GROUP REPORT

GROUP NUMBER: FOUR

GROUP NAME: INNOVATORS

COURSE: PROBLEM SOLVING, IDENTIFICATION AND SOLUTION.

COURSE CODE: PJR 102

PROBLEM: NETWORK SECURITY

TABLE OF CONTENT

• Introduction

• What is Network Security?

• Types of network security attacks.

• Common network security vulnerabilities.

• Physical security condition.

• STAGES AND EFFECT OF THE PROBLEM (NETWORK BREACHES).

• SOLUTIONS OF UNAUTHORIZED ACCESS IN ORGANIZATIONS

• Importance of network security.

• Network Protection Tips

• Network Troubleshooting Applications

• Hardware Tools

• Agencies with a role in ensuring organizational cybersecurity

 • Conclusion

Introduction

Our group consisted of five members. As we did not know each other that well in the beginning
one of the hardest tasks was to estimate how everyone’s attitude towards working in a team was
like and how much effort every single member is going to put in our project.

We suggested and eventually choose a topic upon the agreement of the other team members.
Communication was limited to moderate in the group. In the very beginning we created a
‘WhatsApp’ Group in order to have a fast and easy way to communicate, as everyone is
reachable on his or her mobile phone almost constantly. Expect if it is about setting a date and
time for the team meeting. Furthermore, we had to clarify what we were going to do, as only two
of us had actually read the requirements outline to our first group meeting. This was quite time
consuming regarding the allocation of the tasks. Besides the fact, we were not complete on our
agreed-upon time and therefore had to wait until we actually could get started. The division of
the tasks itself went well, as everyone agreed on what he would have to do. The time taken for
the preparation and design stages of the presentation were underestimated.

Moreover each member brought a problem, Badour Ofotsu Emmanuel brought on board
“Phishing”, and other also brought on other related problems. We had discussions but all fell
under the final problem suggested by Phinehas , which is the network security.

Below are a summary of what we discussed as team;

What Is It, Why Does It Matter and What Can You Do to Make Networks More Secure?

Today, hacks, data breaches, and cyberattacks are more common than ever before. In fact, the
number of data breaches that exposed private records more than doubled between 2015 and 2017
alone. The increasing number and severity of these attacks make network security a topic of
utmost importance, especially for current and prospective certified IT professionals.

CompTIA has done extensive research on cybersecurity, and one recent study on building
security teams, shows that the primary driver for a new security approach is a change in IT
operations. Migrating to a cloud provider, adding new mobile devices or focusing on data
analytics are all common IT strategies that require new security tactics. It’s no coincidence that
these strategies also drive changes or improvements to the corporate network. Success in these
areas requires a solid understanding of best practices in network security.

Network security is a smaller subset that falls under the larger umbrella of cybersecurity, and it
refers to the practice of preventing unauthorized users from accessing computer networks and
their associated devices. It involves physically protecting network servers and devices from
external threats, as well as taking steps to secure the digital network. In an age of increasingly
sophisticated and frequent cyberattacks, network security matters more now than ever before.

Types of Network Security Attacks

Over the last several years, cyberattacks have become more sophisticated, extensive, frequent
and more difficult to defend against. Many cybersecurity experts believe that these attacks will
only continue to grow more complex and aggressive.

Some of the most prevalent types of network security attacks any IT professional should be
aware of include the following:

Data Theft: Also called data exfiltration, data theft occurs when an attacker uses their
unauthorized access to obtain private information from the network. Attackers frequently use
stolen login credentials to read protected files or steal the data while it is in transit between two
network devices.
Insider Threat: As its name implies, insider threats come from employees within an organization.
These employees use their own access to infiltrate the network and obtain sensitive or private
company information.

Malware Attacks: A malware attack occurs when a malicious code (malware) inserts undesired,
unauthorized software onto a network device. Malware can easily spread from one device to
another, making it very difficult to get rid of entirely.

Password Attacks: Any type of attack that involves someone attempting to use a password
illegitimately is considered to be a password attack. The hacker may obtain access either by
guessing, stealing or cracking a password.

Social Engineering: These attacks use deception and falsehoods to convince others to give up
private information, such as an account password, or to violate security protocols. Social
engineering attacks often target people who are not tech-savvy, but they may also target
technical support staff with false requests for help.

