Security| Rajan Kha Tharu

INTERNATIONAL SCHOOL OF
MANAGEMENT AND TECHNOLOGY

FACULTY OF COMPUTING

ASSIGNMENT COVER SHEET

This form is to be completed by students submitting assignments of level 4 and level 5.
Students are required to complete all sections and attach to your assignment.

STUDENT DETAILS

STUDENT NAME RAJAN KHA THARU

STUDENT ID [email protected]

UNIT AND ASSIGNMENT DETAILS

UNIT TITLE Unit 5: Security

UNIT NUMBER D/618/7406

ASSIGNMENT
Managing Network Security for an Organisation
TITLE

ISSUE DATE September 26, 2024 DUE DATE December 17, 2024

ASSESSOR Arpan Neupane

NAME

ESTIMATED 11718
WORD LENGTH

SUBMISSION

HAND IN DATE December 16, 2024

1
 Security| Rajan Kha Tharu

DECLERATION AND ACKNOWLEDGEMENT

When submitting assignments, each student must sign a declaration confirming
that the work is their own.

Plagiarism and Collusion

Plagiarism: to use or pass off as one’s own, the writings or ideas of another
without acknowledging or crediting the source from which the ideas are taken.

Collusion: submitting an assignment, project or report completed by another

person and passing it off as one’s.

In accordance with the Academic Integrity and Plagiarism Policy:

1. I declare that:
a) this assignment is entirely my own work, except where I have included fully-
documented references to the work of others,
b) the material contained in this assignment has not previously been submitted for any
other subject at the University or any other educational institution, except as
otherwise permitted,
c) no part of this assignment or product has been submitted by me in another (previous
or current) assessment, except where appropriately referenced, and with prior
permission from the Lecturer / Tutor / Unit Coordinator for this unit.

2. I acknowledge that:
a) if required to do so, I will provide an electronic copy of this assignment to the
assessor;
b) the assessor of this assignment may, for the purpose of assessing this assignment:
I. reproduce this assignment and provide a copy to another member of
academic staff;
II. communicate a copy of this assignment to a plagiarism checking service such
as Plagiarism Check (which may then retain a copy of this assignment on its
database for the purpose of future plagiarism checking).

I am aware of and understand that any breaches to the Academic Code of Conduct
will be investigated and sanctioned in accordance with the College Policy.

SIGNATURE Rajan Kha Tharu DATE December 16, 2024

2
 Security| Rajan Kha Tharu

Contents
Activity 1.....................................................................................................................................................1
Introduction:................................................................................................................................................1
Outline of ESS and Stamford Colleges....................................................................................................1
Types of security risk at Stamford College..................................................................................................1
Implication of Cyber Threats for Education Management.......................................................................3
Importance of Security Procedure Assessment........................................................................................4
Important Elements of the Security Procedure Evaluation......................................................................5
Methods of Assessment...............................................................................................................................5
The Best Methods for Evaluating Security Procedures............................................................................6
Difficulties in Evaluating Security Procedures........................................................................................7
Vital Parts of the Security Procedure Evaluation.....................................................................................7
Assessment Methodologies.........................................................................................................................8
Evaluation of the Security Policy in Place...............................................................................................8
Security Results.........................................................................................................................................10
Benefits of Network Monitoring:...........................................................................................................10
Third-Party VPN Clients and Servers' Features.....................................................................................12
Possible Hazards and Difficulties......................................................................................................12
Improving Network Security.....................................................................................................................13
Demilitarized Zone (DMZ)........................................................................................................................13
A DMZ's essential components include:................................................................................................13
The benefits of a DMZ for network security.........................................................................................13
Static IP.....................................................................................................................................................14
Upgrading Stamford College's Network Security using DMZ, Static IP, and NAT...................................15
Router Configuration.............................................................................................................................15
Static Routing........................................................................................................................................19
Configuration of DHCP inside Network................................................................................................20
DHCP Success.......................................................................................................................................21
Implementing DMZ..............................................................................................................................21
Configuration of firewall...................................................................................................................21
NAT Configuration...............................................................................................................................22
Testing Network Security..........................................................................................................................23

3
 Security| Rajan Kha Tharu

Ping from the internal network to the external one................................................................................23

Ping from the external network to the internal one................................................................................24
Key Parts of Static IP.............................................................................................................................24
Network Address Translation (NAT)........................................................................................................25
Function of NAT...................................................................................................................................25
Methodology for Assessing IT Security Risks.......................................................................................26
Evaluation of Countermeasures to Preserve Organizational Integrity: Operational Continuance and Data
Security.....................................................................................................................................................28
Physical Data Security Countermeasures and Operation:......................................................................29
Virtual Security Countermeasures for Protecting Data and Operations.................................................29
Potential Security Risks Because of Misconfigurations.........................................................................31
Misconfigured Cloud Authorizations.....................................................................................................32
Conclusion:...............................................................................................................................................37
Activity 2...................................................................................................................................................38
Introduction:..............................................................................................................................................38
purpose of document:............................................................................................................................38
A review of Stamford College's current risk assessment practices........................................................38
Procedures and Regulations for Data Protection applied to the College of Stamford................................39
Data protection Processes......................................................................................................................39
Regulatory Accountability.....................................................................................................................40
Obstacles and Advancements................................................................................................................40
An overview of Stamford College's suitable risk-management plan and ISO standard for IT security......41
Important Elements of the Risk-Management Plan...............................................................................41
Application of ISO/IEC 27001 to Stamford college IT Security...............................................................41
Advantages for Stamford College..........................................................................................................42
An overview of a suitable risk-management plan or implemented ISO standard and how it relates to
Stamford College's IT security..................................................................................................................42
Key Parts of ISO/IEC 27001 Application..............................................................................................42
Advantages to Stamford college............................................................................................................43
A review of the potential effects of an IT security audit on Stamford College's security..........................43
Key Highlights of an IT Security Review..............................................................................................44
An IT security audit's merits..................................................................................................................45

4
 Security| Rajan Kha Tharu

Suggestion for Adjusting IT Security at Stamford College to Authoritative Approach.........................45

Conclusion:...............................................................................................................................................46
Activity 3...................................................................................................................................................46
Introduction...............................................................................................................................................46
The proposed Stamford College security policy....................................................................................47
Objectives..........................................................................................................................................47
Essential Security Procedures................................................................................................................47
Administration of Third-Party Vendors.................................................................................................48
Strategy for Execution...............................................................................................................................49
Setting up Windows Server...................................................................................................................49
Stamford College Disaster Recovery Plan.................................................................................................59
Key Parts of the Arrangement...............................................................................................................60
The process of implementing Stamford College's IT security and disaster recovery plan into practice.....61
Planning Stage.......................................................................................................................................61
Framework Preparation and Updates.....................................................................................................61
Execution of Safety efforts....................................................................................................................61
Stakeholders and Their Functions in Disaster Recovery and IT Security at Stamford College..................62
The role of executive leadership:...........................................................................................................63
Function of the IT Department:.............................................................................................................63
The role of faculty and administrative staff...........................................................................................63
Disaster Recovery Team........................................................................................................................64
The role of faculty and administrative staff.......................................................................................64
Functions in the Execution of Security Audits.......................................................................................65
Audit Manager...................................................................................................................................65
Risk Management Team........................................................................................................................66
Elements of Virtual Security.................................................................................................................67
Virtual Private Network (VPNs)........................................................................................................67
Multi-Factor Authentication (MFA)..................................................................................................67
Important Policy Components for IT Security.......................................................................................68
Data protection and Protection Strategy............................................................................................69
Assessment of the Security Policy's Tools.................................................................................................70
Firewalls................................................................................................................................................70

5
 Security| Rajan Kha Tharu

Interruption Recognition and Avoidance Frameworks (IDS/IPS)..........................................................71

Anti-Virus\Anti-Malware Software.......................................................................................................71
Conclusion.................................................................................................................................................72
Bibliography...............................................................................................................................................73

Activity 1

Introduction:
Organizations, like Stamford School, are more vulnerable to IT-related safety threats in the
evolving digital world, such as ransomware attacks, sophisticated malware, and unwelcome
organizational disruptions. These risks pose a serious threat to important records' privacy,
accessibility, and reliability and have the potential to essentially disrupt work. This activity will
provide a more thorough evaluation of the threats that Stamford School is now dealing with,
examine its sophisticated assurance methods in general, and suggest sound countermeasures to
strengthen its virtual and physical defenses. By implementing these practices into training, the
organization can guarantee the constant strength and quality of its IT infrastructure.

Outline of ESS and Stamford Colleges

Everlasting Wellbeing Safeguard (ESS) is a prestigious and driving organization security
arrangement provider which has some expertise in exhaustive security reviews, significant and
reasonable ideas, and the sending serious areas of strength for of foundations. Serving
organizations in different areas, ESS shields its clients' organizations from a great many physical
and saw takes a chance while keeping up with network usefulness.

Stamford School whose primary areas of review are software engineering and designing is an
instructive foundation with 1500 understudy and 65 staffs. A Virtual Learning Stage (VLP), HR
servers, and an Understudy Data Framework (Sister) are all important for its IT design. In any
case, obsolete advances and unfortunate security techniques made the school vulnerable. This
prompted in a huge ransomware attack in 2020 that caused the deficiency of extremely
significant information, highlighting the need of further developed safety efforts.

6
 Security| Rajan Kha Tharu

Types of security risk at Stamford College

There are a number of IT security threats that could compromise the privacy, dependability, and
connectivity of sensitive data provided by institutions like Stamford College.

