03_Handout_1(6).pdf
Transcript
IT1914 Typical Domains of IT Infrastructure User, LAN, and WAN Domain In the context of networking, domain refers to any group of users, wo...
IT1914 Typical Domains of IT Infrastructure User, LAN, and WAN Domain In the context of networking, domain refers to any group of users, workstations, devices, printers, computers, and database servers that share different types of data via network resources. There are also many types of subdomains. A domain has a domain controller that governs all basic domain functions and manages network security. Thus, a domain is used to manage all user functions, including username, password, and shared system resource authentication and access. It is also used to assign specific resource privileges, such as user accounts. In a simple network domain, many computers and workgroups are directly connected. A domain comprises combined systems, servers, and workgroups. Multiple server types may exist in one (1) domain such as Web, database, and print that depend on network requirement. DOMAIN RISKS User Domain – This covers all the users that User can destroy data in the application (intentionally or have access to the other domains. not) and delete all. User can use the password to delete his/her file. User can insert infected CD or flash drive into the computer. Workstation Domain – It is a computer of an The workstation’s operating system can have a known individual user where the production takes software vulnerability that allows a hacker to connect place. remotely and steal data. A workstation’s browser can have a software vulnerability, which allows unsigned scripts to install malicious software silently. A workstation’s hard drive can fail to cause loss of data. LAN Domain – This contains all of the A work can spread through the LAN and infect all computers workstation, hubs, switches, and routers. This is in it. also a trusted zone. LAN server OS can have a known software vulnerability. An unauthorized user can access the organization’s workstations in a LAN. WAN Domain – It consists of the Internet and The service provider can have a major network outage. semi-private lines. Server can receive a Denial of Service (DOS) or Distributed Denial of Service (DDOS) attack. A file transfer protocol (FTP) can allow anonymously uploaded illegal software. LAN/WAN Domain – It is the boundary A hacker can penetrate an IT infrastructure and gain access between the trusted and untrusted zones. The to the internal network. zones are filtered with a firewall. A firewall with unnecessary ports open can allow access from the Internet. System/Application Storage Domain – This A fire can destroy primary data. domain is made up of user-accessed servers A DOS attack can cripple the organization’s e-mail. such as e-mail and database. A database server can be attacked by SQL injection, corrupting the data. Remote Access Domain – This is the domain in Communication circuit outage can deny connection. which a mobile user can access the local Remote communication from the office can be unsecured. network usually through a VPN. Table 1. The typical domains of IT Infrastructure. 03 Handout 1 *Property of STI [email protected] Page 1 of 6 IT1914 Local Users and Domain Users in Windows In Windows, a local user is one whose username and encrypted password are stored in the computer itself. When logging in as a local user, the computer checks its own passwords file to see if the user is allowed to log into the computer. The computer itself then applies all the permissions and restrictions that are assigned to the user for that computer. Domain users are those whose username and password are stored on a domain controller rather than the computer and the user is logging into. When logging in as a domain user, the computer asks the domain controller with privileges are assigned to the user. Domain users evolved in response to the challenges administrators face when managing large numbers of computers, peripherals, services, and users. LAN Domain The Local Area Network (LAN) domain is defined as a sub-network that is made up of servers and clients—each of which is controlled by a centralized database. User approval is obtained through a central server or a domain controller. The term “domain” can refer to descriptors for Internet sites, which is a site’s Web address, or to LAN subnetworks. WAN Domain The Wide Area Network (WAN) is a communications network that spans a large geographic area such as cities, states, or countries. It can be private to connect parts of a business, or it can be more public to connect smaller networks. Remote Access Domain Remote access domain enables remote users to access files and other system resources on any devices or servers that are connected to the network at any time, increasing employee productivity and enabling them to better collaborate with colleagues around the world. A remote access strategy also gives organizations the flexibility to hire the best talent regardless of location, remove silos, and promote collaboration between teams, offices, and locations. Technical support professionals also use remote access to connect to users’ computers from remote locations to help them resolve issues with their systems or software. One common method of providing remote access is via a remote access virtual private network (VPN) connection. A VPN creates a safe and encrypted connection over a less secure network, such as the Internet. The VPN technology was developed as a way to enable remote users and branch offices to log into corporate applications and other resources securely. METHOD PROS CONS IP security VPN (IPsec VPN) is a When a firewall is purchased, A software client needs to be common remote access it typically includes plenty of installed and configured on a technology in use today is the licenses for IPsec VPN user’s computer before the IPsec VPN. A piece of software connections. connection can be established. called “VPN client” is installed in This can create difficulties for There is low processing the end user’s computer and is the user and IT personnel if a overhead for the firewall and configured with details about the worker needs the client many