Common Network Security Vulnerabilities

In order to effectively implement and maintain secure networks, it’s important to understand the
common vulnerabilities, threats and issues facing IT professionals today. While some can be
fixed fairly easily, others require more involved solutions.

Virtually all computer networks have vulnerabilities that leave them open to outside attacks;
further, devices and networks are still vulnerable even if no one is actively threatening or
targeting them. A vulnerability is a condition of the network or its hardware, not the result of
external action.

These are some of the most common network vulnerabilities:

*Improperly installed hardware or software

*Operating systems or firmware that have not been updated

*Misused hardware or software

*Poor or a complete lack of physical security

*Insecure passwords
*Design flaws in a device’s operating system or in the network

While a vulnerability does not guarantee that an attacker or hacker will target your network, it
does make it much easier — and possible — for them to gain access to it.

Physical Security Considerations

You must also consider the physical security of the various devices, servers and systems that are
used to power and maintain your network. If a network is physically vulnerable, it doesn’t matter
how strong or extensive its security is, because if someone can gain physical access to any of
these items, the entire network could then be compromised. Important physical safety
considerations include the following:

*Storing network servers and devices in a secure location

*Denying open access to this location to members of your organization

*Using video surveillance to deter and detect anyone who attempts to access this location

*Taking precautions to maintain the physical safety of your network will ensure that it’s able to
run as smoothly and safely as possible.

STAGES AND EFFECT OF THE PROBLEM (NETWORK BREACHES).

A typical security breach happens in three stages:

Research — the attacker searches for weaknesses or vulnerabilities in organizational systems,

people or processes.

Network/Social attack — the attacker attempts to penetrate the network perimeter, either by
evading network defenses, or by using social engineering to trick individuals into providing
access, data or credentials.

Exfiltration — once the attacker manages to gain access, they can steal valuable assets or cause
damage at their entry point, and also perform lateral movement to gain access to additional, more
valuable systems.

Immediate security risks posed by unauthorized access by gaining unauthorized access to

organizational systems or user accounts, attackers can:
Steal or destroy private data

Steal money or goods by carrying out fraud

Steal user identities

Compromise systems and use them for illegitimate or criminal activity

Sabotage organizational systems or deface websites

Cause physical damages – by gaining access to connected devices

SOLUTIONS OF UNAUTHORIZED ACCESS IN ORGANIZATIONS

During our group discussion we all decided on creating software application which contains all
the inbuilt features needed to protect an organization network. This application it’s a premium
application with a pay to get full access program.

Here are the major features which will help an organization to improve the strength of
authentication mechanisms and prevent access by unauthorized parties, whether internal or
external using the application

Strong Password Policy

Enforce best practices for user passwords—force users to select long passwords including letters,
numbers and special characters, and change passwords frequently. The application automatically
helps users to avoid using terms that can be guessed in a brute force attack, inform them about
routine password updating, and to tell them to avoid sharing passwords across systems.

Just setting a password policy may not be enough. This application provides tools such as
enterprise password management or Identity and Access Management (IAM)—to centrally
manage user credentials and ensure they conform to security best practices.

Two Factor Authentication (2FA) and Multifactor Authentication

Credentials based on user names, passwords, answers to security questions, etc. are known more
generally as knowledge-based security factors. Knowledge-based factors are an important
authentication method, but they are inherently weak and easy to compromise.
One of the best ways to prevent unauthorized access in your organization is to supplement
knowledge-based factors with additional authentication methods which is accessible in the menu
of the application.

Physical Security Practices

As important as cybersecurity is, don’t neglect physical security. Train users to always lock
devices when walking away from their desks, and to avoid writing down passwords or leaving
sensitive documents in the open. The application has a clear policy that locks the account after
some set time of input inactiveness , which prevent and ensure only authorized parties to access
sensitive areas of your physical facility when not available.

Monitoring User Activity

It is crucial to monitor what is happening with user accounts, to detect anomalous activity such
as multiple login attempts, login at unusual hours, or login by users to systems or data they don’t
usually access. There are monitoring system in the software where for example a security analyst
uses in investigation or live displays of log activities on the network.

