Dwayne Fritz

Section A Scenario Question 1 – CYBER Solutions Fundamental Principles and Characteristics of a Network that can be Expanded and Remain Secure + Modern Firewalls: Firewalls are crucial network security components that prevent unauthorized access from outside their networks. A firewall is network security device that monitors outgoing and incoming network traffic and decides whether to allow or block specific data packets based on a set of security rules. They may be set to allow deep packet inspection, intrusion prevention and application control. The use of newer generation firewalls (NGFWs) with built-in threat intelligence available on the internet helps mitigate risks since the attack surfaces are always updated. + Network Encryption: Encryption of data at both rest and transit stage is a necessity in safeguarding sensitive information against data breach. The use of TLS/SSL on data in motion while AES infrastructure is utilized on data at rest even if a third party intercepts the information, it cannot be fathomed by unauthorized individuals. In particularly extreme cases, end-to-end encryption may also be utilized between two client-server communications. + Secure Access Management Techniques: Strong access control techniques such as multi-factor authentication (MFA) and role-based access control (RBAC) are also implemented to protect the sensitive information and critical network infrastructures from unauthorized individuals. MFA provides additional security by requiring users to present several pieces of evidence of their identity, whereas RBAC only allows users to access information depending on their role in the organization. + Virtual Private Networks (VPNs): VPNs are employed to provide a secure perimeter for remote users by encrypting the tunnel for users connecting to the company’s network. This is of particular relevance as the organization now begins to use cloud platforms and collaborative applications that need offsite access. Network Infrastructure Design’s Scalable and Flexible Approaches to Network Architecture + Cloud Infrastructure Deployment: In the face of growing network user and device demands, the use of on-demand resources is made possible through the use of cloud infrastructure, which eliminates the need for many additional users and devices. Limitation on computing resources is no longer an issue with cloudbased services because resources can be increased or decreased depending on the needs at hand. This minimizes the requirements for heavy capital expenditure to be incurred on purchasing hardware and enables quick adjustments to be made to the changing demands of the business.(Taylor,M. 2024). + Use Software-Based Networking (SDN): In SDN, the control plane is decoupled from the data plane which allows management of the network functionalities to be centralized as well as reconfiguring the network when necessary. Traffic management becomes more effective, security measures are easier to put in place, and smaller scope of time is required for meeting changes. Just like in its application for voice networks, traffic management in SDN helps in enhancing reliability and performance of networks by eliminating delays and congestion. These tenets, as well as technological advances, assure secure, scalable, and robust networks, enabling the growth of CYBER Solutions and safeguarding vital data from both inside and outside dangers. Question 2 2.1.) Detection and Enumeration of Risks + a.) Inside Threats: − Malicious Or Unintentional Employees: Such employees sometimes compromise company’s security and pose as threats. This may result from poor training exercised or knowledge or awareness of the existing security policies. − Vulnerable System: Running unpatched or outdated software exposes the network to potential exploits and malware invasion. − Poor Password Practices: Lack of password strength requirements increases a risk of unauthorized access.(Admin. Updated Jul 17, 2024) + Outside Threats: − Attacks on Information Systems: These are threats such as phishing techniques or denial of service attacks or infection of the network by viruses. − Risks from Provisioned Services: Internet facing services, such as bare ports, can be a target for an attacker. − Risks Arising from Alliances: Working with other businesses presents challenges if their measures are weak. + b.) External Vulnerabilities and Consequences Examples − Phishing: In this kind of attack, hackers send fake emails/ messages to employees requesting details and subsequently stealing data from the organization. − Impact – The communication and ethical aspect of the business becomes compromised, hence the likelihood of financial loss and tarnishing of the image. − DDoS: Distributed denial of service attack works by ranking the devices that attack a network the most and causing disruptions in service of the targeted devices. − Impact: This leads to instability of the network and hence prolonged downtimes translating to losses in the business and loss of confidence in clients. (Hain, F. 2024) − Exploited Software Vulnerabilities: Hackers have access to the system through the applications and all other attacks take place as a result of