...Identifying Potential Malicious Attacks The CIO Company will use firewalls, intrusion detection systems, virus scanners and other protective software to provide some assurance that the security policies for the site are properly implemented. Firewalls are the basis of computer and network security defense. They are widely deployed. They are very hard to configure properly, and people who configure them may not know the current threats and attacks. For example, an administrator maybe working on some task and might leave something open in a firewall where attackers can enter through. Some firewalls have the vulnerability that enables attackers and be defeated. By identifying the network components, you can evaluate their vulnerabilities. These vulnerabilities can have flaws in the technology, configuration, or security policy. Vulnerabilities can be fixed different ways, applying software patches, reconfiguring devices, or deploying countermeasures such as firewalls and antivirus software. Threat is when people take advantage of vulnerability and cause a negative impact on the network. If threat occurs it needs to be identified, and the associated vulnerabilities need to be addressed to minimize the risk. As of today, most of the hackers are interested in hacking services such as HTTP (TCP Port 80) and HTTPS (TCP Port 443), which are open in many networks. By using access control devices, they can detect malicious exploits aimed at these services. Now these days applications...
Words: 1060 - Pages: 5
...Assignment 1: Identifying Potential Malicious Attack CIS 333 Assignment 1: Identifying Potential Malicious Attack Potential malicious attacks and threats that may be carried out against the network include illegally using user accounts and privileges, Stealing hardware and software, Running code to damage systems, running code to damage and corrupt data, modifying stored data, stealing data, using data for financial gain or for industrial espionage, performing actions that prevent legitimate authorized users from accessing network services and resources, and/or performing actions to deplete network resources and bandwidth. Threats to the network can be initiated from a number of different sources, hence the reason for network attacks being classified as either external or internal network attacks/threats. Individuals carry out external threats or without assistance from internal employees or contractors. A malicious and experienced individual, a group of experienced individuals, an experienced malicious organization, or inexperienced attackers (script kiddies) carry out these attacks. Such attackers usually have a predefined plan and the technologies or techniques to carry out the attack. One of the main characteristics of external threats is that they usually involve scanning and gathering information. Users can therefore detect an external attack by scrutinizing existing firewall logs. Users can also install an Intrusion Detection...
Words: 1068 - Pages: 5
...Identifying Potential Malicious Attacks, Threats and Vulnerabilities Brian Cox Strayer Univerity Professor Leonard Roden Networking Security Fundamentals May 03, 2016 Have you ever thought about the measures that you need to go through when protecting yourself from online threats and attacks? There are many different types of attacks and threats that can be carried out against networks and organizations. The attacks that could be carried out can cause serious damage to the company and range on a scale from very minimal to very severe data loss and data theft. It is important for companies to take every precaution available and have not only the best software for prevention of these attacks but stay on top of what the intruders, hackers, attackers are learning and how the technology is forming when they are deploying these systems on their servers, networks, and office computers that employees will use on a day to day basis. The computers each employee is using should come with a User Agreement and the do’s and do not’s when it comes to daily computer usage. This will enhance the security as each employee will understand what is acceptable and how to obtain maximum security of their signed computer. It is also advisable within the User Agreement to list out the things that are unacceptable such as plugging in your phone, downloading things from the internet, and other things that may seem harmless but could hurt the company if it was exploited by accident...
Words: 1622 - Pages: 7
...understanding of the situation in the network of the company I decided to start the analysis by the vulnerabilities that this one presents. Many of these vulnerabilities are the cause for different types of network attacks. It should be noted that while many of these vulnerabilities may be mitigated or eliminated the possibility of an attack always exists. The first vulnerability is the email server. Although very well controlled for been within the Demilitarized Zone (DMZ), this is always a vulnerability with which most companies have to deal with. This vulnerability opens the way for phishing attack. One way to mitigate this vulnerability is configuring the email server so that only authorized email may enter. This is difficult because our video game company has a large list of customers and suppliers that are in constant change. The best option is to alert users about the security measures and company policies regarding private and unknown emails. The Web and FTP server can be a not very alarming vulnerability. Because it is located in the DMZ and after the Intrusion Detection System (IDS), is unlikely to be corrupted without being detected. The location of the file servers in the network is totally unprotected against internal attacks. Any successful attack in the LAN would leave the data servers exposed. The establishment of a demilitarized zone with a completely different set of log on names and password than any other machines would give these servers better security...
