1.Which architecture for deploying a firewall is most commonly used in businesses today? Why?
The most commonly used architecture for deploying a firewall is screened subnet firewalls (with DMZ). The DMZ or Demilitarised zone can be a dedicated port on the firewall device linking a single bastion host or it can be connected to screeened subnet. A common arrangement finds the subnet firewall consisting of two or more internal bastion hosts behind a packet filtering router, with each host protecting the trusted network. Connections from the outside or untrusted network are routed through an external filtering router. Connections from the outside or untrusted network are routed in to and then out of a routing firewall to the separate network segment known as the DMZ.
Screened subnet firewalls are the most commonly used architecteture for various reasons including that it provides flexibility especially for internet based applications, such as e-mail, Web services and e-commerce. It also allows servers that must be accessible to the interent while still protecting back office services on the secure internal network or intranet. The use of the DMZ can harden up the exposed servers by using security Tools and Checklists for server operating systems.
The subnet firewall rather than using only the packet-filtering router as the front door to the DMZ, a second firewall is added behind for further inspection of traffic. These features of a screened subnet firwall (with DMZ) are why it is the most commonly used architecture for deploying a firewall.
2.What are the reasons that VPN technology has become the dominant method for remote workers to connect to the organizational network?
A VPN is a private and secure network connection between systems that uses the data communication capability of an unsecured and public network. VPN's are commonly used to extend securely an organisation's internal network connections to remote locations beyond the trusted network.
Reasons why VPN technology has become the dominant method for remote workers to connect to the organisations network include that it allows employees to safely log into company networks from anywhere. It is extremely convinient for individuals who travel as they can stay connected to the to the corporate intranet over long distances. The VPN allows users to use public networks like the internet rather than to rely on private leased links that are expensive, this alows the organisation to also cut costs. Individuals from the organisation can thus work at customer sites, business partners, hotels and other untrusted locations to access the corporate network safely over dedicated private connections. This comes throught the use of restricted-access networks that utilise the same cabling and routers asd a public network, and they do so without sacrificing features or basic security.
3.Will biometrics involve encryption? How are biometric technologies dependent on the use of cryptography?
Encryption is the process of converting an original message into a form that is unreadable by unauthorised individuals.
Biometrics "is the science and technology of measuring and analysing biological data. In information technology biometrics refers to technolgies that measure and analyse human body characteristics, such as DNA, fingerprints, eye retinas and irises, voice patterns and hand measurements for authentification purposes", (http://searchsecurity.tehtarget.com/sDefinition/0,,sid14_gci21166,00.html). Yes, biometrics will involve encryption. Biometric encryption is the process of using a characteristic as a method to code or scramble/ descramble data. Encrypted biometric information is going to make it very difficult for an attacker to steal or break passwords or personal identification numbers. As biometric data is one of a kind human information it is very difficult to copy and if it is encrypted it is difficult to make this information rreadible by a user.
Cryptography " can be difined as the conversion of data into a scrambled code that can be deciphered and sent across a public or private network" (www.barcodesinc.com).
Biometric technologies are dependent on the use of cryptography as it allows Biometric information to be scrambled into code which can be sent across networks.
Friday, September 10, 2010
Sunday, September 5, 2010
Week 6 Blog entry
Incident classification is based on the judgement of the information security professionals involved. How would you determine if any given circumstances is business as usual, an incident or a disaster?
Classifying information securtiy incidents is normally done into three categories business as usual, an incident or a disaster. Business as usual means incidents which occur in the normal course of an activity, mainly in circumstances that occur on a day-to-day basis. These may just be small events which happen daily. An incident would be an occurrence or event which interupts normal procedures, this type of event would not occur on a daily basis. It would be events which occur from time to like security threats or warnings. A disaster on the other hand would be an event which causes widespread destruction and distress, this may occur if the whole information security system is taken out, major amounts of information stolen or a major breach of security.
It's often said that information security begins with solid policy. Why is this so?
A policy is desribed as a principle or rule to guide decisions and achieve rational outcomes. Which this kept in mind if managers use solid policy to guide them when dealing with infomation security they should be able to make more informed and educated decisions. Thus leading to more successful information security and protection of their information.
Keeping policy current is critical. How do you think policy needs to be updated to accomodate current events? Give examples where possible.
Policy needs to be continuously controlled and monitored to accomodate current events as technology is forever evolving and growing, organisation's policy must stay constantly new and with the times to ensure they can plan their security measures and processes. All sorts of new attacks and threats are occuring daily, these need to be countered by organisation's to ensure they are not vulnerable to any threats.
Classifying information securtiy incidents is normally done into three categories business as usual, an incident or a disaster. Business as usual means incidents which occur in the normal course of an activity, mainly in circumstances that occur on a day-to-day basis. These may just be small events which happen daily. An incident would be an occurrence or event which interupts normal procedures, this type of event would not occur on a daily basis. It would be events which occur from time to like security threats or warnings. A disaster on the other hand would be an event which causes widespread destruction and distress, this may occur if the whole information security system is taken out, major amounts of information stolen or a major breach of security.
It's often said that information security begins with solid policy. Why is this so?
A policy is desribed as a principle or rule to guide decisions and achieve rational outcomes. Which this kept in mind if managers use solid policy to guide them when dealing with infomation security they should be able to make more informed and educated decisions. Thus leading to more successful information security and protection of their information.
Keeping policy current is critical. How do you think policy needs to be updated to accomodate current events? Give examples where possible.
Policy needs to be continuously controlled and monitored to accomodate current events as technology is forever evolving and growing, organisation's policy must stay constantly new and with the times to ensure they can plan their security measures and processes. All sorts of new attacks and threats are occuring daily, these need to be countered by organisation's to ensure they are not vulnerable to any threats.
Subscribe to:
Comments (Atom)