Premium Essay

Selecting Security Countermeasures

In:

Submitted By rubes79
Words 650
Pages 3
03/30/2014
IS3220
Unit 2 Assignment 1
Selecting Security Countermeasures

The primary components that make up a network infrastructure are routers, firewalls, and switches. An attacker may exploit poorly configured network devices. Common vulnerabilities include weak default installation settings, wide open access controls, and devices lacking the latest security patches. Top network level threats include:
•Information gathering
•Sniffing
•Spoofing
•Session hijacking
•Denial of service
Information Gathering
Network devices can be discovered and profiled in much the same way as other types of systems. Attackers usually start with port scanning. After they identify open ports, they use banner grabbing and enumeration to detect device types and to determine operating system and application versions. Armed with this information, an attacker can attack known vulnerabilities that may not be updated with security patches.
Countermeasures to prevent information gathering include:
•Configure routers to restrict their responses to footprinting requests.
•Configure operating systems that host network software (for example, software firewalls) to prevent footprinting by disabling unused protocols and unnecessary ports.
Sniffing or eavesdropping is the act of monitoring traffic on the network for data such as plaintext passwords or configuration information. With a simple packet sniffer, an attacker can easily read all plaintext traffic. Also, attackers can crack packets encrypted by lightweight hashing algorithms and can decipher the payload that you considered to be safe. The sniffing of packets requires a packet sniffer in the path of the server/client communication.
Countermeasures to help prevent sniffing include:
•Use strong physical security and proper segmenting of the network. This is the first step in preventing traffic from being collected

Similar Documents

Premium Essay

Selecting Security Countermeasures

...IS3220 Assignment 2: Selecting Security Countermeasures As a Technology Associate in the Information System Department at Corporation Tech, I have reviewed the new network design and identified possible security threats and appropriated countermeasures. Entering the Internet without proper security can be harmful in many ways. The first thing that should be added is firewalls. Firewalls can prevent unwanted traffic from infiltrating the network. Next, we should consider segmenting the internal network to a DMZ (Demilitarized Zone). This is essential now that the company is deciding to add a web server and internet access. Including IDS (Intrusion Detection Systems) and IPS (Intrusion Prevention Systems) would greatly increase the level of security relating to the traffic coming into to the network. These two components would also allow for a greater transparency by utilizing the logging features and monitoring those logs regularly, looking for anomalies by the IT Administrator. The other priority is to protect business and customer data and to prevent their unauthorized use whether the data is printed or stored locally, or transmitted over a public network to a remote server or service provider. Maintain a Vulnerability Management Program: Vulnerability management is the process of systematically and continuously finding weaknesses in the Corp Techs’ IT infrastructure system. This includes security procedures, system design, implementation, or internal controls that could...

Words: 374 - Pages: 2

Premium Essay

Is3220 Unit 2 Assignment 1: Selecting Security Countermeasures

...below are the reasons for chosen countermeasures in addition with the benefits and limitations of each countermeasure. 1. Setting up a firewall will help eliminate open ports that network traffic travels in and out by disabling or limiting access to the port. The benefit of having a firewall is that it can close ports meaning closed doors. In other words, hackers won’t be able to enter the network infrastructure. Limitation of needing an open port can be or become vulnerable to the system or network. 2. Setting up a secure wireless access is the same as the workstations connected via wired to a domain, therefore the wireless network needs to be secure with credentials. The benefit is that users can use wireless devices while having a secure and mobile wireless access. Limitation of a secure wireless access is that it can become vulnerable from unsecure devices or location due to wireless access being everywhere. 3. Enforcing proper user training will ensure that users read and follow the policies in-place of the company. The majority of the users will just sign the AUP and the employers assume they have read the policies in-place, when in reality they did not. The benefit of having proper training will inform users what they have to do and what will happen if the policy is not followed. Limitation of proper user training, is that most users will probably not care or forget about it. 4. Using credentials will provide an extra layer of security and limit what users can access...