Words: 1141 - Pages: 5
...improving the efficiency and productivity of the organization but it also exposes the Organization to possible attacks and threats. Such attacks have been the most challenging issue for most network administrators and a worrying topic for administrators. Organizations need to share services resources and information but they still need to protect these from people who should not have access to them, while at the same time making those resources available to authorized users. Effective security achieves these goals. The greatest threat to computer systems and their information comes from humans, through actions that are either malicious or ignorant. When the action is malicious, some motivation or goal is generally behind the attack. For instance, the goal could be to disrupt normal business operations, thereby denying data availability and production. April 13, 2000, 3:55 P.M. Pacific time: The Web site for the Motion Pictures Association of America (MPAA) is suffering intermittent outages, and the organization suspects computer vandals are to blame. A source inside the organization, who asked not to be identified, said that the MPAA is currently “experiencing problems with their public Web site, and they suspect a denial-of-service attack.” The attack was first rumored on http://www.hackernews.com/, a Web site for news on computer hacking. Most of the attacks are becoming more frequent and more damaging, and they are using well-known techniques and methods to exploit...
Words: 5140 - Pages: 21
...Categories of Computer Crimes Alan Johnson Strayer University Assignment 1 There are four general categories of computer crimes. Generally someone will target a computer to forbid that person access. This is known as your hacker. He could be a single stand-alone hacker or part of a network hacking club or group similar to some of the ones known as Anti-Sec that are affiliated with the group known as ‘Anonymous’ that hacked into some 70 mostly rural law enforcement websites throughout the United States. Then there is the hacker that uses the computer as an instrument of crime to commit such acts as theft of services, fraud and the theft of information technology that can be traded and sold on the black market. This information can damage some financial institutions for years. Many hackers use the instrument of crime to steal phone and computer services. This allows them to use the phone and have internet access free of charge until caught or shut down by officials. Pyramid schemes, lottery schemes and overseas bank fraud transactions are very popular and target your unsuspecting older new computer user that hasn’t been exposed to the criminal world of the computer crimes and they innocently respond to these online criminals with information and money that causes them to become victims of devastating financial crimes without ever leaving their homes. Other aspects of instrumental computer crimes is government sensitive information access or that of a large financial institution...
Words: 970 - Pages: 4
...architecture, and the risks to our Research and Development efforts and other Intellectual Property. He has tasked the company’s corporate information technology group to produce an information paper detailing the types of cyber threats and malware are being reported on the internet. They would also like the security group to give the company’s executive leadership a detailed report regarding the threats, vulnerabilities and the overall risks that may be present in our current corporate infrastructure. The security department for the organization is relatively small and short on resources so this task has been given to me to do the research and create an executive report detailing the current vulnerabilities, risks and threats and potential impact to our network should we have any security incidents. “Unfortunately, there are inherent risks to computer usage — hackers, viruses, worms, spyware, malware, unethical use of stolen passwords and credentials, unauthorized data removal by employees with USB flash drives, or servers crashing and bringing productivity to a halt” ("Cybersecurity," 2013) . The CGF network is a typical office network composed of an external firewall with an external DMZ with public use servers, and internal firewall protecting the corporate network. The internal CGF network includes Microsoft Windows OS workstations and enterprise servers supporting: web, exchange, file, AD and FTP servers, additionally there are 100 workstations consisting of desktops...
Words: 1563 - Pages: 7
...Identifying Potential Malicious Attacks, Threats and Vulnerabilities Networking Security Fundamentals – CIS 333 April 29, 2012 Identifying Potential Malicious Attacks, Threats and Vulnerabilities There are a myriad of potential threats and vulnerabilities that leave a system open to malicious attack, anytime you have a computer network that connects to the internet there is a potential for malicious attack so it is important that you know the vulnerabilities of a system to protect it from potential threats and malicious attacks. “A vulnerability is any weakness in a system that makes it possible for a threat to cause harm.” (Kim & Solomon, 2012, p. 96). There are several common vulnerabilities that exist within the seven domains of an IT infrastructure for example there is the lack of awareness or concern for security policy vulnerability in the User Domain as well as intentional malicious activity ( Kim & Solomon, 2012). Within the Workstation Domain there exists unauthorized user access, weakness in installed software, and malicious software introduced vulnerabilities, unauthorized network access, transmitting private data unencrypted, spreading malicious software, exposure and unauthorized access of internal resources to the public, introduction of malicious software, loss of productivity due to internet access, denial of service attacks, brute-force attacks on access and private data are all examples of vulnerabilities within the seven domains of IT infrastructure...