Figure 1: Types of security Risk or Cyber Security

Malware:

Ransomware, Trojan horses, worms, viruses, and spyware are all considered forms of malicious
software, or malware. These programs are capable of system damage, data theft, and disruption.

Phishing:

Phishing attacks aim to deceive people into disclosing private information, including credit card
numbers or login numbers. These assaults frequently use SMS messages or emails that look to be
from reliable sources.

Ransomware:

Ransomware renders a victim's data unreadable by encrypting it. In order to decode the data, the
attackers then demand a ransom.

Denial-of-services (DoS) (Attacks:

DoS attacks flood a system with traffic, preventing authorized users from accessing it.

7
 Security| Rajan Kha Tharu

Man-in-the-Middle (MitM) Attacks:

MitM attacks allow the attacker to intercept and alter communications or acquire data between
two parties.

Zero-Day Attacks:

Zero-day attacks take advantage of software flaws that the vendor is unaware of. Due to the lack
of a patch to address the vulnerability, these assaults can be especially risky.

Social Engineering:
Social engineering assaults use psychological tricks to fool victims into clicking on harmful
websites or divulging private information.
Even though we've concentrated on the top eight dangers, it's crucial to comprehend the
fundamentals of cybersecurity.

Insider Threats:
An insider threat is a kind of cyberattack that comes from someone who is employed by a
company or has permission to access its systems or networks. An insider threat could be
malevolent, inadvertent, or deliberate and could come from a current or former employee,
consultant, board member, or business partner.

Implication of Cyber Threats for Education Management

Threats from cyberspace can affect data security, learning continuity, and institutional
operations, posing serious dangers to education administration. Legal repercussions and privacy
violations may result from data breaches that reveal private student and employee information.
Ransomware is one type of cyberattack that interferes with educational systems, creating
downtime and disrupting instruction. In terms of finances, organizations must deal with
increased insurance premiums, ransom payments, and recovery expenses. Reduced staff
retention and enrollment may be the outcome of reputational harm and a decline in trust. IoT
devices and remote learning can create vulnerabilities, and governance and regulatory issues can
make administration even more difficult.

8
 Security| Rajan Kha Tharu

By Implementing robust cybersecurity measures, holding frequent training sessions, and creating
incident response plans are all necessary for educational institutions to reduce these threats and
guarantee the security of both their digital and physical spaces.

Importance of Security Procedure Assessment

It is crucial to evaluate security measures for a number of reasons:

 Finding Vulnerabilities: Security evaluations assist in locating possible weaknesses in

the network, applications, infrastructure, and procedures of a business. Organizations can
take the required actions to mitigate vulnerabilities before malevolent actors take
advantage of them by proactively identifying them.

 Risk Mitigation: By carrying out a security assessment, businesses may efficiently

evaluate and rank threats. It lowers the possibility of security breaches and the expenses
that come with them by enabling them to deploy resources and put security measures in
place where the risk is greatest.

 Compliance Requirements: Security and data protection regulations apply to many

businesses. Organizations can maintain compliance with industry standards and
regulations by conducting frequent security evaluations. It assists in proving due
diligence in safeguarding private data, preventing negative financial and legal outcomes.

 Incident Response Preparedness: Organizations can examine their incident response

capabilities with the aid of a security assessment. Organizations can improve their
capacity to manage security issues by detecting any flaws in their incident detection,
response, and recovery procedures.

 Establishing Trust: Clients, partners, and stakeholders can be won over by showcasing a
dedication to security through frequent evaluations. It boosts the organization's credibility
and reputation by assuring them that their data and information are sufficiently protected.

9
 Security| Rajan Kha Tharu

Important Elements of the Security Procedure Evaluation

 Define the scope and goals: Decide which assets, data, and systems require evaluation,
and rank the most important areas according to their possible influence.
 Determine Critical Assets and Threats: Determine which assets are important and
carry out a threat analysis, taking into account both external and internal hazards.
 Evaluate Vulnerabilities and Impacts: Take into account the potential effects on
people, operations, and reputation while evaluating vulnerabilities in systems, processes,
and assets.
 Determine Impact and Likelihood: Evaluate the possibility that threats may take
advantage of weaknesses and categorize risks as low, moderate, or high depending on the
possible consequences.
 Create Mitigation methods: Establish a structured risk treatment strategy and develop
risk mitigation methods, such as risk avoidance, transfer, or acceptance, based on risk
appetite and tolerance.
 Frequent cycle of review: Stay ahead of new dangers by regularly reviewing and
monitoring the risk environment.

Methods of Assessment
There are various approaches that can be applied to the analysis of corporate security protocols:

 Quantitative: The procedure gains analytical rigor with the use of quantitative methods.
Dollar values are assigned to risks and assets. Following that, the risk assessment can be
provided in financial manner that board members and executives can comprehend.
Prioritizing mitigation strategies is made possible by cost-benefit analysis.
 Qualitative: Qualitative techniques approach risk assessment more journalistically than
quantitative methods, which adopt a scientific approach. Assessors meet with individuals
from many areas of the company. Workers discuss if or how they would complete their
tasks in the event that a system went down. Using this information, assessors classify
hazards into general categories like High, Medium, and Low.

10
 Security| Rajan Kha Tharu

 Semi-Quantitative: Some businesses will build semi-quantitative risk evaluations by

combining the earlier approaches. With this method, businesses will assign a numerical
risk value using a scale, such 1–10 or 1-100. Items with a lower third score are classified
as low risk, those with a middle third score as medium risk, and those with a higher third
score as high risk.
 Asset-Based: Organizations typically evaluate IT risk using an asset-based methodology.
The technology, software, and networks that manage an organization's data—as well as
the data itself—make up assets.
 Vulnerability-Based: The scope of risk assessments is extended beyond an
organization's assets via vulnerability-based techniques. Examining organizational
systems' or their operating environments' acknowledged flaws and shortcomings is the
first step in this approach.
 Threat-Based: A more thorough evaluation of an organization's entire risk posture can
be obtained using threat-based approaches. This method assesses the risk-causing factors.
Since assets and their controls contribute to these conditions, an asset audit will be
included in the evaluation.

The Best Methods for Evaluating Security Procedures

One or more of the following are commonly included in a security risk assessment:

 Facility analysis: the organization's buildings' physical security is assessed through

facility analysis. For instance, confirming that the company has a dependable emergency
power backup and examining how alarm systems, cameras, and locks deter physical
intrusion.
 Server analysis: checks for problems such server redundancy, malware protection,
authentication, and authorization when assessing the security of servers and other
mission-critical computing systems.
 Network analysis: assesses wireless networks, firewalls, switches, routers, and other
network equipment, as well as internal and external networks.
 Data security analysis: assesses the organization's methods for storing, classifying,
encrypting, and granting access to sensitive data.

11
 Security| Rajan Kha Tharu

 Company policy: assessing risk management strategies, business continuity plans,

disaster recovery plans, IT policies, including Bring Your Own Device (BYOD) policies,
and security protocols.
 Third-party security analysis: assessing each of the aforementioned factors for every
third party with access to the business's systems.

Difficulties in Evaluating Security Procedures

It might be difficult to evaluate security protocols for a number of reasons:

 Complexity of Systems: The interconnected systems seen in many modern IT

environments might make it more challenging to uncover vulnerabilities and evaluate
security measures.
 Changing Threat Landscape: Because cyber threats are ever-changing, it can be
difficult to maintain security protocols current and evaluate their effectiveness against
novel attack techniques.
 Lack of Resources: Businesses may not have the funds or manpower to adequately
assess and put into place strong security protocols, which could result in security flaws.
 Human error: Because security evaluations depend on human judgment and input, they
may overlook or misjudge the dangers.
 False Sense of Security: Without carrying out in-depth analyses or taking new threats
into account, some businesses may believe existing security protocols are adequate.

Vital Parts of the Security Procedure Evaluation

Assessing security systems is a basic move toward guarantee the vigor of an association's guards
against possible dangers. The imperative pieces of this assessment include:

 Danger Distinguishing proof: This includes perceiving the particular dangers that the
association might confront, for example, cyberattacks, insider dangers, and actual breaks.
Understanding the danger scene is fundamental for fitting safety efforts actually.
 Evaluation of Existing Measures: Surveying current security controls, like firewalls,
access strategies, encryption conventions, and actual safety efforts, recognizes qualities

12
 Security| Rajan Kha Tharu

and shortcomings in the framework. This step guarantees that holes in assurance are
uncovered.
 Episode Reaction Plans: Assessing the status and viability of the association's reaction to
security breaks is vital. This incorporates evaluating conventions for identifying,
moderating, and recuperating from episodes.
 Administrative Consistence: Guaranteeing that the association complies to significant
regulations, norms, and best practices in network safety and information security is
fundamental. Resistance can bring about legitimate punishments and reputational harm.
 Execution of Safety Instruments: Testing and reviewing apparatuses like interruption
discovery frameworks (IDS), firewalls, and antivirus programming guarantees they are
working ideally and are exceptional

Assessment Methodologies
To accomplish viable evaluation of authoritative safety efforts, think about the accompanying
suggested rehearses:

 Normal booking: Perform assessments on a customary timetable, frequently consistently

or at regular intervals, to guarantee an ongoing consciousness of the degree of safety.
 Extensive degree: Guarantee that each relevant perspective related with the organization's
wellbeing are considered in the survey.
 Autonomy: Think about drawing in free outsider assessors to give an unprejudiced
survey.
 Partner contribution: Connect with key partners from all divisions to guarantee an all-
encompassing image of safety techniques.

