ASSIGNMENT 1 FRONT SHEET

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit 5: Security

Submission date Date Received 1st submission

Re-submission Date Date Received 2nd submission

Student Name Phạm Văn Hiệp Student ID GCS200581

Class GCS0903B Assessor name

Student declaration
I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that
making a false declaration is a form of malpractice.

Student’s signature HIEP

Grading grid
P1 P2 P3 P4 M1 M2 D1
x x x x

1|Page
 Summative Feedback:  Resubmission Feedback:

Grade: Assessor Signature: Date:

Lecturer Signature:

1|Page
 Assignment Brief 1 (RQF)
Higher National Certificate/Diploma in Computing

Student Name/ID Number: Phạm Văn Hiệp

Unit Number and Title: Unit 5: Security
Academic Year: 2021 – 2022
Unit Assessor: Van Ho
Assignment Title: Security Presentation
Issue Date: April 1st, 2021
Submission Date:
Internal Verifier Name:
Date:

Submission Format:

Format:

● The submission is in the form of an individual written report. This should be written in a concise,
formal business style using single spacing and font size 12. You are required to make use of
headings, paragraphs and subsections as appropriate, and all work must be supported with research
and referenced using the Harvard referencing system. Please also provide a bibliography using the
Harvard referencing system.
Submission

● Students are compulsory to submit the assignment in due date and in a way requested by the Tutor.
● The form of submission will be a soft copy posted on http://cms.greenwich.edu.vn/.
● Remember to convert the word file into PDF file before the submission on CMS.
Note:

● The individual Assignment must be your own work, and not copied by or from another student.
● If you use ideas, quotes or data (such as diagrams) from books, journals or other sources, you must
reference your sources, using the Harvard style.

2|Page
 ● Make sure that you understand and follow the guidelines to avoid plagiarism. Failure to comply
this requirement will result in a failed assignment.

Unit Learning Outcomes:

LO1 Assess risks to IT security.

LO2 Describe IT security solutions.

Assignment Brief and Guidance:

Assignment scenario
You work as a trainee IT Security Specialist for a leading Security consultancy in Vietnam called FPT
Information security FIS.
FIS works with medium sized companies in Vietnam, advising and implementing technical solutions to
potential IT security risks. Most customers have outsourced their security concerns due to lacking the
technical expertise in house. As part of your role, your manager Jonson has asked you to create an
engaging presentation to help train junior staff members on the tools and techniques associated with
identifying and assessing IT security risks together with the organizational policies to protect business
critical data and equipment.
Tasks
In addition to your presentation, you should also provide a detailed report containing a technical review
of the topics covered in the presentation.
Your presentation should:
• Identify the security threats FIS secure may face if they have a security breach. Give an example
of a recently publicized security breach and discuss its consequences
• Describe a variety of organizational procedures an organization can set up to reduce the effects to
the business of a security breach.
• Propose a method that FIS can use to prioritize the management of different types of risk
• Discuss three benefits to FIS of implementing network monitoring system giving suitable reasons.
• Investigate network security, identifying issues with firewalls and IDS incorrect configuration and
show through examples how different techniques can be implemented to improve network
security.
• Investigate a ‘trusted network’ and through an analysis of positive and negative issues determine
how it can be part of a security system used by FIS.

3|Page
Your detailed report should include a summary of your presentation as well as additional, evaluated or
critically reviewed technical notes on all of the expected topics.

4|Page
Learning Outcomes and Assessment Criteria (Assignment 1):
Learning Outcome Pass Merit Distinction
LO1 P1 Identify types of M1 Propose a method D1 Investigate how a
security threat to to assess and treat IT ‘trusted network’ may
organisations. security risks. be part of an IT
Give an example of a security solution.
recently publicized
security breach and
discuss its
consequences.

P2 Describe at least 3
organisational security
procedures.
LO2 P3 Identify the M2 Discuss three
potential impact to IT benefits to implement
security of incorrect network monitoring
configuration of systems with
firewall policies and supporting reasons.
IDS.

