This website uses cookies to ensure you have the best experience. Learn more

Failures In Design And Security Principles

1382 words - 6 pages

The most common threat to a company's information assets mainly come from human error, inappropriate disclosures, and sheer carelessness on the part of the company's employees. Hackers who do intentionally tamper with the company's network often do so because they are tempted by assets they know are poorly protected. Weak security policies present the image that a company does not truly value its assets, which in turn attracts the petty thief and curiosity seeker. Therefore, the preventive element of any network security system should include a strong and enforceable security policy for its employees to follow, re-enforced by a form of technical protection (Control Data, 1999).

Firewalls, ...view middle of the document...

This is an effort, should a system violator manage to breach the security of the network, to catch the violation before any real damage can be done to the network. The most common approach to intrusion detection is based on the belief that violations can be discovered by looking for abnormal system usage, or scanning the system in search for known attack patterns or virus indicators (Denning, D., 1986). The two approaches used by LADWP are automated intrusion detection, and network traffic and vulnerability monitoring.

For automated intrusion detection, LADWP has deployed the Cisco Intrusion Detection System (IDS). This system has two major components. The sensors and the Director Platform. The sensor captures network packets, reassembles them, and compares these packets against known intrusion signatures. Should the sensor detect an attack, it logs the attack and then forwards an attack notification to the Director Platform. Once the Director Platform receives an attack notification, it displays an alarm and takes action to reduce the effect of the attack (Stiffler & Carter, Dec. 28, 2001). Because this is an automated system, it depends on a mechanical process of discerning what is good or bad. This at times can lead to false positives or negatives, or the blocking of a legitimate user and giving access to a system violator. This weakness in the Cisco IDS requires that an additional form of violation detection be used.

In addition to the IDS, LADWP has a staff of technicians who provide continuous network monitoring. In addition to keeping track of the alarms detected by the IDS' Director Platform, these technicians also use other tools to keep an eye on network traffic levels, as well as performing routine vulnerability probing. One key tool used is Lucent's Vital Suite. This tool uses real-time event analysis, which helps to identify network resources that have exceeded acceptable levels.

To properly use Vital Suite, the technicians establish what they believe to be normal network activity. This norm is then used as a baseline to help in the identification of any abnormal network traffic. Once the baseline is established, levels of severity are set. The levels are minor, major and critical, with critical meaning immediate action is required. The only time the system alarm is when a critical error is detected. During normal operations, the technicians monitor Vital Suites' display, looking for unusual events. These events can come as a serious of major alarms that occur only a one specific time of day or a continuous string of minor alarms. These events can indicate subtle attempts at compromising the network. In the case of such events, the traffic is examined closer and any needed corrective action is taken at that time.

Data collected by Vital Suite can also be used to expose points of vulnerability by looking for unused ports or poorly configured network devices. When a point of vulnerability is found, the technicians make...

Other Papers Like Failures in Design and Security Principles

Security Sector Reform In Egypt And Liberia

1507 words - 7 pages Both Egypt and Liberia have been struggling to improve their security sector reform. In Egypt they have been facing a revolution since 2011. It started when President Hosni Mubarak's security and police were harsh and merciless toward the people and because of his security divisions that weren’t doing their jobs correctly. Liberia revolution on the other hand is being lead by Charles Taylor who is head of Liberia and who was kind of their

Security Issues and Solutions in E-Commerce Applications

2185 words - 9 pages be mitigated using specific solutions as discussed in this paper. Information and ecommerce applications can be further secured through utilizing an SSL certificate and firewalls. Further, information security initiatives should start at the design level to prevent attacks on various vulnerabilities. Additional protection can occur through a business continuity plan that incorporates risk assessment and mitigation as well as crisis management in the event of an attack to minimize financial loss and restore customer trust. References:

Roles of United Nations in Maintenance of Peace and Security

1399 words - 6 pages INTRODUCTION In the United Nations charter for maintenance of international peace and security, the Security Council has primary responsibility to play in that. It is for Security Council to determine when and where a UN peacekeeping operation should be deployed. The Security Council response to crises around the world on a case by case basis and it has a range of options at its disposal. It takes many different factors into accounts considering

Risk Management: Role in Justice and Security Organizations

720 words - 3 pages Risk Management: Role in Justice and Security Organizations Introduction Risk, as it applies to justice and security organizations means “the uncertainty of financial loss, the variations between actual and expected results, or the probability that a loss has occurred or will occur” (Broder, 2006, p. 3). Businesses and organizations all across the country have risk management programs in place to help minimize losses. Risk most often is

