Monday, November 11, 2019

Network Security

A Floor Plan Layout of Micronet Gadong 2nd Floor 


Micronet Gadong Campus 2nd Floor layout
In 2nd floor, it has two sections where each has 2 rooms either a Lab or a Classroom. It also has two rest room for each section. For my suggestion, I would like to put 1 firewall, 1 VPN and 1 Network Access Control on the 2nd floor of Micronet campus. A firewall helps to prevent malicious software or attacks.  A VPN provides secure connection and extra security. A NAC provides user or system authentication and improve network security by limiting to authorized personnel.

Classroom 1:
  • 1 projector
  • 1 PC
  • 1 projector screen
  • 2 CCTV 
Lab 3:
  • 1 projector
  • 1 projector screen
  • 1 switch
  • 1 router
  • 1 printer
  • 2 CCTV
  • 25 PCs
Lab 5:
  • 1 projector
  • 1 projector screen
  • 1 switch
  • 1 router
  • 1 printer
  • 2 CCTV
  • 29 PCs
Lab 6:
  • 1 projector
  • 1 projector screen
  • 1 switch
  • 1 router
  • 1 printer
  • 2 CCTV
  • 27 PCs
Posted by at No comments:

Wednesday, November 6, 2019

Business Intelligence

Exercise: Systems and Technologies
Explain each system and include the features, advantages and disadvantages. Identify in which level does it operate. Provide diagram where necessary.


Image result for examples of transaction processing system
1. Transaction Processing Systems (TPS)
  • It is s type of Information System that use in everyday operation which functions as a collecting, storing, modifying and retrieving the data transactions of an enterprise.
  • Features:
    • Must be two parties 
      • It takes two parties for the transaction to take place. There cannot be a giver unless there is a receiver. e.g. X borrows $10,000 from a bank. So it can defines as a transaction happens since there a two parties (X and Bank).
    • Must be measurable in terms of money
      • The event is not consider as a transaction if it is not financially viable
  • Advantages:
    • Operations handling 
      • able to handle several transaction at once and making  your online transaction process easier as the system provide online processing process.
      • e.g. thousand purchases, debit accounts, hold each person's private banking and address information, process customer orders
    • Untapped Market
      • able to reach and gain customers from around the world which allow people to access and buy your business's products or services.
  • Disadvantages:
    • High setup costs
    • Lack of standard formats
    • Hardware and software incompatibility 
  • The Operational decision are the level of business decision operating at TPS.
  • e.g. receipt / banking process / employee data / inventory / sales orders / purchasing transactions / sales transactions.

Image result for software examples of management information system
2. Management Information Systems (MIS)
  • An MIS provides managers with information and  support for effective decision making, and provides feedback on daily operations.
  • Providing information from TPS.
  • Features:
    • Flexible - allows analysation and evaluation of data from multiple sources and in multiple ways or processing. It allows the introduction of new ways to process data.
    • Easy to use -  managers does not need advanced knowledge in information systems in order to get the information they need.
    • Reliable and accurate - to improve efficiency in the organisation and ensure the decision making is of high quality.
  • Advantages:
    • Better decision making - by providing relevant information to decision makers.
    • It is an integrated systems which allows communication among executives, managers, department heads and employees to improve
    • Better communication = better management
    • Quality of products or services improves by referring to information about customer feedback and past experiences.
  • Disadvantages:
    • Expensive to setup and maintain - you need to buy the systems to apply MIS
    • Need to learn technical skills to use MIS
    • Need to keep up when new tools are integrated into the system
    • Upgrading the system requires extra money and staff
    • Possibilities of data breach as MIC is connected online
  • The Tactical decision are the level of business decision operating at MIS.
  • e.g. Scheduled report / Demand report / Key-indicator report / Exception report.

Image result for software examples of decision support system
3. Decision Support Systems (DDS)
  • It is use to supports business or organizational decision-making activities. DSS serve the management, operations and planning levels of an organizations (usually mid and higher management) and help to make decision, DSS can be either fully computerized, human or a combination of both.
  • Features:
    • Facilitation - DSS facilitate and support specific decision making activities and decision process
    • Interaction - it is a computer-based systems design for interactive use by decision makers or staff
  • Advantages:
    • Time saving
    • Enhance effectiveness 
    • Improve interpersonal communication
    • Competitive advantages
    • Cost reduction
    • Increase decision maker satisfaction
    • To promote learning
    • Improves personal efficiency
  • Disadvantages:
    • Monetary cost
    • Overemphasize decision making
    • Assumption of relevance
    • Unanticipated effects
    • Obscuring responsibility
    • False belief in objectively
    • Status reduction
    • Information overload
  • The Strategic decision are the level of business decision operating at DDS.
  • e.g. Product pricing / profitability / forecasting / risk analysis system.