P4 Show, using an
example for each, how
implementing a DMZ,
static IP and NAT in a
network can improve
Network Security.

5|Page
Contents
Assignment Brief 1 (RQF) ........................................................................................................................... 2

Higher National Certificate/Diploma in Computing ............................................................................. 2

Identify types of security threat to organizations. Give an example of a recently publicized security breach
and discuss its consequences (P1) .................................................................................................................. 9

I. Threats and threats agents to organizations ......................................................................................... 9

II. Security breaches ........................................................................................................................... 14

III. Solutions to organizations.............................................................................................................. 15

Describe at least 3 organizational security procedures (P2) ......................................................................... 17

I. Encrypt data information (Anon., 2019) ........................................................................................... 17

II. Use strong passwords (Empey, 2018) ........................................................................................... 18

III. Backup and recovery ..................................................................................................................... 21

Identify the potential impact to IT security of incorrect configuration of firewall policies and IDS (P3) ... 23

I. Firewalls ............................................................................................................................................ 23

II. Policies ........................................................................................................................................... 25

III. IDS (Intrusion Detection System).................................................................................................. 27

IV. Potential impact of a firewall and IDS if they are incorrectly configured in a network ................ 27

Show, using an example for each, how implementing a DMZ, static IP and NAT in a network can improve
Network Security (P4) .................................................................................................................................. 29

I. The aid of diagram DMZ ................................................................................................................... 29

II. The aid of diagram static IP ........................................................................................................... 30

III. The aid of diagram NAT ................................................................................................................ 31

References .................................................................................................................................................... 32

6|Page
7|Page
Figure 1. Malware ........................................................................................................................................ 10
Figure 2. Emotet ........................................................................................................................................... 11
Figure 3. DoS................................................................................................................................................ 11
Figure 4. MITM ............................................................................................................................................ 12
Figure 5. Phishing ......................................................................................................................................... 13
Figure 6. SQL Injection ................................................................................................................................ 13
Figure 7. Password attacks ........................................................................................................................... 14
Figure 8. Data encryption ............................................................................................................................. 17
Figure 9. Brute force attack .......................................................................................................................... 18
Figure 10. Dictionary attack ......................................................................................................................... 19
Figure 11. Phishing ....................................................................................................................................... 20
Figure 12. Strong password generator .......................................................................................................... 21
Figure 13. Backup and Recovery ................................................................................................................. 22
Figure 14. Firewalls ...................................................................................................................................... 23
Figure 15. Policies ........................................................................................................................................ 26
Figure 16. Intrusion Detection System ......................................................................................................... 27
Figure 17. DMZ Diagram ............................................................................................................................. 29
Figure 18. Static IP diagram ......................................................................................................................... 30
Figure 19. NAT Diagram ............................................................................................................................. 31

8|Page
Identify types of security threat to organizations. Give an example of a recently publicized security
breach and discuss its consequences (P1)

I. Threats and threats agents to organizations

Definition: Security Threat means any threat or series of connected threats to intentionally attack Network
Systems in order to demand money, including virtual, digital, and electronic currency, securities, or other
valuable property from an Insured; provided, however, that Security threat does not include any such threat
made by any governmental entity or public authority. (Anon., 2017)
Type of security threats:
1. Malware
Malware is defined as malicious software, which includes spyware, ransomware, viruses, and worms.
Malware is triggered when a user clicks on a malicious link or attachment, which causes hazardous software
to be installed.
Access to critical network components is restricted (ransomware)
Install further malicious software.
Obtain information covertly by transferring data from the hard drive (spyware)
Disrupt individual components, rendering the system unusable.

9|Page
 Figure 1. Malware

2. Emotet:
Emotet is described by the Cybersecurity and Infrastructure Security Agency (CISA) as "a sophisticated,
modular banking Trojan that primarily operates as a downloader or dropper of other banking Trojans."
Emotet remains among the most expensive and dangerous viruses.