Words: 436 - Pages: 2

Premium Essay

Is3230 Unit 2 Assignment 1

...Selecting Security Countermeasures IS3220 As a technology associate in the information system department at Corporation Tech I have reviewed the new network design and identified possible security threats and appropriated countermeasures. Entering the internet without proper security can be harmful in many ways. The first thing that should be added is a firewall. Firewalls can prevent unwanted traffic from infiltrating the network. This is essential now that the company is deciding to add a web server and internet access. The other priority is to protect business and customer data and to prevent their unauthorized use whether the data is printed or stored locally, or transmitted over a public network to a remote server or service provider. Maintain a Vulnerability Management Program: Vulnerability management is the process of systematically and continuously finding weaknesses in the Corp Techs IT infrastructure system. This includes security procedures, system design, implementation, or internal controls that could be exploited to violate system security policy. Implement Strong access Control Measures: Access control allows Corp Tech to permit or deny the use of physical or technical means to access Corp Techs data. Access will be granted on a business need to know basis. Antivirus software is also needed to make sure the computers and servers aren’t infected with malicious programs that could cause major losses. The WIFI needs to have a password to keep unauthorized users...

Words: 307 - Pages: 2

Premium Essay

A Security Risk Management Approach for E Commerce.Pdf

...A security risk management approach for e-commerce M. Warren School of Information Technology, Deakin University, Geelong, Australia W. Hutchinson School of Computer and Information Science, Edith Cowan University, Mt Lawley, Australia Keywords Electronic commerce, Risk analysis, Information systems Introduction Information systems are now heavily utilized by all organizations and relied upon to the extent that it would be impossible to manage without them. This has been encapsulated by the recent development of e-commerce in a consumer and business environment. The situation now arises that information systems are at threat from a number of security risks and what is needed is a security method to allow for these risks to be evaluated and ensure that appropriate security countermeasures are applied. Abstract E-commerce security is a complex issue; it is concerned with a number of security risks that can appear at either a technical level or organisational level. This paper uses a systemic framework, the viable system model (VSM) to determine the high level security risks and then uses baseline security methods to determine the lower level security risks. Security methods The aim of the research was too combine a information systems modeling method with a baseline security method to form a hybrid security method. This method could be used to evaluate high and low level security risks associated with e-commerce. The methods used in this model are the viable...

Words: 2218 - Pages: 9

Premium Essay

Auditing Local Area Network

...organizations with recommendations for improving the Security configuration and monitoring of their IEEE 802.11 wireless local area networks (WLANs) and their devices connecting to those networks. The scope of this publication is limited to unclassified wireless networks and unclassified facilities within range of unclassified wireless networks. This publication supplements other NIST publications by consolidating and strengthening their key recommendations, and it points readers to the appropriate NIST publications for additional information (see Appendix C for the full list of references and Appendix A for a list of major security controls relevant for WLAN security). This publication does not eliminate the need to follow recommendations in other NIST publications, such as [SP800-48] and [SP800-97]. If there is a conflict between recommendations in this publication and another NIST wireless publication, the recommendation in this publication takes precedence. NIST Special Publication 800-53 is part of the Special Publication 800-series that reports on the Information Technology Laboratory’s (ITL) research, guidelines, and outreach efforts in information system security, and on ITL’s activity with industry, government, and academic organizations. Specifically, NIST Special Publication 800-53 covers the steps in the Risk Management Framework that address security control selection for federal information systems in accordance with the security requirements in Federal Information Processing...