Image result for software examples of expert system
4. Expert Systems (ES)
  • User supplies facts or other information to the expert system and receives expert advice or expertise in response. 
  • An intelligent computer program that uses knowledge and inference procedures to solve problems that are difficult enough to require significant human expertise for their solution.
  • Features:

  • Advantages:
    • Low accessibility cost
    • Fast response
    • Not affected by emotions unlike humans
    • Low error rate
    • Capable of explaining how they reached a solution.
  • Disadvantages:
    • ES have no emotions
    • Common sense is the main issues of the ES
    • It is developed for a specific domain
    • It needs to be updated manually. It does not learn itself.
    • Not capable to explain the logic behind the decision.
  • There is NO LEVEL for ES because all the decision is decide by the systems not by the operation /  a person.
  • e.g. Diagnose of human illnesses /  make financial forecasts / schedule routes for delivery vehicles.

References:

  • what is transaction processing system - Google Search. (2019). Google.com. Retrieved 4 November 2019, from https://www.google.com/search?q=what+is+transaction+processing+system&safe=active&sxsrf=ACYBGNSE4GF-EBjnZSjbHS0mGwDJw6W8Hw:1572849278621&source=lnms&tbm=isch&sa=X&ved=0ahUKEwjEgKaU-M_lAhW1yosBHYEkCqwQ_AUIEigB&biw=704&bih=768#imgrc=r10XQ_OIhcvPXM: 
  • Feature of Transaction - AccountingExplanation.com. (2019). Accountingexplanation.com. Retrieved 7 November 2019, from http://www.accountingexplanation.com/features_of_transaction.htm 
  • Benefits of a Transaction Processing System in Business. (2018). Techfunnel. Retrieved 7 November 2019, from https://www.techfunnel.com/fintech/benefits-of-a-transaction-processing-system-in-business/
  • what is management information system - Google Search. (2019). Google.com. Retrieved 4 November 2019, from https://www.google.com/search?q=what+is+management+information+system&safe=active&sxsrf=ACYBGNR86DL89Zfa8sMP0P6BMWYEQ6kY3w:1572850380232&source=lnms&tbm=isch&sa=X&ved=0ahUKEwiMhMuh_M_lAhXYwosBHW8cAZcQ_AUIEigB&biw=704&bih=768#imgrc=ytjP9Z71kGkKsM: 
  • What is transaction processing system - Google Search. (2019). Google.com. Retrieved 4 November 2019, from https://www.google.com/search?safe=active&biw=704&bih=768&tbm=isch&sxsrf=ACYBGNR_tl4FG2Oe5VMbYHVQjdfEW1342g%3A1572850702799&sa=1&ei=Dsy_Xf2sMNf6wQOfyJzYBQ&q=what+is+transaction+processing+system&oq=what+is+transa+system&gs_l=img.3.0.0i7i30.323401.325875..327803...0.0..0.208.1008.0j5j1......0....1..gws-wiz-img.......0i8i7i30.6I_lJKOZNNs#imgdii=9TzXm8ed-GocUM:&imgrc=r10XQ_OIhcvPXM: 
  • what is decision support system - Google Search. (2019). Google.com. Retrieved 4 November 2019, from https://www.google.com/search?safe=active&biw=704&bih=768&tbm=isch&sxsrf=ACYBGNRkxjfc72ByFfQSTDKdGUzZ3oOUOQ%3A1572851032551&sa=1&ei=WM2_XZWWIeLxhwP-upyICA&q=what+is+decision+support+system&oq=what+is+decision+susystem&gs_l=img.3.0.0i7i30j0i8i7i30l2.122936.126935..129342...1.0..0.217.1968.0j13j1......0....1..gws-wiz-img.......0j0i8i30j0i24.tGZJ5AkyUWk#imgrc=9ujfxQZPj9ShtM:
  • Expert Systems - GeeksforGeeks. (2018). GeeksforGeeks. Retrieved 4 November 2019, from https://www.geeksforgeeks.org/expert-systems/

Posted by at No comments:

Monday, November 4, 2019

Network Security

Network Planning - Proof of Concept


How to design a secured network (methods):