Security, Confidentiality And International Issues In Real Estate

2733 words - 11 pages All businesses have to guarantee some sort of security and confidentiality to their clients as well as for their staff. E-Business security and confidentiality mean more than if the business was in a brick and mortar building. There needs to be secure websites for the client to transmit information to the business and the client needs to feel confident that the business will not sell their confidential information or lose it somewhere in their

Growth and Performance of Security Market in Nepal

4057 words - 17 pages Marketing Center (SMC) was established to deal in government securities-development bonds and national savings bonds, and corporate securities of few * Mr. Gurung is Junior Professor, Nepal Hotel and Tourism Management College, Pokhara. 85 The Journal of Nepalese Business Studies companies. The government has the virtual monopoly over the security market. Then, Securities Exchange Center (SEC) was established in 1976 with an objective of

Application of Motivation and Emotion Principles in Weight Loss Programs to Lose Weight Effectively

3057 words - 13 pages Application of motivation and emotion principles in weight loss programs to lose weight effectively. Abstract Application of principles of motivation and emotion has significant influence on the effectiveness of weight loss in weight loss programs. I agree with this view and will justify it by introducing principles and backing them up with official academic research as evidence. Adverse emotions can facilitate weight gain and

To What Extent Do Classical and Modern Liberals Follow the Same Principles in Their Ideology?

937 words - 4 pages To what extent do Classical and Modern Liberals follow the same principles in their ideology? (45) Typically, liberalism is categorised into two separate components; Classical liberalism, which was fashioned during the 19th century and the more recent modern liberalism that emerged following the rise in industrialisation. Although both divisions of Liberalism unavoidably overlap in attitudes and principles regarding the theory behind the

Describe How the Principles of Collaboration and Autonomy Relate to the Principles of Working in Partnership with Women. Then Critically Analyse How Midwives Apply These Principles to Provide...

1745 words - 7 pages The ANMC Competency Standards for the Midwife (2008) value woman-centred midwifery practice and state that midwives must work in partnership with women and their families. Using the available evidence, describe how the principles of collaboration and autonomy relate to the principles of working in partnership with women. Then critically analyse how midwives apply these principles to provide woman-centred midwifery practice. As stated by

A Discussion of the Major Causes and Effects of the Industrial Revolution in 2 Major Areas of Design - Architecture and Graphic Design

1743 words - 7 pages A Discussion of the major causes and effects of the Industrial Revolution in 2 major areas of Design - Architecture and Graphic Design In this essay I propose to show how Architecture and Graphic Design caused the Industrial Revolution. I also propose to show the effects that were caused by Architecture and Graphic Design during the Industrial Revolution. I will be analyzing two examples from each area of design to help answer and prove my

Employee Behavioral Shape Organization Design and Behavior Control Is Non Existent in Organizations

4908 words - 20 pages Proposition- “Employees’ behaviour shape the organizational design and that behaviour control is non-existent in organizations”. Section 1 - Introduction including definition of key terms The world is rapidly changing and managers are faced with varying challenges to effectively manage in today’s highly competitive world (Daft, 2010). The increased technological advances, the demographic and economic changes, the increase in

Related Essays

Design And Manufacture Security Surveillance Camera

707 words - 3 pages “Rong Tian Shi Tech Ltd”(LOGO: RATINGSECU) was established in 2006, and always focus on design and manufacture security surveillance camera, we are a true security camera manufacturer factory and direct supplier. "RATINGSECU" is our registered brand---- High rating security product. We hope our product always keep high quality, is efficient and high level, can keep high reputation and get high support from customer. Ratingsecu products are

Ergonomics In Modern Planning And Design

1357 words - 6 pages best possible design for a system or product. Ergonomists view people and a the object or machine they will use as a sole unit, and the ergonomic approach to design blends the persons abilities with those of the machine. When designing one must take into account the several limitations of both the mechanical and the human factor involved in a certain workspace. Human beings need to rest or experience less stress when realizing a certain task

Compare The Reasons For Successes And Failures Of Democracy Movements In Asia And Africa

1624 words - 7 pages Compare the reasons for successes and failures of democracy movements in Asia and Africa Democracy means the government by the people.(4) The historians and philosophers of the Aegean world invented the term, situated it within a larger political vocabulary, again of their own invention, and provided a mode of politi- cal analysis that enjoyed authority well into modern times. Greek political institutions did not survive; Greek

Security And Privacy In E Commerce Essay

4003 words - 17 pages computer malfunctions, while intentional threats are performed by criminals, which is where most of the concern lies. A threat caused by human error is usually an error in program or design. For example, in November 2008, Jefferson County, WV, released a search engine site contained a program error and exposed over one million personal records and social security numbers (Turban & King, 2011). A social security number is the most vital part