User Account

All Pages

Implement secure encryption technologies

Assignment Help Computer Network Security
Reference no: EM133691730

Implement Secure Encryption Technologies

ASSESSMENT 1

Task -1 Report Writing
This assessment requires you to research emerging encryption technologies for an Enterprise Network. This enterprise network has a range of devices such as:

• End-User PC with a range of Operating systems like Windows, macOS and Linux.
• Mobile devices as Android and iPhone.
• Server Infrastructure with Active Directory Domain Services, web server, DNS and more.
• Wireless Infrastructure and devices
Considering these devices during the research and write a report fully describing a range of emerging encryption techniques applicable to these settings including the cost, strength, impact on the user and resources. The report must address the following technology but not limited to:
• Introduction to encryption and its type
• Symmetric Encryption and its usage comparing AES, DES, triple DES, Blowfish
• Asymmetric Encryption and its usage in Enterprise Industry
• File encryption system in Enterprise Industry.
• Use of public key, private key, hash key, public key infrastructure, PGP or GnuPG
• Certificates and infrastructure including digital certificates, timestamps.

Task -2 Case Study

You have been recently Hired in Ford Pty Ltd, Brisbane to provide external Networking and Security Support. The IT manager of this company has tasked you to analyze encryption and security aspects of the Company, loopholes (if present) and different standards being used in the company.

Part A- Analyze enterprise data security requirements.

Moving forward to determine the encryption methods, you have arranged a meeting with the IT manager and other key stakeholders. Being a security specialist, your main goal of this meeting is to analyze enterprise data security requirements.

To determine the requirements of the client to secure the data make a list of questions you will discuss in the meeting. Enlist different types of question (open, closed and probing).

Part B- Review and Assess different encryption methods.

Question 1
After the analysis of the Wireless Network, you discovered that most Wireless Connections are using WEP standard. Being hired as Network and Security Support Officer what encryption standard will you suggest to the IT Manager so that wireless connection will be Secure.

You are required to compare different standards, cost, the strength of the standards and suggest the most secure wireless standard to the IT Manager.

Question 2
During the analysis you figured out different security threats and their sources including eavesdropping, data interception, data corruption, data falsification and authentication issues as less secure protocol as HTTP, telnet are being used. These are very critical organizational problems.

What suggestion/s will you give to minimize these problems? Include secure protocols for web, file transfer and remote management.

Question 3
In the meeting with the IT Manager, he mentioned encrypting the Hard Drive and files in the Laptop issued to the staff and enabling remote wiping feature so that if the Laptop is lost confidential data will not be exposed. He also wants to encrypt the email. But he is not sure how effective this will be, how can it affect the users work. Being a Network Security specialist explain each case to IT Manager in the Confidentiality, Integrity and Accountability aspects and suggest encryption methods.

Question 4

Most of the operating systems in Ford Pty Ltd is Windows 7. By default, in Windows 7 in the Internet option, TLS 1.0 is enabled. But this version of the TLS is vulnerable to man in the middle attack. Pointing out this vulnerability in the Internet option suggests newer encryption standard to the client.

Question 5
Summarize and document the finding from the scenarios (Q1-Q4). Forward this finding to your IT Manager.

ASSESSMENT 2

Task -1 Implement the encryption system.
In this task, you are required to implement encryption. After implementing an encryption system, you are required to inform the user and inform them about the impact on their daily tasks and responsibilities.

Part A - Determine encryption methods.

In this part, you are required to analyze the data security requirement in the Enterprise network to determine the encryption methods, rank them, and assess the cost of implementation.

Complete the following questions to determine the encryption methods.

Question 1

a) Discuss the data security requirement for in the enterprise network.

b) Discuss what kind of data needs to be protected; how can these data be protected. Summarize your findings.

Question 2
Research different encryption options that are available, find out their cost and basic functionality of these options and summarize them.

Question 3
Suggest the encryption options to your IT Manager with proper documentation.
Make a proper document and procedure for:
• Encrypting a Word file
• Encrypting File System
• BitLocker
• PGP for Desktop
• Use of secure protocols as HTTPS, SSH, TLS1.2 and so on

Part B - Create a security plan and policy.

You have recently forwarded the summarized version of encryption options you have suggested to your IT Manager. In the response of this, your IT Manager has provided a Template for security plan and policy regarding encryption methods to be used. You have been asked to make an extract of the security plan and policy following the given template.

Complete the security plan and policies in the template below.

Part B - Create a security plan and policy.

