Escolar Documentos
Profissional Documentos
Cultura Documentos
MMM.RIYAD
E07410073
ASSIGNMENT 01
ITE 2301
Riyad ITE2301 Assignment 01
(b) List the computer services that you will provide to the home users.
Antivirus services
Cabling services.
Firewall services.
Vulnerability assessment.
Consulting services.
Anti spying
Anti spamming
Backup services
(c) List the computer services that you will provide to the companies.
Antivirus services
Firewall services
Anti spamming
Riyad ITE2301 Assignment 01
Anti spying
Secure cleaning
Network IP scanning
Protocol analyzing
(d) Provide a list of software programs that you will use. Indicate the type of service that you will
provide using each software program. You may also use more than one software program to provide
same service.
• Antivirus services
AVG free editions.
Avast !home editions.
Clamwinfree antivirus.
• Firewall services
Untangle firewall services
Sygate personal firewall.
Zone alarm free.
• Encrypted email services
SBwave encryption service.
• Anti spamming
Mail washer
• Anti spying
Ad-awarefree
Apybot (S&D)
• Network monitoring services.
Check host.
Corner bowl log manager.
• Secure cleaning
Free windows cleaner.
Bleach bit
• Network IP scanning
UDP flood 2.0
Blast 2.0
• Protocol analyzing.
Smart shift 1.5
• Network vulnerability assessment.
SSA (security system analyzer).
(e) Provide the National Archives with a report specifying what they have to do when
they setup their data center.
Riyad ITE2301 Assignment 01
From: Riyad
To : Manager national archives
Subject: process of setting up a data center.
Date: 19-09-09
1. Feasibility study:
Since the national archives are focusing data integrity with this project it has to do a
feasibility studies. On this matter it can use several tools like PESTEL, SWOT analysis.PESTEL is
Where the data center or the project has to be looked in context of
poltical,economical,social,Technical,ecological and legal aspects. It has to analyze each of these
tools and come to a conclusion with a viable report.
ROI:
Further national archive center should look into the return on the investment since it is
gona charge a fee on its content and the duration of the payback also should be considered.
7. Security aspects:
The national archive should adopt strict security policies to prevent data centre from
unwanted attacks and intrusion. It can be in the form of malicious attacks, hacking, theft and
physical damages. There should be proxy firewalls to disable unwanted access to the system and
proper anti viruses need to be installed. Further there should be proper passwords and user
rights for the user to prevent theft and data migrations. Further to avoid from physical damages
there should be proper server rooms with fully equipped anti fire system and etc.Further there
should be anti spy spamming services to protect the network from unwanted accesses and
damages. Another important aspect is network monitoring to view the unauthorized access
from hacker and crackers. Further there national archive should implement security aspects to
ensure data integrity, reliability, and redundancy. Another important aspect is data privacy, the
national archive should install software’s like max pc privacy software to maintain the privacy of
the information among the users.
(f) Provide the National Archives with a report specifying how they can classify their
information. You must pay specific attention to different kinds of information handled by the
National Archives.
From: Riyad
To : Manager national archives
Subject: classification of the information of national archive.
Date: 19-09-09
• Confidential information
These are information which gives authorizations to irrelevant parties. in national
archive center we can see Technical and Scientific advice on conservation and
restoration of records is confidential information. These advices should be relevant to
the individual organizations and others should not be able to access it. Other access on
this information can lead to reputation as well as legal damage. Further under this
category national archive can classify advices on research and research taking also since
it has some confidentiality on its information with relevant to the organizations.
Riyad ITE2301 Assignment 01
• Restricted information
These are information like Advising to public offices on microfilming of records. It should
restrict other department from accessing the information within the public office which
can lead to financial as well as legal damages. Hence the national archive should classify
this accordingly.
• Secret information
These are highly secret information which can lead to severe damage in financial legal
and other attributes of an organization. In national archive center we can classify
producing documents in Courts and giving evidence on request as secret information.
• Unclassified information
These are information anyone can view without any restrictions like providing historical
and administrative information, prepare publications on professional themes, and
conduct lectures on archives and records management and conservation classified
under this category. Anyone would be able to access this since this doesn’t carry
sensitive information.
(g) Explain in a step-by-step manner how you would do the network mapping
The national archive has 3servers, 7computers, 3laptops,2 printers, 2scanners and one related
networks connected to the network. It has internal network, partner network and a wireless
network.
First we need to connect the whole network to the internet through a router. The router should
be connected to a firewall to prevent from unwanted access of malicious and other attacks.
Once we are connected to the firewall we need to connect the switch for the internal network
and from the switch we need to connect the pcs related to the internal network directly to the
switch and the printer which we need to use in the internal network. Further we have to
connect the scanner as well to the switch.
The DNS server should be connected to the internal network of national archives to translate
the IP addresses into the relevant names. Further we have to connect to SMTP server for the
national archives for mail services.
Once we mapped the internal network we have to connect the partner network using a router
and we have to connect the FTP server for file sharing to that router.
Further with a switch we have to connect a wifi router to connect the research teams’ laptops in
the network with password option.
Using internet and a router the national archive can connect to the relevant division of its which
is on the other locations.
Basically the above mapping is done by using routers, switches, and a firewall for the entire
system.
( h) Identify a free and open source (FOSS) software program that you can use for this
purpose.
The national archive network can assess its vulnerability using the SSA security system
analyser.Our company Robusta uses the version 1.5.2 which give the assessment result on html
format.
(i) Explain in a step-by-step manner how you would do the vulnerability assessment.
With the vulnerability scanner we have to install the software and simply run the scanner. Once
the scan completed simply we can view the report from the report option.
(j) Using the above selected software program, conduct a vulnerability assessment of your
own computer. Provide a detailed report on the assessment.
System Information
Host Name riyad.icl.group
Operating System Microsoft Windows XP Professional Service Pack 3
Operating System
5.1.2600
Version
Architecture INTEL32
Interface Intel(R) PRO/Wireless 2915ABG Network Connection -
Name Packet Scheduler Miniport
IP Address 0.0.0.0
Interfaces MAC Address 00-12-F0-9E-62-54
Interface
WAN (PPP/SLIP) Interface
Name
IP Address 123.231.61.254
Riyad ITE2301 Assignment 01
MAC Address
00-53-45-00-00-00
OVAL System Characteristics Generator Information
Schema Version Product Name Product Version Date Time
5.3 OVAL Definition Interpreter 5.3 Build: 20 2009-09-20 00:58:46
Oval Definition Results
True False Error Unknown Not Applicable Not Evaluated
OVAL ID Result Class
http://www.microsoft.com/technet/security/bulletin/MS07-03
2007-
oval:com.threatguard:def:427 false patch
033oval:org.mitre.oval:def:1902oval:org.mitre.oval:def:1396o