10 | P a g e
 Figure 2. Emotet
3. Denial of Service
A denial of service (DoS) assault is a form of cyber-attack that overloads a computer or network, rendering
it unable to respond to requests. A distributed denial of service (DDoS) assault does the same effect, except
the attack starts on a computer network. Cyber attackers frequently employ a flood assault to interrupt the
"handshake" procedure and launch a DoS attack.

Figure 3. DoS

11 | P a g e
4. Man-in-the-middle
When hackers inject themselves into a two-party transaction, this is known as a man-in-the-middle (MITM)
assault. According to Cisco, after disrupting traffic, they may filter and take data. MITM attacks are common
when a visitor connects to an unprotected public Wi-Fi network. Attackers place themselves between the
visitor and the network, then use malware to install software and steal data.

Figure 4. MITM
5. Phishing
Phishing attacks employ forged communication, such as an email, to mislead the recipient into opening it
and following the instructions contained inside, such as entering a credit card number. According to Cisco,
the objective is to "take sensitive data such as credit card and login credentials or to install malware on the
victim's system."

12 | P a g e
 Figure 5. Phishing
6. SQL Injection
A Structured Query Language (SQL) injection is a form of cyber-attack that occurs when malicious code
is inserted into a SQL server. When a server is infected, it leaks data. Entering the malicious code into a
vulnerable website search box can be as simple as that.

Figure 6. SQL Injection

13 | P a g e
7. Password Attacks
A cyber attacker may get access to a lot of information with the proper password. Data Insider describes
social engineering as "a method cyber attackers utilize that focuses largely on human contact and frequently
includes persuading individuals into violating established security procedures." Accessing a password
database or guessing a password are two more forms of password assaults.

Figure 7. Password attacks

II. Security breaches

Below are the ten most recent security breaches: (Novinson, 2021)
• CVS Health – June 21st, 2021: A third-party vendor inadvertently published an unprotected database
containing over a billion CVS Health consumer search records.
• Carter’s – June 20th, 2021: The personal and shipping information of approximately 410,000 Carter's
customers was exposed as a result of a third-party data breach with the company's online purchasing
software.

14 | P a g e
• Wegmans – June 21st, 2021: Wegmans Food Markets, a U.S. grocery chain, alerted an unspecified
number of customers that their data had been compromised after two of its cloud-based databases were
misconfigured and made publicly available online.
• Forefront Dermatology – July 9th, 2021: Forefront Dermatology, a U.S. healthcare provider, revealed
that unauthorized access to its IT systems exposed the personal data and medical information of up to
2.4 million patients.
• Guess – July 12th, 2021: Guess alerted an unspecified number of customers of a data breach as a result
of a ransomware assault that resulted in a data breach.
• OneMoreLead – August 4th, 2021: OneMoreLead, a marketing firm, compromised the personal
information of 126 million people via an unprotected database accessible online.
• SeniorAdvisor – August 13th, 2021: Researchers in cyber security discovered an unprotected database
holding over 3 million personal records of SeniorAdvisor members.
• UNM Health – August 17th, 2021: An unauthorized third party got access to the personal and medical
information of approximately 637,000 UNM Health patients.
• Microsoft Power Apps – August 24th, 2021: At least 38 million data were exposed due to a
misconfiguration in Microsoft Power Apps, a Microsoft software. American Airlines, Microsoft, J.B.
Hunt, and the governments of Indiana, Maryland, and New York City were all affected by the data
dumps.
• GetHealth, FitBit and Apple – September 14th, 2021: Over 61 million records of Apple and Fitbit
customers' data connected to fitness trackers and wearables were exposed in an unprotected database
belonging to GetHealth, a health and wellness data app.