Endpoint Security

Historically, most security breaches were a result of penetrating the network perimeter. Today,
many attacks circumvent network defences by directly targeting endpoints, such as employee
workstations, servers, cloud instances. In preventing this the application has an antivirus system
which is hosted on every endpoint to secure the system from breaches.

Encryption

Encryption is the process of scrambling data to the point of unintelligibility and providing only
authorized parties the key (usually a decryption key or password) to decode it. This way, even if
data is intercepted or seen by an unauthorized user, they are unable to read it.

Firewalls

The software has a firewall automation program which works with hardware/software device or
combination of both that blocks unsolicited traffic from entering a network. They can be
configured to only block suspicious or unauthorized traffic, while still allowing access to
legitimate requests.

Network Segmentation

Network segmentation involves breaking down a larger network into various subnetworks or
segments. If any of the subnetworks are infiltrated or compromised, the others are left untouched
because they exist independently of each other.

The Importance of Network Security

Network security is vital to maintaining the integrity of your data and the privacy of your
organization and employees. It encompasses everything from the most basic practices,
such creating strong passwords and fully logging out of community computers, to the most
complex, high-level processes that keep networks, devices and their users safe. More and more
sensitive information is stored online and in these various devices, and if an unauthorized user
gains access to that data, it could lead to disastrous results. While each and every member of
your organization can take strides to help keep things secure, network security has become more
complex in recent years. Adequately protecting networks and their connected devices
requires comprehensive network training, a thorough understanding of how networks actually
work and the skills to put that knowledge into practice. It’s crucial for networks to be thoroughly
and properly set up, secured and monitored to fully preserve privacy. Governments, businesses,
and individuals who own a computer need good network security. What is it exactly? It’s a
preventative measure to keep your network and data safe from viruses, unauthorized users, and
other threats. The process requires a lot of hardware devices and tools, like routers, firewalls, and
anti-malware software. For big organizations and governments, network security is vital, but
everyone deserves a safe, secure network. Here are ten reasons why:

#1. It’s an important part of cybersecurity

Many technical terms are used interchangeably, so you’ll see people say cybersecurity when they
mean network security and vice versa. Cybersecurity is the overall umbrella term. It involves
securing everything, including the network, but also the devices and data. Network security
focuses on the actual network itself, which supports various systems and applications. An
organization (or individual) committed to security won’t forget network security when
developing a cybersecurity plan.

#2. Network security protects your data

To businesses and individuals, data is something to be treasured and protected. If you’re a

business, your data might consist of marketing materials, financial data, and everything else that
makes your business what it is. For individuals, you also have financial data and personal
information you don’t want anyone else to access. Network security ensures your data stays
yours.

#3. Network security protects client data

Governments and businesses store data that isn’t theirs. For organizations like accounting firms
and medical clinics, that data is very sensitive. Keeping that data secure is the responsibility of
the organization. This includes backing up the data properly and ensuring hackers can’t get into
your system.

#4. Network security is required

Depending on your business, you most likely have requirements you need to meet. As an
example, medical organizations must comply with regulations like HIPAA. In the EU,
organizations that deal with the data of EU citizens must comply with GDPR. If you want to start
a business and you’re going to be dealing with data, check to see what requirements you must
follow regarding network security.

#5. Network security improves your network’s performance

Good network security doesn’t only keep your network safe; it helps it run better. The key is to
get a good system that isn’t slowed down by redundant tools and apps. Look for systems proven
to work efficiently. If you aren’t sure what to look for, talk to a service provider about what they
recommend.

#6. Network security protects against ransomware

Ransomware attacks are common. For many, they’re the worst kind of attack. They’re a type of
malware that threatens to release or block access to your data unless you pay a ransom. They can
affect just one individual or entire countries. Recently, the group Darkside hacked the Colonial
Pipeline in the United States. To get the pipeline back online, the group was paid millions in
cryptocurrency. This is just one example of many.

#7. Cyberattacks are on the rise

Attacks like the one on the Colonial Pipeline are becoming more frequent. Organizations,
especially big ones with money for ransoms, need to invest in better security now. There are a
few reasons why cyberattacks are booming. The spread of the 5G network is one. As the network
expands, so do all its vulnerabilities. It isn’t enough to embrace something new and exciting like
5G, you also need new security to support it. Improving technology like artificial intelligence
and machine learning also helps hackers. They no longer have to manually hack systems; they
can set up systems that do it for them.