the vulnerability in the installations. − Impact: Tampering with the organization’s network and breach of the sensitive's database leading to loss or exposure of data stored within the system’s database. (Awasthi, K. 2024) 2.2.) Approach to Evaluating and Reducing Risks + Study of the Strategy − Violence has been cyber added analysis and vulnerability check: After using a security audit put into frequent practice; utilize automatic vulnerability scanners like Nessus or OpenVAS for monitoring the arising security issues. − Ethical Hacking: Do-ones consisting attacks few times in a year initiative by professional hackers to…well, do hacks, in order to find where the problems are before the real hackers get to them. − Fixing Dosages: Doing effective dosages using the process…how do you say? Rapid and new obligation of solving out any old risk suites that every other printer has updated to. − Awareness of the staff: Security challenges posed through shifts such as information disclosure through phishing social engineering attacks … sponsoring ongoing cyber threats programs with best practices strategies proves difficult. − Access Controls: Loosening the access controls should be done such that there is multi - factor authentication MFA, and user permission access is controlled more stringently and reevaluated oftentimes after role changes. + Prioritization − Patching: Fixing the software bug that destabilizes the performance of a given system needs to be the greatest concern. Putting off update performs a great health danger and should be patched on every existing loophole for enhanced security. − Employee Training: Making sure that employees understand the importance of abiding by security measures that are put in place mitigates several threats especially internal ones. The need for frequent training should be given utmost priority in order to enhance security. If these steps are taken, expansion of security posture resolution by CYBER Solutions becomes possible with guaranteed stability of the large network infrastructure. Question 3 Employee Training Program 3.1.a Importance of Employee Training Awareness: Employees are educated about different types of cyber security threats that makes them capable of understanding and mitigating risks. Best Practices: Training creates a culture of best practices that greatly minimizes chances of a breach occurring such as use of strong passwords and avoiding phishing. Compliance: Most of the industries have limits on the provided services and are legally bound to provide a cyber security training program. Compliance to these including cessation of such services ensures getting rid of risk exposure and fines. 3.1.b Preventing Security Breaches Security breaches can be mitigated through employee training in: Phishing Attack Recognition: Employees will be able to spot phishing attacks via email, and hence will not be exposing their user credentials or downloading harmful software. Password Protection: Training of employees on the need of using strong unique passwords will help eliminate chances of unauthorized intrusions. Internet Safety: Educating employees on the dangers of visiting certain websites or downloading files will aid in avoiding malware infections. 3.1.c Effective Training Sessions Some effective training sessions for CYBER Solutions may include: Phishing Attacks: Regularly sending fake phishing attacks to employees’ email so as to enable them differentiate between the real attacks and the threats. Hands-on Training: Updating people on how to make strong passwords and browse responsibly. E-Learning Modules: CIBER training packages offered on the intranet, for self-study. 3.2 Fostering a Culture of Security Awareness 3.2.a Mitigating Internal Threats Mitigate Internal Threat: Employees who are more aware are less at risk of social engineering or making unsafe slips. Improve Network Security: Periodic reinforcement helps prevent knowledge and practice deterioration by employees, thereby increasing overall network security. 3.2.b Evaluating Effectiveness and Influence of Employees Outcomes Of Phishing Simulation: Timewise, assessing the number of employees who correlate with a phishing simulation and leave the test ‘sky phishing’ – with no effects. Such as: If the revisited testing sees a considerable reduction of licentious clicking on pseudo phishing hyperlinks, there has been more effectiveness in consciousness raising. Surveys and gratification: Do not forget to include employees in regular research to find out whether they understand the issues and feel ready to apply their knowledge. For instance: More favorable ratings in the questionnaires and enthusiastic comments on the learning sessions demonstrate that learning has indeed taken place. Educated employees are not only the assets of the company but also act as the barrier to the attacks by: Reporting Suspicious Activity: Breaches may be averted by rapid recognition and escalation of threats. Following Security Policies: Best practices and security policies are observed terminologically reducing the chances of any internal motivations. Question 4-Byte Solutions Wireless Network Troubleshooting Guide Byte Solutions Wireless Network