III. Solutions to organizations

1. Educate Employees on Data Security, Security Policies, and Common Security Threats (Kirk,
2020)
A consistent, clear communication about organizational policies and procedures can help decrease the
likelihood of employees accidentally committing a crime or lash out at the business over a perceived
injustice. To be as successful as possible in reducing unintentional insider cybersecurity threats, your
company's data security training program curriculum should include the following information:

15 | P a g e
• How to categorize and recognize various sorts of information assets
• Policies and processes for excellent asset management, risk identification, assessment, and mitigation
• Choosing appropriate security controls to reduce identified threats
• The significance of detecting security events and responding to incidents
• Employees' various roles, duties, and interactions
• Common risks that employees may face include phishing, viruses, and malware, as well as
communication principles both internally and with third parties.
2. Protect Your Infrastructure (Kirk, 2020)
a. Identification: To begin, create a risk universe to identify all potential threats that might influence the
security of your organization's assets. Every known situation should be documented, and suggestions
should be collected from all departments. Once you've identified potential risks, you'll want to specify
the mitigation option(s) for each before you face an insider assault.
b. Prevention: A robust, detailed risk-management plan serves as the cornerstone for effective threat
prevention. Check to see whether modifying procedures or activities can lower potential risks or lessen
the effect of probable bad occurrences as part of your preventative strategy. As a deterrent to insider
assaults, use warning messages such as the message of the day (MOTD), login prompts, and alerts. The
MOTD below specifies correct usage to ensure that staff are aware of acceptable behavior.
c. Control: During this phase, your focus is on insider threat management and the solutions you may use
to better protect yourself in the event of an attack. Begin by adding the ability to manage accounts and
account access centrally. Streamlining access control improves your capacity to examine problems, such
as finding an account and limiting its access if required.
d. Detection: Installing auditing and monitoring solutions for your IT infrastructure enables your business
to be on the lookout for insider risks. Monitoring tools aid in the tracking of key asset activities such as
illegal system modifications, user activity, file integrity, file access, and network traffic.
e. Incident Response: The incident reaction is the fourth step of prevention and containment. In this
section, you and your company will include skills that will allow you to respond effectively to a real
insider threat in the case of a data breach. Ensure that you have the ability to collect evidence of security
occurrences, their associated actions, and their effect.
3. Implement Operations Activities & Controls Efficiency Audits (Kirk, 2020)

16 | P a g e
The last stage in minimizing insider risks is to assess the effectiveness of your measures. This solution
focuses on the processes and policies that your business must design and implement to keep insider threats
at bay.
Preventative actions centered on raising awareness assist to foster a culture of compliance and security. We
recommend being very explicit on the following policies:
• Use and disclosure of the organization's systems, information, and resources that is acceptable.
• The usage of administrator or privileged accounts
• Acceptable usage policies for all network-connected devices

Describe at least 3 organizational security procedures (P2)

I. Encrypt data information (Anon., 2019)

Data encryption is a type of security mechanism in which information is encoded and may only be accessed
or decoded by a user who has the appropriate encryption key. Encrypted data, also known as ciphertext,
seems jumbled or unintelligible to anybody or entity who gains unauthorized access.

Figure 8. Data encryption

17 | P a g e
Data encryption is used to prevent malevolent or careless individuals from gaining access to sensitive data.
Encryption, a crucial layer of protection in a cybersecurity architecture, makes it as difficult as possible to
use intercepted data. It may be used to secure data ranging from secret government information to personal
credit card transactions. Data encryption software, often known as an encryption algorithm or cipher, is used
to create an encryption system that can potentially be broken only with massive quantities of computational
power.

II. Use strong passwords (Empey, 2018)

Cybercriminals have many password-hacking techniques at their disposal, but the simplest is simply
purchasing your passwords on the dark web. The black-market buys and sells login credentials and
passwords for a lot of money, and if you've been using the same password for a long time, chances are it's
been hacked.
Brute force attack: This assault attempts to predict every possible combination in the book until it lands on
yours. The attacker uses software to automate the process of trying as many possibilities as possible in as
little time as possible, and there has been some terrible progress in the growth of that technology.

Figure 9. Brute force attack

18 | P a g e
Dictionary attack: This is exactly what it sounds like: the hacker is assaulting you with a dictionary.
Whereas a brute force assault attempts every possible combination of symbols, numbers, and characters, a
dictionary attack tries a predetermined list of words from a dictionary.