Evaluation of the Security Policy in Place

While Stamford College's current security policy offers a solid framework for safeguarding its IT
systems and private information, a thorough examination identifies a number of areas that may
use improvement. Although the policy covers fundamental topics like network security, physical
protections, and access control, it is devoid of sophisticated setups like strong network
segmentation and extensive encryption standards. Furthermore, frequent staff and student
training and awareness programs—which are essential for reducing human-related vulnerabilities
like phishing or social engineering attacks—are not given enough attention.

13
 Security| Rajan Kha Tharu

To guarantee legal compliance, the policy also needs more precise documentation and
conformity with regulatory standards, such as GDPR. The incident response framework has a
serious flaw in that there is no comprehensive strategy for handling breaches, containment, or
recovery. Additionally, to these holes through improvements in clearness, specialized
arrangements, episode reaction arranging, and partner preparing will significantly fortify
Stamford College’s security pose.

Figure 2: Security Policy

The ongoing approach of Stamford School incorporates the greater part of the significant parts
and shows clear and strong points. A few useful qualities of the gave security strategy include:

 Clear and allowable use direction: The approach specifies that the offices presented by
the school, for example, web access and email accounts, ought to be centered around
scholarly reasons.
 Disallowance of questionable substance: The arrangement explicitly confines the
creation, review, or transmission of hostile, revolting, or foul things.

14
 Security| Rajan Kha Tharu

 Advancement of a protected climate: The strategy looks to give a protected and regarded
climate for both staff and understudies.
 Client obligation: The arrangement underlines that understudies and clients ought to be
dependable and adhere to the given guidelines to forestall unsatisfactory utilization of the
school organization.
 approvals of infringement: The approach plainly characterizes the potential
authorizations in the event of ill-advised utilization of the school organization.
 Consistence gauges: The strategy specifies that following admonitions, in the event that
infractions keep on happening, there will be a brief loss of administration, and for
additional outrageous cases, quick suspension.

Security Results
Benefits of Network Monitoring:
Network monitoring includes the tracking and inventory of devices on a network, as well as the
gathering and analysis of network performance data. In order to notify IT of possible issues
almost instantly, live network performance data is monitored and contrasted with historical
averages or preset criteria (Traore, 14 march, 2024).

Figure 3: Benefits of Network monitoring

Enhanced Network Security:

15
 Security| Rajan Kha Tharu

Ceaseless observing recognizes dubious exercises, for example, unapproved access endeavors,
malware diseases, or strange traffic designs. This permits associations to answer rapidly to likely
dangers and moderate dangers before they raise.

Improved Performance:

Network observing guarantees ideal execution by distinguishing and resolving issues like data
transmission bottlenecks, idleness, or equipment disappointments. This prompts smoother
activities and better client encounters.

Limited Free time:

By identifying issues continuously, network observing takes into consideration proactive

investigating. This lessens the probability and length of blackouts, guaranteeing basic
frameworks stay accessible.

Efficient Resources Allocation:

Observing gives experiences into asset use, like transfer speed and server limit. This empowers
better preparation and assignment, guaranteeing assets are utilized effectively and forestalling
over-burdening.

Consistence and Revealing:

Numerous enterprises require consistence with administrative norms. Network observing aides
track and log exercises, guaranteeing consistence while improving on announcing for reviews.

Cost Saving:

Proactively recognizing and settling issues forestalls exorbitant margin time and decreases the
requirement for crisis fixes or framework upgrades. It additionally broadens the life expectancy
of organization equipment by guaranteeing ideal use.

Third-Party VPN Clients and Servers

Secure communication channels for distant users, partners, or devices are made available to
companies by third-party Virtual Private Network (VPN) clients and servers. In order to preserve

16
 Security| Rajan Kha Tharu

secrecy and safeguard data, these services enable encrypted communications via the internet. But
they also bring with them special advantages and difficulties.

Figure 4:Remote Access VPN

Third-Party VPN Clients and Servers' Features

 Secure Remote Access: By preventing data eavesdropping, third-party VPNs allow users
or employees to safely access an organization's internal network from distant locations.
 Implementation Ease: A lot of third-party VPN options are simple to use and can be set
up fast without a lot of technical know-how.
 Cost-Effectiveness: By removing the need to develop and maintain internal
infrastructure, third-party VPNs lower initial and ongoing expenses.
 Scalability: These solutions may readily grow to meet the demands of the company,
adding more users or connections without requiring major adjustments to the
infrastructure.
 Reliability: Reputable third-party suppliers frequently have strong infrastructure,
guaranteeing users high availability and little downtime.

Possible Hazards and Difficulties

 Data Privacy Issues: Using a third-party service entail entrusting them with private
information. Inadequate data handling procedures from the provider may result in privacy
violations.

17
 Security| Rajan Kha Tharu

 Configuration errors: Improperly set up third-party VPN clients or servers can increase
risks by exposing the network to illegal access or compromising encryption.
 Vendor Lock-In: Reliance on a single supplier could make switching to a different one
difficult, particularly if incompatibilities occur.
 Compliance Risks: The provider may violate regulations if their operations don't comply
with data residency rules or regulatory norms.
 Performance Problems: A third-party VPN's performance may be impacted by outside
variables like provider server load or geographic distance, which could have an effect on
the user experience.

Improving Network Security

Demilitarized Zone (DMZ)

Demilitarized zones, often known as DMZs, are perimeter networks that shield an organization's
internal local area network from unauthorized traffic and provide an additional degree of security
(Raskin, 2022).

Allowing an organization to access untrusted networks, like the internet, while maintaining the
security of its private network, or LAN, is the ultimate purpose of a demilitarized zone network.
The DMZ is usually where organizations store resources and services that are visible to the
outside world, along with servers for the Domain Name System (DNS), File Transfer Protocol
(FTP), mail, proxy, Voice over Internet Protocol (VoIP), and web servers.

A DMZ's essential components include:

De-Militarized Zones, or DMZs, are secure network segments created to safeguard an
organization's internal systems while permitting external access to services that are visible to the
public, such as email and web servers. With stringent access restrictions and firewalls on either
side to manage traffic, it is cut off from both the internal network and the internet. The DMZ
reduces the attack surface, guarantees safe data transfers, and employs improved monitoring in
conjunction with intrusion detection systems to identify potential dangers. A DMZ lowers risk
and strengthens the overall network security strategy by hosting only necessary services and
isolating them from the internal network.

18
 Security| Rajan Kha Tharu

The benefits of a DMZ for network security

 Isolation: A DMZ reduces risk and potential damage in the event that a public server is
compromised by keeping visible-facing services apart from the internal network.
 Access Control: To minimize potential weak points, firewalls can be configured to allow
only essential connection between the internal network and the DMZ.
 Monitoring: Any strange or suspicious activity can be continuously seen in
communications to and from the DMZ.

Figure 5: Demilitarized Zone (DMZ)

Static IP
An internet protocol address, or IP address, serves as a device's unique identity when connected
to the internet. In the same way that humans use phone numbers to find and communicate with
each other over the phone, computers use IP addresses to find and communicate with each other
on the internet. Geographic location data and the hosting provider are two examples of the
information that may be obtained from an IP address (Gillis, 2021).

19
 Security| Rajan Kha Tharu

Upgrading Stamford College's Network Security using DMZ, Static IP, and NAT

Figure 6: Network Security of Stamford College

Using a Cisco ASA 5505 firewall, the network has been carefully built to protect the college's
digital assets from online attacks. By effectively reducing online threats and adding an extra
layer of network security, this firewall is expertly designed to improve Stamford College's
security posture.

Router Configuration
Router 1

20
Security| Rajan Kha Tharu

21
 Security| Rajan Kha Tharu

Router 2

22
Security| Rajan Kha Tharu

23
 Security| Rajan Kha Tharu

Static Routing

24
 Security| Rajan Kha Tharu

Configuration of DHCP inside Network

25
 Security| Rajan Kha Tharu

DHCP Success

Implementing DMZ
Configuration of firewall

26
 Security| Rajan Kha Tharu

NAT Configuration

27
 Security| Rajan Kha Tharu

Testing Network Security

Ping from the internal network to the external one

28
 Security| Rajan Kha Tharu

Ping from the external network to the internal one

Key Parts of Static IP

A Static IP address is a fixed and perpetual IP address relegated to a gadget, which stays steady
across network meetings. Here are its key perspectives:

 Super durable Task: Dissimilar to a unique IP address, which changes occasionally, a

static IP is forever relegated to a gadget, giving reliable recognizable proof on an
organization.
 Unwavering quality for Facilitating Administrations: Static IPs are fundamental for
facilitating servers, sites, or email administrations, as they guarantee that the location
doesn't change, making it more straightforward for clients or frameworks to dependably
interface.
 Simplicity of Remote Access: With a static IP, distant clients can undoubtedly interface
with the organization or explicit gadgets, as the location stays consistent and
unsurprising.
 Improved on DNS The executives:

29
 Security| Rajan Kha Tharu

 Static IPs work on the design of space name administrations (DNS) and guarantee that
administrations like sites, VPNs, or document sharing stages are generally reachable at a
similar location.
 Upgraded Security: While a static IP might open the gadget to additional designated
assaults, it likewise empowers better security setups, for example, IP-based admittance
limitations or firewall rules custom fitted to explicit addresses.