 ZAWANAH

  1. Identify the network assets (hardware, software, employee)
  2. Analyze the security risks (hackers)
  3. Analyze the security requirements (backup)
  4. Develop a security plan (plan if any of the security risk happen)
  5. Define a security (rules of the security, e.g. don not change the setting of the computer)
SABRINA
  1. Set clear administrator Privileges
  2. Secure your private network
  3. Secure endpoints by Configuration Demilitarized Zone (DMZ)
  4. Monitor the network
  5. Maintain Firewalls
  6. Establish Intrusion Detection and Prevention Systems
  7. Protect Remote Access
HAZWAN HASSAN
  1. Exam the system of the company
  2. Interview employee what they know and what kind of guide they've received
  3. Start planning design
  4. Set up Firewall
  5. Set up IP router
HAZWAN HAILE
  1. Prepare - identify the assets (hardware, software, employee)
  2. Plan - make sure all the devices are listed down such as network devices, connection, security.
  3. Design - draw the draft sketch of the design
  4. Implement - create the network by following the design draft
  5. Maintenance - configure the setting of the network design
  6. Testing - test the implemented network design to make sure it is working and connected
MISS J
  1. Identify all the assets (hardware, software, employee. e.g. identify what they need or what they already have)
  2. Identify the budget
  3. Identify the problem (virus, hacker)
  4. Identify the solution (installing anti virus to prevent viruses, installing firewall to prevent hackers)
  5. List down all the software and network security hardware
  6. Identify the secure connection (what are the cable that suitable to use and how to connect)
  7. Sketch and plan your design
  8. Ask for the approval from the organization itself (is it design good or no? ask approval until it get approval)

The different types of network security designs that will aid good network security:

FARAH
  1. Antivirus
  2. Network Access Control (NAC)
  3. Data Loss Prevention (DLP)
  4. Email security 
  5. Endpoint security
  6. Firewall
  7. Intrusion Detection System & Intrusion Prevention System
  8. Virtual Private Network (VPN)
SYUKRI
  1. Network Access Control (NAC)
  2. Application Security - secure all the apps of the software that network use
  3. Email Security 
  4. Antivirus and anti-malware software
  5. Wireless Security 
ERRA
  1. Firewalls - monitor the incoming and outgoing traffic
  2. Virtual Private Network (VPN) - allow remote access to secure corporate applications or other resources
  3. Network Access Control (NAC) - strengthens network by controlling its access
  4. Data Loss Prevention (DLP) - responsible for securing the communication network of an organization in order to protect its sensitive data.
Posted by at No comments:

Wednesday, October 30, 2019

Network Security

Choose FOUR (4) protocols and discuss its details and importance in network. Research how the aid network Security.

What is Network Protocols 
  • A network protocols means a formal standards and policies that consists of rules, procedures and formats that determine communications between two or more devices over a network. It govern (control) end-to-end processes of data or network communication in a timely, secure and manageable manner. 
  • Examples of Network Protocols such as HTTP, HTTPs, FTP, SMTP, DNS and etc.
What is Domain Name Systems (DNS)?
  • Domain Name System (DNS) is a hierarchical naming systems built on a distributed database. The system changes the domain name to an IP address and makes it easier to assign domain name to a group of Internet resources and users, regardless of the entities physical location. 
  • For example of DNS is when a user type google.com into a web browser, the server behind the scenes will map the name to the corresponding IP address like example 121.12.12.123.
What is Secure Sockets Layer (SSL)?
  • A Secure Sockets Layer (SSL) is developed by Netscape and defined as a standard protocol used for the secure transmission of documents over a network. The SSL technology creates a secure link between a Web server and browser to ensure the security transmission of private and integral data. It uses Transport Control Protocol (TCP) for communication.
What is File Transfer Protocol (FTP)?
  • A File Transfer Protocol (FTP) also known as RFC 959. It is a client/server protocol that used for transferring or exchanging files with a host computer. It can verified with a username and password. Other than that, it allows users to access files, programs and other data from internet sources without using a user ID or password. Some of the web sites use anonymous or guest as a user ID and an email address as a password. FTP is also the internet standard for moving or transferring files from one computer to another using TCP/IP  networks.
What is Simple Mail Transfer Protocol (SMTP)?
  • A Simple Mail Transfer Protocol (SMTP) also knows as RFC 821 and RFC 2821. It is defined as a standard protocol for email services on a TCP/IP network where it provides the ability to send and receive email messages. SMTP also an application layer protocol that allows for the transmission and delivery of email over the internet. It was created and maintained by the Internet Engineering Task Force (IETF).