#8. Not having protection costs money

As we saw from the Colonial Pipeline hack, not having good network security can be expensive.
When Yahoo had a breach that affected its 3 billion customers, the direct costs ended up costing
them around $350 million. On an individual level, attacks can leave you with a drained bank
account. There’s also the emotional distress of having your information stolen or sold. While
good network security may cost you upfront, it more than pays for itself.
#9. Network security is a lucrative field

Network security is good for the economy and individuals looking for well-paying careers.
Because of the increasing cybersecurity threats, organizations are looking for experts. In the US
alone, the BLS predicts that information security analyst jobs will increase 28% between 2016
and 2028, which is four times as fast as other job fields. The pay can be really good, too.
According to ZipRecruiter, a network security specialist on average makes around $97,600 a
year in the United States. The more specialized you are, the better the pay.

#10. The world depends on technology

Network security matters so much because of peoples’ dependence on technology. We use it for
almost everything, including communication, production, record-keeping, and more. There are
cameras in our computers, phones, cars, and even certain children’s toys. Peoples’ entire lives
can be found online if you know where to look. This dependency will only increase, so network
security needs to keep up.

Network Protection Tips

Regardless of your organization’s needs, there are a few general network protection tips and best
practices that you should be sure to follow. Below is a very basic overview of some of the most
important, but perhaps underestimated, steps IT professionals should take to ensure network
security. A more in-depth guide of all relevant steps and information can be found in
the CompTIA Network+ Certification study guide.

Grant Access Sparingly

Always be aware of who has access to your network or servers. After all, not everyone in your
organization needs to be able to physically or electronically access everything on your network.
Don’t give blanket access to every employee in your organization; only give out what
information is necessary to help reduce the chance of unauthorized access, purposeful or
unintentional tampering, or security breaches.

Follow Password Best Practices

It’s a basic principle, but following password best practices is a simple and highly effective way
to maintain network security. Many people create passwords that aren’t strong, reuse previous
passwords and don’t use unique passwords for each of their accounts. Encourage all employees
to follow password best practices, especially for their work accounts, as it can help keep
everyone’s data safe.

Secure Servers and Devices

Physically protect your servers and your devices. Keep them in a safe location, and do not grant
general access to this room or area. Be sure the room is locked when it’s not in use and keep an
eye on the area when it is unsecured or in use.

Test Your Security

You should never assume that your network is completely secure. Continually test
and troubleshoot your network to see what is substandard or to identify any vulnerabilities. Be
sure to make fixes and updates as needed.

In addition, if you do not already have a data recovery plan in place, now is the time to create
one. Even the best-secured networks are compromised and infiltrated, and though no one wants
or necessarily expects that to happen, being prepared for the worst will make solving the problem
significantly easier.

Computer networking is constantly evolving, and what was once considered a network security
best practice may soon be a thing of the past. IT professionals need continual education and
training to keep up on the latest security issues and threats, so they can more effectively
implement promising network security solutions.

Network Troubleshooting Applications

In addition to command-line tools, there are also a number of standalone applications that can be
used to determine the status of a network and to troubleshoot issues. Some of these applications
may be included in the system that you are working with, while others may need to be installed
separately.

Packet Sniffer: Provides a comprehensive view of a given network. You can use this application
to analyze traffic on the network, figure out which ports are open and identify network
vulnerabilities
Port Scanner: Looks for open ports on the target device and gathers information, including
whether the port is open or closed, what services are running on a given port and information
about the operating system on that machine. This application can be used to figure out which
ports are in use and identify points in a network that could be vulnerable to outside attacks.

Protocol Analyzer: Integrates diagnostic and reporting capabilities to provide a comprehensive

view of an organization’s network. You can use analyzers to troubleshoot network problems and
detect intrusions into your network.

Wi-Fi Analyzer: Detects devices and points of interference in a Wi-Fi signal. This tool can help
you to troubleshoot issues in network connectivity over a wireless network.

Bandwidth Speed Tester: Tests the bandwidth and latency of a user’s internet connection. This
application is typically accessed through a third-party website and can be used to confirm user
reports about slow connections or download speeds.

Hardware Tools

Command-line tools and applications are software tools for troubleshooting, but some network
problems have hardware causes and solutions.