You have recently forwarded the summarized version of encryption options you have suggested to your IT Manager. In the response of this, your IT Manager has provided a Template for security plan and policy regarding encryption methods to be used. You have been asked to make an extract of the security plan and policy following the given template.

Complete the security plan and policies in the template below.

Information Security Policy and Standards: Data Encryption
Purpose:
This document provides Ford Pty Ltd. with the information required to effectively and efficiently plan, prepare and deploy encryption solutions to secure Legally/Contractually Restricted Information.
The focus is on providing a range of tools for the most common systems that are likely to be deployed in enterprise environments which store, transmit or process Sensitive and Personal Data.
When properly implemented, encryption provides an enhanced level of assurance that the data, while encrypted, cannot be viewed or otherwise discovered by unauthorized parties in the event of theft, loss or interception.
Audience:
• All Faculty and Staff
• All contractors, vendors and any others (including 3rd parties)
Policy Statement:
All the business functions are required to deploy Industry-approved encryption solutions to preserve the confidentiality and integrity of, and control accessibility to, University data classified as "Legally/Contractually Restricted" where this data is processed, stored or transmitted.
Policy/Procedures:
Encryption Products
The value of the data that requires protection and the system storing the data need to be considered carefully. Physical security refers to being able to control access to the system's storage media. All encryption methods detailed in these guidelines are applicable to desktop and mobile systems.
A defense in depth approach is recommended when evaluating and deploying encryption products. In an ideal situation, full disk and/or boot disk encryption would be combined with file/folder encryption in order to provide two "layers" of encryption to protect data in the event the first layer is compromised. This typically involves a combination of boot/full disk encryption and file/folder encryption.
Commercial operating systems such as Windows and Mac OS X provide integrated encryption solutions at no additional cost.

Boot Disk Encryption
• Scenario:
• Remarks:
• Product(s):
• OS-Integrated Product(s):
• Preferred Product(s):
Wireless Network Encryption
• Scenario:
• Remarks:
• Product(s):
• OS-Integrated Product(s):
• Preferred Product(s):
Email Encryption
• Scenario:
This allow messages and attachments to be sent in an encrypted form transparent to the user. This is most appropriate for departments whose users require frequent and regular encryption of email communications.
• Remarks: This encryption will encrypt every email. So, this standard is not compulsory for every department.
• Product(s): PGP Desktop
• OS-Integrated Product(s): Not Available
• Preferred Products: PGP Desktop
External Devices Encryption
• Scenario:
• Remarks:
• Product(s):
• OS-Integrated Product(s):
• Preferred Product(s):
File and FolderEncryption
• Scenario:
• Remarks:
• Product(s):
• OS-Integrated Product(s):
• Preferred Product(s):
Full Disk Encryption
• Scenario:
• Remarks:
• Product(s):
• OS-Integrated Product(s):
• Preferred Product(s):
Mobile Device Encryption
• Scenario:
• Remarks:
• OS-Integrated Product(s):
Transport-Level Encryption
• Scenario:
• Remarks:
• Product(s):
• OS-Integrated Product(s):
• Preferred Product(s):
Use of secure protocol
• Scenario:
• Remarks:
• Product(s):
• OS-Integrated Product(s):
• Preferred Product(s):

Forms/Instructions
Step 1 - Data Classification.
<Write how data can be classified and its level?>
Step 2 - Product Selection & Implementation
<What must be considered before selecting and implementing encryption?>
Step 3 - Key Creation and Management
<Procedure of Key Creation, Management and Recovery>
Step 4 - Document any Known Issues and their Resolution.
<Write how and what should be documented?>
Date:
Original Issue Date:
August 2023

Part C - Deploy encryption system.

In this part, you are required to deploy an encryption system. Some of the technologies that can be deployed are:
• Encrypting a Word file
• Encrypting File System
• BitLocker
• PGP for Desktop
• Use of secure protocols as HTTPS, SSH, TLS1.2 and so on
Note: Before installing PGP for desktop and encrypting the full hard drive you must analyze the Boot Time, CPU and GPU performance of user Desktop without the encryption. To analyze this, you can refer to Part D of this Task.

Part D - Analyze effect of encryption.
Analyze the following parameters to see the effect of encryption technologies before and after applying the encryption technologies:

Part E - Inform the user about the recent implementation.
In this part, you are required to inform the user of the recent policy and recent deployment of encryption methods.

You can draft an email to be sent to all the staff informing encryption options and policy. In your email mention to report the issues and compromises caused due to recent implementation to help desk.

Task-2 Monitor and document encryption.
In this Task you must verify, monitor and document encryption technologies and issues if present.