Words: 1201 - Pages: 5

Premium Essay

Ethical Hacking

...areas in network security, and certainly an area that generates much discussion, is that of ethical hacking. The purpose of this study is to examine the literature regarding how private sectors and educational institutions are addressing the growing demand for ethical hacking instruction. The study will also examine the opportunity for community colleges in providing this type of instruction. The discussion will conclude with a proposed model of ethical hacking instruction that will be used to teach a course in the summer semester of 2006 through the continuing education department at Caldwell Community College and Technical Institute within the North Carolina Community College System. Ethical Hacking 3 Ethical Hacking: Teaching Students to Hack The growing dependence and importance regarding information technology present within our society is increasingly demanding that professionals find more effective solutions relating to security concerns. Individuals with unethical behaviors are finding a variety of ways of conducting activities that cause businesses and consumers much grief and vast amounts annually in damages. As information security continues to be foremost on the minds of information technology professionals, improvements in this area are critically important. One area that is very promising is penetration testing or Ethical Hacking. The purpose of this paper is to examine effective offerings within public and private sectors to prepare security professionals. These...

Words: 6103 - Pages: 25

Premium Essay

Management of Information Security

...Review Questions for Chapter 7 – Security Management Practices Read Chapter 7 in the text, Study the Power Point Presentation and answer these Review Questions 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. What is benchmarking? What is the standard of due care? How does it relate to due diligence? What is a recommended security practice? What is a good source for finding such best practices? What is a gold standard in information security practices? Where can you find published criteria for it? When selecting recommended practices, what criteria should you use? When choosing recommended practices, what limitations should you keep in mind? What is baselining? How does it differ from benchmarking? What are the NIST-recommended documents that support the process of baselining? What is a performance measure in the context of information security management? What types of measures are used for information security management measurement programs? According to Dr. Kovacich, what are the critical questions to be kept in mind when developing a measurements program? What factors are critical to the success of an information security performance program? What is a performance target, and how is it used in establishing a measurement program? Answer: Performance targets are values assigned to specific metrics that indicate acceptable levels of performance. They make it possible to define success in the security program. 14. 15. List and describe the fields found in a properly and fully...

Words: 1387 - Pages: 6

Free Essay

Is3230 Unit 9 Lab 9

...1. If you are using corporate e-mail for external communications that contain confidential information, what other security countermeasures can you employ to maximize the confidentiality of e-mail transmissions through the Internet? Encrypt email, email policy, security software, content checking tool, anti-spam tool, and secure firewall configurations. 2. Explain the role of a Certificate Authority and its obligations in authenticating the person or organization and issuing digital certificates. Certificate Authority or Certification Authority (CA) is an entity, which is core to many PKI (Public Key Infrastructure) schemes, whose purpose is to issue digital certificates to use by other parties. It exemplifies a trusted third party. 3. What would a successful Subversion Attack of a CA result in? An attacker can create a certificate for any domain. This certificate will appear to be signed by a trusted CA. Thus, you will see that the site's cert is trusted and you will never get any notification to the contrary. Normally, a trusted CA will issue and sign a certificate and then if the browser trusts the signing CA, you will see a padlock in the GUI and you will often times see a message that lets you know that the certificate of the web site is trusted. If the CA is not trusted, you are shown a message that the certificate is not signed by a trusted party and you are given the option to leave or continue. This is PKI in a nutshell. The entire system relies on trust of...

Words: 804 - Pages: 4

Premium Essay

Nt1330 Unit 3 Assignment 1

...the security requirements. The design of 3D virtual environments should follow these VIII. SECURITY ANALYSIS 3D Password space size To determine the password space, we have to count all possible 3D passwords that have a certain number of actions, interactions, and inputs towards all objects that exist in the 3D virtual environments. 3D password distribution knowledge Users tend to use meaningful words for textual passwords. Therefore finding these different words from dictionary is a relatively simple task which yields a high success rate for breaking textual passwords. Pass faces users tend to choose faces that reflect their own taste onfacial attractiveness, race, and gender. Every user has different requirements and preferences when selecting the appropriate 3DPassword. This fact will increase the effort required to find a pattern of user’s highly selected 3D password. In addition, since the 3D password combines several authentication schemes into a single authentication environment, the attacker has to study every single authentication scheme and has to discover what the most probable selected secrets are. Since every 3D password system can be designed according to the protected system requirements, the attacker has to separately study every 3D password system. Therefore, more effort is required to build the knowledge of most probable 3D passwords. STATE DIAGRAM OF A 3D PASSWORD APPLICATION Fig:4 State diagram of a 3D password application Attacks and Countermeasures To realize...