Here are some hardware tools that can help you diagnose and solve network issues:

Wire Crimpers: A wire crimper (sometimes called a cable crimper) is a tool that attaches media
connectors to the ends of cables. You can use it to make or modify network cables.

Cable Testers: A cable tester (sometimes called a line tester) is a tool that verifies if a signal is
transmitted by a given cable. You can use one to find out whether the cables in your network are
functioning properly when diagnosing connectivity issues.

Punch down Tool: A punch down tool is used in a wiring closet to connect cable wires directly to
a patch panel or punch-down block. This tool makes it easier to connect wires than it would be to
do it by hand

TDR: A time-domain reflectometer (TDR) is a measuring tool that transmits an electrical pulse
on a cable and measures the reflected signal. In a functioning cable, the signal does not reflect
and is absorbed in the other end. An optical time-domain reflectometer (OTDR) is a similar tool,
but used for measuring fiber optic cables, which are becoming more common in modern
networks.

Light Meter: Light meters, also known as optical power meters, are devices used to measure the
power in an optical signal.

Tone Generator: A tone generator is a device that sends an electrical signal through one pair of
UTP wires. On the other end, a tone locator or tone probe is a device that emits an audible tone
when it detects a signal in a pair of wires. You can use these tools to verify that signals are
passing through the wires in your network. They are often used to confirm phone connectivity.

Loopback Adapter: A loopback adapter is a virtual or physical tool that can be used for
troubleshooting network transmission issues. It can be used by utilizing a special connector that
redirects the electrical signal back to the transmitting system.

Multimeter: A multimeter (sometimes called a volt/ohm meter) is an electronic measuring

instrument that takes electrical measurements such as voltage, current and resistance. There are
hand-held multimeters for fieldwork as well as bench-top models for in-house troubleshooting.

Spectrum Analyzer: A spectrum analyzer is an instrument that displays the variation of a signal
strength against the frequency.

Top popular federal agencies with a role in ensuring organizational cybersecurity

As hackers hone their skills, businesses deal with cybersecurity concerns on a daily basis. Most
major hacks to date have focused on a specific company or agency. But what if a large
cyberattack were to occur on a national scale? Who would enforce cybersecurity measures and
provide guidance to businesses on what to do and how to react?

Though some federal guidance is still being worked out, the following are agencies that have a
role in ensuring cybersecurity and responding to cyber incidents:

The Federal Bureau of Investigation

Until recently, the level to which the federal government could get involved in a major private
sector cybersecurity incident was unclear. But last month, the White House issued a presidential
policy directive (PPD) on cyber incident coordination. The PPD outlines the federal role and
pledges that, in the case of a major private sector cybersecurity event, federal government
responders will safeguard sensitive private sector information and abstain from interfering while
remaining informed of the affected organization’s response.

The PPD also directs that, in the event of a cybersecurity incident or threat, the FBI and the
National Cyber Investigative Joint Task Force will take the response lead.

A “relevant sector-specific agency” will also work with the federal government to help it
understand “potential business or operational impact of a cyber incident on private sector critical
infrastructure.”

Through the PPD, the White House also promised that the Department of Homeland Security
and the Department of Justice will develop a fact sheet outlining how private individuals and
organizations can work with federal agencies in response to a cyber incident.

Federal Trade Commission

Over the past decade, the FTC has established itself as the government’s chief cybersecurity
enforcer when it comes to protecting consumers from a data breach. The Federal Trade
Commission (FTC) has sued several private-sector companies for allegedly failing to protect
consumer data because of lacking cybersecurity practices.

Some private companies have challenged the FTC’s authority to police cybersecurity
shortcomings. CEO's and others have said Congress did not give explicit directions for the
agency to go after companies with weak security measures. But the FTC then reversed an
administrative law judge’s decision from last November that had dismissed FTC charges against
those companies.

The reversal concludes that companies data security practices were unreasonable and constitute
an unfair act or practice that violated Section 5 of the Federal Trade Commission Act. The
reversal also underscored the fact that the FTC can in fact act to protect consumers from data
mismanagement.
Department of Homeland Security

The Department of Homeland Security conducts criminal investigations, develops standardized

cybersecurity methods, and shares cyber response best practices and tools with other federal
agencies.