References:

  • What are Network Protocols? - Definition from Techopedia. (2019). Techopedia.com. Retrieved 23 October 2019, from https://www.techopedia.com/definition/12938/network-protocols
  • What is the Domain Name System (DNS)? - Definition from Techopedia. (2019). Techopedia.com. Retrieved 23 October 2019, from https://www.techopedia.com/definition/24201/domain-name-system-dns
  • What is the Secure Sockets Layer (SSL)? - Definition from Techopedia. (2019). Techopedia.com. Retrieved 23 October 2019, from https://www.techopedia.com/definition/24025/secure-sockets-layer-ssl 
  • What is File Transfer Protocol (FTP)? - Definition from Techopedia. (2019). Techopedia.com. Retrieved 31 October 2019, from https://www.techopedia.com/definition/1872/file-transfer-protocol-ftp 
  • What is Simple Mail Transfer Protocol (SMTP)? - Definition from Techopedia. (2019). Techopedia.com. Retrieved 31 October 2019, from https://www.techopedia.com/definition/1710/simple-mail-transfer-protocol-smtp




Posted by at No comments:

Monday, October 21, 2019

Business Intelligence


Analyze and Compare the systems and technologies associated with business intelligence. For examples:

  • Data Warehouses
    • A data warehouse (DW) defined as a collection of information and data obtained from operating system and exterior data resources that designed to support business decisions by allowing the integration, analysis and reporting of data at different aggregate levels. The data is collected into data warehouse through extraction, transformation and loading processes.
  • Executive Information Systems
    • An Executive Information Systems (EIS) define as a decision support system (DSS) that used to assist senior executives in the decision making process. Basically, it is a feature graphical displays on an easy-to-use interface where it contains a valuable data needed to achieve the strategic goals of an organization. Additionally, it can be used in a variety of organizations to monitor enterprise performance and identify opportunities and problems.
  • Online Analytic Processing (OLAP)
    • A software used to analyze information from the data warehouse and it will be shown on the Executive Information Systems (EIS).

References:

  • Techopedia.com. (2019). What is a Data Warehouse (DW)? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/1184/data-warehouse-dw [Accessed 22 Oct. 2019].
  • Techopedia.com. (2019). What is an Executive Information System (EIS)? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/1016/executive-information-system-eis [Accessed 22 Oct. 2019].

Posted by at No comments:

Tuesday, October 15, 2019

Network Security

QUESTIONS:

  • Discuss the different types of network security devices.
  • Explain how they are used to provide network security.
  • Explain their advantages.
  • Provide diagrams on how each devices is used with justifications.


 Virtual Private Network Gateways 
  • A Virtual Private Network (VPN) Gateway is a networking devices that connects two or more devices or shared networks within the VPN infrastructure. It is designed as a connection or communication bridge between two or more remote sites, network or devices and/or to connect multiple VPNs together.
  • A VPN used to provide network security such as protect your computer and your information from sniffers (a computer Programmer that used decode data to spy, steal data, hijack devices, steals identities and etc.). Other than that, it provides secure security for the website session of the user as secure as a bank or other financial sites. Moreover, restrictions information that would lead to "freethinking" which a VPN allows users to have uncensored, secure access to anything on the internet. Some of the company used restrictions online imposed about where and when you can use their services.
  • A VPN has many other advantages. One of the advantages is enhanced security so that when someone connects to the network via VPN, the data is kept safe and encrypted which saves the information away from the hackers. Another advantage is share files where a VPN service can can be used if you have groups that need to share data for a long time. In addition, it provides better performance where the bandwidth and network efficiency can generally be improved once a VPN solution is implemented. 
Picture
  • When a user connects to a VPN, a "tunnel" (no one can go in or out through the tunnel,. only specific person can) is created and it acts as a secure line of communication. The communication passed through it cannot be read if intercepted vecause it has been encrypted. Only the VPN client on your computer and the VPN server know the key to the encryption so data only encrypted in transit. but instantly can be readable at the source and destination. The processes is as simple as logging in as far as the user is concerned. The rest is taken care for you by the chosen VPN provider.
Secure Modems
  • A secure modems is a networking devices that can be both modulates and demodulates analog which carry signals called sine waves. It is a process for encoding and decoding the digital information. The modem completes both tasks simultaneously. Therefore, the term modem is a combination of modulate and demodulate.
  • A secure modems has many advantages. One of the advantage is there is no limited access of the systems. Other than that, it convert digital signals to analog signals which means the modem is modulation or modulation. Another advantage is more useful in connecting LAN with the internet.