Part A - Verify the functionality of encryption.
In this part, you are required to verify the functionality and performance of each deployed encryption system.
Encryption can be verified as:
• Using Wireshark to verify communication is encrypted.
• Check Bit locker is Turned on or off.
• Go inside PGP to Verify the encryption and more.
• Verify the use of TLS 1.2

Part B - Review and solve any issues.
In this part you are required to review the help desk record, logs for related issues and compromises, document the issue with a resolution for future reference and notify the appropriate user with the solution to the problem.

Question 1
As the part of reviewing encryption-related issue two of the user has created the ticket mentioning their system has been slow since the encryption has been implemented. Review the helpdesk record and log. Locate those two tickets in Help Desk Record and copy the issue with the Ticket number.

Question 2
Earlier after the implementation of the Encryption, you have analyzed there would be slow performance and high memory usage because of the encryption. You tracked the user Desktop and reviewed hardware configuration. Only these two users had 2 GB of RAM and HDD installed.
Document the issue, cause and solution for future reference.

Question 2
Earlier after the implementation of the Encryption, you have analyzed there would be slow performance and high memory usage because of the encryption. You tracked the user Desktop and reviewed hardware configuration. Only these two users had 2 GB of RAM and HDD installed.
Document the issue, cause and solution for future reference.

 

Reference no: EM133691730

Questions Cloud

Roles of the us intelligence community : Elaborate on how the roles of the U.S. intelligence community evolved since the end of the Cold War after the Berlin Wall fell in 1989 to September 11, 2001.
What be used to store values for items that will be defined : When starting to think about the logic of a program, what should be used to store values for items that will be defined and used in the program?
What are network security attacks : Manage Network Security - Explain the purpose of special hardware and software solutions like intrusion detection systems (IDS) to secure computer networks
Create a post defining at least two surveillance methods : Create an initial post defining at least two surveillance methods using the reading from this module or outside sources.
Implement secure encryption technologies : Implement Secure Encryption Technologies - analyze the data security requirement in the Enterprise network to determine the encryption methods, rank them
Comparing texas penal code and minnesota penal codes : Comparing Texas Penal Code and Minnesota Penal Codes, when can police use force and how much?
What do you think that means : Are the results from using Google Scholar different than the regular Google search you did for question 2 or the same? What do you think that means?
Do you think people are born prone to criminality : Do you think people are born prone to criminality? If someone was making the argument that people are born criminals.
Evaluate economic and political influences : Produce two reports that evaluate economic and political influences on public and commercial enterprises that provide services in networking markets

Reviews

Write a Review

Computer Network Security Questions & Answers

  Integrating security into change management

Explain the mission of this project to introduce change management at the hospital. What are you hoping to accomplish and improve?

  What are service level agreements

What are Service Level Agreements (SLAs) and why are they a critical component of any IT Outsourcing agreements?

  What security vulnerabilities and threats can you see

What security vulnerabilities and threats can you see? What measures would you put in place to remove or minimize the vulnerabilities - Choose all the necessary and suitable MAC address, IP address for interfaces and port addresses implied by the a..

  What are the most significant threats to your data

What is cyber security, and what are some of its key concepts and what are the most significant threats to your data, and what are some of the root causes of those threats - are cyber criminals a real danger to your enterprise? Why or why not?

  What is a honeypot

How has honeypots been used in the field of national security?

  Define different types of cyber attacks on an organization

Question: Describe and define the different types of Cyber attacks on an Organization with real examples.

  Provide network layout showing all components of rps network

Provide a network layout (network diagram) showing all the components of RPS network including both firewalls, the email and web servers, the DMZ, and all the internal hosts

  Developing a brief forensics data collection plan

For this discussion, our focus will be on developing a brief forensics data collection plan to be used during a Red Team exercise.

  Protect the system from these procedural attacks

Summarise the procedures and tools hackers use for information gathering, target systems scanning, back-door opening and log-file clean-up. Alternatively, give an account of a hacker story from a technical perspective, including the tools employed..

  ICT379 Security Architectures Assignment

ICT379 Security Architectures Assignment Help and Solution. Discuss the core security mechanisms Windows implements to prevent the attacker achieving that goal

  Define ethics for the information age

Define ethics for the information age; cite your sources. You may use any original works but may not discuss your answers with fellow classmates.

  Write a paper on operating system security issue

Write a paper addressing a course-related topic, such as operating system security issue, such as hardening, malware removal, establishing proper policies and permissions, protection against network threats, etc

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd