IT SECURITY AND POLICIES

Question No. 1 [3 marks] a) Document what type of identification is issued to students, faculty, staff, and visitors at your school. If possible, include pictures of these types of documentation. b) What are the different types of malware and how it is controlled? Question No. 2 [3 marks] a) Define the following access control management terminology: Term Definition 1.1 Access control 1.2 Cognitive-password 1.3 Default deny 1.4 Default allow 1.5 Least privilege b) Provide 3 parameters that form the basis of internet communications used by firewall device. c) Describe the four types of IDS/IPS. Question No. 3 [4 marks] Log data offer clues about activities that have unexpected and possibly harmful consequences. The following parsed and normalized firewall log entries indicate a possible malware infection and data exfiltration. The entries show a workstation making connections to Internet address 93.177.168.141 and receiving and sending data over TCP port 16115. 2 id=firewall sn=xxxxxxxxxxxx time=”2013-04-02 11:53:12 UTC” fw=255.255.255.1 pri=6 c=262144 m=98 msg=”Connection Opened” n=404916 src=10.1.1.1 (workstation) :49427:X0 dst=93.177.168.141 :16115:X1 proto=tcp/16115 id=firewall sn=xxxxxxxxxxxx time=”2013-04-02 11:53:29 UTC” fw=255.255.255.1 pri=6 c=1024 m=537 msg=”Connection Closed” n=539640 src=10.1.1.1 (workstation) :49427:X0 dst=93.177.168.141 :16115:X1 proto=tcp/16115 sent=735 rcvd=442 id=firewall sn=xxxxxxxxxxxx time=”2013-04-02 11:53:42 UTC” fw=255.255.255.1 pri=6 c=262144 m=98 msg=”Connection Opened” n=404949 src=10.1.1.1 (workstation) :49430:X0 dst=93.177.168.141 :16115:X1 proto=tcp/16115 id=firewall sn=xxxxxxxxxxxx time=”2013-04-02 11:54:30 UTC” fw=255.255.255.1 pri=6 c=1024 m=537 msg=”Connection Closed” n=539720 src=10.1.1.1 (workstation) :49430:X0 dst=93.177.168.141 :16115:X1 proto=tcp/16115 sent=9925 rcvd=639 a) Describe what is happening. b) Is the log information useful? Why or why not? c) Research the destination IP address (dst) and the protocol/port (proto) used for communication. d) Can you find any information that substantiates a malware infection and data exfiltration? e) What would you recommend as next steps?

Looking for a similar assignment? Our writers will offer you original work free from plagiarism. We follow the assignment instructions to the letter and always deliver on time. Be assured of a quality paper that will raise your grade. Order now and Get a 15% Discount! Use Coupon Code "Newclient"

Looking for a similar assignment? Our writers will offer you original work free from plagiarism. We follow the assignment instructions to the letter and always deliver on time. Be assured of a quality paper that will raise your grade. Order now and Get a 15% Discount! Use Coupon Code "Newclient"

ABOUT US

QUICK LINKS

WE ACCEPT

CONTACT US