Question Details

[solution] »

I need your help.

Attached is the requirements of my assignment (Assignment 2).  This assig


Brief item decscription

Answer Download


Item details:

I need your help.

Attached is the requirements of my assignment (Assignment 2).  This assignment is based on the findings that I found in Assignment 1, which is attached as well.  Assignment 1, which is attached, lists the findings and in Assignment 2 I'm supposed to provide more details regarding mitigating the potential risk, response and recovery.


Running head: IDENTIFYING RISKS Identifying Potential Malicious Attacks, Threats, and Vulnerabilities

 

Ashley M. Davis

 

Strayer University

 

Dr. Michael Cianciotta

 

CIS333: Network Security Fundamentals

 

August 2, 2016 1 IDENTIFYING RISKS 2 Identifying Potential Malicious Attacks, Threats, and Vulnerabilities

 

Introduction

 

The demand for information security is always real. As long as there is data or hardware

 

hosting that data, there will be a need to secure it. This security varies from program to protocol

 

suites protecting from each side of access to this data. Identifying potential malicious attacks,

 

threats, and vulnerabilities can be like searching for a needle in a haystack. As an Information

 

Security Engineer for a videogame development company, the first task with the organization is

 

to identify and draft a report identifying potential malicious attacks, threats, and vulnerabilities.

 

In this informative look three (3) specific potential malicious attacks and/or threats will be

 

analyzed that could be carried out against the network and organization; detailed potential impact

 

of the three (3) selected malicious attacks will be explained; the security controls that I would

 

consider implementing in order to protect against the selected potential malicious attacks will be

 

proposed; and three (3) potential concerns for data loss and data theft that may exist in the

 

documented network will be analyzed. Let?s begin with analyzing the network for specific

 

malicious threats.

 

Analysis of Specific Malicious Threats

 

In analyzing specific potential malicious attacks, threats, and vulnerabilities on the

 

diagram network of this organization, a few things become obvious as an Information Security

 

Engineer. Without knowing the configuration that exists on these network servers and devices,

 

the possibility of potential threats can be speculated. In this network diagram the Wireless

 

Access Point should have data encryption running on it. The Web and FTP servers should have

 

FTP and IIS running over SSL on them, and there should be an Intrusion Protection System (IPS)

 

running on this network. In addition, there should also be SSL/TLS running on the Email Server

 

as well.

 

Without encryption, the Wireless Access Point transmits clear text over open air ways

 

rendering data available to everyone in the vicinity of that access point. This is the default IDENTIFYING RISKS 3 configuration of the Wireless Access Point and should be configured for wireless encryption to

 

remove that vulnerability. Most of the new wireless access points have the new encryption

 

standard, which is WEP2 [Cas]. This standard is the second generation of Wired Equivalency

 

Privacy. It was found that the first generation was able to be cracked in less than a minute [Cas].

 

This new standard uses the Advanced Encryption Standard, which is AES [Cas].

 

Intrusion Detection Systems are systems that monitor, analyze and report occurring

 

attacks on computer networks [Jad12]. It analyzes whole packets while looking for known

 

events based on log messages. Although it exposes possible vulnerabilities and threats, it still

 

leaves the potential for those vulnerabilities to become attacks, because it does not perform any

 

actions to mitigate those vulnerabilities. All findings must be manually mitigated in order to

 

avoid conceivable attacks. The error in this as it pertains to an IDS is that Information Security

 

Engineers may view the logs too late and the attack may have already begun. A denial of service

 

(DoS) attack may be an example of an attack that need immediate attention. Denial of Service

 

attacks may have already occurred because there have been no actions done to prevent the attack.

 

This denial of service attack prevents authorized users from accessing a resources temporarily or

 

permanently (Kim & Solomon, 2014). That?s why having an Intrusion Prevention System (IPS)

 

in place is a better solution.