Network Address Translation (NAT)

An internal network's private IP addresses are converted to public ones by NAT before packets
are routed to an external network.

Figure 7: Network Address Translation

Function of NAT
Network Address Interpretation (NAT) is a systems administration procedure used to change IP
address data in parcel headers while information is on the way across a switch or firewall. Its
essential jobs include:

 IP Address Preservation: NAT empowers various gadgets on a confidential

organization to share a solitary public IP address. This moderates the restricted pool of
IPv4 addresses, lessening the requirement for exceptional public IPs for each gadget.

30
 Security| Rajan Kha Tharu

 Network Security: By concealing the inside IP locations of gadgets, NAT gives an extra
layer of safety. Outer substances can't straightforwardly get to gadgets behind the NAT,
decreasing the assault surface.
 Empowering Private Organizations: NAT permits private IP locations to be utilized
inside an association while as yet empowering correspondence with outer organizations,
like the web.
 Improving on Organization The board: NAT improves on inward organization the
board by permitting associations to utilize a steady scope of private IP addresses, in any
event, when their public IP address changes.
 Working with Organization Covers: In circumstances where two organizations with
covering private IP ranges blend, NAT can assist with planning one territory to
extraordinary IPs, forestalling clashes and empowering correspondence.
 Dynamic IP Portion: NAT powerfully makes an interpretation of private IPs to a
common public IP, empowering effective utilization of the public location and supporting
unique conditions like those in cloud administrations or huge undertakings

Methodology for Assessing IT Security Risks

A risk assessment technique in cybersecurity is a procedure or framework for locating,
analyzing, and addressing possible risks, threats, and weaknesses in the technical infrastructure
of an organization (Veiga, 1998).

31
 Security| Rajan Kha Tharu

Figure 8: IT Security Risk Management Model

Identifying Risks

The process of identifying and recording possible risks and weaknesses that might affect an
organization's resources, activities, or goals is known as risk identification. Key assets like data,
software, and hardware must be identified, threats like cyberattacks and natural catastrophes
must be evaluated, and vulnerabilities must be found using tools like vulnerability scanners and
audits. In order to guarantee a thorough grasp of risks, the procedure involves important
stakeholders and records possible outcomes. A prioritized list of risks is the end result, enabling
companies to proactively handle them and guarantee resilience and the preservation of vital
resources.

Analyzing Risks

Analyzing risks entails assessing them to determine their likelihood and possible consequences.
This procedure evaluates a risk's likelihood of happening as well as any possible repercussions,
such monetary loss or harm to one's reputation. Organizations can better prioritize risks by
classifying them according to their probability and severity, usually using a score system (e.g.,
high, medium, low). Finding the most important risks is the aim of risk analysis, which helps

32
 Security| Rajan Kha Tharu

businesses allocate resources wisely and put suitable mitigation plans in place. In the end, this
procedure enables companies to proactively manage risks and reduce any harm.

Risk Assessment

Risk assessment implies contrasting the consequences of hazard investigation against predefined
measures to decide if a gamble is OK or requires activity. It focuses on gambles with in view of
their effect and probability, frequently utilizing a scoring framework or hazard network. This
assists associations with zeroing in on high-need takes a chance with that could hurt, while
lower-need dangers might be acknowledged or checked. The objective is to guarantee productive
asset assignment, tending to the most basic dangers and adjusting the expenses of relief with
likely advantages. At last, risk assessment illuminates’ direction and guides the general gamble
the executive’s system.

Risk Treatment

Risk treatment implies creating and executing techniques to address recognized gambles,
expecting to limit their possible effect or probability. It is the stage in the gamble the executives
cycle where choices are made on the most proficient method to deal with the dangers in light of
their seriousness and prioritization. The essential choices for risk treatment are:

 Risk Aversion: Changing plans or cycles to wipe out the gamble totally. This could
include changing specific exercises or approaches that open the association to the
gamble.
 Risk Decrease: Executing controls or measures to diminish the probability or effect of the
gamble. This can incorporate safety efforts, process upgrades, or extra preparation.
 Risk Sharing: Moving the gamble to an outsider, like buying protection or re-
appropriating specific tasks to decrease openness to the gamble.

33
 Security| Rajan Kha Tharu

 Risk Maintenance: Tolerating the gamble when its effect is negligible or the expense of
alleviating it offsets the expected harm. For this situation, the association intends to deal
with the outcomes assuming that the gamble happens

Constant Observation and Evaluation

An ongoing procedure that guarantees the efficacy of risk management plans and enables
companies to react to emerging or changing threats is continuous monitoring and review. During
this phase, identified risks are routinely tracked, the effectiveness of mitigation measures put in
place is evaluated, and the strategy is modified as necessary to account for evolving conditions.

Evaluation of Countermeasures to Preserve Organizational Integrity: Operational Continuance

and Data Security
Protecting sensitive data and making sure that corporate operations continue to run smoothly in
the face of interruptions require maintaining organizational integrity, especially through data
security and operational continuity. Effective countermeasures must be put in place to reduce
data security threats, guard against illegal access, and guarantee business continuity. The
evaluation of these countermeasures is determining how well they work to stop, identify, and
address possible threats and disruptions.

Physical Data Security Countermeasures and Operation:

Encryption: Encryption guarantees that information, whether put away or on the way, stays
incomprehensible to unapproved clients. It shields delicate data from information breaks,
guaranteeing secrecy and uprightness. Ordinary evaluation of encryption guidelines and key
administration rehearses is vital for keeping up with adequacy.

Access Control: Carrying out powerful access control components, for example, multifaceted
verification (MFA), job-based admittance control (RBAC), and least honor access, limits
information admittance to just approved staff. Standard reviews and checking assist guarantee
consistence with access strategies.

Information Misfortune Anticipation (DLP): DLP frameworks help screen, recognize, and
forestall unapproved endeavors to get to or send delicate information. These devices are

34
 Security| Rajan Kha Tharu

fundamental in forestalling information releases and keeping up with the respectability of

hierarchical information.

Customary Reinforcements: Routinely backing up basic information to get, off-site areas

guarantees that information can be reestablished in the event of a break, debasement, or
catastrophe. This countermeasure is fundamental for relieving information misfortune and
empowering recuperation.

Virtual Security Countermeasures for Protecting Data and Operations

Virtual security countermeasures are crucial for protecting data and ensuring operational
continuity in an increasingly digital world. These measures focus on securing virtualized
environments, cloud infrastructures, and digital assets, which are often vulnerable to various
cyber threats. Here’s an overview of key virtual security countermeasures to safeguard data and
maintain operational resilience.

Firewalls and Virtual Private Networks (VPNs)

Firewalls: Virtual firewalls help monitor and control network traffic between virtual
environments, preventing unauthorized access and filtering malicious traffic. They are essential
for protecting cloud-based networks and virtualized systems, acting as the first line of defense.

Encryption

Data Encryption: Encrypting data both at rest (stored data) and in transit (data being transferred)
ensures that even if data is intercepted or accessed without authorization, it remains unreadable.
Virtual environments often leverage advanced encryption standards to protect data across cloud
storage and virtual machines.

Multi-factor Authentication (MFA)

MFA adds an extra layer of security by requiring users to authenticate with more than one factor,
such as a password and a one-time code sent to their phone. This significantly reduces the risk of
unauthorized access to virtual environments.

Virtualized Intrusion Detection and Prevention Systems (IDPS)

35
 Security| Rajan Kha Tharu

Intrusion Detection Systems (IDS): IDS continuously monitor virtual networks and systems for
suspicious activity. They detect potential threats, such as unauthorized access attempts, malware,
or abnormal behavior.

Cloud Security Solutions

Cloud Access Security Brokers (CASBs): CASBs provide visibility and control over cloud
applications used within an organization, ensuring that data stored in the cloud is secure. CASBs
can enforce security policies, monitor usage, and prevent unauthorized cloud service access.

Backup and Disaster Recovery

Cloud Backups: Regular backups of virtual systems and data are critical for recovery in case of a
cyberattack, data corruption, or system failure. Cloud-based backup solutions offer scalability
and redundancy, ensuring that critical data can be restored when needed.

Virtual Security Monitoring and Auditing

Security Information and Event Management (SIEM): SIEM systems collect and analyze
security event data from across virtualized environments to identify potential threats. By
integrating with virtual infrastructure, SIEM tools provide real-time insights into security
incidents and enable quick responses.

Potential Security Risks Because of Misconfigurations

Misconfigurations in IT frameworks, whether in equipment, programming, or cloud conditions,
can open associations to huge security chances. Inappropriately designed frameworks can furnish
aggressors with chances to take advantage of weaknesses, gain unapproved access, or cause
interruptions to basic administrations. The following are some potential security gambles coming
about because of misconfigurations:

Open Ports and Superfluous Administrations

Risk: When superfluous ports are left open or unmonitored, or when benefits that are not
required are running, aggressors can take advantage of these uncovered places of passage. This
could permit unapproved clients to get to delicate frameworks, prompting information breaks,
malware contaminations, or refusal of-administration (DoS) assaults.

36
 Security| Rajan Kha Tharu

Inappropriately Designed Firewalls

Risk: Firewalls are a basic part of organization security, yet on the off chance that they are
misconfigured, they might neglect to impede malignant traffic or permit unapproved admittance
to delicate frameworks. This can make weaknesses that aggressors can take advantage of to
acquire unapproved admittance to inner organizations.

