Cyber Security Case Studies

Cyber security entails the protection of computers, networks, and networks from unauthorized access and attack by using a variety of technologies, practices, and processes. It requires a coordination of efforts in an information system. Some of its elements include network, operational, information, and application securities. The dynamic nature of security risks poses serious challenges to the enhancements of cyber safety procedures. It is, therefore, crucial to ensure that the cyber security practices encompass the dynamism for successful outcomes (Lehto, 2013). Advisory organizations, therefore, support more adaptive and proactive approaches. They should regularly update their guidelines in their risk assessment frameworks that aim for continuous monitoring and making real-time assessments. Some of the steps of ensuring cyber security include implementing firewall settings, using appropriate software such as Anti-virus, having a password strength protocol, data encryption, and application updates (Lehto, 2013). They protect against spams, malware, hacking, viruses, phishing, among other threats.

CASE STUDY ONE

Firewall settings

Firewall technologies are crucial components of the approaches that enhance cyber security. It uses predetermined security rules to control and monitor network traffic. Its categories are host-based firewalls and network firewalls (Collins, 2011) Network firewalls work by filtering traffic between networks and are either hardware or software appliances.

There are varieties of firewall configurations. Packet filters operate at low levels of the IP protocol stack. They work by not permitting packets that do not meet the established rules to pass through the firewall. Existing network connections have many descriptions, such as the source and destination IP address, the stage of the connections lifetime, and UDP or TCP ports.

Application layer firewalls are effective in application level levels of the TCP/IP stack. They work by intercepting packets that travel to and from an application. They also block some packets. It is useful in controlling the spread of Trojans and networked computer worms. It achieves this by using its additional inspection criteria that have extra latency for the forwarding of packets to their destination.

Proxy servers may function as a firewall. It responds to input packets while blocking other packets (Collins, 2011). They are useful because they inhibit the tampering of an internal system by an external network. Therefore, it ensures that there is no security breach even if there is the misuse of an internal system.

Browser privacy and security settings

Browser security is a crucial component of cyber security. It applies internet security to web browsers. It helps to protect computers systems and networked data from malware or breaches of privacy. Security exploits of browsers may use JavaScript. It can use it with either a secondary payload or cross-site scripting. They also take advantage of vulnerabilities that are often exploited in browsers such as Google Chrome, Opera, and Mozilla Firefox. There are varieties of ways of breaching web browsers. One of them is when malware violates the operating system using privilege mode by reading and modifying the browser memory space (Wadkar, 2017). Another breach is when a malware attacks the operating system by running as a background process.

Web browser security breaches can display pop-ups, track websites, collect personally identifiable information, and web analytics about a user contrary to their will by using tools like HTTP cookies, zombie cookies, web bugs, spyware, viruses, and Clickjacking. It is possible to reduce the vulnerabilities by the constant updating of browser software and ensuring that there is no compromise of the operating system (Wadkar, 2017). Another way is through the configuration of the browser, although it may be inefficient against all security breaches. Better methods use network communication to prevent the attacks. Some of them are DNS: DNSSec and DNSCrypt and HTTP: HTTP Secure and SPDY. Perimeter defenses use firewalls to block malicious websites. They also perform scanning of antivirus scans of file downloads. Large organizations can use them to block malicious network traffic. Hardware browsers ensure that there is no overwriting of media by ensuring that it presents clean executable during loading. Live CDs have default internet browsers. An original CD free of malware will load free of malware in all the software that it uses. Browser hardening ensures that there is no compromise of the whole operating system (Wadkar, 2017).

Recommended software to install

A variety of software recommendations can enhance cyber security. One way is by enabling automatic updates. Many programs and operating systems have automatic updates that deal with security issues. There is no longer a need to download a file or click a button to update software. It will update itself in the background without required user input. Companies such as Microsoft provide updates by fixing bugs and patching security holes.

