Professional Documents
Culture Documents
Mohammad Munem Sarwar L5DC NSC NCP Ai
Mohammad Munem Sarwar L5DC NSC NCP Ai
L5DC NSC
Daffodil Institute of IT
Document Details
Submission ID
trn:oid:::2:769251904 11 Pages
Download Date
File Name
196750_MOHAMMAD_MUNEM_SARWAR_L5DC_NSC_NCP.docx
File Size
147.1 KB
67%
Caution: Percentage may not indicate academic misconduct. Review required.
Our testing has found that there is a higher incidence of false positives when the percentage is less than 20. In order to reduce the
likelihood of misinterpretation, the AI indicator will display an asterisk for percentages less than 20 to call attention to the fact that
the score is less reliable.
However, the final decision on whether any misconduct has occurred rests with the reviewer/instructor. They should use the
percentage as a means to start a formative conversation with their student and/or use it to examine the submitted assignment in
greater detail according to their school's policies.
Non-qualifying text, such as bullet points, annotated bibliographies, etc., will not be processed and can create disparity between the submission highlights and the
percentage shown.
In a longer document with a mix of authentic writing and AI generated text, it can be difficult to exactly determine where the AI writing begins and original writing
ends, but our model should give you a reliable guide to start conversations with the submitting student.
Disclaimer
Our AI writing assessment is designed to help educators identify text that might be prepared by a generative AI tool. Our AI writing assessment may not always be accurate (it may misidentify
both human and AI-generated text) so it should not be used as the sole basis for adverse actions against a student. It takes further scrutiny and human judgment in conjunction with an
organization's application of its specific academic policies to determine whether any academic misconduct has occurred.
Task 1:
a) After reading and analyzing the scenario, the identification of the 5 most important
electronically held information by the EcoMart are justified below:
❖ Customer Information Database: The fact that this asset holds the personal and
payment information of clients makes it a very important asset. It is possible that if
the security is breached, there could be immediate financial repercussions as well
as a loss of trust from customers, which will result in harm to EcoMart's reputation
as well as possible legal liabilities. When it comes to identity theft or financial fraud,
it is quite beneficial to those who commit these crimes.
❖ E-commerce Website Database: The website serves as the main platform for
interacting with customers, where it displays product catalogs, descriptions, and
reviews. Any interruption or compromise of data might result in a decline in sales
and consumer discontent. Additionally, it encompasses backend data that is
crucial for the operation of the e-commerce platform.
MOHAMMAD_MUNEM_SARWAR_P00196750_NSC
b)
Likelihoo
Asset Threat CIA? d Impact Risk
Customer Information
Database Phishing Attack C,I Medium High High
E-commerce Website
Database DDoS Attack A Medium High High
Employee Payroll
Information Insider Threat C Low High Medium
Intellectual Property
Digital Product Repository Theft C,I Medium High High
Unauthorized
Distribution C,I Medium High High
2|Page
Page 4 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
Page 5 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
MOHAMMAD_MUNEM_SARWAR_P00196750_NSC
Task 2:
Based on the above situation, we will now examine the security measures that might
reduce the identified risks.
Security Implementation:
High Availability: Implement a High Availability setup that enables automatic switching
to a backup server in case the main server has a failure. Threat: Employee Theft
Security Implementation:
Access Control: Enforce the use of role-based access control (RBAC) to restrict access
to sensitive data to only authorized workers.
User Activity Monitoring: Implement systems that actively monitor and record user
actions to identify and investigate instances of illegal access or suspicious conduct.
Encryption: Guarantee that confidential information is encoded while stored and during
transmission to prevent unauthorized access, even if the data is intercepted.
Security Implementation:
3|Page
Page 5 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
Page 6 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
MOHAMMAD_MUNEM_SARWAR_P00196750_NSC
Firewall and Intrusion Detection Systems (IDS): Utilize a web application firewall
(WAF) and intrusion detection systems (IDS) to oversee and prevent harmful network
traffic.
Regular Security Audits and Penetration Testing: Perform routine security audits and
penetration testing to detect and address problems.
Security Implementation:
Secure Access: When sending and receiving files from NAS devices, use secure
protocols like Secure File Transfer Protocol (SFTP) rather than FTP.
Security Implementation:
Data Validation: Prevent SQL injection and other types of data corruption by
implementing input validation tests for data.
QNAP NAS Vulnerabilities: There have been several security issues with QNAP NAS
equipment in the past, such as ransomware and illegal access. Issues with inappropriate
access controls are exemplified by CVE-2021-28799.
Security Recommendations:
4|Page
Page 6 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
Page 7 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
MOHAMMAD_MUNEM_SARWAR_P00196750_NSC
Firmware Updates: Ensure that the firmware of the NAS is regularly updated to address
and minimize any known security weaknesses.
Disable Unnecessary Services: Disable services such as Telnet and FTP if they are not
being used, or substitute them with more secure options such as SSH and SFTP.
Security Recommendations:
Regular Updates: Maintain the plugin's currency by installing the most recent security
updates.
Code Review and Testing: Conduct code review and testing to detect vulnerabilities in
the plugin before they may be maliciously exploited.
Countermeasures:
Encryption: Utilize email encryption to safeguard the contents from potential interception.