Powerless or Default Passwords

Risk: Utilizing powerless, default, or effectively guessable passwords for basic frameworks (like
switches, data sets, or cloud administrations) makes it more straightforward for aggressors to get
entrance. This is a typical misconfiguration, particularly when gadgets are conveyed without
getting managerial records.

Misconfigured Cloud Authorizations

Risk: Cloud conditions frequently give granular command over authorizations; however ill-
advised arrangements can incidentally uncover touchy information or frameworks.
Misconfigurations in distributed storage, access controls, and arrange settings can permit
unapproved clients to see or adjust delicate information.

Deficient Security Fixes and Updates

Risk: Neglecting to apply security fixes or updates immediately can leave frameworks helpless
against known takes advantage of. Aggressors habitually target frameworks that poor person
been refreshed with the most recent security fixes, utilizing these unpatched weaknesses to send
off assaults.

Inappropriate Information base Setup

Risk: Information bases that are misconfigured — whether through powerless validation settings,
lacking encryption, or excessively tolerant access control — can turn into a critical security risk.
Misconfigured data set servers can permit aggressors to take, alter, or erase basic information.

Over the top Client Honors

37
 Security| Rajan Kha Tharu

Risk: Doling out over the top consents or access freedoms to clients or administrations expands
the gamble of insider dangers and lessens the capacity to restrict harm in case of a break. On the
off chance that a framework or client is compromised, the aggressor might have a greater number
of honors than needed to take advantage of the organization or take information.

Inappropriately Designed VPNs

Risk: Misconfigured virtual confidential organizations (VPNs) can uncover an associations

inside organization to outside dangers by giving shaky remote access. Issues like frail
encryption, deficient verification, or inappropriate division of traffic can permit assailants to
sidestep security guards.

Evaluation of the Effectiveness of Security Countermeasures

Establishing a robust security posture requires assessing the efficacy of security

countermeasures. Regular audits, penetration tests, and monitoring using tools like SIEM
systems to identify risks in real time are all part of this process. In addition, it entails evaluating
user awareness initiatives, controlling vulnerabilities, making sure regulations are followed, and
taking lessons from previous security events. Assessing security maturity is further aided by
benchmarking against industry standards. Organizations may fortify their defenses, safeguard
confidential information, and guarantee business continuity by consistently assessing and
improving these techniques.

38
Security| Rajan Kha Tharu

39
Security| Rajan Kha Tharu

40
Security| Rajan Kha Tharu

41
Security| Rajan Kha Tharu

42
 Security| Rajan Kha Tharu

Conclusion:
Stamford College needs to improve its IT security in order to protect its data and preserve
operational resilience. By addressing identified risks and implementing focused
countermeasures, the company may strengthen system confidence and better safeguard its digital
assets. Stamford College will show its commitment to a safe and reliable IT environment by
putting these enhanced security protocols into place, effectively serving its staff and students.

Activity 2

Introduction:
In this computerized time, getting touchy data is significant for each organization. Stamford
college’s acknowledgment on solid IT security safeguards contrary to assorted dangers and
weaknesses, ensuring realities assurance and consistence. This action features the college's
contemporary IT security structure, breaks down unambiguous wellbeing issues, and shows
moves up to line up with best practices.

purpose of document:
The reason for this paper is to survey and further develop the current data innovation security
frameworks in Stamford college. It assists with figuring out the existed gambles, decide
measures for their use and actually look at an association's adherence to the standards of the

43
 Security| Rajan Kha Tharu

chose field. It targets upgrading execution of IT in the school and generally speaking guard of
data as well as improving business congruity directly following security dangers. Also, the report
gives proposals to upgrade security assurance and decrease gambles for Stamford college.

A review of Stamford College's current risk assessment practices

Stamford college's ongoing gamble evaluation methods mean to distinguish, investigate, and
alleviate potential security dangers to its IT framework, information, and activities. These
strategies start with risk recognizable proof, where potential weaknesses, for example,
unapproved access, information breaks, malware assaults, and insider dangers are recorded. This
stage frequently includes cooperation with partners, reviews, and surveys of past security
episodes to comprehend the college's gamble scene.

The following stage is risk investigation, where the distinguished dangers are assessed in view of
their probability and possible effect. Devices, for example, weakness scanners and hazard
networks might be utilized to sort gambles as high, medium, or low need. Following this, risk
assessment decides the college's gamble resilience and distinguishes regions requiring prompt
consideration or further checking.

Risk treatment implies carrying out countermeasures to address the recognized dangers. These
incorporate firewalls, interruption discovery frameworks, encryption conventions, and actual
safety efforts like reconnaissance frameworks and controlled admittance to basic regions.
Stamford college likewise integrates occasional checking and audit to guarantee that executed
measures stay successful and adjust to developing dangers.

While the strategies are powerful, potential holes exist, for example, the requirement for
upgraded preparing projects to decrease human blunder, refreshed design the board to forestall
weaknesses, and more far-reaching episode reaction plans. By tending to these areas, Stamford
college can reinforce its gamble evaluation structure and guarantee better insurance for its IT
framework and information resources.

Procedures and Regulations for Data Protection applied to the College of Stamford.
Stamford College adheres to strict data protection policies and procedures in order to protect
private data, guarantee adherence to legal requirements, and preserve stakeholder trust. These

44
 Security| Rajan Kha Tharu

procedures comply with applicable national and educational data privacy standards as well as
data protection legislation like the General Data Protection Regulation (GDPR).

Data protection Processes

Information Assortment and Characterization: The school guarantees that information is gathered
legally, straightforwardly, and for explicit purposes. Individual information is arranged in light
of responsiveness, with extraordinary taking care of for classifications like understudy records,
staff data, and monetary information.

 Access Control: Admittance to information is confined in light of jobs and obligations.

Multifaceted verification (MFA) and secret word arrangements are executed to forestall
unapproved access.
 Data Capacity and Encryption: Information is safely put away on scrambled servers,
both on-premises and in cloud conditions. Reinforcement processes are directed routinely
to safeguard against information misfortune.
 Data Utilization and Sharing: Use arrangements guarantee that individual information
is handled exclusively for genuine purposes and imparted to outsiders just under severe
arrangements guaranteeing classification.
 Incident Reaction and Recuperation: The school has an occurrence reaction plan set up
to expeditiously address breaks. This incorporates advising impacted parties, containing
the break, and inspecting cycles to forestall repeat.
 Customary Reviews and Observing: Routine reviews and framework checking are
directed to guarantee consistence with information security strategies and recognize
weaknesses.

Regulatory Accountability
GDPR Compliance: Stamford College complies with the following GDPR guidelines:

 Data minimization is the process of gathering just the information required for a given
goal.
 Accountability: Using records and frequent audits to show compliance.
 Rights of Data Subjects: Guaranteeing that people can view, edit, or ask for their data to
be deleted.

45
 Security| Rajan Kha Tharu

Notifications of Data Breach: The college complies with laws that mandate that data breaches
be reported to the appropriate authorities within a certain amount of time. For new systems or
procedures, privacy impact assessments (PIAs) are carried out in order to assess potential privacy
concerns and put in place the required protections (Sanchez, 1998).

Obstacles and Advancements

Despite the thoroughness of Stamford College's data protection procedures, constant
enhancements are required to handle changing threats. Continuous compliance and protection are
guaranteed by improved user training, automatic data management systems, and frequent policy
updates. These procedures show how dedicated Stamford College is to upholding strong data
security and following relevant laws.

An overview of Stamford College's suitable risk-management plan and ISO standard for IT
security
To safeguard its vital resources and maintain business continuity, Stamford College must detect,
assess, and mitigate IT security threats as part of an efficient risk-management plan. The
ISO/IEC 27001 standard, which offers instructions for creating, putting into practice, and
maintaining an Information Security Management System (ISMS), is a framework that is ideal
for this use.

Important Elements of the Risk-Management Plan

1. Risk assessment: Risk assessment is the process of routinely identifying and analyzing
risks to determine their likelihood and potential effects on the data and IT infrastructure
of the college. High-risk locations can be prioritized with the aid of tools like
vulnerability assessments and risk matrices (Simeone, 2021).
2. Control Implementation: To reduce recognized risks, organizational and technical
measures like firewalls, access controls, and encryption are adopted. These controls
comply with ISO/IEC 27001 criteria.

3. Risk monitoring: Risk monitoring is the process of continuously observing IT systems,

rules, and practices in order to identify emerging weaknesses or dangers and guarantee
prompt management.

46
 Security| Rajan Kha Tharu

4. Incident Response Plan: Creating a thorough plan to handle security breaches, reduce
damage, and promptly restore systems is known as an incident response plan.
5. Training and Awareness: Holding frequent training sessions to teach employees and
students security best practices and lower the possibility of human error

Application of ISO/IEC 27001 to Stamford college IT Security

1. Establishing ISMS: ISO/IEC 27001 gives an organized structure to making an ISMS
that lines up with Stamford college's particular security needs. This incorporates
characterizing the extension, strategies, and goals for IT security.
2. Risk Treatment: The standard underlines a gamble-based approach, requiring the school
to efficiently recognize and treat chances. By tending to dangers, for example,
unapproved access or information breaks, ISO/IEC 27001 guarantees persistent gamble
the board.
3. Control Selection and Execution: ISO/IEC 27001 Extension A gives a bunch of safety
controls, including access the executives, actual security, and organization shields,
customized to Stamford college's foundation.
4. Compliance and Audit: Ordinary inward reviews and outside accreditations guarantee
that the college agrees with the standard's prerequisites and distinguishes regions for
development.
5. Continual Improvement: ISO/IEC 27001 advances a pattern of progressing
improvement, empowering Stamford college to adjust to arising dangers and developing
innovations.

