Computer Science Question Answers
Q.1:
A network perimeter defence is used to protect the network of an organization from external attacks. It works tremendously to defend the system as a firewall, it is basically a set of layers of security to protect network and data. The purpose of perimeter defense is to work as a firewall device. The perimeter defense seems to become evil when there is short of unplugging of the network from the rest of the world. There are certain solutions to overcome this problem, in some cases, the network expert has gone through unplugged solutions. To deal with this necessary evil you are required to deal with perimeter you are going to defend. There is a limited number of connections from the rest of the networks like the internet, it helps a lot to the network because it is easier to manage its protection. From the security aspect, ideally, you have only one connection to the internet, in some companies, operation requirements refer to certain groups which require additional connections. A network perimeter basically comprises of the following components.
Border Routers:
it works as traffic signs in the networking, it basically directs the inward and outward traffic in the networks. The border router controls the malwares which flow along with the data browsed by the users in the organization for the useful data they are looking from internet.
Firewalls:
It is a device that defines set of rules which specify the traffic and allow or deny it to pass through it. A firewall is basically used to pick yo where the border router misses and forms a much detailed pass at filtering traffic. Its function is to filter the traffic and deny the untrusted and suspected traffic.
Intrusion Detection System (IDS):
The purpose of this system is to alarm the system for such networks which are used to detect suspicious activities. IDS can be developed from a single device or the combination of different sensors which are placed at the strategic points in the network.
De-Militarized Zones:
DMZ or the Screened Subnets is the set of networks made of public services linked directly to other filtering devices, and offered protection by the firewall.
The requirement of the Network Perimeters:
In the modern world, businesses are not using a single defensible boundary between the organization’s internal assets and the external world. The internal users are not simply connecting the organization’s network and inner circle from the internal, but also connect from the outside networks and use the mobile devices to get access to the internal resources.
Data warehouses, software, and cloud computing work as a service to provide immediate access and security for both the inside and outside users. The web services have opened a large entrance to interactions with external users with normal trust boundaries. To communicate with other external services, and serve multiple clients, both the internal and external platforms occur all the time however the interactions are insecure (Koren & Oren, 2018).
Our network perimeter defence is highly secured and advanced. We have installed newer firewalls which are preconfigured. We simply plugged them in, and entered some basic and necessary IP address information, and used much better custom configurations of firewalls. We have also disabled all UDP and TCP ports especially the 135, 137, 139, and 445 ports. We are also using callbacks to preset numbers and record caller ID Infos, we have denied dial-up access to everyone except those who have a legitimate business need for it.
Q2:
We have taken certain steps to overcome the bottlenecks in our system. I have checked the remarks and objections to the previous audit report. We were criticized for our poor quality of intrusions detection data, and our inability to provide a proper electronic record of the system using that could serve to track down breaches of security, and our superficial vulnerability analysis.
To address the superficial vulnerability analysis of our system we have used intrusion prevention system (IPS), that is a security network or threat prevention technology to examine the traffic flows of a network and detect to prevent the system from vulnerability exploits. The vulnerability exploits basically come in shape of malicious inputs to the targeted applications or services. The attackers interrupt and try to to get control of the application or the whole system. We have sit IPS directly behind the firewall to provide necessary layers of analysis which are used to negatively select for the dangerous content. IDS is a passive system which is scanning the traffic and reports back on the threats. It is installed inline directly in the path of communication between the source and the destination. It is actively analyzing and taking automatic actions on the overall flows enter the network. These actions specifically include the following:
It sends a caution to the administrator to drop the suspicious data from the network. It also blocks traffic which include malware from the source address, and rest the connection.
To strengthen our security system that would be enabled to track down the breaches of security and protect our system and data from the intruders to gain unauthorized access. Security breaches are like someone breaks a window and enter into your home, security breaches are sometimes on a large scale. To cope with this issue, we have adopted certain steps to protect our data. First of all, we have created secure and strong passwords by using unique characters, numbers, and letters, change the cases of letters and form a combination of these different keys in the keyboard. Then we have used different passwords for different accounts. We also secure our websites and look for https in our web address. We monitored online our monthly financial statements, and sign up for credit reports. We have regularly checked our credit reports in order to make sure that imposters have not opened our credit cards and other accounts in our name.
To improve the quality of intrusion detection data we have implemented the latest technologies in our system. As we know that network plays an important role in our business, so the computer network must be up to date and it requires the latest security techniques in our infrastructure. Reliability and safety was our major concern to enable our organization to achieve success and boost our progress. To overcome this problem we have updated our network-based IDPs, which is a technique used to analyse traffic at all the open systems interconnection layers through detection of the presence of suspicious activities (Hodo et al., 2016). For the effectiveness of NIDPS, we looked for the whole network and placed at a proper point in our network. For further advancement and protection, I will recommend installing Host-based IDPs, which is a software used to monitor and analyse events which detect a particular host for suspicious behaviour.
Q.3:
The proxy server is the most important tool to protect data and system from intruders. Antivirus gateway is a feature of network security that can integrate antivirus security to protect workstations by bocking potential threats before they reach the network. Seshadri et al., (2020) argued that antivirus gateway allows business organizations to check for viruses at application using internet-based scanning service. There is a number of security application vendors that provide gateway antivirus packages and is used to identify the specific type of security to the network. Antivirus gateway protects the network from malware, it is more challenging nowadays than ever before because the number of new threats is increasing and emerging. It has protected our network to a greater extent from the threats of viruses that can crush our user data and software tools. Watchguard Gateway Antivirus has provided strong protection to known viruses such as Trojans, rogueware, worms, and spyware. However, it has certain limitations so we need a proxy server to strengthen our computer defence and security. Antivirus gateway cannot defend our system against rootkits. Rootkits are a real threat to our workstations that attack the operating system of the computers. It is not able to detect zero-day exploits, which is a serious computer infection which can spread as quickly as we could not identify it as harmful. Antivirus can not provide protection to files that are read simultaneously and being written. Antivirus gateway is not able to scan a file which is open by one user for read, and other writes in the same file, so the reader can probably read virus, while the antivirus is unable to detect. According to Kang and Kang (2016) antivirus gate fails to perform its action on a read-only file system, because its function performs many write operations on the file.