Words: 1566 - Pages: 7

Free Essay

Anthrax Vaccine as a Component of the Strategic National Stockpile: a Dilemma for Homeland Security

...POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS ANTHRAX VACCINE AS A COMPONENT OF THE STRATEGIC NATIONAL STOCKPILE: A DILEMMA FOR HOMELAND SECURITY by Thomas L. Rempfer December 2009 Thesis Advisor: Second Reader: Stanley Supinski Dean Lynch Approved for public release; distribution is unlimited THIS PAGE INTENTIONALLY LEFT BLANK REPORT DOCUMENTATION PAGE Form Approved OMB No. 0704-0188 Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instruction, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302, and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188) Washington DC 20503. 1. AGENCY USE ONLY (Leave blank) 4. TITLE AND SUBTITLE 2. REPORT DATE December 2009 3. REPORT TYPE AND DATES COVERED Master’s Thesis 5. FUNDING NUMBERS Anthrax Vaccine as a Component of the Strategic National Stockpile: A Dilemma for Homeland Security 6. AUTHOR(S) Thomas L. Rempfer 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) Naval Postgraduate School Monterey, CA 93943-5000 9. SPONSORING...

Words: 3672 - Pages: 15

Premium Essay

Pc Security

...Improving Web Application Security Threats and Countermeasures Forewords by Mark Curphey, Joel Scambray, and Erik Olson Improving Web Application Security Threats and Countermeasures patterns & practices J.D. Meier, Microsoft Corporation Alex Mackman, Content Master Srinath Vasireddy, Microsoft Corporation Michael Dunner, Microsoft Corporation Ray Escamilla, Microsoft Corporation Anandha Murukan, Satyam Computer Services Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft, MS-DOS, Windows, Windows NT, Active Directory, BizTalk, IntelliSense, MSDN, Visual Basic, Visual C#, Visual C++, and Visual Studio are either registered trademarks or trademarks of Microsoft...

Words: 83465 - Pages: 334

Premium Essay

Team Assignment

...………….3 Section I: iTrust Threats & Vulnerabilities and Countermeasures.……………..…………..3 Section II: Recommended Changes to Security Management Policies………...……………..7 Section III: Adaption of Requirements to Reduce Security Risk……….……………....…......11 Conclusion. …………………………………….…………………………………….…21 References ……………………………………………………………...………………23 Introduction There are multiple benefits of electronic health records (EHR), which include improved care, quicker access to patient files, and increased physician oversight of care.  However, with the benefit of convenience of using EHRs, comes the responsibility of protecting electronic protected health information (ePHI) and safeguarding sensitive patient data.  The Health Insurance Portability and Accountability Act (HIPAA) focuses on protecting ePHI with guidelines to ensure organizations have implemented “reasonable and appropriate” security measures to adhere to HIPAA rules and maintain patient confidentiality. HIPAA requires covered entities to conduct risk assessments to verify compliance and attempt to uncover areas where ePHI is at risk of compromise.  This analysis of the iTrust database, as related to the new requirements that iTrust wishes to implement, will discuss the threats and vulnerabilities and the potential impact on the iTrust web application and database. Section I: iTrust Threats & Vulnerabilities and Countermeasures A detailed analysis of the iTrust database detected several high-risk...