Advantages for Stamford College

A methodical and proactive approach to IT security is ensured by implementing ISO/IEC 27001,
which also improves data protection, upholds regulatory compliance, and fosters stakeholder
confidence. Stamford College can reduce risks, protect its operations, and create a strong security
posture by incorporating this standard.

47
 Security| Rajan Kha Tharu

An overview of a suitable risk-management plan or implemented ISO standard and how it relates
to Stamford College's IT security
A compelling gamble the executive’s procedure for Stamford college stresses an organized way
to deal with recognizing, surveying, and relieving IT security chances. The ISO/IEC 27001
standard gives a complete structure to overseeing data security through the foundation of a Data
Security the Board Framework (ISMS).

Key Parts of ISO/IEC 27001 Application

1. Risk Distinguishing proof and Evaluation: The standard underlines an efficient
interaction to recognize possible dangers, for example, information breaks, malware, and
unapproved access, and examine their probability and effect.
2. Execution of Safety Controls: ISO/IEC 27001 incorporates a bunch of best practices for
safety efforts, for example, encryption, access controls, and organization checking,
guaranteeing weaknesses are tended to successfully.
3. Consistence and Consistent Improvement: The structure advances normal reviews,
execution assessments, and iterative enhancements to line up with developing dangers
and administrative necessities.
4. Stakeholder Confidence: Sticking to ISO/IEC 27001 shows Stamford college's
obligation to shielding delicate information and keeping up with functional honesty,
encouraging trust among understudies, staff, and outside accomplices.

Advantages to Stamford college

By executing ISO/IEC 27001, Stamford college guarantees a proactive and versatile IT security
pose. It limits gambles, upgrades information insurance, and supports consistence with lawful
guidelines, adding to a solid and productive functional climate

A review of the potential effects of an IT security audit on Stamford College's security Through
an IT security assessment, Stamford College may be able to identify vulnerabilities, reduce risks,
and improve security for particular critical data and systems. The primary benefits and potential
disadvantages of such an audit are examined in the section that follows:

Identifying Weaknesses

48
 Security| Rajan Kha Tharu

The review will reveal holes in the school's security structure, for example, obsolete
programming, lacking access controls, or feeble organization setups. This permits the foundation
to make designated moves to alleviate gambles, like fixing weaknesses or executing stricter
security strategies.

Strengthening Consistence

An IT security review guarantees the school conforms to information insurance guidelines like
GDPR. By tending to resistance issues, the school lessens the gamble of lawful punishments and
upgrades its standing for defending delicate information.

Upgrading Safety efforts

Review results frequently lead to the reception of cutting-edge safety efforts, like better
firewalls, encryption, and interruption discovery frameworks. These actions fundamentally
diminish the probability of cyberattacks, for example, ransomware or phishing.

improved incident Response and Recovery

The review can feature shortcomings in existing occurrence reaction plans, empowering the
school to work on its capacity to answer security breaks quickly. This limits free time and
information misfortune during an episode.

Supporting Mindfulness and Responsibility

A security review frequently distinguishes holes in client information and practices.

Subsequently, preparing projects and mindfulness missions can be carried out to teach staff and
understudies on network safety best works on, lessening the probability of human blunder.

Long term Cost Saving

While tending to review suggestions might include forthright expenses, the drawn-out
advantages of forestalling information breaks, reputational harm, and functional free time far
offset the costs.

49
 Security| Rajan Kha Tharu

Key Highlights of an IT Security Review

Evaluation of Safety Strategies and Techniques: To guarantee this the review considers the
ongoing security arrangements and cycles to decide whether they are current, archived and
benchmarked against security best practices.

Weakness Evaluation: Each proficient IT security review requirements to find weaknesses in

the organizations, servers, applications, or gadgets that contain the IT arrangement (Maddion,
2000).

Risk Investigation: Difficulties related with existing dangers are assessed by the review, given
the probability and effect of every weakness found for the organization.

Consistence Check: An IT security review shows that the organization's IT resources are
legitimate and administrative agreeable, for example with the ISO 27001 guideline, GDPR, and
HIPAA.

Entrance Testing: A few reviews incorporate weakness testing otherwise called infiltration
testing where the capacity of the association to identify the genuine dangers and manage them is
as tried by the moral programmers.

Network Security Assessment: Other organization security hardware that are checked out in the
review incorporate IDS/IPS, firewalls, and switches.

An IT security audit's merits

 Proactive Risk Management: Helps detect and lessen risks before they result in security
lapses.
 Better Compliance: Guarantees adherence to legal and regulatory mandates.
 Enhanced Security: Makes IT processes and systems more resilient overall.
 Enhanced Awareness: Promotes a security-conscious culture among employees.

Suggestion for Adjusting IT Security at Stamford College to Authoritative Approach

To guarantee Stamford School's IT security structure adjusts consistently with its hierarchical
approaches, the accompanying suggestions address both key and functional angles:

Lay out an Exhaustive IT Security Strategy

50
 Security| Rajan Kha Tharu

Foster a brought together IT security strategy that coordinates with the school's general
administration structure, framing security goals, jobs, and obligations. Incorporate explicit rules
for information assurance, network security, and client conduct in consistence with
administrative norms like GDPR.

Lead Normal Security Reviews

Perform intermittent security reviews to assess the adequacy of existing measures and guarantee
arrangement with authoritative objectives. Use review results to refresh approaches, address
weaknesses, and fortify controls.

Execute Job Based Admittance Controls (RBAC)

Adjust access authorizations to authoritative ordered progression and occupation jobs to forestall
unapproved admittance to delicate data. Routinely audit access levels to guarantee they stay
fitting as jobs change.

Improve Security Mindfulness and Preparing

Lead normal instructional courses for staff and understudies to advance consciousness of
network safety gambles and authoritative security approaches. Incorporate subjects, for example,
perceiving phishing endeavors, taking care of delicate information, and utilizing secure
specialized devices (Niola, 2001).

Embrace Best Practices in Organization Security

Fortify organization security through vigorous firewall designs, interruption location frameworks
(IDS), and organization division. Use devices like Organization Address Interpretation (NAT)
and Neutral territories (DMZ) to shield inward frameworks.

Keep up with Information Insurance Consistence

Guarantee that all information taking care of cycles line up with GDPR and other lawful
necessities by integrating encryption, secure reinforcements, and appropriate assent the
executives. Routinely survey and update security strategies because of administrative changes or
functional necessities.

51
 Security| Rajan Kha Tharu

Execute a Gamble The executives Structure

Use ISO/IEC 27001 or comparable systems to lay out an organized interaction for recognizing,
evaluating, and moderating dangers. Consistently screen dangers and update arrangements on a
case-by-case basis to address arising dangers.

Conclusion:
The following methods can be used to link Stamford College's IT security to the organizational
policy: implementing ISO 27001, increasing user awareness, incorporating continuous
monitoring systems, and accruing risk management strategies. criteria as well as regular audits.
The aforementioned recommendations will guarantee uninterrupted corporate operations, data
security, and adherence to regulatory and institutional standards.

Activity 3

Introduction
The primary goal of this section is to create a sufficient security plan for Stamford College. The
most important elements of the disaster recovery plan will be described and addressed, along
with the roles of the stakeholders most pertinent to the implementation of a There will be an
explanation of the security audit and a critique of the suggested security measures. The goal is to
outline a comprehensive security framework that would accommodate the college's overall IT
security and satisfy its requirements.

The proposed Stamford College security policy

The proposed security strategy aims to protect Stamford College's digital assets, IT
infrastructure, and business continuity. It describes important procedures, roles, and duties to
provide thorough protection and conformity with institutional goals.

Objectives
 Preserve the availability, confidentiality, and integrity of information assets.
 Verify adherence to pertinent legal and regulatory obligations, such as the GDPR.

52
 Security| Rajan Kha Tharu

 Reduce vulnerabilities and mitigate risks in all IT systems.

Scope

All employees, students, outside suppliers, and other parties who have access to Stamford
College's networks, data, or IT infrastructure are subject to this policy.

Management and Accountabilities

 IT Security Officer: Manage the application, observance, and monitoring of policies.

 Department heads: Make sure that security protocols are followed within their
departments.
 Final Users: Adhere to secure data handling best practices and promptly report any
problems.

Essential Security Procedures

1. Security of Networks
 Put in place firewalls with stringent rules to manage traffic.
 To monitor and reduce threats, use intrusion detection/prevention systems (IDS/IPS).
 For essential systems, divide networks into Demilitarized Zones (DMZs).
 To hide internal IP addresses, use Network Address Translation (NAT).
2. Security of Data
 Both in transit and at rest, encrypt critical information.
 Make regular backups of important data and keep backups safe.
 Limit data access to authorized users exclusively by implementing access restrictions.
3. Administration of User Credentials
 Enforce permissions using role-based access control, or RBAC.
 Make sure you activate multi-factor authentication (MFA) and mandate strong
passwords.
 Regularly review user accounts to eliminate unused access privileges.
4. Security of Devices and Endpoints
 On every device, install and update antivirus and anti-malware software.

53
 Security| Rajan Kha Tharu

 Put in place device management guidelines, such as limitations on the usage of personal
devices.
 Turn on remote wiping for devices that have been misplaced or stolen.

