Cyber Security and Incident Management part 1

Pearson Set Assignment
Activity -1
UNIT 11 CYBER SECURITY AND INCIDENT MANAGEMENT
ASSESSOR – HIMANSHU BABBAR



STUDENT NAME: Ibrahim Zitouni

PEARSON ID: 20000351

DATE: 1 JUNE 2021

TIME: 10:00 AM – 3:00 PM

,Contents
Different cyber security threats to which organizations are exposed to as well as system vulnerabilities
which could affect IT systems......................................................................................................................2
Understanding the Scenario....................................................................................................................2
Definition of cybersecurity.......................................................................................................................2
How Internal Threats occur.........................................................................................................................2
How external threats function.....................................................................................................................4
System vulnerabilities which could affect IT Systems..................................................................................6
How organizations could use physical hardware and software security measures to counteract security
threats.........................................................................................................................................................8
User authentication...................................................................................................................................11
Topic 2 - Impact of Cyber Security threats while taking legal requirements into account.........................13
The Impact of Threats................................................................................................................................13
Legal requirements................................................................................................................................13
Topic 3 - How different network types and infrastructure of Davies Enterprises can be secured.............15
Different network types.............................................................................................................................16
Component................................................................................................................................................18
Securing Network components and infrastructure....................................................................................18
Intranet, Extranet, Internet and Cloud...................................................................................................19
Modern Trends & Interpreting Schematics................................................................................................20
Network Components................................................................................................................................22
Connection Media.....................................................................................................................................23
management & Troubleshooting Tools.....................................................................................................24
Network Application Software:..................................................................................................................24
Network & Device Operating Systems.......................................................................................................25
Network Infrastructure..............................................................................................................................25
Network Services.......................................................................................................................................29
Topic 4 – Evaluating the effectiveness of the measures used to protect organization from cyber security
while taking legal requirements into account............................................................................................30
References.................................................................................................................................................32




1|Page

,Different cyber security threats to which organizations
are exposed to as well as system vulnerabilities which
could affect IT systems

Understanding the Scenario

I have been recently hired at “Techno security” specializes in providing security products and services.
The company produces multiple cyber security software programs such as firewalls, anti-virus
applications as well as many other types of protection. One of the clients called “Davies Enterprises Ltd”
has asked my employers to find the security implications of a e-commerce business which allows people
to buy products digitally. The director has asked me to make a report . The director of techno security
has asked me to create a report about the current threats of cybersecurity.

Definition of cybersecurity
The process of protecting computers, servers, mobile devices, communications systems, databases,
including information from security threats is known as cyber protection. It 's commonly recognized as
electronic data security or information systems protection.

How Internal Threats occur
An internal threat corresponds towards the possibility of someone within an organization exploiting a
device in order either trigger harm or install malware. Employees are supposed to consider trustworthy
people who are given expanded rights what could potentially become exploited therefore certain types
of attacks are especially concerning.

Employee sabotage




The employees of an organization like Davies Limited provide exposure towards a broad variety of
hardware components within an organization, having just confidence as a safeguard against it
destroying as well as taking it. Which implies whether organization equipment, such as storage devices
comprising a variety of valuable information, may get potentially seized; instead, the information on the
storage device could be relocated through an USB drive, which could therefore be exposed but instead
reproduced publicly. Staff members may also purposefully destroy the Davies Enterprises if we would



2|Page

, relate it to the scenario infrastructure and information, including by removing information or destroying
an USB stick.

Unauthorized access from staff members




If Davies Limited have employees which currently possess connections into the corporation 's network
might be eligible to gain exposure towards parts throughout certain systems that others should not,
including a worker mistakenly allows oneself signed into as well as a door that could been kept
unattended giving anyone exposure through a network Individuals could often gain escalated
authorization which enable them to conduct additional administration tasks including such modifying
certain clients' permissions and otherwise disabling vulnerability management software, which
individuals might acquire or vindictively gain. Similar problems could serve as a steppingstone towards
other assaults.

Weak cyber security measure and practices




Davies Limited lacks adequate virtual and analog protection, it enhances the risk towards a weakness
becoming compromised, particularly throughout light of recent problems such as robbery. For instance,
whenever their networking resources is placed inside an unprotected space, anyone can come in there
or even harm or capture resources. Moreover, an average staff member might inadvertently trigger
certain weak points through performing anything as basic as accidentally exposing confidential
information about Davies Limited – a malware should be inadvertently installed, affecting the whole
system.




3|Page