Aaron Elliott
Forum Replies Created
-
Posts
-
So, a network switch can limit access to devices and control the flow of data. A network switch seems to be an added layer of security then, since it’s a level two device I assume it works on a local level. I appreciate the response, thank you.
In my past work experience trouble shooting is a skill that benefits a person in general and not just IT. Countless times when trouble shooting a tool, would the method of swapping tools to see if the problem persists is a common but effective strategy. Also, documentation is critical since you cannot, and probably do not want to be available all the time, other associates will need to know how you fixed past issues. This way productivity can be spent on better options, other than putting out old fires.
Repeater- when a network signal needs to travel over long distances, the signal will weaken the further it travels. A repeater will receive the signal and boost the strength of the signal and send it to its destination. A repeater is defined as a layer one device. repeaters are used for both wired connections, as well as wireless.
Router- A router directs network traffic to the receiving IP address. Routers are common in households with an internet connection, as most internet providers install a modem and possibly provide a router is needed. Routers provide network security with WPA2 password protection. Some models of routers offer wireless capabilities as well. Routers let multiple devices use the same internet connection by assigning local IP addresses. A router is defined as a layer three device.
Switch- A common term used in networking that I have trouble to get a full understanding, as I do not work professionally in IT. A switch from what I understand is a device that receives and forwards data by mac address rather than IP addresses. Going by mac address allows for faster data transfer over local networks and is a lower tiered device at level two.
For networking problem solving I would start with the physical layer first, also known as the bottom-up approach. Starting from the bottom of the OSI model would allow me to verify any simple errors quickly, like comparing the suspect device with another to see if the problem persists, or simply powering the device on and off again. Following the OSI model cables would be checked for damage or being unplugged. If no issues were found physically, ports and software would be looked into next. Once the issue is found, figuring out how the problem occurred and try to recreate the problem to verify. To avoid any lengthy trial and error a plan to fix the solution would be made testing full functionality is restored. Documentation will need to be made on how the problem occurred and what steps were taken to correct the issue.
It is easy when one goes a period of time without taking in the Gospel or being reminded of it to become self-indulgent and sinful, more worried about the rewards of our Earthly lives. I try to focus on loving my fellow man and spreading the Gospel to those around me as to not get lost in sin.
In my experience policies have been made to prevent data breaches and bad actors. However, enforcement is usually where things tend to fall apart. From what I observe, lack of personnel or resources usually leads to such negligence.
Important policies a company would need to implement would be consistent access controls. Making sure no user has more access to sensitive information than what is necessary. As well as audits that there are no inactive accounts that still have access to company information, as ex-employees may try to access data. Auditing itself is important to implement, so that industry standards are met, along with company implemented policies regarding security are also met. Policies restricting the use of USB’s on company hardware, along with password storage, and sharing.
Companies today face risks from both internal and external sources. Bad actors are always a risk in data management and try to steal private business data through various methods, like open ports, social engineering, and phishing. Also, the risk of natural disaster needs to be thought of, which can destroy data centers and ruin equipment, in which case companies need to have other facilities that are ready to be activated to continue business operations, along with data backups.
Internal compromises are the most common failure, through phishing attacks and relaxed policy enforcement. The best a company can do in these situations would be recurring training on company policies and industry standards on keeping a secure workplace.
I understand I am only human and try my best to avoid situations that will bring me to temptation. I feel temptation daily since I have quit smoking, the cravings are less but I still feel the urge in times of stress, I pray for the strength to overcome temptation.
Well, my knowledge of cryptography comes from what has been covered in this class. From what I understand the symmetric secret key cryptography has an algorithm known as advanced encryption standard that has a bit size up to 256. While looking up information from other sources it seems AES is widely used by the United States government for encryption and is a common and reliable choice (Simplilearn, 2022).
Reference:
Simplilearn, (2022) What Is Data Encryption: Types, Algorithms, Techniques and Methods. Simplilean Solutions. https://www.simplilearn.com/data-encryption-methods-articleIn my experience, the relaxed access controls happen when staff is short, so more associates take on more unconventional tasks. However, my job now has very strict access controls, going as far as having physical controls to certain parts of the building.
Cryptography has an important role for communication. In order to keep an organization’s sensitive data secure and discrete, cryptography is used to scramble data into unreadable formats. Keeping the data secure guarantees the integrity of the data and makes sure that only the intended recipient can view the information and kept out of the hands of any eavesdropping or other bad actors. Cryptography uses keys, distributed between the originator and the intended recipient, to grant access to the information, and they vary in bit sizes and encryption standards.
Access controls are intended to limit data or functions that end users on a network have access too. Access controls also verify the identity of users by two factor authentication, which involve password, security tokens, and pins, and roles are given by the data owners at their discretion, set by rules by role or need to know basis. Access controls will help keep an organization’s data at less of a risk from bad actors or potential insider threats.
Man is imperfect and can be lost in their ways, and become forgetful of the main purpose on Earth, forgetting God’s plan for us. It reminds me of the verse from James 3:1 explaining not all of us should be teachers as our words can start others down the wrong path.