Words: 587 - Pages: 3
...Assignment 2: Identifying Potential Risk, Response, and Recovery Emory Evans August 26, 2012 Dr. Robert Whale CIS 333 There are a myriad of potential threats and vulnerabilities that leave a system open to malicious attack, anytime you have a computer network that connects to the internet there is a potential for malicious attack so it is important that you know the vulnerabilities of a system to protect it from potential threats and malicious attacks. “A vulnerability is any weakness in a system that makes it possible for a threat to cause harm.” (Kim & Solomon, 2012, p. 96). There are several common vulnerabilities that exist within the seven domains of an IT infrastructure for example there is the lack of awareness or concern for security policy vulnerability in the User Domain as well as intentional malicious activity ( Kim & Solomon, 2012). Within the Workstation Domain there exists unauthorized user access, weakness in installed software, and malicious software introduced vulnerabilities, unauthorized network access, transmitting private data unencrypted, spreading malicious software, exposure and unauthorized access of internal resources to the public, introduction of malicious software, loss of productivity due to internet access, denial of service attacks, brute-force attacks on access and private data are all examples of vulnerabilities within the seven domains of IT infrastructure which are User, Workstation, LAN...
Words: 705 - Pages: 3
...knowledge of identifying types of cyber-attacks, designing and implementing measures to respond to such an event, and understands different forms of malicious code. While an in-person interview is preferred, you can also conduct this interview by phone or e-mail. During your interview be sure to inquire as to the individual’s job title and daily responsibilities. Also, be sure to discuss the problems that exist with monitoring network activity, to include access controls, cryptography, and identifying malicious code. In addition, note the features of operating systems that typically benefit organizations in terms of security benefits. Lastly, inquire as to the career potential that exists in network security and related fields. Feel free to ask many additional questions, as these questions are given to ensure key areas are identified. Once you have concluded your interview, gather your data and draft a report detailing the information gained as a result of the interview. Your report should be a minimum of 5 pages excluding the title page and references. There must be a minimum of 5 peer-reviewed sources included. • Interviewee’s job title and daily responsibilities are included. • What problems exist with monitoring network activity (Specifics) • How are these problems handled? Is there software programs used to handle these problems? • What are the problems associated with monitoring network activity to include access controls, cryptography, and identifying malicious code...
Words: 370 - Pages: 2
...occurring in the United States. This was due to a weakness in the Internet Explorer. Attackers used a Web-Based attack exploited in the Internet Explorer 7 uninitialized Memory Code Execution Vulnerability accounting for 6 percent of the total. This vulnerability was published on February 10, 2009. The second most widely exploited attack was the downloading of a suspicious PDF file. Attackers tried to aim this one towards people trying to get information on the H1N1 virus, since this was the latest news that most consumers wanted information about. The attack exploited vulnerabilities in Foxit Reader. These two types of vulnerabilities took up 79% of the threats aimed at financial institutions. Threats are separated into different types of categories for example; Allowing for remote access, exporting email addresses, and exporting system data). Separating the threats into different categories helps with securing against cyber criminals. The importance of identifying these threats is to combat against them. By observing the malicious activity by region helps different companies prepare for what type of threats are most likely to be used against their systems. For example if there are threats about a PDF document that may contain code to execute a bot that will take all of your contacts and forward them to the Malicious user, you would want to prevent this by identifying the code that is being used, and scan for the code with an antivirus. You could however disable all pdf usage...