Intrusion Detection System (IDS)

  • An intrusion detection system (IDS) is a security software that works by monitoring system activities to inspect a vulnerability in the system. For example, when someone or something is trying to compromise an information system through malicious activities or through violation security policy,it will automatically alert the administrations and monitors the Internet to find the latest threats that could lead to further attacks.
  • An IDS has a lot of advantages. One of the advantages is the alert security system which has more accuracy and standard alarms understood by user. Another advantage is provides a user friendly interface which allows easy security management systems. Other than that, it can easily detect and report any changes to files and directories on the systems.
Image result for what is intrusion detection system
  • An IDS monitors your network for possible dangerous activities such as malicious acts and violations of security policy. When such a problem is detected, it will alerts the administration but doesn't necessarily take any other actions.
  •  A network intrusion detection system (NIDS) monitors packets moving into and out of a network or subset of a network. It could monitor all traffic, or just a selection, to catch security threats. 
  • A host intrusion detection system lives on and monitors a single host (such as a computer or device). It might monitor traffic, but it also monitors the activity of clients on that computer. 
References:

  • Techopedia.com. (2019). What is a VPN Gateway? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/30755/vpn-gateway [Accessed 16 Oct. 2019].
  • Learn How a VPN Protects Your Computer, Identity, and Privacy. (2019). The Balance. Retrieved 22 October 2019, from https://www.thebalance.com/how-vpn-protects-your-computer-and-privacy-4148267
  • Techopedia.com. (2019). What is a Modem? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/24118/modem [Accessed 16 Oct. 2019].
  • What is an Intrusion Detection System (IDS)? - Definition from Techopedia. (2019). Techopedia.com. Retrieved 21 October 2019, from https://www.techopedia.com/definition/3988/intrusion-detection-system-ids
  • 8 advantages of VPN that will help you improve your online experience.. (2010). ibVPN. Retrieved 21 October 2019, from https://www.ibvpn.com/2010/02/8-advantages-of-using-vpn/
  • What are the advantages and disadvantages of modem . (2019). Allinterview.com. Retrieved 21 October 2019, from https://www.allinterview.com/showanswers/60082/what-are-the-advantages-and-disadvantages-of-modem.html
  • Basics of Intrusion Detection System, Classifactions and Advantages. (2013). ElProCus - Electronic Projects for Engineering Students. Retrieved 21 October 2019, from https://www.elprocus.com/basic-intrusion-detection-system/
  • IDS vs. IPS in 2019: What is the Difference? - DNSstuff. (2019). DNSstuff. Retrieved 22 October 2019, from https://www.dnsstuff.com/ids-vs-ips



Posted by at No comments:

Monday, October 14, 2019

Network Security

TYPES OF HACKERS:
  • Gray Hat Hacker
    • A cracker who exploits a security weakness in a computer system or product in order to bring the weakness of the owners.
    • Gray hackers are breaking down laws and violating ethics, but their intent isn't malicious.
    • They hack without permission but the don't do harm. They Fix it.
  • Hobby Hacker
    • Focuses on making the traffic, the generated leads, the clients and the branding grow with the minimum investment.
    • E.g. Jordi Robert - Hobby to hack since he was 15 years old to make money.
  • Phreakers
    • Phone + Freaks
    • People who studies, equipment and explores telecommunication system on how it work.
    • Use different audio frequencies to manipulate a phone system.
    • Not as common nowadays as people rarely use telephone.
    • E.g. Public telephone, Elevator phone.
  • Script Kiddy
    • Also known as kiddie.
    • The hacker will use the existing script or any well-known script to hack any computer.
    • the hackers normally comes from the low education of programming.
  • Academic Hacker
    • An action of hacking the academic or any institution. This is mostly done by either by student or anyone in order to get what they want.
    • E.g. To change their grades or to know what is on the exam paper.
  • Black Hat Hacker
    • A person who attempts to find computer security vulnerabilities and exploit them for personal financial gain or other malicious reasons.
    • Can inflict major damage on both individual computer users and large organizations by stealing financial information, compromising the security of major systems, or shutting down or altering the function of websites and networks.
    • A person who hack with harm, who spread viruses, malicious and threats to destroy or damage the system/software.
  • Computer Security Hacker
    • Someone who explores methods for breaching defenses and exploiting weaknesses in computer system or network.
  • Hacktivist
    • They hack to protest.
  • White Hat Hacker
    • Known as Ethical Hacker.
    • Hacking with permission to fix the faults of the system.
Image result for what is white hat hacker
Image result for what is white hat hacker

Posted by at No comments:
Subscribe to: Comments (Atom)