Figure 10. Dictionary attack

Phishing: Phishing is the most heinous of methods, in which hackers use social engineering to mislead,
frighten, or push you into inadvertently doing what they want. A phishing email may (falsely) inform you
that anything is amiss with your credit card account. It will lead you to click a link that will take you to a
bogus website designed to seem like your credit card provider.

19 | P a g e
 Figure 11. Phishing
Methods a strong password:
• The revised passphrase method: Choose unusual and unusual words for this variation on the multiple
word phrase approach. Use appropriate nouns, names of local companies, historical personalities, terms
from another language, and so on.
• The sentence method: The "Bruce Schnier Procedure" is another name for this method. The aim is to
generate a random phrase and use a rule to convert it into a password.
• Use a password manager and a random password generator: Except for one thing — the master password
that allows you access to your password manager — a password manager maintains track of all of your
passwords and does all of the remembering for you.

20 | P a g e
 Figure 12. Strong password generator

III. Backup and recovery

Backup and recovery refer to the process of backing up data in case of loss and establishing systems that
enable data recovery in the event of data loss. Backing up data entails copying and preserving computer data
so that it can be accessed in the event of data loss or damage. Data from a previous time period can only be
retrieved if it has been backed up. (Anon., 2017)

21 | P a g e
 Figure 13. Backup and Recovery
THE IMPORTANCE OF BACKUP AND RECOVERY:
The backup's aim is to produce a copy of the data that can be retrieved in the case of a main data failure.
Primary data failures can occur due to hardware or software failure, data corruption, or a human-caused
incident, such as a hostile attack (virus or malware), or unintentional data deletion. Backup copies enable
data to be recovered from a previous point in time, assisting the company in recovering from an unforeseen
incident.
To achieve the greatest outcomes, backup copies should be produced on a consistent, frequent basis to
reduce the amount of data lost between backups. The longer the time between backup copies, the greater the
risk of data loss while recovering from a backup. Keeping several copies of data gives you the security and
flexibility to restore to a point in time that was not impacted by data corruption or malicious assaults.
TYPES OF DATA BACKUP (Anon., 2020)
• Full backup: It is a simple and comprehensive backup process that copies all of your data to another
media set such as a disk, tape, or CD. As a result, a full copy of all your data is provided in a single
media package.

22 | P a g e
• Incremental Backup: This procedure copies just the data that has changed since your last backup
process. All backup activities will be recorded and tracked by a backup program at the time and date
they occur. This procedure is quicker and necessitates less storage space.
• Differential Backup: This backup, like an incremental backup, will transfer all modified data from a
previous episode, but each time it runs, it will continue to copy all data changed since the last complete
backup.

Identify the potential impact to IT security of incorrect configuration of firewall policies and IDS (P3)

I. Firewalls

A firewall is a piece of software or firmware that blocks unauthorized network access. It examines incoming
and outgoing traffic using a set of rules to detect and prevent threats. Firewalls are used in both personal
and business contexts, and many devices, including Mac, Windows, and Linux PCs, have one built in. They
are commonly regarded as a critical component of network security. (Lutkevich, n.d.)

