Hi, I would love to answer you with the questions, hope you will
like an answer and get an idea related to the same. So let's move
with the question.
Ans.1 Determine where to relocate the Data Center - be
as specific as possible about the best site for the center in
relation to the main facility?
- The Data center for the company needs to be relocated and the
site is required, as per my suggestion the organisation must look
for its branches if there is any in the other countries then it
must be preferred and if specifically want more exact the data
center must be somewhere away from the general reach of the people
in the city so as resulting in the layer of the security and the
physical security must be ensured. As there are many giant company
you may know had its data center underwater in the sea.
Ans.2 Decide what physical security is needed to secure
the site. Be detailed on all levels of security?
The measures for assuring the physical security are as
follows:
- Guards must be available at the entrance of an organisation for
the manual security checks
- Cameras must be available for every single spot related to the
data center
- Biometric authentication for the entrance in the premises
- Double Factor authentication through the smart cards for the
allowed personals
- Inside the center devices security must be proper by deploying
the guards and the cameras
- Fire alarm and the prevention system
- Multifactor authentication and authorization at the Hard room
entry
- Walls of the building must be high and spikes must be
implanted
- No Weapon policy for anyone whether the owner except the
guards
Ans.3 Determine threats (task 2) and appropriate
countermeasures to deal with common threats.
- DDOS attack - The Distributed Denial of
Service attack is the most common and the fearful threat for the
companies as the services may not be accessed if the attack
succeeds as the millions of payloads attack the one single IP and
the services stops working as unable to handle the load. This may
be prevented as not maintaining the whole server on the single IP
and it should be using the VPN and the sandbox and honeypots must
be deployed by the security team so as resulting in the prevention
of the DDOS attacks.
- Social Engineering attacks - This is most
powerful weapon for the attackers by tricking the person and
gathering the crucial information and exploit the target and this
is the how the attackers can target the employees by spoofed mails
and phishing. To avoid such attacks the employees must be provided
the basic training for these related attacks and how to ignore
these practices to prevent themselves and the organisation
- Physical Security Threats - If the physical
security is not been implemented then the attackers may enter the
security zones and try to access the data in an unauthorized
manner. This can be mitigated by deploying guards , cameras and the
multifactor authentication for the authorized physical access.
Ans.4 Develop a set of measures to review security
regularly and countermeasures to address the most common social
engineering attacks. This will include physical and personnel
countermeasures.
- Training sessions for the employees to
prevent from the social engineering attacks
- Never open any liks or download any attachment till not
trusted
- Regular checking of the physical security if the center and the
company
- Do not enter any credentials in front of anyone else
- Never fill credentials on the links by someone else till
trusted
- Never insert any untrusted external device like pen drive , CD
etc.
- Lock you device everytime you move away
Ans.5 Develop a set of posters for employees.
(You will use task 1 and add any new information you believe
employees need to know)
- Posters representing the laws of the comany
- Posters related to securing themselves
- Posters for the proper usage of the resources
- Posters for the security of company assets
Ans.6 Summary
I would not be going in the deep to summarise the above
functions for the security the bullets point must be visited so as
to understand better and in a quick manner and generalising the
whole concept behind the same.
- Data center must be out of the reach of the normal
citizens
- Physical security must be a priority
- Cyber threats must be properly handeled
- Social engineering attack mitigations must be applied
- Multifactor authentication must be enabled wherever
possible
- Posters for the reminder to the employees
These are the basic summary points which must be adopted to
provide the security to a company.
Hope you got a clear idea for th question
Please like and
answer and do comment for any queries
Thanks and Happy to help :)
HAPPY LEARNING