There should be installations of Antivirus and Anti-Malware. An efficient Anti-Virus application should integrate with the operating system at advanced levels. Some of them include Windows Defender, Kaspersky, and Avira. It is also crucial to use Malwarebytes alongside antivirus software (Aneja, 2015). The Malware bytes provide additional protection against malicious software that the traditional antivirus products are not capable of identifying.

Another essential security software is access control that enhances security by granting access based on the credentials presented. Others are anti-key loggers that are effective in thwarting key logging systems. Anti-subversion software work by detecting subversion and hence stopping hacking effects. Their accomplishment is in both dynamic and static manners (Aneja, 2015). Intrusion detection systems work by the monitoring of malicious activities and policy violations in network systems. Encryption software applies the use of cryptography to make it difficult to read digital information.

Password strength policy

Password strength entails the measurement of the efficiency of a password. It is necessary to adopt strong passwords to curb security breaches. A secure password lowers the chances of an attacker gaining access to a system. The complexity, unpredictability, and length determine the strength of a password (Farrell, 2008). Users choose passwords with the guidance of a set of rules that ensure that they are strong band secure. They can be a combination of capital letters, special characters and small letters that make them difficult to guess by attackers. Using password guess validation can also ensure that passwords are authentic. The use of standard cryptographic hashes can prevent attackers from recovering passwords if they obtain hash values. A combination of passwords and cryptographic salts can make it infeasible for attackers to gain entry into the system if the range of the cryptographic salt is wide such as a 32-bit number.

An organization can have password policies that provide guidelines for the choice of strong passwords. The use of a minimum password length can indicate strong passwords because it significantly lowers the probability of guessing by an attacker. The random generation of passwords is also applicable in some instances. The use of a combination of characters such as numbers, special symbols, uppercase and lowercase letters also ensures the strength of passwords (Farrell, 2008). It is also important to avoid the usage of the same password across software systems and user accounts.

Password policy assists users in the choice of strong passwords. It also ensures the suitability of the passwords to the target population. It gives recommendations to users regarding the use of their passwords (Farrell, 2008). It may use a password blacklist that blocks the usage of weak passwords. Enforcing requirements to alter any compromised password is also an effective password policy.

Online banking encryption

Encryption works by scrambling messages that are exchanged between the browser and an online banking server (Ammari, 2013). A browser enhances secure sessions with the server. It is established by a Transport Layer Security (TLS) protocol encryption. It requires the exchange of private and public keys. After the exchange of keys, the browser uses numbers to encrypt the messages sent between the server and the browser. Apart from ensuring privacy, the TLS protocol prevents other websites from impersonating the bank’s website. The secure lock symbol is used to show that the browser security enhancement. The possible combinations of a lock determine the strength of an encryption. Updating browsers is useful in ensuring stronger encryption levels (Ammari, 2013).

Operating system patches and application updates

Software updates or patches have a variety of functions. One is to ensure the upgrade of software to the latest version that has new features. It can also improve the stability of an application. It performs a crucial role in the prevention of security breaches by fixing a bug (Hofmeyr, 2005). One of the best defense mechanisms that security researchers use against the common online malware and viruses is the installation of system and software updates. They address security threats that they may discover. It is important to use protected operating systems to prevent vulnerabilities even for old computers that have old operating systems. For instance, Windows and Apple always provide updates to their users.

Decisions regarding the cybersecurity recommendations

For enhanced cyber security, it is necessary to follow various recommendations. Violations of the recommendations are inconsistent with the aims of cyber security. Therefore, there may be the termination of the contract with the security providers if they do not have proper security protocols for the PC. If the violations lead to a breach of security, it is possible to take actions by enlisting the services of a credible cyber security services provider that adhere to all the protocols of cyber security management.

CASE STUDY TWO

Guidance and Rules

It is necessary for young children to have secure interactions on social networking sites such as Facebook and Twitter. Specifically, their security and privacy are crucial. Specific guidelines can be important in ensuring their safety and limiting the exposure to harmful content. One of the guidelines that can be effective for young people is to ensure that they maintain confidentiality in such sites. Another is to ensure that they maintain privacy by limiting online interactions with strangers. They should know that some may take advantage of their age to engage in cyber bullying and other unethical acts.