Words: 469 - Pages: 2
...click Word Count. Title of Paper In this assignment, I will write a four to five report in how to thwart a malicious attacks, threats, vulnerabilities to a game system. I have just been hired as an Information System Engineer for a videogame development company. The organization network structure have been identified by the company as having 2- firewall, 1- Web/FTP server, 1-Microsoft Exchange Email Server, Network Intrusion Detection System(NIDS), 2-Windows Server 2012 Active Directory Domain Controllers(DC) 3-File servers 1-Wireless access point(WAP) 100-Desktop/Laptop computers VoIP telephone system. The CIO of this company has just received a report of malicious activities on the rise and has become extremely concerned with the protection of intellectual property and highly sensitive data maintained by his organization. As part of my job task with the organization, I will identify and draft a report identifying potential malicious attacks, threats, and the vulnerabilities that is specific to his organizations. It has been requested that in the report, I give a brief scenario explanation and how what kind of potential impact it will have on the organization. Any threat is alarming because it could damage the assets of the company if this is true we first need to have a Business Continuity Plan (BCP) which allows the company to keep operating in case of an attack. My order of planning would be to discover the disaster recovery...
Words: 401 - Pages: 2
...Identifying Potential Malicious Attacks, Threats and Vulnerabilities Jordan Treichler Strayer University CIS333 Professor Roden February 1, 2015 Identifying Potential Malicious Attacks, Threats and Vulnerabilities Introduction From an Information Security Engineer's point of view, a videogame development company has many resources, sensitive data and intellectual property which must be safeguarded. The existing network is comprised of two firewalls, one external firewall housing the entire network, one web and FTP server, one email server and one IDS on the DMZ. The second of the two firewalls (internal) protects the WAP, two Windows Server 2012 Datacenter, three file servers, one hundred workstations and the VoIP telephone system (see example below). There have been reports of malicious activity being on the rise; this document will outline the three largest security concerns for the company as a whole. These security concerns consist of employees and workstations, the Wireless Access Point (WAP), and the email server. Employees and Workstations One is led to believe that the malicious attacks are coming from within the company. Historically, there have been multiple instances of this vary action. Take Bradly Manning for instance, Manning was privileged to access classified information not to insert a CD-R and steal classified documents. If a user means harm, allowing mobile devices in the workplace only acts as an aide to them. Had Manning not been permitted mobile...
Words: 1208 - Pages: 5
...Identifying Potential Risk, Response, and Recovery during Gaming Software Development Bandon Wilson Professor Ali Abedin CIS 333 November 25, 2014 Internet bots, also known as web robots, WWW robots or simply bots, are software applications that run automated tasks over the Internet. Typically, bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human alone. The largest use of bots is in web spidering, in which an automated script fetches, analyzes and files information from web servers at many times the speed of a human. Each server can have a file called robots.txt, containing rules for the spidering of that server that the bot is supposed to obey. In addition to their uses outlined above, bots may also be implemented where a response speed faster than that of humans is required for example, gaming bots and auction-site robots or less commonly in situations where the emulation of human activity is required, for example chat bots. Recently bots have been used for search advertising, such as Google AdSense. (Juusi, 2012) Internet bots are also commonly used in games such as RuneScape, despite the fact that it's not allowed. RuneScape has now known bots as illegal and you will receive a fine of $500-$2,500. Another, more malicious use of bots is the coordination and operation of an automated attack on networked computers, such as a denial-of-service attack by a botnet. Internet bots can also...
Words: 1003 - Pages: 5
...Week 3 Lab Part 1: Web and Database Attacks & Malware and Malicious Software Learning Objectives and Outcomes Upon completing this lab, students will be able to: * Identify web application and web server backend database vulnerabilities as viable attack vectors * Develop an attack plan to compromise and exploit a web site using cross-site scripting (XSS) against sample vulnerable web applications * Conduct a manual Cross-site Scripting (XSS) attack against sample vulnerable web applications * Perform SQL injection attacks against sample vulnerable web applications with e-commerce data entry fields * Mitigate known web application and web server vulnerabilities with security countermeasures to eliminate risk from compromise and exploitation Overview This Lab will demonstrate a Cross-site Scripting (XSS) exploit and an SQL Injection attack on the test bed web application and web server using the Damn Vulnerable Web App (DVWA) loaded on an Apache Web Server on “TargetUbuntu01” Linux VM server. They will first identify the IP target host, identify known vulnerabilities and exploits, and then attack the web application and web server using XSS and an SQL Injection to exploit the web application using a web browser and some simple command strings. Assignment Requirements Watch the Demo Lab in Learning Space Unit 5 and then answer questions 1-10 below. Lab Assessment Questions & Answers 1. Why is it critical...
Words: 1054 - Pages: 5