IPsec VPN connections target network, such as the installed and configured when can be active at the same gateway IP address and a pre- they are not in the office. time. shared security key. It is an established technology that many people are familiar with. 03 Handout 1 *Property of STI [email protected] Page 2 of 6 IT1914 METHOD PROS CONS Secure Socket Layer VPN (SSL End users can install the VPN There is more configuration VPN) is a common encryption client from a public portal. required on the firewall when technology that is widely used to setting up the client network The IT department does not provide secure communication on to be published. need to touch each machine the Internet. When setting up an that needs remote access. It requires more processing SSL VPN, the network overhead for the firewall administrator publishes the VPN Network administrators can compared to IPsec VPN. Some client to the firewall, providing it set up granular security firewalls may not be able to for download via the firewall’s policies for specific resources handle as many SSL VPN client public connection. on a corporate network even connections as IPsec VPN down to a single Web-based licenses. Thus, SSL VPN application. licenses are usually sold as an Software clients are available add-on to the hardware. for mobile devices, such as iPhones and iPads. This allows workers to view items like a corporate intranet without powering up their laptop. Microsoft DirectAccess is a It is a seamless technology Elaborate changes are relatively new player to the that could change the way required on the corporate remote access arena that was not users work remotely. network. developed by a firewall This was designed with IPv6 as manufacturer, but rather by the primary addressing Microsoft. DirectAccess creates scheme and IPv4 secondarily. an “always on” secure connection at the operating system level. Additional pieces of software Users do not need to install any are required on the LAN so software or launch any programs. that remote users can access IPv4 addresses. Table 2. Three (3) types of remote access methods and their pros and cons. System/Application Domain System/Application Domain This consists of all of a business’ mission-critical systems, applications, and data. It is important to ensure that this domain is secure at all times. Otherwise, a business could easily lose large amounts of sensitive information as well as face the threat of having productivity come to a halt. The common targeted systems and applications are operating systems (desktop, server, and network), e-mail applications and servers, enterprise resource planning (ERP) applications and systems, and Web browsers. System/Application attacks are generalized into three (3) categories: denial or destruction, alteration, and disclosure. Unauthorized Physical Access This can be defined as “gaining access to a physical entity or area without permission from an administrative figure.” It is considered a threat because if an individual with malicious intentions were to attain unauthorized physical access to an area containing sensitive systems, people could steal, alter, or destroy the systems and the data found on those systems. This threat is especially dangerous when the targets are sensitive areas such as computer rooms, data centers, or wiring 03 Handout 1 *Property of STI [email protected] Page 3 of 6 IT1914 closets because they contain a vast amount of sensitive information. However, it is also important to keep in mind that physical entities such as important documents can be targets to this threat. Unauthorized Logical Access This is nearly identical to unauthorized physical access, except it is not limited to tangible data. It can be considered even more dangerous than unauthorized physical access because it can be carried out by a staff member as well as an experienced attacker. An attacker who gains access to a business’ system could destroy, alter, and disclose any information that they find. This could result in a denial of service (DOS) attack on an important system required for the business to continue running. Software Vulnerabilities This is a flaw that exists in the programming of a software component or system that allows a malicious attacker to gain unauthorized access to that system through an exploit. These vulnerabilities can be exploited through malicious software known as “malware” that is accidentally executed on the system by a user or more directly exploited by an attacker. Weaknesses in software that lead to vulnerabilities can occur in any software that is running on a system, including the operating system itself. Many common applications, such as Adobe Flash or Internet Explorer, may contain software vulnerabilities. Even custom built in-house software is not immune to software vulnerabilities. Server Vulnerabilities Server software vulnerabilities are similar to software vulnerabilities on non-server systems with the exception that software vulnerabilities that can exist on servers have the potential to be even more damaging. This can exist in the software that the server uses to provide services (FTP, SSH, and PHP) or in the operating system of the server itself. Data Loss Data includes any information stored digitally on a computing system or network. It can be in the form of an e-mail, a document or spreadsheet, images, database records, or other formats. Data loss occurs when any stored data is destroyed. Loss can occur during storage, transmission, or processing. These losses are considered the greatest risk to the system/application domain because the goal of these systems is to allow users to create, store, retrieved, and manipulate data. The most common preventative measure is to perform backups of all data. Complete system images are stored in case a computer needs to be formatted and brought back to a known good state. Daily backups to an off-site or physically separated storage medium will allow nearly full data recovery in the event of data loss. Reducing Risk In summary, the following suggestions should be taken into consideration to reduce risks associated with the system/application domain: Physically secure areas containing sensitive systems. Implement encryption and data handling standards. Minimize data access. Back up data. Be aware of all applications on the network. Plan, configure, maintain, and improve network servers. Develop and implement standards. Read and understand the provided Acceptable Use Policy. Report suspected IT policy violations to the supervisor. 