Troubleshooting Guide PE. 2023.Z7Y6M4 11/01/2024 Introduction The presence of a dependable wireless network is of utmost importance in the corporate environment because it aids in increasing productivity, enhancing communication that is real-time in nature, and transferring data. This manual for troubleshooting aims at helping users in the identification of the problems and their solutions on a wireless network. This will ensure that the network at Byte Solutions is stable, secure, and performs excellently. Key Goals: Recognize common issues experienced within a network and present working solutions. Defend the network and safeguard against exposure. Always ensure that the network is on high speed and the connection is stable. Network Overview The wireless network infrastructure at Byte Solutions consists ofAccess Points (APs): These are used for wireless signal transmission to devices. Routers: These are responsible for traffic between local networks and the internet. Switches: They connect many devices to facilitate communication among them. Network Management Tools: Performance and security of the network are ensured through tools like access control, and network monitoring software. They support each other to guarantee effective and secure wireless communication thus smooth running of various departments and devices of the company. Troubleshooting Steps Step 1: Initial Assessment Check Physical Connections: Properly connect all cables to Routers, Switches and Access Points. Device Status Check: Verify that each network device’s status light is on to indicate operational status. Restart Devices: Switch off the power supply to routers, switches, and access points and turn them on after a while to fix minor problems. Step 2: Connectivity Issues Check Signal Strength: Employ network management weaponry to gauge signal strength and look for patches with a great density of weak signals. Reduce Interference: Position access points in areas less likely to be affected by interference such as in one would place a microwave or other electronics. Verify Authentication Settings: Check that all devices are configured with the right Wi-Fi information and confirm that the authentication server is not down. Step 3: Security Concerns Identify Unauthorized Access: Make use of the network monitoring tools to determine and expunge interference devices. Check Encryption Settings: Petersen A. confirmed that WPA3 encryption was active in order to provide data security. Update Passwords: Wi-Fi passwords should not only be changeable after some time but also, they should be advanced to avoid intruder accessibility. Step 4: Speed and Performance Diagnose Bandwidth Usage: Employ these tools for bandwidth management to probe into the data used for all devices and the performance of each device in the network. Optimize Channels: Access points should be deployed in such a manner that they transmit on channels that do not interconnect in order to reduce interference. Upgrade Hardware: Consider replacing the existing network appliances with more advanced ones that allow for greater capacity in terms of speed and devices when the present ones installed cannot cope. Conclusion At a high level, ensuring that the wireless network at Byte Solutions remains fast and safe encompasses constant checks and repairing any faults with connection and security as well as optimizing output and performance. Periodic maintenance of the network and training of employees on the best practices helps to eliminate such problems and facilitates smooth functioning of the network. Admin. (2024). Understanding Internal and External Vulnerability Scans. Retrieved from https://cyrisma.com/understanding-internal-and-external-vulnerability-scans/ Building a Scalable Network Infrastructure. (n.d.). Retrieved from https://www.networkpoppins.com/blog/building-a-scalable-network-infrastructure Netseccloud.com. (n.d.). Five Important Network Design Principles. Retrieved from https://netseccloud.com/five-important-network-design-principles The Essential Network Security Principles for IT Leaders: Designing a Robust Security Program. (2024). Retrieved from https://www.catonetworks.com/networksecurity/principles/ Scalability and Resiliency of Networks. Retrieved from https://www.123.net/blog/scalability-and-resiliency-of-networks-architecting-forthe-digital-age/ Admin. (2024). Understood Internal and External Vulnerabilities and Scans. Retrieved fromhttps://cyrisma.com/understanding-internal-and-external-vulnerability-scans/ Awasthi, K. (2024). Common Network Vulnerabilities and Threats Explained. Retrieved from.https://fidelissecurity.com/threatgeek/network-security/common-networkvulnerabilities-and-threats/ 7 Most Common Types of Cyber Vulnerabilities. (n.d). Retrieved from.https://www.crowdstrike.com/en-us/cybersecurity101/cybersecurity/network-security/ Hain, F. (2024). network Vulnerabilities Assessment: Benefits & Steps. Retrieved from.https://www.ionix.io/blog/network-vulnerabilities-assessment-benefitssteps/ Why Employees Cybersecurity Awareness Training Is Important. (2022). Retrieved from.https://www.cisecurity.org/insights/blog/why-employee-cybersecurityawareness-training-is-important