in

BTEC Programme Title:
Information Technology

Unit and Title: Unit 11 Cyber Security and Incident Management

Understand cyber security threats, system

Assignment Title: vulnerabilities & Explore the implications and
methods of protection

Submission Date: 1 June 2021

Please list the evidence submitted for each task. Indicate the page numbers where the
evidence can be found or describe the nature of the evidence (e.g. video, illustration).

Assignment task reference Evidence submitted

Learner acknowledgement & declaration

I hereby acknowledge that I received the tasks related to the Pearson Set Assignment on
the above given dates.

I certify that the work submitted for this assignment is my own. I have clearly
referenced any sources used in the work. I understand that false declaration is a form
of malpractice.

By uploading this document, I am electronically signing it.

Learner signature: Ibrahim Zitouni Date: 1st June 2021

34 | P a g e
2020/21 BTEC Learner Assessment Submission Declaration | Issue Date: June 2020 | Version 1.0

35 | P a g e