Facebook and Twitter settings

Many settings on social sites can enhance security. It is necessary to configure settings to minimize security issues. In Facebook, one can have connections with family and friends globally by posting photos, updates, and much more. However, privacy and security issues may arise. The general settings to configure include making the password strong by using a combination of uppercase and lowercase letters, special characters, and numbers. It is also good to limit the audience that can view your updates. The types of audiences include public where any one can see posts and updates of a person. Friends only audience ensures that only Facebook friends can view a post. Custom audiences allow a user to impose a restriction on some contacts (Passini, 2012). Only me audience implies that only the user can view updates. It is also possible to limit the audience that sees shared posts. Restrictions can also be imposed on who can send a friend request. Blocking is a security feature that prevents a user from viewing a profile. The timeline and tagging feature ensures the control of those who can tag one and those who can view tagged posts.

Twitter security settings involve approving the followers who can subscribe to and see tweets replies. To configure settings, one goes to Settings. It is also possible to enforce security when tagging, adding locations, and receiving of direct messages.

Detection, prevention, and reporting of cyber bullying, identity theft, and child predatory behavior

Many criminal activities occur regularly on social sites. They include cyber bullying, child predatory behavior, and identity theft (Lehto, 2013; Liefooghe, 2012). It is possible to detect these online crimes by examining the uncharacteristic behaviors that children may exhibit. They include becoming withdrawn, and showing signs of distress. Prevention strategies include maintaining open communication with the children as well as educating them. The use of the blocking function is useful. Limiting a child’s exposure to technology is crucial. Parents may ensure that their children do not hide when accessing their social media sites. Other ways are to check their posts. Reporting of the instances may involve talking to law enforcement agencies. In addition, one can report to schools. Contacting the social media administrators by reporting the online criminals may also be beneficial.

Justification of decisions

If a child does not follow the recommendations that ensure their safety, parents may make certain decisions for the best interest of their children. One of them includes limiting their use of the social media sites. Another decision is to allow them to use the sites only in their presence to ensure that they do not fall prey to online criminals. Educating them on the benefits and risks of social media may also give the children knowledge on the appropriate use of social media platforms.

Conclusion

Cyber security is essential especially in the contemporary world where the internet and other technologies define the operation most business and social activities. Online criminals may take advantage of the widespread use of technologies to cause security breaches. Therefore, it is crucial for organizations and individuals to implement processes that address the potential challenges. Failure to implement security protocols may cause organizations and individuals to incur massive financial losses and infringement on privacy due to security breaches. Since security threats are constantly evolving, it is critical that the approaches to maintaining online security be dynamic and comprehensive.

References

Ammari, F.T. (2013). Enhanced XML Encryption Using Classification Mining Technique for e- Banking Transactions. International Journal of Information Retrieval Research, 3(4), 781-103.

Aneja, P.S. (2015).Detailed Analysis of Antivirus based Firewall and Concept of Private Cloud Antivirus based Firewall. International Journal of Computer Applications, 111(4), 16- 23.

Collins, S. (2011). An effective firewall? Trusts & Trustees, 17(4), 361-364.

Farrell, S. (2008). Password Policy Purgatory. IEEE Internet Computing, 12(5), 84-87.

Hofmeyr, S. (2005). Host intrusion prevention: Part of the operating system or on top of the operating system? Computers & Security, 24(6), 440-442.

Lehto, M. (2013). The Cyberspace Threats and Cyber Security Objectives in the Cyber Security Strategies. International Journal of Cyber Warfare and Terrorism, 3(3), 1-18.

Liefooghe, A. (2012). Deal with cyber bullying. Strategic HR Review, 11(4).

Passini, S. (2012).The Facebook and Twitter revolutions: Active participation in the 21st century. Human Affairs, 22(3).

Wadkar, H.S. (2017). Framework to Secure Browser Using Configuration Analysis. International Journal of Information Security and Privacy, 11(2), 49-63.