Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Question Scenario [Internet Security] (Part 1 to Part 3) A bank named xyz private limited has three head offices and each head office has eight

Question Scenario [Internet Security] (Part 1 to Part 3) A bank named xyz private limited has three head offices and each head office has eight branches connected with them. These head offices are located in Lahore, Islamabad and Karachi. All branches share their transaction data with respective head offices, then three head offices synchronize their transaction data so that each head office have the same account and transaction details. There is also some branch specific data that needs to be securely stored in the branches and not to be shared with the other branches. Banking systems use multiple applications for their internal communications. This bank have simple username/password based security i.e. their internal applications have username/passwords based logins. Due to recent frequent account hacking incidents they need a security mechanism associated with their applications. They need Confidentiality, Availability, Integrity and Authentication. They are facing major intrusion attempts from outside Pakistan. There are also some low to moderate effective intrusion attempts from information security students of 3, 4 different universities. So, these are all attempts from outside their LAN. There is no chance of insider attacks. Secondly, on 15th January 2021 bank received a ransom-ware threat from anonymous. Ransom-ware are malware that can encrypt complete data present in banks. Thirdly, There are more than 1000 ATM hacking attempts are reported in December 2020. ATM machines are simple systems that have mechanical part that counts and outputs cash, Where as there is a software part as well that interacts with the users and mechanical part of the machine. ATM machines connect with the bank databases to process data and transactions.

Provide solution for following: Part 1: Suggest a complete security architecture for the above banking network scenario. (20) Part 2: Suggest a list of security policies (at least 6) that can be used/deployed in least amount of time. (6) Part 3: Suppose your suggestions provided in solution of part 1 and 2 are fully implemented. Now execute Risk analysis of the complete Banking system. Please suggest any controls if required at the end. (Note: Take only 10 assets of your choice for Risk Analysis) (12)

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

1 2 3 Data Base Techniques

Authors: Dick Andersen

1st Edition

0880223464, 978-0880223461

More Books

Students also viewed these Databases questions

Question

Have ground rules been established for the team?

Answered: 1 week ago

Question

Is how things are said consistent with what is said?

Answered: 1 week ago

Question

Do you currently have a team agreement?

Answered: 1 week ago