Figure 14. Firewalls

23 | P a g e
USAGE: Firewalls are utilized in both business and home settings. Along with other cybersecurity devices,
modern businesses include them into a security information and event (SIEM) system. They can be deployed
at a company's network perimeter to protect against external threats, or they can be installed within the
network to establish segmentation and protect against insider attacks. (Lutkevich, n.d.)
Firewalls examine packets for malicious code or attack vectors that have previously been identified as
known dangers. If a data packet is identified as posing a security concern, the firewall blocks it from entering
the network or reaching your computer. (Anon., 2019)
ADVANTAGES: (Roor, n.d.)
• Monitor Traffic: A firewall's primary job is to monitor the traffic that passes through it. The information
that travels via a network is in the form of packets. Each of these packets is inspected by the firewall for
potentially dangerous threats.
• Protection against Trojans: Malware, particularly Trojans, can be hazardous to a user. A Trojan sits
silently on your computer, snooping on everything you do with it. Whatever data they collect will be
transmitted to a web server. Obviously, you will not be aware of their presence until your machine
exhibits unusual behavior.
• Prevent Hackers: Hackers on the internet are constantly looking for computers to use in their illegal
activities. When hackers discover such machines, they will begin to engage in harmful activities such as
malware distribution. Aside from the hackers, there may be unknown individuals, such as neighbors,
seeking for an unsecured internet connection.
• Access Control: Firewalls provide an access policy that may be configured for certain hosts and
services. Some hosts may be abused by attackers. In this scenario, it is advisable to prevent such hosts
from accessing the system.
• Better Privacy: One of the primary concerns of a user is privacy. Hackers are always on the lookout
for private information in order to gain information about the user. However, many of the services
provided by a site, such as the domain name service and the finger, may be disabled by employing a
firewall.
HOW FIREWALLS PROTECT DATA:

24 | P a g e
• Backdoors: Certain programs are meant to be accessible remotely, while others may have vulnerabilities
that allow potential hackers to get access to and abuse the program for malevolent reasons via a
"backdoor," or a concealed means to access and exploit the software.
• Denial of service: Hackers use this approach by requesting to connect to the server, which sends an
acknowledgment and attempts to connect.
• Macros: Macros are scripts that programs may use to combine a number of complex operations into a
single executable rule.
• Remote logins: The severity of remote logins varies, but they always pertain to someone connecting to
and managing your computer.
• Spam: While the majority of spam is innocuous, some spam may be quite harmful.
• Viruses: Viruses are tiny programs that reproduce themselves from computer to computer, allowing
them to spread across devices and networks.

II. Policies

The Security Policy establishes the policies and procedures for all personnel who access and use an
organization's IT assets and resources. An effective IT Security Policy is a model of the organization's
culture in which rules and procedures are driven by the workers' approach to their information and job.
(Anon., 2020)

25 | P a g e
 Figure 15. Policies
THE THREE PRINCIPLES (Anon., 2020)
• The protection of assets from unauthorized entities is a component of confidentiality.
• Integrity guarantees that asset modifications are carried out in a specified and permitted way.
• The condition of the system in which authorized users have continuous access to those assets is referred
to as availability.
ADVANTAGES OF SECURITY POLICIES: (Nathan, 2020)
• Information Security Policies Keeps You Away from Penalties and Fines
• Information Security Policies Secure Your Reputation for Doing Business
• Information Security Policies Strengthens Your Skills in Data Protection
• Efficient Information Security Policies Strengthens the Culture of Businesses
• Information Security Policies Promote Transparency and Access Controls
• Information Security Policy Offers Perspectives Supporting Organizational Benefits

26 | P a g e
III. IDS (Intrusion Detection System)

An intrusion detection system (IDS) monitors your network for potentially harmful activities, such as hostile
acts and violations of security rules. When such an issue is discovered, an IDS notifies the administrator but
does not take any further action. There are several types of intrusion detection systems and detection
technologies in use. (Anon., 2019)

Figure 16. Intrusion Detection System

USAGE: An IDS will do an analysis of passing traffic and match the traffic that is passed on the subnets to
the library of known attacks when installed at a strategic point or locations within a network to monitor
traffic to and from all devices on the network. When an attack is detected or unusual activity is detected, an
alarm can be issued to the administrator.

IV. Potential impact of a firewall and IDS if they are incorrectly configured in a network

FIREWALL:
• Insider Attacks: A perimeter firewall is designed to keep threats that originate outside of your network
at bay. When an assault begins from within, the perimeter firewall is rendered ineffective. Internal
firewalls aid in the partitioning of particular assets on your network, making attackers work harder.
• Missed Security Patches: Attackers may exploit flaws in network firewall software. Vendors generally
work quickly to provide a patch that solves the problem. The patch's presence, however, does not imply