 

The FTP server needs SSL or SSH to secure connections (SRT, n.d.). FTP by itself

 

utilizes an authentication method between client and server. However, after the authentication is

 

successful, through a series of synchronized commands controlled by the Command

 

Connection/Control Connection, a common port is established called the data connection,

 

whereby files are transferred (SRT, n.d.). When this connection is made it is vulnerable to a

 

man-in-the-middle attacker, where an attacker can intercept messages between the client and the

 

server before allowing then to go to the intended destination [Kim14]. In order to secure this, we IDENTIFYING RISKS 4 must apply SSL. Over the years, extensions have been included, allowing secure connections for

 

FTP. Those secure connections include industry standard 2048 bit TLS?an upgrade of the

 

previous 1024 bit SSL version (SRT, n.d.). This allows encryption for both the Control and Data

 

Connections to both man-in-the-middle attackers (SRT, n.d.).

 

The Web server also needs to be secure on the internet. The calamity in utilizing a web

 

server opens up denials of service (DoS) and distributed denials of service (DDoS). The DDoS

 

attack is where a hacker can install tools or agents on hosts [McD13]. This tool or agent to a

 

master that communicates with a number of possible agents the exist across the network

 

[McD13]. These agents will eventually attack a specific host or service to bring it down. SSL

 

and SSH are a complement to one another, as they securely connect client and server and

 

transmit individual messages securely, they do not prevent DoS and DDoS attacks. According to

 

US-CERT.gov, ?there are no effective ways to prevent being the victim of a DoS or DDoS attack

 

[McD13].? However, there are things that can be done to lessen the vulnerability of attack: 1)

 

Install and maintain anti-virus software, 2) Install a firewall, and configure it restricting inbound

 

and outbound traffic, and 3) follow best practices for distributing your email address [McD13].

 

Also, applying email filters will help in the management of unsolicited traffic [McD13].

 

Conclusion

 

In conclusion, it must be declared that there are many other possibilities of security flaws

 

in the network diagram, but three have been identified along with the detail of their effect, along

 

with how the finding can be mitigated with a fix to eliminate or reduced the vulnerability. Along

 

with having a remedy or mitigation, identifying risks is a one-time occurrence, but it is a 24-7

 

mission that does not stop with couple finding per device. What is found today is only for today.

 

There might be something else found with the same device tomorrow. IDENTIFYING RISKS 5 References

 

Casey, B. (2015). Top 3 Wi-Fi Security Vulnerabilities. Technopedia. Retrieved from

 

https://www.techopedia.com/2/28536/networks/wireless/top-3-wi-fi-securityvulnerabilities

 

Jadiodoleslamy, H. (2012). Weakness, vulnerabilities, and elusion strategies against intrusion

 

detection systems. International Journal of Computer Science & Engineering Survey, 3,

 

16. doi:10.5121/ijcses.2012.3402

 

Kim, D. & Solomon, M. (2014). Fundamentals of Information Systems Security: Second Edition.

 

Burlington, MA: Jones & Bartlett Learning.

 

McDowell, M. (2013). Security tip (ST04-015): Understanding denial-of-service attacks. USCERT. Retrieved from https://www.us-cert.gov/ncas/tips/ST04-015

 

SRT. (n.d.). What?s the Difference? FTP, SFTP, and FTP/S. Retrieved from southrivertech.com:

 

website: https://southrivertech.com/whats-difference-ftp-sftp-ftps/

 


Notice: Undefined index: payment_status in /home/aceyourh/studycourse.fun/wp-content/themes/premier/page-templates/paper-detail.php on line 248






About this question:
STATUS
Answered
QUALITY
Approved
ANSWER RATING

This question was answered on: Oct 14, 2020

PRICE: $20

Solution~000176173.zip (18.37 KB)

Buy this answer for only: $20

This attachment is locked

We have a ready expert answer for this paper which you can use for in-depth understanding, research editing or paraphrasing. You can buy it or order for a fresh, original and plagiarism-free copy (Deadline assured. Flexible pricing. TurnItIn Report provided)

Pay using PayPal (No PayPal account Required) or your credit card. All your purchases are securely protected by PayPal.
SiteLock

Notice: Undefined variable: ip_country in /home/aceyourh/studycourse.fun/wp-content/themes/premier/page-templates/paper-detail.php on line 456

Need a similar solution fast, written anew from scratch? Place your own custom order

We have top-notch tutors who can help you with your essay at a reasonable cost and then you can simply use that essay as a template to build your own arguments. This we believe is a better way of understanding a problem and makes use of the efficiency of time of the student. New solution orders are original solutions and precise to your writing instruction requirements. Place a New Order using the button below.

Order Now