英国航空航天工程学论文代写:网络安全定制
英国航空航天工程学论文代写:网络安全定制
在制定安全计划的同时,物理安全在网络安全中也扮演着重要的角色,因为物理破坏或盗窃也会导致隐私和安全漏洞(Stallings, 2006)。商务办公室是一栋三层楼的建筑,在办公室正下方有一个仓库。通过为业务设置配线柜和数据室,确保以授权人员进出的形式进行物理进入至关重要。必须确保只有授权人员才能进入网络,从而确保机密性和完整性。必须设置身份验证和不可否认协议(Karygiannis &Owens, 2002)。访问控制必须基于用户的层次结构来定义。目前,该业务在展厅级别、帐户、IT等方面拥有不同的用户。根据中央情报局三合会(机密性、完整性和可用性)为ACA技术开发网络策略。可在不同级别提供受控访问。
英国航空航天工程学论文代写:网络安全定制
安全机制必须能够防止最常见的安全威胁,如完整性破坏、伪装、拒绝服务等。该公司的网络安全政策是根据中央情报局定义的机密性、完整性和可用性制定的。将对ACA的授权用户进行培训,以确保他们保护自己的密码和用户名。将对用户进行培训,以帮助他们为自己的工作场所生成更强的密码。在培训中提倡社会工程方法和最佳实践(Denning, 1999)。将建立数据处理规则,并不时审查遵守协议。将在工作场所建立两个因素验证。将使用生物特征认证、密钥fobs和软令牌方法等其他选项。敏感数据和信息的存储只能在空气间隙的工作站或断开连接的存储设备上进行。数据传输将使用密码学和加密方法。
英国航空航天工程学论文代写:网络安全定制
While developing a security plan, physical security plays significant role in network security too, as physical damage or theft could result in privacy and security breaches too (Stallings, 2006). The business office is a three storey building operating a warehouse directly below the office. With wiring closets and data rooms set up for the business it is critical that physical entry in the form of authorized personnel entry and exit is assured.Confidentiality and integrity must be assured by ensuring only authorized people can gain access into the network.Authentication and non-repudiation protocols must be set in place (Karygiannis &Owens, 2002). Access control must be defined based on hierarchy of users. The business at present has different users at showroom level, accounts, IT and more.Develop a network policy for ACA Technology following CIA triad (Confidentiality, Integrity and Availability). Controlled Access can be provided at different levels.
英国航空航天工程学论文代写:网络安全定制
Security mechanism must be able to protect against the most common security threats such as that of integrity violation, masquerading, denial of service and more. The network security policy for the company is prepared according to the CIA triad defined by Confidentiality, Integrity and Availability.Training will be given to authorized users of ACA to ensure they protect their passwords and usernames. Training will be given to users in order to help them generate stronger passwords for their workplace.Social engineering methods and best practices will be advocated in training (Denning, 1999).Data handling rules would be established and compliance protocol will be audited from time to time.Two factor authentications will be established in the workplace.Additional options of biometric authentication, key fobs and soft token approaches would be used.Sensitive data and information storage would be done only on air gapped workstations or on disconnected storage devices.Cryptography and encryptions methods would be used for data transfers.
