...When looking to strengthen our network designs we looked at the typical threats and risks that they pose. Here are some of the attacks we used as of priority to protect ourselves when looking to see what we would be up against: • DOS/DDOS Attacks • Man In the Middle Attacks / Spoofing • Buffer Overflow • Fragmentation Attacks • Session Hijacking • Social Engineering • SQL Injection / Injection attacks • Eavesdropping • Replay Attacks There are many more attacks possible but these are the attack we focused on. With each threat, we analyzed how these attacks could be used against us and what counter measures would be used to prevent or mitigate such events from happening. DOS/DDOS Attacks- In general, Denial of Service attacks are used to flood an infrastructure with requests to the point where systems cannot keep up with the volume and crash as a result. As a business that relies on bidding and some public access, this can be troublesome as it would crash the website and stop business at critical times. In order to prevent such attacks, a NIDS or Network Intrusion Detection System can and should be implemented to “weed out” false requests from IP addresses that are flooding the system. For further protection the use of a “Honeypot” or trap for hackers can be used to direct any incoming attacks towards a lesser valuable target. Man in the Middle attacks- Man in the middle attacks are exactly...
Words: 1272 - Pages: 6
...IS3220 VPN connectivity troubleshooting checklist 1. Users can't access file servers If the user can access the file server using an IP address but not a name, then the most likely reason for failure to connect is a name resolution problem. Name resolution can fail for NetBIOS or DNS host names. If the client operating system is NetBIOS dependent, the VPN clients should be assigned a WINS server address by the VPN server. If the client operating system uses DNS preferentially, VPN clients should be assigned an internal DNS server that can resolve internal network host names. When using DNS to resolve internal network host names for VPN clients, make sure that these clients are able to correctly resolve unqualified fully qualified domain names used on the corporate network. This problem is seen most often when non-domain computers attempt to use DNS to resolve server names on the internal network behind the VPN server. 2. Users can't access anything on the corporate network Sometimes users will be able to connect to the remote access VPN server but are unable to connect to any resources on the corporate network. They are unable to resolve host names and unable to even ping resources on the corporate network. The most common reason for this problem is that users are connected to a network on the same network ID as the corporate network located behind the VPN server. For example, the user is connected to a hotel broadband network and is assigned a private...
Words: 1569 - Pages: 7
...1. What role does TCP/IP play for Internet communications? The Internet Protocol (IP) is the main communications protocol in the internet protocol suite for relaying datagrams across network boundaries its routing function enables inter networking and essentially establishes the internet. 2. IP being the primary protocol has the task of delivering packets from the source host to the destination host based on IP addresses in packet headers. So IP defines packet structures that contain the data to be delivered, while also defining addressing methods used to label datagram with source and destination information. 3. DHCP (Dynamic Host Configuration Protocol) is a protocol that lets network administrators manage centrally and automate the assignment of IP (Internet Protocol) configurations on a computer network. Basically DHCP lets a network administrator supervise and distribute IP addresses from a central point. 4. The Domain Name System (DNS) is basically a large database which resides on various computers and it contains the names and IP addresses of various hosts on the internet and various domains. DNS is used to provide information to the DNS to use when queries are made. The service is the act of querying the database, and the system is the data structure and data itself. 5. Secure Shell (SSH) encryption and authentication mechanisms enhances security to a greater extent, because mostly the communication occurs through a medium, which is unsecured that being...
Words: 259 - Pages: 2
...IS 3220 IT Infrastructure Security Project Part 1: Network Survey Project Part 2: Network Design Project Part 3: Network Security Plan ITT Technical Institute 8/4/15 Project Part 1: Network Survey Network Design and Plan Executive Summary: We have been engaged in business for some time, and have been very successful, however we need to re-examine our network configuration and infrastructure and identify that our network defenses are still reliable, before we make any changes. We need to take a hard look at our current configuration of host, services and our protocols within our organization. Data from a large number of penetration tests in recent years show most corporate networks share common vulnerabilities. Many of these problems could be mitigated by appropriate education in “hacker thinking” for technical staff. We will take a look at our security on routers and switches to make sure there are no leakages of data traffic. OBJECTIVE We have identified that we have loss some major accounts to competitors whose bids have been accurately just under our bid offers by exact amounts. We also believe due to shared reporting and public Web site functions that our Web servers have been compromised and our RFP documents have been leaked to competitors which enabled them to under bid us. We want to mitigate Web threats in the future; we realize the web is a mission critical business tool. We want to purchase new products and services, that will give us an edge and better...
