Wait a second!
More handpicked essays just for you.
More handpicked essays just for you.
Network Security Final Exam
Don’t take our word for it - see why 10 million students trust us with their essay needs.
Recommended: Network Security Final Exam
Network Security Assessment
Prepared for:
University of Maryland University College
Prepared by:
Christopher Harris
Executive Summary
Security of the companies data is one of the most important components which allows the business to perform its day to day operation using various networking devices, services that absolutely needs to be protected from intruders. Some of these devices include online transactions, the exchange of data between users and clients both internal and external and external web data needs to be secured. There are several polices that would need to be configured such as a web sever and firewall configurations. However, with these configurations the first and most important task is to identify any vulnerabilities or loopholes in security within the company. The company has both LAN (Local Area Network) and WAN (Wireless Local Area Network) and a web sever. These resources need to be secured at all times from hackers or anyone else by implementing the appropriate security measures.
I. Vulnerability Assessments Security measures need to be implanted in order to secure the various resources. One of these vulnerabilities is the web server itself. If certain FTP ports are left
…show more content…
There are several ways that this can be completed. It is vital that all communication both internal and external be encrypted using strong encryption algorithms. The protocols that are used to send user credential or store session information cannot be used within any window services. This could lead to session hijacking and attackers could access any information stored. Periodic maintenance of the servers should be performed for any software updates or patches as soon as possible. Otherwise you run the risk of a successful attack. There are security protocols installed to protect website data such as SSL and
4. Server hardening – Request copies for your hosting company’s server hardening steps. This will detail the process of how they apply their measures for security to your servers.
A scan of Aim Higher College’s primary Web server using a Nikto shows a large number of default configuration files and sample files on many of the older servers. It seems from the scenario that there are possible vulnerabilities or exploits that are present in the files and if loaded and accessed it will cause some harm or damage to the machine and or network. Countermeasures to protect against this scenario would be the implementation of a secured network where it would be tough to access the files. Have a WPA2 wireless network in place so there is no sufficient way to manipulate the files. Also, implement patch management and keep up to date of anti-malware and anti-spyware updates. This helps in the summarization of the possible threats the College can face in certain scenarios and explains in how to protect against them.
Authentication Header (AH) and Encapsulating Security Payload (ESP) are a part of the IPSec components, they are network layer protocols allowing secured communications through a VPN tunnel. Within a firewall to enable communication for AH one will use protocol 50 and for ESP protocol 51 (Frankel, Hoffman, Orebaugh & Park, 2008), both protocols 50 and 51 can be enable within the same end-to-end IPSec connection which is the Tunnel Mode connected by two gateways. Nonetheless, for Transport Mode, there are some restrictions in the order in which they appear. While AH supports connectionless integrity and authentication of the packets, ESP provides data origin authentication and confidentiality through the use of encryption, both AH and ESP provide
Maintain accurate inventory of control System Devices and check the exposure of this devices to External Networks:
We are one of the largest trauma centers in the metropolitan area and are looking to fill our Security Operations Supervisor position. We have over 80 security officers split between three 8-hour shifts. Our medical center has been in business for over 50 years.
There are several ways to protect your information from the outside world; you just need the ammunition to do it. Because this has become a focal point for computer and Internet user’s, many companies are capitalizing on a growing industry and producing software packages to prevent privacy intrudion. A couple of ways that you can protect your self are URL encryption, OS shielding, JavaScript filtering, and cookie control. All of these are effective ways of protecting your self. But take caution, these are not guaranteed to complete block out intruders and completely protect you and your information. They are merely preventive steps you can take.
Watch Guard Fireware has a firewall based IPS the can detect and block of attacks in the proxy policies. When enabling Firebox, this will protect the network from any kind of attack especially zero day threats from the outside world. Also, the IT staff should use a signature-based Intrusion prevention system to that is good for maintaining efficiency and performance protection on the network. Using my suggestions will prevent any more threats in the future for these web servers on the college’s
The https:// protocol should be used for transactions to indicate the server is encrypted and secure (Wallace, 2014). Additional important security measures include using antivirus software, installing a firewall, ensuring that information is encrypted while in transit (Vargis, 2010), limiting access to consumer data by business need to know, track and monitor consumer data, testing security frequently, staying up to date on hacker tactics, and monitoring third-party providers (Conroy, Milano, Narula & Singhal, 2014). In addition, user requirements should include a strong authentication to ensure authorized access, as well as issue and enforce updates of OS patches and virus definition files, manage and maintain configuration settings, and review firewall logs for intrusions (Vargis, 2010). Furthermore, employees should be monitored closely with software that checks email and internet traffic for certain keywords or file types, and block use of certain websites and applications completely. Business policy should require immediately cancelling network access and passwords when employees leave the company, and avoid passwords to remotely access the network in future (Whittle,
When it comes to protecting an infrastructure, careful planning and coordination needs to take place. Protecting an infrastructure takes an important security initiative called Critical Infrastructure Protection (CIP). The United States critical infrastructure is protected by the Department of Homeland Security.
Sites can never be 100 percent safe if they are connected to the Internet. The ideal system is up to date on patches, has a firewall, is monitored, has all unneeded services disabled, and has up to date antivirus software installed. The ideal site also has an incident response capability and knowledgeable staff. Unfortunately the Internet is a highly interdependent world. There is no silver bullet to stop DoS attacks or vaccine to prevent them, but increasing awareness is the first step to successfully combating the problem.
Once the new application architecture is implemented, employees will be required to run an internet browser (preferably IE6) with a minimum of 128-bit encryption. User will then browse to a secured URL through their web browser to establish a secure connection with the corporate VPN. This will require that each location's firewall be configured to pass all secured traffic over port 443. Once a secured connection is established, users will be prompted to login with either their username or clock number and their chosen password.
An attacker looks for poorly configured network devices to exploit. Common vulnerabilities include weak default installation settings, wide open access controls and unpatched devices. To gather information from the encrypted network traffic attacker places the packet sniffing tool on the network. Sniffing is the act of monitoring network traffic for data such as clear-texts passwords or other configuration credentials. Usually transmitted information carried along during an Secure SHELL session cannot be seen but other information such as sender’s and receiver’s IP addresses, DNS requests to resolve hostname, port numbers and the amount of data is visible. If the traffic along the network is encrypted by the attacker, the attacker can see which sites are visited, amount of data received and sent and the port numbers used for the connection. Using a simple packet sniffer, all plaintext traffic can be read easily. This becomes possible because of weak physical security or lack of encryption during the process of sendin...
Over the last 10 years, computers have increased in speed and capacity while decreasing drastically in price. Computers that where once used in the corporate environment, are now slower than typical household computers. While this change occurred, telecommunications have improved to allow computers to communicate easily from remote locations, adding great opportunities for illegal activities. Data can be changed or destroyed, systems can be made to malfunction and long distance charges can be avoided. One of the biggest challenges today is to control the network security. Network security is having protection of networks and their services from unauthorized access, destruction, or disclosure. Malicious acts bring up the important topic of disaster recovery. Companies must have up to date copies of their important documents and software to prevent extended downtime. The saved information will let the company’s employees continue to work while the IT department deals the damaged media.
5. Look at the bottom, under IP Options. Put a check in the box “Refuse Multiple Connections from the same IP”. This will prevent one person from blocking your FTP to others.
Computer network security and honesty is a large concern among all type and size of companies. The option for solving security risks are as varied as the companies themselves. However, it is possible to break down the method for dealing with security risks into the major categories.