Words: 5631 - Pages: 23

Premium Essay

Information Technology/Network Security Threats

...password, policy, to educate the users. SECURITY CONSIDERATIONS IN THE INFORMATION SYSTEM DEVELOPMENT LIFE CYCLE. Each information security environments unique, unless modified to adapt to meet the organization’s needs. The System Development Life Cycle (SDLC) the system development life cycle starts with the initiation of the system planning process, and continues through system acquisition and development, implementation, operations and maintenance, and ends with disposition of the system. Service decisions about security made in each of these phases to assure that the system is secure. The initiation phase begins with a determination of need for the system. The organization develops its initial definition of the problem that solved through automation. This followed by a preliminary concept for the basic system that needed, a preliminary definition of requirements, and feasibility and technology assessments. Also during this early phase, the organization starts to define the security requirements for the planned system. Management approval of decisions reached is important at this stage. The information developed in these early analyses used to estimate the costs for the entire life cycle of the system, including information system security. An investment analysis determine the appropriate strategy for achieving the system requirements, while taking mission needs and budget constraints into account. Expenditures for security before the system built. It is difficult...

Words: 1444 - Pages: 6

Free Essay

Df Sdfsdf Sdfsdf Sdfsdfsdf

...THREAT MODELING AND ITS USAGE IN MITIGATING SECURITY THREATS IN AN APPLICATION Thesis Submitted in partial fulfillment of the requirements for the degree of MASTER OF TECHNOLOGY in COMPUTER SCIENCE & ENGINEERING - INFORMATION SECURITY by EBENEZER JANGAM (07IS02F) DEPARTMENT OF COMPUTER ENGINEERING NATIONAL INSTITUTE OF TECHNOLOGY KARNATAKA SURATHKAL, MANGALORE-575025 JULY, 2009 Dedicated To My Family, Brothers & Suraksha Group Members DECLARATION I hereby declare that the Report of the P.G Project Work entitled "THREAT MODELING AND ITS USAGE IN MITIGATING SECURITY THREATS IN AN APPLICATION" which is being submitted to the National Institute of Technology Karnataka, Surathkal, in partial fulfillment of the requirements for the award of the Degree of Master of Technology in Computer Science & Engineering - Information Security in the Department of Computer Engineering, is a bonafide report of the work carried out by me. The material contained in this report has not been submitted to any University or Institution for the award of any degree. ……………………………………………………………………………….. (Register Number, Name & Signature of the Student) Department of Computer Engineering Place: NITK, SURATHKAL Date: ............................ CERTIFICATE This is to certify that the P.G Project Work Report entitled " THREAT MODELING AND ITS USAGE IN MITIGATING SECURITY THREATS IN AN APPLICATION" submitted by Ebenezer Jangam (Register Number:07IS02F)...

Words: 18945 - Pages: 76

Premium Essay

Cloud Computing

...Cloud Computing Abstract Ericsson was able to notice and benefit from Amazon’s advantages. Amazon’s AWS is able to construct and manage a worldwide infrastructure to the scale Ericsson required to support their business. With this infrastructure already in place, it delivers a cost savings value. They had the aptitude to set up new applications and automated software updates promptly because they were able to scale up and down as demand changed or the business required it (AWS Ericsson , 2012). They are able to access their cloud from wherever they want thanks to the sovereignty of remote access. Ericsson was able to attain an extremely dependable, scalable, inexpensive infrastructure platform with what the web services had to offer via the data center sites in the U.S., Europe and other parts of the world (AWS Ericsson , 2012). Ericsson chose Amazon Web Services (AWS) because they felt it was the most cohesive public cloud supplier in the “Rightscale Cloud Management Platform” (Rightscale, 2012). The Ericsson team mentions that “having hosting centers in various regions was important for them. AWS also showed a better quality of service with solid management and a proven track record.” (Amazon Web Services, 2012). Amazon Elastic Compute Cloud provides a fully structured environment, memory, a processor, and out of the box configured software. It provides great quality within minutes on a “pay-as-you-go” (Amazon EC2, 2012). Moreover, it decreases the time...

Words: 1401 - Pages: 6