27 | P a g e
 that it will be immediately implemented to your company's firewall software. The best solution to this
problem is to develop and adhere to a tight patch management plan.
• Configuration Mistakes: A poorly designed firewall can degrade speed and security.
• Dynamic routing is a setting that has long been thought to be a poor idea to activate. Some businesses
keep it enabled, resulting in a weakness in their firewall security.
• A Lack of Deep Packet Inspection: Layer 7 (or "deep packet") inspection will be used by next-generation
firewalls to investigate the contents of information packets. Less experienced Before accepting or
rejecting a data packet, firewalls may merely examine its point of origin and destination.
• DDoS Attacks: DDoS assaults are intended to overload a defender's resources, resulting in a shutdown
or extended incapacity to provide services. Protocol assaults deplete the resources of firewalls and load
balancers, preventing them from processing legal traffic. Although firewalls cannot protect your network
from all attacks, they may be an important component of a cybersecurity plan.
IDS:
• They Will Not Prevent Incidents by Themselves: An intrusion detection system (IDS) does not hinder
or prevent assaults; rather, it aids in their detection.
• An Experienced Engineer Is Needed to Administer Them: An intrusion detection system (IDS) is
valuable for network monitoring, but its value is entirely dependent on what you do with the information
it provides.
• They Do Not Process Encrypted Packets: Because an IDS cannot see encrypted packets; attackers can
utilize them to gain access to the network.
• IP Packets Can Still Be Faked: An IDS reads the contents in an IP packet; however, the network
address can still be faked.
• False Positives Are Frequent: One important issue with intrusion detection systems is that they
frequently alert you to false positives. False positives are more common than real threats in many
situations.
• They Are Susceptible to Protocol Based Attacks: Protocol analyzer flaws, as well as incorrect data,
can cause a NIDS to crash.
• The Signature Library Needs to Be Continually Updated to Detect the Latest Threats

28 | P a g e
Show, using an example for each, how implementing a DMZ, static IP and NAT in a network can
improve Network Security (P4)

I. The aid of diagram DMZ

A demilitarized zone (DMZ) is a perimeter network that guards an organization's internal local area network
(LAN) against unauthorized traffic. (Anon., 2019)
These servers and resources are separated and have limited LAN access to guarantee that they can be
accessed through the internet but not the internal LAN. As a result, a DMZ strategy makes it more difficult
for a hacker to obtain direct internet access to an organization's data and internal systems. (Anon., 2019)

Figure 17. DMZ Diagram

PURPOSE OF DMZ: The DMZ Network exists to safeguard the hosts that are most vulnerable to assault.
These hosts often provide services to users outside of the local area network, with email, web servers, and
DNS servers being the most popular examples. They are put in the monitored subnetwork to assist safeguard
the remainder of the network if they get hacked due to the heightened risk of attack.
BENEFITS OF USING DMZ: (Lutkevich, 2018)
• Access control: The DMZ network controls access to services that are accessible via the internet but
are not within an organization's network perimeters. It also introduces network segmentation, which
raises the number of barriers a user must overcome before obtaining access to an organization's private
network.

29 | P a g e
• Network reconnaissance prevention: A DMZ also prevents an attacker from scouting perspective
targets within the network. Even if a system in the DMZ is hacked, internal firewall protects the private
network and keeps it separate from the DMZ. This configuration makes aggressive external
reconnaissance more difficult.
• Protection against Internet Protocol (IP) spoofing: In certain situations, attackers attempt to
circumvent access control limitations by spoofing a permitted IP address in order to mimic another
network device. A DMZ can thwart possible IP spoofers while another service on the network checks
the authenticity of the IP address by verifying whether it is accessible.