Administration of Third-Party Vendors

 Demand that outside vendors adhere to Stamford College's security guidelines.
 Regularly evaluate the security of the systems and services offered by vendors.
 Keep an eye on activities and restrict third parties' access to critical systems.

Enforcement of Policies

Depending on the seriousness of the violation, noncompliance with this policy may lead to
disciplinary action, which may include suspension of access rights (Huang, 2018).

Strategy for Execution

Setting up Windows Server

54
Security| Rajan Kha Tharu

55
Security| Rajan Kha Tharu

56
Security| Rajan Kha Tharu

57
Security| Rajan Kha Tharu

58
 Security| Rajan Kha Tharu

Step 2: The Group Policy Management Console (GPMC) is accessible.

59
 Security| Rajan Kha Tharu

Step 3: Unit of Organization.

60
 Security| Rajan Kha Tharu

Step 4: Purpose of Group Policy (GPO).

61
 Security| Rajan Kha Tharu

Step 5: Policy for Passwords.

62
Security| Rajan Kha Tharu

63
 Security| Rajan Kha Tharu

Stamford College Disaster Recovery Plan

An organized method for recovering and resuming IT operations, data, and systems after a
disruptive event—such as a hardware malfunction, cyberattack, or natural disaster is known as a
disaster recovery plan, or DRP. The DRP at Stamford College guarantees operational continuity,
low downtime, and prevention of data loss.

1. Goals
 Reduce the amount that college operations are disrupted.
 Assure quick data and IT system recovery.
 Preserve confidential data and adhere to legal requirements.
 Minimize the impact on finances and reputation.
2. Scope
 Every important system is covered by the DRP, including:
 Information systems for students
 Databases for employees and administration
 Network hardware, such as servers, routers, and firewalls
 Systems of communication (messaging apps, email)
 Systems for managing learning (LMS)

64
 Security| Rajan Kha Tharu

Key Parts of the Arrangement

A. Risk Assessment
 Recognize potential dangers, for example, cyberattacks, blackouts, equipment
disappointments, or cataclysmic events.
 Focus on frameworks in light of their criticality to school tasks.
B. Business Effect Examination (BIA)
 Assess the possible effect of framework personal time on tasks, funds, and partners.
 Characterize OK recuperation time goals (RTOs) and recuperation point targets (RPOs).
C. Reinforcement and Information The board
 Keep up with standard reinforcements of every single basic datum.
 Store reinforcements safely in offsite and cloud-based areas to guarantee overt
repetitiveness.
 Test reinforcement honesty intermittently to guarantee unwavering quality.

3. Steps to follow During a Disaster:

A. Incident Identification
 Identify and survey the idea of the fiasco (e.g., cyberattack, equipment disappointment).

Actuation of the DRP

 Proclaim a calamity and initiate the recuperation plan in view of predefined edges.
 Framework and Information Recuperation
 Reestablish frameworks and information according to recuperation methodologies.

4. System and Data Recovery

 Direct a survey to recognize illustrations learned and work on the arrangement.\

The process of implementing Stamford College's IT security and disaster recovery plan into
practice
By ensuring that Stamford College can successfully implement its disaster recovery plan and IT
security measures, the implementation process promotes a safe and robust IT infrastructure. The
main stages involved are listed below:

65
 Security| Rajan Kha Tharu

Planning Stage
 Characterize Targets: Lay out clear objectives for IT security and calamity recuperation,
zeroing in on information assurance, functional congruity, and administrative
consistence.
 Collect Groups: Structure committed groups for IT security, fiasco recuperation, and
client preparing, relegating explicit jobs and obligations.
 Distribute Assets: Recognize essential apparatuses, innovations, and financing to help
execution endeavors.

Risk Assessment and Strategy Advancement

 Direct a thorough gamble evaluation to recognize weaknesses and dangers.

 Create and settle IT security strategies, calamity recuperation plans, and client rules,
adjusting them to authoritative objectives and administrative prerequisites.

Framework Preparation and Updates

 Framework Improvement: Update equipment, programming, and organization
frameworks to satisfy security and recuperation guidelines.
 Reinforcement Frameworks: Lay out standard robotized reinforcements with offsite and
cloud-based overt repetitiveness.
 Access Controls: Execute job-based admittance controls and multifaceted validation
(MFA) across frameworks.

Execution of Safety efforts

 Firewalls and Interruption Location: Convey firewalls, interruption recognition/avoidance
frameworks (IDS/IPS), and security observing devices.
 Network Division: Lay out a neutral territory (DMZ) and use network address
interpretation (NAT) to disconnect basic frameworks.
 Endpoint Security: Introduce antivirus programming, fix frameworks routinely, and
uphold gadget the executive’s strategies.

Catastrophe Recuperation Arrangement

 Make auxiliary server farms or failover frameworks for basic tasks.

66
 Security| Rajan Kha Tharu

 Guarantee all basic frameworks meet characterized recuperation time targets (RTO) and
recuperation point goals (RPO).
 Foster an occurrence reaction plan with clear heightening methodology.

Testing and Validation

 Perform entrance testing to distinguish shortcomings in the security structure.

 Direct calamity recuperation drills to approve the viability of recuperation techniques and
reinforcement frameworks.
 Archive the results and refine plans in light of experimental outcomes.

Deployment and Monitoring

 Carry out IT security strategies and calamity recuperation estimates across the
association.
 Execute constant observing of organization exercises and framework logs to distinguish
and answer irregularities continuously.

Maintenance and Continuous Improvement

 Survey arrangements yearly or after critical occurrences.

 Remain refreshed on arising security dangers and update frameworks and techniques
likewise.
 Accumulate input from staff and partners to further develop processes.

Stakeholders and Their Functions in Disaster Recovery and IT Security at Stamford College
Key stakeholders must be identified and involved in order for IT security and disaster recovery
plans to be implemented successfully. Every stakeholder has a distinct role to play in
safeguarding the college's operations, data, and systems.

The role of executive leadership:

 Give IT security policies and disaster recovery plan strategic direction and approval.
 Set aside money and resources to put security measures in place.
 Assure adherence to corporate and regulatory objectives.

67
 Security| Rajan Kha Tharu

Stakeholders:

 Board of Directors
 Principal/President of the College

Function of the IT Department:

 Create, put into place, and oversee disaster recovery and IT security systems.
 Keep an eye on network activity and react quickly to problems.
 Make that all systems have frequent backups, patches, and updates.
 Evaluate risks and put catastrophe recovery plans to the test.

Stakeholders:

 Network administrators,
 IT security officers,
 chief information officers (CIOs)

The role of faculty and administrative staff

 Observe security procedures, including secure data handling and password management.
 Report any suspicious activity or security incidents.
 Attend training seminars on security awareness.

Stakeholders:

 Heads of Departments
 Administrative Teams

The role of students

 Adhere to security requirements and use college systems sensibly (e.g., avoiding phishing
schemes).
 Inform the IT staff of any questionable emails, texts, or actions.

Stakeholders:

68
 Security| Rajan Kha Tharu

 Students enrolled at Stamford College

 The role of the disaster recovery team

Disaster Recovery Team

The role of faculty and administrative staff

 Observe security procedures, including secure data handling and password management.
 Report any suspicious activity or security incidents.
 Attend training seminars on security awareness.

Stakeholders:
 Heads of Departments,
 Administrative Teams

The role of students

 Adhere to security requirements and use college systems sensibly (e.g., avoiding phishing
schemes).
 Inform the IT staff of any questionable emails, texts, or actions.

Stakeholders:
 Students enrolled at Stamford College

Functions in the Execution of Security Audits

For a company like Stamford College to find vulnerabilities, maintain compliance, and improve
its overall IT security posture, security audits are essential. A security audit's successful
execution requires the cooperation of multiple crucial positions, each with distinct duties:

Audit Manager
Role:

69
 Security| Rajan Kha Tharu

 Supervise the whole review process, guaranteeing it lines up with authoritative objectives
and consistence prerequisites.
 Characterize the degree, targets, and system of the review.
 Distribute assets and timetable the review course of events.
IT Security Group
Role:
 Give admittance to frameworks, logs, and information important for the review.
 Help with distinguishing key areas of spotlight in light of ongoing occurrences or
dangers.
 Carry out restorative activities in light of review discoveries.

Obligations:
 Lead weakness outputs and chance appraisals.
 Survey firewall arrangements, network strategies, and access controls.

Outside Evaluators or Security Experts

Role:
 Give an unprejudiced assessment of the association's security pose.
 Perform entrance testing and evaluate consistence with guidelines like GDPR, ISO
27001, or PCI DSS.

Obligations:
 Distinguish weaknesses through framework testing and moral hacking.
 Suggest industry best practices and therapeutic measures.

Compliance Officials
Role:
 Guarantee that reviews processes line up with legitimate, administrative, and interior
arrangement necessities.
 Confirm adherence to information assurance regulations and industry guidelines.

70
 Security| Rajan Kha Tharu

Obligations:
 Survey documentation, approaches, and methodology for consistence.
 Address likely lawful ramifications of distinguished security holes.

Organization and Framework Heads

Roles:
 Give specialized experiences and framework admittance to work with the review.
 Address specialized proposals emerging from the review discoveries.

Obligations:
 Share framework designs, network guides, and logs.
 Execute updates, patches, and different changes according to review suggestions.

End-Client Agents
Roles:
 Take part in reviews of client conduct, access controls, and strategy adherence.
 Give criticism on the reasonableness of safety approaches and their execution.