To protect our system from the possible attacks of intruders which the antivirus gateway fails to protect, we need a proxy server for needful actions. Many people maybe not aware of this system, however, it is important to identify theft and secure data from breaches. A proxy service allows the internet traffic flows to the address requested by a user. It works as a gateway between the user and the internet. Why do we need a proxy server, and why don’t we just go straight to and grom the website and back? To answer this question, we need to understand the threats and potential drawbacks of malware transfer to our workstations through the internet. A proxy server protects users and the internal network form the bad stuff which is transferred to our system that lives in the wild internet. Proxy servers provide the highest level of security and safety to our system.
There are certain reasons for using a proxy server by the organizations. First, to control the use of the internet of the employees. Wood et al., (2018) argued that organizations set up proxy servers to monitor and control how the employees are using the internet. There are certain websites which organizations don’t allow their employees to browse during their job, so they need to configure the proxy to deny access to these websites. Secondly, to save and improve the speed of bandwidth, organizations block unwanted websites that reduce the speed of their internet. Finally, the proxy servers improve security which is the most important benefit of this system. It prevents your system from known malware websites, proxy server in combination with VPN can control and verify access to the resources they needed such as internal data and emails.
Q.4:
There are certain reasons to review the software development checklist, though the R & D software developers are busy in their own tasks, however, reviewing codes is an essential part of development. Reviewing the software development checklist is basically the examination of software source codes to find out bugs and to improve the quality of the software. The code review basically includes the following steps.
Best practice: in this step, the developers identify more efficient ways to complete a certain task.
Error detection: in this step, the developers find a logical error in the newly developed software. The co-developer can monitor and check the whole process and identify the loopholes in the entire process.
Vulnerability exposure: In this step, the developer can point out the most common vulnerabilities to improve the quality, and save the time of the developers.
Malware discovery: In this step, the codes are review to detect suspicious codes and find back-doors and remove them from the software (Nurdiani et al., 2018).
Software development checklist includes small guidelines for the developers to check the source of codes used in developing a specific project. For a better review process, the developers are required to divide the review process into small time slots. They are not required to review the complete project at once. According to the experts don’t review more than 400 lines of the codes at once, and one check must not be more than one hour, because a human can’t work effectively to process that amount of information. Two heads are always better than one, so it is crucial to ask another teammate to review your work before it is delivered to the client. This process can improve the quality of our work, and we would be able to provide the best quality of products to our customers. Many other organizations are practising this method regularly, as it’s a common ritual among the developers. We need to initiate it in our organization to achieve the organizational objectives. Molléri et al., (2020) argued that software developed by humans so the chances are error are much more, and a proper review is required by experts.
We need to foster a positive code review culture in our organization, and the review should be based on interpersonal team relationships. There must be maker and checker combination to improve the quality and reduce the human error. For an effective review process, it is essential that managers of both the development department and the R & D team must create a culture of collaboration and learn in this process. It is easy to find defects and each bug is granted as an opportunity for the team to improve the quality of codes. Wagner and Murphy-Hill (2019) argued that this process can allow new members to learn from their seniors and learn from each other’s experiences. Manual code reviews can not completely find all the errors in the code, and the quality of code is highly important in programming. When the quality of code is lower, it may lead to security risks, and to the failure of software, so it is the responsibility of developers to check codes of their colleagues and help them to design best quality products.
References
Hodo, E., Bellekens, X., Hamilton, A., Dubouilh, P. L., Iorkyase, E., Tachtatzis, C., & Atkinson, R. (2016, May). Threat analysis of IoT networks using artificial neural network intrusion detection system. In 2016 International Symposium on Networks, Computers and Communications (ISNCC) (pp. 1-6). IEEE.
Kang, M. J., & Kang, J. W. (2016). Intrusion detection system using deep neural network for in-vehicle network security. PloS one, 11(6).
Koren, Y., & Oren, B. E. N. (2018). U.S. Patent Application No. 15/336,254.
Molléri, J. S., Petersen, K., & Mendes, E. (2020). An empirically evaluated checklist for surveys in software engineering. Information and Software Technology, 119, 106240.
Nurdiani, I., Börstler, J., Fricker, S., & Petersen, K. (2018, May). A preliminary checklist for capturing baseline situations in studying the impacts of agile practices introduction. In 2018 IEEE/ACM 6th International Workshop on Conducting Empirical Studies in Industry (CESI) (pp. 25-28). IEEE.
Seshadri, T. V., Murali, M., & Malhotra, S. (2020). U.S. Patent Application No. 16/579,167.
Wagner, S., & Murphy-Hill, E. (2019). Factors That Influence Productivity: A Checklist. In Rethinking Productivity in Software Engineering (pp. 69-84). Apress, Berkeley, CA.
Wood, C. D., Holtstrom, M., Lockhart, R. T., McCulligh, M., Mister, S. J. M., & Wetmore, G. (2018). U.S. Patent No. 9,954,860. Washington, DC: U.S. Patent and Trademark Office.