II. The aid of diagram static IP

Static IP addresses (also known as fixed or dedicated IP addresses) do not change their addresses. Once a
device is issued a static IP address, that number is generally retained as the device's internet identity until
the device is retired or the network architecture is changed. In most situations, devices having static IP
addresses are servers and other critical equipment, and the static IP address makes them simpler to locate
and interact with. (Anon., 2020)

Figure 18. Static IP diagram

BENEFITS OF STATIC IP: (Gaille, 2018)
• You have better name resolution across the internet
• It may provide a better level of protection

30 | P a g e
• There are reduced lapses in connection
• Your download and upload speeds tend to be faster
• It gives you remote access
• You have access to accurate geolocation data
• It reduces the risk of losing an important message
• You will find it easier to locate shared devices

III. The aid of diagram NAT

Network Address Translation (NAT) is intended to save IP addresses. It enables private IP networks to
connect to the Internet using unregistered IP addresses. Before packets are sent to another network, NAT
acts on a router, generally linking two networks, and converts private (not globally unique) addresses in the
internal network into lawful ones. (Anon., 2020)

Figure 19. NAT Diagram

NAT, in essence, allows a single device, such as a router, to function as an agent between the Internet (or
public network) and a local network (or private network), implying that just a single unique IP address is
necessary to represent an entire group of machines to anyone outside their network. (Anon., 2020)
BENEFITS OF NAT: (Anon., 2018)
• The primary benefit of NAT (Network Address Translation) is that it prevents the exhaustion of IPv4
addresses.

31 | P a g e
• NAT (Network Address Translation) can offer another degree of protection by concealing the original
source and destination addresses.
• When connecting to the public Internet, NAT (Network Address Translation) allows for greater freedom.
• NAT (Network Address Translation) enables you to utilize your own private IPv4 addressing system
while preventing internal address changes if your service provider changes.

References

Anon., 2017. Law Insider. [Online] Available at: https://www.lawinsider.com/ [Accessed 9 April 2022].
Anon., 2017. Techopedia. [Online] Available at: https://www.techopedia.com/ [Accessed 9 April 2022].
Anon., 2018. Omnisecu. [Online] Available at: https://www.omnisecu.com [Accessed 9 April 2022].
Anon., 2019. DNS Stuff. [Online] Available at: https://www.dnsstuff.com [Accessed 9 April 2022].
Anon., 2019. Force Point. [Online] Available at: https://www.forcepoint.com/ [Accessed 9 April 2022].
Anon., 2019. Fortinet. [Online] Available at: https://www.fortinet.com/ [Accessed 9 April 2022].
Anon., 2019. N-Able. [Online] Available at: https://www.n-able.com/ [Accessed 9 April 2022].
Anon., 2019. Online Degrees. [Online] Available at: https://onlinedegrees.und.edu/ [Accessed 9 April
2022].
Anon., 2020. Cisco. [Online] Available at: https://www.cisco.com/ [Accessed 9 April 2022].
Anon., 2020. FTC. [Online] Available at: https://www.ftc.net/ [Accessed 9 April 2022].
Anon., 2020. Paloalto Networks. [Online] Available at: https://www.paloaltonetworks.com [Accessed 9
April 2022].
Anon., 2020. Veritas. [Online] Available at: https://www.veritas.com/ [Accessed 9 April 2022].
Empey, C., 2018. Blog Avast. [Online] Available at: https://blog.avast.com/ [[Accessed 9 April 2022].
Gaille, B., 2018. Brandon Gaille. [Online] Available at: https://brandongaille.com/ [Accessed 9 April 2022].
Kirk, C., 2020. LIGHT EDGE. [Online] Available at: https://www.lightedge.com/ [Accessed 9 April 2022].
Lutkevich, B., 2018. Search Security. [Online] Available at: https://searchsecurity.techtarget.com/
[Accessed 9 April 2022].
Lutkevich, B., n.d. Search Security. [Online] Available at: https://searchsecurity.techtarget.com/ [Accessed
9 April 2022].
Nathan, S., 2020. Teceze. [Online] Available at: https://www.teceze.com/ [Accessed 9 April 2022].

32 | P a g e
Novinson, M., 2021. CRN. [Online] Available at: https://www.crn.com/ [Accessed 9 April 2022].
Roor, M., n.d. Hitech Whizz. [Online] Available at: https://www.hitechwhizz.com/ [Accessed 9 April 2022].

33 | P a g e