TermPaperWarehouse.com - Free Term Papers, Essays and Research Documents

The Research Paper Factory

Premium Essay

It540 Unit 3 Assignment

In:

Submitted By tmcgarr1
Words 1627
Pages 7
Running Head: PERFORM A FORENSICS ANALYSIS OF A NETWORK BREAK-IN

Perform a Forensics Analysis of a Network Break-in
Tiffany McGarr
IT540-02: Management of Information Security
Dr. Flick
January 10, 2014

Table of Contents
Abstract……………………………………………………………………………………………3
Part One:
Screen Shots for OSForensics………………………………………………………………….4&5
Part Two:
What servers were compromised?...................................................................................................6
Was network equipment compromised?.............................................................................................................................6&7
What user accounts were employed to gain access?..................................................................7&8
What vulnerabilities were exploited?..............................................................................................8
What can be done to prevent a recurrence?................................................................................8&9
Conclusion………………………………………………………………………………………...9
References……………………………………………………………………………………….10

Abstract The purpose of this paper was to perform a forensics analysis of a network break-in. In the first part of the paper, six screen shots are inserted from the OSForensics software. In the second part of the paper, it discussed how to go about finding information when you are told there has been a break-in. There were five essay questions that went along with this scenario. The first question discussed utilities that would be used to establish what servers were compromised. Web shells, administrative interfaces, and general attack activity were three indicators to make this determination. The second question involved identifying methodologies to find out what network equipment was

Similar Documents

Free Essay

Beth a Grillo - It540 Management of Information Security - Assignment - Unit 2

...Unit 2 Assignment: Security Policy Implementation Beth A. Grillo, MHA, CPC-A July 19th, 2016 IT540-01: Management of Information Security Dr. Kenneth Flick Kaplan University Table of Contents Unit Two Assignment: Security Policy Implementation 3 Part 1: Step 29 3 Part 1: Step 36 3 Part 3: Step 33 4 Part 3: Significance of Strict Password Policy 5 Reference 6 Unit Two Assignment: Security Policy Implementation Part 1: Step 29 Part 1: Step 36 Part 3: Step 33 Part 3: Significance of Strict Password Policy When attempting to protect company information it is important to utilize strict password policies. According to a Guest Contributor on TechRepublic (2006), the need for “an effective password policy is to prevent passwords from being guessed or cracked”. According to Coconut Daily (2013), “Weak passwords are extremely vulnerable to cracking techniques such as a brute force attack, in which a cracker uses an automated tool to try every single possible password or key until the correct one is found. Brute force techniques are extremely effective at cracking short passwords or passwords in a limited search space (such as those based off a dictionary word)”. For example, when working in a medical practice the information being protected is patient personal information. The password policy needs to be strict according to the HIPAA laws. The personal information within the patient’s medical record requires strict password protection. If the...

Words: 297 - Pages: 2

Free Essay

Lab #10 Securing the Network with an Intrusion Detection System (Ids)

...Lab #10 Securing the Network with an Intrusion Detection System (IDS) Introduction Nearly every day there are reports of information security breaches and resulting monetary losses in the news. Businesses and governments have increased their security budgets and undertaken measures to minimize the loss from security breaches. While cyberlaws act as a broad deterrent, internal controls are needed to secure networks from malicious activity. Internal controls traditionally fall into two major categories: prevention and detection. Intrusion prevention systems (IPS) block the IP traffic based on the filtering criteria that the information systems security practitioner must configure. Typically, the LAN-to-WAN domain and Internet ingress/egress point is the primary location for IPS devices. Second to that would be internal networks that have or require the highest level of security and protection from unauthorized access. If you can prevent the IP packets from entering the network or LAN segment, then a remote attacker can’t do any damage. A host-based intrusion detection system (IDS) is installed on a host machine, such as a server, and monitors traffic to and from the server and other items on the system. A network-based IDS deals with traffic to and from the network and does not have access to directly interface with the host. Intrusion detection systems are alert-driven, but they require the information systems security practitioner to configure them properly. An IDS provides...

Words: 3209 - Pages: 13

Popular Essays

Joint Commission Audit Essay
Professor Essay
Psy211 Essay
Analysis Essay
“Human Response to Volcanic Hazards Is... Essay
Strategic Marketing Essay