April 25, 2016

A&P

Names: ______________Jiho
Kim_______________________________________________________
___________________________________________________________________________

IT Security Methods
1. Configure a Firewall
Search the internet to locate a list of all TCP port numbers and their associated
descriptions. Your job is to establish firewall rules for your organization. Which ports
will be permitted and blocked? Choose 5 that you would block and 5 you would
allow and briefly state why. Be sure to ask if you are not clear about this.
To Allow
Port
Numb
er
1 443

Description of
the port

Why?

HTTPS

Allows encrypted traffic to/from your web server

WINS
replication
Border Gate
way protocol

2.

42

3.

179

4.

993

IMAP

Ports used to replicate NETBIOS name tables from

one windows server to another
Broader gateway protocol is a routing protocol used
to exchange routing information between routers in
autonomous networks.
TCP Ports used for SSL secured IMAP 4 access

5.

1434

SQL server
monitoring

Used by SQL server to monitor SQL server

performance.

Description of
the port

Why?

Network abuse

Port that is blocked by some operators to prevent

network abuse
Pcs anywhere for the streaming of screen updates
during a pc anywhere

To Block
Port
Numb
er
1 25
2.

5632

3.

8080

4.

389

5.

135

PC Anywhere
5632 UDP
incoming
Internet traffic
Weight
directory
access
Locator
service

HTTP internet traffic also goes through

Port used to find and manage network resources on
the network system
Holds information regarding which ports and IP
addresses the services are currently running on or
listening on

April 25, 2016

A&P

2. What is the purpose of a VPN? Why would your organization want to use this?
A virtual private network (VPN) is a technology that creates an encrypted
connection over a less secure network. Because, it ensures the appropriate level of
security to the connected systems when the underlying network infrastructure alone
cannot provide it.

3. Describe how you would send an encrypted email message from to another
person. What are all of the parts that need to be in place for this to work?
I will use private key they can use to decrypt such messages or to digitally encrypt
and sign messages they send. I need QOS(quality of service), to improve secure
email system. I probably need specific email system(Microsoft outlook), copies
documents, set policy key, and prying eyes.

4. You have just received notification that GOALs web site is being used to attack
other sites as part of a DDOS attack. As the manager of GOAL, what should you do
about this? Describe some steps you should take to address this problem. You are
responsible for the server, but assume that you are not the system administrator
and have not been properly trained with the technology. You must rely on others for
assistance. Consider a directive you might make as well as questions to ask the
professionals in dealing with this problem.
I will do 4 ways to block it. First is use its existing firewalls to block the traffic.
Second, Specialized On-Premises Equipment. Develop specialized hardware to
protect server. Third, ISP(internet service protocol), These ISPs have more
bandwidth than an enterprise would, which can help with the large volumetric
attacks. Last one is Cloud migration provider, Cloud mitigation providers are experts
at providing DDoS mitigation from the cloud. This means they have built out
massive amounts of network bandwidth and DDoS mitigation capacity at multiple
sites around the Internet that can take in any type of network traffic, whether you
use multiple ISPs, your own data center or any number of cloud providers.