Paul Gray is very pleased with the suggestions for security and is now moving fo
ID: 3661404 • Letter: P
Question
Paul Gray is very pleased with the suggestions for security and is now moving forward with the changes to his organization. The organization currently has a network of two servers that can handle traffic for approximately fifty employees. The company uses a database to keep track of data on both clients and employees.
Gray has decided that adequate measurements must be taken to protect the internal data and has stated the following requirements:
User authentication must be performed before an employee can log on to the network.
A mechanism needs to be devised by which data belonging to a user on the local machine is accessible to that user only.
The OS (or OSs, if needed) installed on the computers needs to be updated with the latest patches and fixes.
The OS (or OSs, if needed) needs to be customized to prevent outsiders from accessing the computers.
To meet Gray's requirements, you will need answers to the following questions:
Which OS or OSs should Gray use on the servers? What is the rationale for your choice? Would this system and the expected requirements warrant the use of a trusted OS or would commercial systems be sufficient? Justify your decision with examples and a specific comparison between a trusted OS and a commercial OS.
Is the OS the primary piece of software responsible for the security of the overall system? Explain your answer and give examples to support your conclusion. How does this affect confidentiality, integrity, and availability for the system? Which of these factors is most influenced by the OS?
Would a single proxy server be a good solution for connecting Gray's employees to the Internet in this circumstance? What benefits and challenges would this introduce? How would this affect the attack surface of the system? Assume roughly twenty-five employees as a starting point for the organization; how would growth of the organization affect the use of the proxy server? How well does this type of solution scale with traffic volume?
Explanation / Answer
Most likely unix based or windows based operating systems are good to opt.
Yes it is the most primary piece of software resposnsible for the security of the overall system. Since we use internet to share data, then there was lot of chance for getting affected our system.
So when any worm or virus are attacked then attacker will get the data from our system, so this will affect confidentiality. So this comes also under integrity. By attacking, one can eavedrop the data, so avaiability also gets affected. So all will be influenced. No single proxy server is not a correct idea. As all employees will connect to single orocy , all intruders can attack surface of the system with other user credential details.
When all 25 employees will use same server, it will hang and it will suspend for a some time. To avoid this situation, one of the choice is using load balancer, and second one is using another supportive server.