03 Handout 1 *Property of STI [email protected] Page 4 of 6 IT1914 Ethics and the Internet Cyber ethics refers to the code of responsible behavior on the Internet. The basic rule is “Do not do something in cyberspace that you would consider wrong or illegal in everyday life.” Considerations when determining responsible behavior Do not use rude or offensive language. Do not cyberbully. Do not plagiarize. Do not break into someone else’s computer. Do not use someone else’s password. Do not attempt to infect or in any way try to make someone else’s computer unusable. Adhere to copyright restrictions when downloading material from the Internet, including software, games, movies, or music. The Ethics Manifesto by Gerd Leonhard offers a framework for what he calls a global “ethics in technology” manifesto. He says it is important, in creating this model, to focus on human rights in an era when machines will be taking on more human-like characteristics. Leonhard’s proposed manifesto focuses on five (5) specific human rights that he believes could be endangered if people don’t have an ethical framework to guide them. Specific Human Rights Description The right to remain natural We can be employed, use public services, buy things, and function in society without a requirement to deploy the technology on or inside our bodies. The right to be inefficient if and We must be able to choose to be slower than technology and not make where it defines our basic efficiency more important than humanity. humanities The right to disconnect We must retain the right to switch off connectivity, go dark on the network, and pause communication, tracking, and monitoring. The right to be anonymous We must retain the option of not being identified and tracked, such as when using a digital application or platform when it doesn’t pose a risk or impose itself on others. The right to employ or involve We should not allow companies or employers to be disadvantaged if they people instead of machines choose to use people instead of machines even if it’s more expensive and less efficient. Table 3. The Ethics Manifesto. The Code of Ethics for Information Security Professional is derived from the Unified Framework for Information Security Professionals, which emphasizes these three (3) core ethic values: Values Descriptions Integrity Perform duties under existing laws and exercise the highest moral principles. Refrain from activities that would constitute a conflict of interest. Act in the best interests of stakeholders consistent with the public interest. Act honorably, justly, responsibly, and legally in every aspect of your profession. Objectivity Perform all duties in a fair manner and without prejudice. 03 Handout 1 *Property of STI [email protected] Page 5 of 6 IT1914 Exercise independent professional judgment to provide unbiased analysis and advice. When an opinion is provided, note it as opinion rather than fact. Professional Competence and Perform services diligently and professionally. Due Care Act with diligence and promptness in rendering service. Render only those services which you are fully competent and qualified. Ensure that the work performed meets the highest professional standards. Be supportive of colleagues and encourage their professional development. Keep stakeholders informed regarding the progress of your work. Refrain from conduct which would damage the reputation of the profession, or the practice of colleague, clients, and employers. Report ethical violations to the appropriate governing body promptly. Table 4. Three (3) Core Ethic Values. _________________________________________________________________________________________________ References: CyberSecurity Malaysia. (2010). Code of Ethics [PDF]. Retrieved from http://www.cybersecurity.my/data/content_files/11/764.pdf on May 2, 2019 Domain. (n.d.). In Techopedia. Retrieved from https://www.techopedia.com/definition/1326/domain-networking on May 1, 2019 Durkin, N. (n.d.). Pros and cons: 3 types of remote access methods [Web log post]. Retrieved from https://www.wearediagram.com/blog/pros-and- cons-3-types-of-remote-access-methods on May 1, 2019 Eckel, E. (2006, July 19). The importance of a remote access policy. In TechRepublic. Retrieved from https://www.techrepublic.com/article/the- importance-of-a-remote-access-policy/ on May 2, 2019 Know the rules of cyber ethics. (n.d.). In Center for Internet Security. Retrieved from https://www.cisecurity.org/daily-tip/know-the-rules-of-cyber- ethics/ on May 2, 2019 Kostopoulus, G.K. (2018). Cyberspace and Cybersecurity (2nd ed.). Boca Raton, FL: Taylor and Francis Group Local users and domain users in Windows. (n.d.). In Indiana University. Retrieved from https://kb.iu.edu/d/anbn on May 1, 2019 Mitchell, B. (2019). What is a wide area network (WAN)? [Web log post]. Retrieved from https://www.lifewire.com/wide-area-network-816383 on May 1, 2019 Perlman, A. (2018). Man vs. Machine: The new ethics of cybersecurity. Retrieved from https://www.securityroundtable.org/new-ethics-of- cybersecurity/ on May 2, 2019 Poczynek, N., Truong, J., When, A. (2013, April 4). System/Application domain. Retrieved from http://www.personal.utulsa.edu/~james- childress/cs5493/Projects2013/Silver/SystemApplicationDomainTrainingDocument.pdf on May 2, 2019 The seven domain of a typical IT infrastructure. (n.d.). In BINUS University School of Information Systems. Retrieved from https://sis.binus.ac.id/2018/01/15/the-seven-domain-of-a-typical-it-infrastructure/ on May 1, 2019 What is a LAN domain? (n.d.). In Reference.com. Retrieved from https://www.reference.com/technology/lan-domain-2489f5ad15657539 on May 1, 2019 Why domain names are so important. (n.d). In AllBusiness. Retrieved from https://www.allbusiness.com/why-domain-names-are-so-important-681- 1.html on May 2, 2019 03 Handout 1 *Property of STI [email protected] Page 6 of 6