One-time Links: Incorporate links that automatically expire after being accessed once
to safeguard against unwanted downloading in the event of interception.
Risk: Phishing
Countermeasures:
5|Page
Page 7 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
Page 8 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
MOHAMMAD_MUNEM_SARWAR_P00196750_NSC
Email Authentication: Employ DMARC, DKIM, and SPF protocols to verify the
authenticity of emails and deter spoofing.
Task 3:
A Virtual Private Network (VPN) makes a safe, protected link over a less safe network,
like the internet. The most important parts of a VPN are:
Encryption: This makes sure that anyone who gets a hold of the data sent between the
faraway user and the company network can't read it.
Authentication: VPNs need authentication to make sure that the people or machines
trying to connect to the network are who they say they are.
Data Integrity: VPNs can check to see if data has been changed while it's being sent
and received, making sure that what was sent and received are the same.
Secure Remote Access: Employees may safely access the e-commerce website and
NAS from remote places, preventing the exposure of sensitive data over the internet.
Some types of VPN links that could work for EcoMart are:
Site-to-Site VPN: Because EcoMart may have more than one address, a site-to-site VPN
could safely connect the networks of these sites.
Remote Access VPN: A remote access VPN is helpful for employees who need to
connect to the company network from home.
6|Page
Page 8 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
Page 9 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
MOHAMMAD_MUNEM_SARWAR_P00196750_NSC
Firewalls prevent unauthorized access to private networks. They can be used with
hardware, software, or both. Firewalls check all network data, in and out, and make
decisions based on rules.
A Demilitarized Zone (DMZ) allows an untrusted network, such the internet, to access an
organization's public services. A DMZ protects an organization's LAN. Only DMZ
equipment may be directly accessed by an outside attacker.
Justification:
7|Page
Page 9 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
Page 10 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
MOHAMMAD_MUNEM_SARWAR_P00196750_NSC
To defend the network from internet threats, a firewall would be installed at the network's
edge. It would filter both incoming and outgoing data. To prevent attacks from the DMZ
from reaching the internal network, a second firewall would be installed. By encrypting
data and authenticating users, the VPN makes sure that remote access is safe. While
maintaining the security of the internal network, the DMZ grants public access to the
ecommerce site.
To improve the security of network services enabled on the NAS devices, consider the
following:
Firewalls: It is important to place NAS systems behind a firewall to regulate and restrict
access.
Access Controls: Enforce stringent access restrictions that adhere to the idea of granting
the minimum necessary privileges. Enable just essential services and restrict access to
those who need it.
Protocols: Disable obsolete and vulnerable protocols such as SMBv1 and FTP. Utilize
secure protocols such as SMBv3, SFTP, or SCP to transfer files.
Regular Updates: Ensure that the firmware and software of your NAS are regularly
updated to safeguard against known vulnerabilities.
Physical Security: Ensure that the Network Attached Storage (NAS) device is stored in
a safe location, to prevent any unwanted physical access.
8|Page
Page 10 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
Page 11 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
MOHAMMAD_MUNEM_SARWAR_P00196750_NSC
Task 4:
In order to ensure the ongoing efficacy of the security policies that have been put in place,
I would build a systematic and uninterrupted security management process. This process
would involve periodic updates, audits, training sessions, and real-time monitoring.
Regular Updates and Patch Management: Make sure that all systems, like the firmware
on your VPN and router, always have the most recent security fixes installed. Set up a
patch control program to make this process go more quickly.
Employee Training: Ensure that all workers, particularly those with managerial privileges,
get periodic security training to enable them to promptly identify and respond to security
risks.
Incident Response Plan: Develop and maintain an incident response strategy to ensure
prompt and efficient action in the event of a security breach. Incorporate routine exercises
to ensure that all team members has the necessary skills and knowledge.
9|Page
Page 11 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
Page 12 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
MOHAMMAD_MUNEM_SARWAR_P00196750_NSC
By incorporating these techniques into the day-to-day functioning of EcoMart, the security
tactics may be actively supervised to adjust to a changing threat environment.
Task 5:
I learned more about how hard it is to balance security measures with operational
efficiency as I thought about the task. Some problems came up when trying to find the
best security options that would work with EcoMart's design and not slow it down or make
it harder to use. To solve this problem, I did a lot of study on a variety of security options,
looking at things like how easy they are to integrate, how much they cost, and how
scalable they are.
1. Starting with a more thorough risk assessment that took into account feedback
from different areas to make sure that all possible threats were taken into account.
2. Putting more weight on solutions that strike a better balance between security and
user experience, possibly by looking into more case studies or examples from the
industry.
3. By giving people more time to look into other answers, more choices will be
available to EcoMart.
4. Improving contact with partners by giving them regular updates and making sure
their opinions were taken into account when decisions were being made.
10
Page 12 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
Page 13 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904
MOHAMMAD_MUNEM_SARWAR_P00196750_NSC
|Page
If I had to do it all over again, I would involve more people from the start and make sure
that the solutions were not only technically sound but also fit with the user needs and the
business's strategic goals.
References:
11
Page 13 of 13 - AI Writing Submission Submission ID trn:oid:::2:769251904