Obligations:
 Exhibit adherence to hierarchical approaches.
 Distinguish difficulties in conforming to security conventions.
Risk Management Team
Roles:
 Evaluate the possible effect of weaknesses distinguished during the review.
 Foster a focused-on activity intends to moderate dangers.

Obligations:
 Assess the business ramifications of safety shortcomings.
 Work together with different groups to foster gamble treatment plans.

71
 Security| Rajan Kha Tharu

Elements of Virtual Security

Virtual security refers to the procedures and policies used in a company's digital infrastructure to
defend networks, data, and systems against online attacks. These components work together to
provide a multi-layered defense strategy that guarantees strong protection and uninterrupted
operations. Key components of virtual security are listed below:

The purpose of firewalls

 serve as a defense against external attacks to internal networks.

 Use preset rules to filter outgoing and incoming communications.

Types:

 Hardware firewalls to secure the entire network.

 software firewalls that are set up on separate systems.

Virtual Private Network (VPNs)

Purpose
 Encrypt data sent over public or untrusted networks to enable safe remote access.
 Assure data integrity and confidentiality for users who are located far apart or in different
locations (Gillis, 1997).

Multi-Factor Authentication (MFA)

Purpose:
 By requiring two or more means of verification (such as a password and a one-time
code), you can improve access control.
 Even in the case that login credentials are hacked, stop unwanted access.

Endpoint Security Solutions

Purpose:

72
 Security| Rajan Kha Tharu

 Prevent malware, phishing, and illegal access to gadgets such as laptops, desktop
computers, and mobile devices.
 Add patch management, device encryption, and antivirus software.

Important Policy Components for IT Security

Strong IT security rules must be established by enterprises in order to preserve a safe and well-
managed IT environment. These rules act as standards for safeguarding networks, systems, and
data from breaches, illegal access, and other online dangers. Three essential policy components
that serve as the cornerstone of a successful IT security plan are listed below:

Access Control Strategy

Purpose:

 Characterize rules for who can get to frameworks, organizations, and information, and
under what conditions.
 Guarantee that entrance is conceded in view of the standard of least honor (POLP),
permitting just approved people to get to important assets for their jobs.

Components:
 Client Confirmation: Characterize strategies, for example, usernames, passwords,
biometrics, or multifaceted verification (MFA) for checking personalities.
 Authorization: Set up job-based admittance controls (RBAC) or quality-based
admittance controls (ABAC) to guarantee clients just approach assets they need.
 Audit Trails: Keep up with logs of access occasions to recognize and answer
unapproved access endeavors.
Data protection and Protection Strategy
Purpose:

 Frame how touchy and individual information is gathered, put away, handled, and
communicated.

73
 Security| Rajan Kha Tharu

 Guarantee consistence with pertinent information security guidelines like GDPR, CCPA,
or HIPAA.

Components:
 Information Characterization: Classify information in light of its responsiveness (e.g.,
secret, public, or limited).
 Encryption: Carry out encryption techniques to safeguard information very still and on
the way.
 Maintenance and Removal: Characterize how long information ought to be held and
secure removal techniques once it is not generally required.
 Client Assent: Lay out techniques for getting client assent while gathering individual
data.

Incident Response Strategy

Purpose:

 Characterize the moves to make in case of a security episode or break, guaranteeing a

quick and coordinated reaction to limit harm.
 Guarantee that there is a reasonable correspondence process for detailing episodes inside
and remotely (e.g., to administrative bodies).

Components:
 Incident Classification: Sort episodes in view of seriousness, like low, medium, or high
effect, to decide the proper reaction level.
 Reaction Strategies: Characterize bit by bit techniques for containing, investigating, and
alleviating occurrences.
 Roles and Responsibilities: Dole out unambiguous jobs to people (e.g., episode reaction
colleagues) and layout their obligations.
 Post-Episode Survey: After an occurrence, lead a survey to distinguish the main driver
and execute preventive measures to stay away from future episodes.

74
 Security| Rajan Kha Tharu

Assessment of the Security Policy's Tools

Several tools are used to monitor activity, enforce regulations, and reduce risks in order to
support an effective security policy. These tools' usefulness, efficacy, integration potential, and
general conformity to organizational security requirements are all evaluated. An assessment of
important instruments frequently used in security policies is provided below:

Firewalls

Purpose:
 Firewalls act as an obstruction between a confided in interior organization and untrusted
outer organizations, controlling the progression of traffic in light of predefined security
rules (jordan, 2024).
Evaluation Criteria:
 Effectiveness: Firewalls are powerful in obstructing unapproved access, observing
inbound and outbound traffic, and forestalling noxious action.
 Customization: They permit the customization of safety arrangements, for example,
impeding specific IP locations or ports, empowering fine-grained control.
 Versatility: Present day firewalls encouraging group of people development, with
abilities like taking care of high traffic burdens and complex rulesets.
 Drawback: An ineffectively designed firewall can coincidentally hinder real traffic,
upsetting business tasks.

Interruption Recognition and Avoidance Frameworks (IDS/IPS)

Purpose:

75
 Security| Rajan Kha Tharu

 IDS/IPS apparatuses are intended to distinguish and answer dubious organization

movement or potential security breaks continuously.

Evaluation Criteria:

 Detection Capabilities: IDS/IPS frameworks succeed at recognizing a large number of

referred to assaults, like DoS (Refusal of Administration) and malware interruptions.
 Response Mechanism: IPS devices effectively block noxious exercises, while IDS just
cautions managers. The adequacy of reaction is pivotal for limiting harm.
 False Positives\Negatives: A powerful IDS/IPS framework should limit misleading
encouraging points to stay away from superfluous cautions while guaranteeing that no
real dangers are missed.
 Integration: These instruments should incorporate flawlessly with different frameworks
like firewalls and SIEM (Security Data and Occasion The board) answers for a thorough
security technique.

Anti-Virus\Anti-Malware Software
 Shields frameworks from infections, malware, spyware, and other vindictive projects that
could think twice about uprightness or upset tasks.

Evaluation Criteria:

 Discovery Rate: High recognition rates for both known and it are fundamental to arise
dangers. Ordinary updates and an enormous data set of marks further develop location.
 Framework Execution: Hostile to infection programming ought to work productively
without fundamentally dialing back the framework.
 Constant Insurance: Viable devices ought to give ongoing checking and observing to
get dangers as they endeavor to enter the framework.
 Impediments: Hostile to infection apparatuses may not get progressed dangers like zero-
day weaknesses or complex malware that doesn't display known ways of behaving.

76
 Security| Rajan Kha Tharu

4. Multifaceted Verification (MFA) Frameworks

Purpose:
 MFA improves security by requiring various types of validation (e.g., secret word, SMS
code, or biometrics) to confirm a client's personality prior to conceding access.

Evaluation Criteria:

 User Convenience: MFA ought to be simple for clients to take on without making
grinding in their work processes.
 Security Strength: The more factors included (e.g., consolidating something you know
with something you have), the more grounded the security.
 Integration: The device ought to coordinate flawlessly with existing frameworks,
guaranteeing insignificant disturbance to client access.
 Scalability: MFA frameworks ought to scale effectively as the association develops and
obliges new clients or administrations.

Conclusion
Stamford College's security flaws will be addressed in a comprehensive manner by the suggested
security policy, disaster recovery plan, and associated tools. By following these protocols and
cultivating a security-conscious culture, the college can significantly improve its defenses against
cyberattacks and better protect its vital information and operations.

Bibliography
Anon., 2001. achievecentre. [Online]
Available at: https://achievecentre.com/blog/safe-mindfulness/
[Accessed 16 12 2024].

Gillis, A. S., 1997. techtarget. [Online]

Available at: https://www.techtarget.com/searchnetworking/definition/virtual-private-network
[Accessed 16 12 2024].

77
 Security| Rajan Kha Tharu

Gillis, A. S., 2021. techtarget. [Online]

Available at: https://www.techtarget.com/whatis/definition/static-IP-address
[Accessed 13 12 2024].

Huang, M., 2018. sciencedirect. [Online]

Available at: https://www.sciencedirect.com/topics/computer-science/policy-enforcement
[Accessed 16 12 2024].

jordan, 2024. checkpoint. [Online]

Available at: https://www.checkpoint.com/cyber-hub/network-security/what-is-firewall/
[Accessed 16 12 2024].

Maddion, J., 2000. msdmanuals. [Online]

Available at: https://www.msdmanuals.com/home/brain-spinal-cord-and-nerve-disorders/symptoms-of-
brain-spinal-cord-and-nerve-disorders/weakness
[Accessed 16 12 2024].

Raskin, N., 2022. fortinet. [Online]

Available at: https://www.fortinet.com/resources/cyberglossary/what-is-dmz
[Accessed 13 12 2024].

Sanchez, R., 1998. dataprotection.ie. [Online]

Available at: https://www.dataprotection.ie/en/organisations/know-your-obligations/breach-
notification
[Accessed 16 12 2024].

Simeone, D., 2021. oira.osha.europea. [Online]

Available at: https://oira.osha.europa.eu/en/what-is-risk-assessment
[Accessed 15 12 2024].

Traore, B., 14 march, 2024. fortra. [Online]

Available at: https://www.fortra.com/blog/top-benefits-network-monitoring
[Accessed 13 12 2024].

Veiga, R., 1998. travasecurity. [Online]

Available at: https://travasecurity.com/learn-with-trava/blog/what-are-the-methodologies-of-a-risk-
assessment/
[Accessed 13 12 2024].

78