Branches of DHS, such as the U.S. Secret Service and U.S. Immigration and Customs
Enforcement (ICE), also have special divisions dedicated to combating cybercrime.

U.S. Secret Service

The U.S. Secret Service controls the Electronic Crimes Task Forces, which works to find
international cybercriminals. According to the agency’s website, the Secret Service’s Cyber
Intelligence Section has “directly contributed to the arrest of transnational cybercriminals
responsible for the theft of hundreds of millions of credit card numbers and the loss of
approximately $600 million to financial and retail institutions.”

The Secret Service also runs the National Computer Forensic Institute, which delivers cyber
training to law enforcement officers to help them fight cybercrime.

National Institute of Standards and Technology (NIST)

NIST is a non-regulatory federal agency within the U.S. Department of Commerce. Thanks to
the recently-created Commission on Enhancing National Cybersecurity, NIST is now getting
more involved in helping shape cybersecurity practices.

In February, President Obama requested $19 billion for federal cybersecurity initiatives to help
secure the government, critical infrastructure and “important technologies.”

“I have charged the Commission on Enhancing National Cybersecurity with the critically-
important task of identifying the steps that our nation must take to ensure our cybersecurity in an
increasingly digital world,” Obama said in a statement.

As part of the commission, the Secretary of Commerce was tasked by the President to direct the
Director of NIST to provide the commission with “cybersecurity expertise, services, funds,
facilities, staff, equipment and other support services as may be necessary to carry out its
mission.

Recently, NIST asked for public comment on a wide range of cybersecurity topics. The goal is to
eventually make recommendations to strengthen cybersecurity in both the public and private
sectors. To craft the guidance, the commission is drawing on the public’s knowledge of
cybersecurity, particularly from “those who have experienced significant cybersecurity incidents
to understand lessons learned from these experiences.” The effort is part of an overall strategy to
maintain a “cyber environment that encourages efficiency, innovation and economic prosperity.”

The commission is seeking more information about critical infrastructure cybersecurity, cyber
insurance, cybersecurity R&D and the Internet of Things, among other topics.

CONCLUSION

Network security refers to the practice of preventing unauthorized users from accessing
computer networks and their associated devices.

Importance of network security.

Network security is vital to maintaining the integrity of your data and the privacy of your
organization and employees.

Network security is the key to keeping that sensitive information safe, and as more private data is
stored and shared on vulnerable devices, network security will only grow in importance and
necessity.

While each and every member of your organization can take strides to help keep things secure,
network security has become more complex in recent years.

Common network security vulnerability

Improperly installed hardware or software

Operating systems or firmware that have not been updated

Misused hardware or software

Poor or a complete lack of physical security

Insecure passwords

Design flaws in a device’s operating system or in the network

While vulnerability does not guarantee that an attacker or hacker will target your network, it does
make it much easier and possible for them to gain access to it.

Types of Network Security Attacks.

Data Theft

Insider Threat

Malware Attacks

Password Attacks

Social Engineering

Types of Network Security Solutions

Antivirus Software

Encryption

Firewalls

Multi-Factor Authentication

Network Segmentation

Network Protection Tips

Regardless of your organization’s needs, there are a few general network protection tips and best
practices that you should be sure to follow.

Grant Access Sparingly

Always be aware of who has access to your network or servers.

Follow Password Best Practices

It’s a basic principle, but following password best practices is a simple and highly effective way
to maintain network security.

Test Your Security

You should never assume that your network is completely secure.

In addition, if you do not already have a data recovery plan in place, now is the time to create
one.

Computer networking is constantly evolving, and what was once considered a network security
best practice may soon be a thing of the past.

Network Troubleshooting Applications

Packet Sniffer

Port Scanner

Protocol Analyzer

Wi-Fi Analyzer

Bandwidth Speed Tester

Hardware Tools

Wire Crimpers:

Cable Testers

Punch Down Tool

TDR

Light Meter

Tone Generator

Loopback Adapter
Multimeter

Spectrum Analyzer

MEMBERS AND ID

1. Phinehas Tetteh Narh -01211725B

2.Joseh Tettevi -01211014B

3. Badour Ofotsu Emmanuel – 01211095B

4.Maurice Mantah Tanguoh 01210987B

5. Travis David Monte 01210556B

REFERENCES: comptia.org, cisco.com,cynet.com