Words: 3355 - Pages: 14
...Sean Shields (15314971) Sean Shields (15314971) 5 Policy’s [Document subtitle] 5 Policy’s [Document subtitle] PASSWORDS POLICY 1.0 Overview All employees and personnel that have access to computer systems must adhere to the password policies defined below in order to protect the security of the network, protect data integrity, and protect computer systems. 2.0 Purpose This policy is designed to protect the organizational resources on the network by requiring strong passwords along with protection of these passwords, and establishing a minimum time between changes to passwords. 3.0 Scope This policy applies to any and all personnel who have any form of computer account requiring a password on the organizational network including but not limited to a domain account and e-mail account. 4.0 Password Protection Never write passwords down. Never send a password through email. Never tell anyone your password. Never reveal your password over the telephone. Never use the "Remember Password" feature of any application programs. If anyone asks for your password, refer them to your IT computer security office. Don't use names of people or places as part of your password. Don't use part of your login name in your password. Don't use parts of numbers easily remembered such as phone numbers, social security numbers, or street addresses. Be careful about letting someone see you type your password. 5.0 Password Requirements Minimum Length - 8 characters Maximum Length...
Words: 1383 - Pages: 6
...Listed below are the reasons for chosen countermeasures in addition with the benefits and limitations of each countermeasure. 1. Setting up a firewall will help eliminate open ports that network traffic travels in and out by disabling or limiting access to the port. The benefit of having a firewall is that it can close ports meaning closed doors. In other words, hackers won’t be able to enter the network infrastructure. Limitation of needing an open port can be or become vulnerable to the system or network. 2. Setting up a secure wireless access is the same as the workstations connected via wired to a domain, therefore the wireless network needs to be secure with credentials. The benefit is that users can use wireless devices while having a secure and mobile wireless access. Limitation of a secure wireless access is that it can become vulnerable from unsecure devices or location due to wireless access being everywhere. 3. Enforcing proper user training will ensure that users read and follow the policies in-place of the company. The majority of the users will just sign the AUP and the employers assume they have read the policies in-place, when in reality they did not. The benefit of having proper training will inform users what they have to do and what will happen if the policy is not followed. Limitation of proper user training, is that most users will probably not care or forget about it. 4. Using credentials will provide an extra layer of security and limit what users...
Words: 436 - Pages: 2
...IS3220 Assignment 2: Selecting Security Countermeasures As a Technology Associate in the Information System Department at Corporation Tech, I have reviewed the new network design and identified possible security threats and appropriated countermeasures. Entering the Internet without proper security can be harmful in many ways. The first thing that should be added is firewalls. Firewalls can prevent unwanted traffic from infiltrating the network. Next, we should consider segmenting the internal network to a DMZ (Demilitarized Zone). This is essential now that the company is deciding to add a web server and internet access. Including IDS (Intrusion Detection Systems) and IPS (Intrusion Prevention Systems) would greatly increase the level of security relating to the traffic coming into to the network. These two components would also allow for a greater transparency by utilizing the logging features and monitoring those logs regularly, looking for anomalies by the IT Administrator. The other priority is to protect business and customer data and to prevent their unauthorized use whether the data is printed or stored locally, or transmitted over a public network to a remote server or service provider. Maintain a Vulnerability Management Program: Vulnerability management is the process of systematically and continuously finding weaknesses in the Corp Techs’ IT infrastructure system. This includes security procedures, system design, implementation, or internal controls that could...
Words: 374 - Pages: 2
...Selecting Security Countermeasures IS3220 As a technology associate in the information system department at Corporation Tech I have reviewed the new network design and identified possible security threats and appropriated countermeasures. Entering the internet without proper security can be harmful in many ways. The first thing that should be added is a firewall. Firewalls can prevent unwanted traffic from infiltrating the network. This is essential now that the company is deciding to add a web server and internet access. The other priority is to protect business and customer data and to prevent their unauthorized use whether the data is printed or stored locally, or transmitted over a public network to a remote server or service provider. Maintain a Vulnerability Management Program: Vulnerability management is the process of systematically and continuously finding weaknesses in the Corp Techs IT infrastructure system. This includes security procedures, system design, implementation, or internal controls that could be exploited to violate system security policy. Implement Strong access Control Measures: Access control allows Corp Tech to permit or deny the use of physical or technical means to access Corp Techs data. Access will be granted on a business need to know basis. Antivirus software is also needed to make sure the computers and servers aren’t infected with malicious programs that could cause major losses. The WIFI needs to have a password to keep unauthorized users...
Words: 307 - Pages: 2
...Crystal Walker IS3220 Assignment 2 Network Security Basics When trying to secure a network you will want to understand how the company flows and then work on physical security. The following paper will have suggestions that is important for the network to implement as soon as possible because these are high network risks. By looking at a network diagram the company will surely get attacked if nothing is done to prevent these risks. A network will need a firewall, secure the wireless connection and work on single points of failure. The network will need a firewall between the cloud and the router. A good firewall, configured properly will help screen out hackers, viruses and worms. A firewall will carefully analyze data entering and exiting the network based on your configuration. It ignores information that comes from an unsecured, unknown or suspicious locations. In reference to the diagram a hard ware firewall would be prefer over a software one. Hardware-based firewalls protect all the computers on your network. A hardware-based firewall is easier to maintain and administer than individual software firewalls. While not necessary a security issue there are many parts of the network have single point of failure. Single point of failure is when one piece of hardware goes down so does the whole network. In no part of the diagram does it show any back up to the one router that is the backbone of the whole network. There are other parts of the network that needs...
Words: 494 - Pages: 2
...03/30/2014 IS3220 Unit 2 Assignment 1 Selecting Security Countermeasures The primary components that make up a network infrastructure are routers, firewalls, and switches. An attacker may exploit poorly configured network devices. Common vulnerabilities include weak default installation settings, wide open access controls, and devices lacking the latest security patches. Top network level threats include: •Information gathering •Sniffing •Spoofing •Session hijacking •Denial of service Information Gathering Network devices can be discovered and profiled in much the same way as other types of systems. Attackers usually start with port scanning. After they identify open ports, they use banner grabbing and enumeration to detect device types and to determine operating system and application versions. Armed with this information, an attacker can attack known vulnerabilities that may not be updated with security patches. Countermeasures to prevent information gathering include: •Configure routers to restrict their responses to footprinting requests. •Configure operating systems that host network software (for example, software firewalls) to prevent footprinting by disabling unused protocols and unnecessary ports. Sniffing or eavesdropping is the act of monitoring traffic on the network for data such as plaintext passwords or configuration information. With a simple packet sniffer, an attacker can easily read all plaintext traffic. Also, attackers can crack packets...
Words: 650 - Pages: 3
...ITT Technical Institute IS3340 Windows Security Onsite Course SYLLABUS Credit hours: 4.5 Contact/Instructional hours: 60 (30 Theory Hours, 30 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisite: NT2580 Introduction to Information Security or equivalent Course Description: This course examines security implementations for a variety of Windows platforms and applications. Areas of study include analysis of the security architecture of Windows systems. Students will identify and examine security risks and apply tools and methods to address security issues in the Windows environment. Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA NT2580 NT2670 Introduction to Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to Security Auditing for Compliance Countermeasures Information Security Email and Web Services NT1230 NT1330 Client-Server Client-Server Networking I Networking II IS3230 IS3350 NT1230 NT1330 Issues Client-Server Client-Server SecurityContext in Legal Access Security Networking I Networking II NT1110...
Words: 2305 - Pages: 10