Ictnwk511 Security Functions Management Assignment Answers

Internal Code :
Subject Code : ICTNWK511
University : Victoria University
Subject Name : IT Computer Science

Table of Contents

Answers of Task 1.

Answers of Task2.

Review of existing Network Security systems.

Develop a network security plan.

Challenges of network security plan.

Network security measures in CISCO:

Incident Response.

Bibliography.

Network Security - Answers of Task 1

Identify Two Common ICT Networks. Describe Each of Them, Including Their Configuration.

The term ICT refers to the systems through which information is transferred through telecommunication, wireless networks. For example, people can communicate in real time to others in different countries using VoIP, instant messaging, social networking, etc. (ICT, 2020) The most common ICT Networks are :

Electronic Mail, Video Conferencing

Electronic mail: Electronic mail is an application of network where a user can directly use the protocols of application layer as Simple Mail Transfer Protocol to send messages, pictures, audio, video files or any attachments. This ICT network system utilizes electronic data communication for business purposes with employees, personnel, clients for transmitting and receiving digital information in a secured manner.

Configuration: A SMTP server is installed and configured for a mail client in the “Tools” menu under the voice setting as “Account”. Then we select another server voice as “Outgoing Server”, after that add a new SMTP. Then we can fill the corresponding voices from a from popup menu (TurboSMTP, 2020).

Video conferencing: To reach different people across different time zones or countries industries, education, healthcare systems nowadays use video conferencing. It is a very useful ICT network communication system through which a group of people or a single people can be connected and communicated at the same time through this medium by using cameras, loudspeakers, Internet connections and microphone. Everyone can type, see, speak and listen to each other. Telephone conferencing is also a type of ICT network. All participants are allowed to speak, type, listen to each other through a unique code at the same time (ICT, 2020).

Configuration: Various protocols like TCP (reliable), UDP (unreliable), Real-Time Protocol(RTP) are working in this networks like LAN, WAN, ISDN,VPN, wireless network. Basically each protocol identifies its contents using its individual header. It is used in Fast ADSL, smartphones (C21 Video, 2020).

Describe Two Types of Network Attacks. for Each, Outline how The Vulnerabilities and Weaknesses of The Ict System May Have Led to Such a Network Attack and Describe a Security Technology that Can Prevent Such an Attack

Network attacks are very obvious in internet communication as there are over billion people are using internet services regularly. Therefore, email has become a major vulnerability to users and organizations. As many industries are connected and rely at the same time through various connecting devices in the network, so security issues in network come in the scenario. At the same time, many attackers want the unauthorized accesses to personal computers, data, files. Below are some of the most common types of Attacks:

Phishing :One of the common network attack is Phishing which is a form of fraud and cyber criminals. This happens when a fraudulent email, instant message, or other social media content is received from an unknown party which acts as to believe that this email is coming from an authorized bank’s link or say from an authorized client. Such link steals, gathers login credentials by masquerading as a trustworthy person and damages the recipient by installing malware their personal device by accessing their financial information. In 2016, the gmail account of Hillary Clinton campaign chair John Podesta was shared by this attack (CBS, 2016).

How to prevent Phishing attack:

It is suggested that companies must deploy security techniques and aware employees to prevent phishing attacks.

Some preventive security technologies are:

Password of a smartphone is protected by using Two Factor Authentication through two methods of identification confirmation.

AI tools, machine learning and NLP are implemented in Email Filters to signal high-risk email messages.

Phishing is prevented by using Augmented password logins to save user’s personal information like their images, identity, security skins, etc.

Preventing Man in the Middle attack:

Here, attackers break the network traffic. It modifies the network connection. Attackers discover the way to damage network security, by stealing data, by gathering users’ credentials and hijack their sessions. (CyberEdu, 2020). The websites or web applications are affected by this attack.

How to prevent the MITM attack:

The primary factors to avoid the MITM attack are:

We should be careful about links that are clicked while avoiding the phishing attempts.
We must keep our browsers and OS up to date always to prevent attackers to exploit installing malware on personal computer.
We may constrain the use of our sensitive activity on public networks by using VPN.
We must be aware of the security on routers and DNS servers.

Describe two emerging security issues that are relevant to network attacks.

Security issues in networks correspond to prevention of various threats and attacks to software, data, theft of intellectual property, hijack of credentials, information extortion. The three main security issues in network are confidentiality, integrity, and availability of information. Security issues are implemented against various malicious attacks, data losses, breaches, etc.

The first most emerging security issue in network attacks is providing encryption against sensitive data through VPN techniques during configuring an internet in WiFi network, router, web browser to prevent unauthorized access, data loss over network. It encrypts the sender’s message in a code called “Cipher text”. Thus it helps to provide the confidentiality of digital data over an internet by using a secured protocol called SSL or that is a standard security technology for establishing an encrypted link.
The another most important security issue in network attack is prevention of malicious attacks like virus. We should implement security devices such as firewalls, network security by installing AntiVirus software, we must scan our file systems located on disk, computers on regular basis to protect our system. a virus is a computer program which modifies other computer resources when it is executed by replicating itself.

Identify and describe auditing and penetration testing techniques that can be used to measure a network’s security.

Security Auditing: An enterprise IT infrastructure defense system is systematically evaluated by security auditing. Auditors check the performances of the security protocols, monitor them and generate a report to examine the security criterias. All data and digital assets are conducted on a regular basis to get secured in these audits. A typical security audit will assess Data- and access-related items. Whenever a security audit is conducted, the security patches are ensured to be updated, and activity logs are checked if safety policies are maintained by all IT people or not.

Penetration Test: Penetration test is more effective assessment of vulnerability than security audits and by which our system is breached as a hacker. Here the IT infrastructure tolerate a similar attack which is imposed by a hacker. There are mainly three variations of penetration tests: External Penetration Tests which highlights on external systems. Internal Penetration Tests focus on the internally connected systems, by this we can check if hackers can compromise our internal systems. Hybrid penetration tests applies both internal and external breaches. Black box penetration tests focuses to access to the internal network. White box tests work on the opposite principles of black box testing.

Describe logging analysis and two specific techniques that can be used to measure the security of a network.

In network security, logs are usually created when several messages are stored on a disk by network operating system as a log files. The task of security analysts is to extract log as a set of message of contex.

The Log analysis tools are used to provide security by help to extract data from logs and search the meaningful pattern to take decision in business by networking professionals, developers, etc.
Correlation analysis: It is a tool to assemble logs from different events where correlation analysis are used to find the invisible connection inside logs in case of cyber attack.

Identify and describe two types of security measures that can be put in place in a network.

The two most common network security measures are Network Sniffing, it is known as a network analyzer installed as a software, and it can discover the raw packet.

Another security measure is implementing Firewall. As software, port numbers and applications are used to control traffic through software firewall. A hardware firewall is installed on gateway to hinder attackers.

Network Security - Answers of Task 2

Review of Existing Network Security Systems

Network threats are the disruptions of the network security which might take advantage of the vulnerability of network to contravene the financial security for personal gain by causing harm. the most common threat of today is Denial-of-Service attack (DoS) which devastates the networks resources such as web, email gateways, passwords. others threat to network security are Trojan horse, Phishing, etc.

Phishing :One of the common network attack is Phishing which is a form of fraud and cyber criminals. This happens when a fraudulent email, instant message, or other social media content is received from an unknown party which acts as to believe that this email is coming from an authorized bank’s link or say from an authorized client. Such link steals, gathers login credentials by masked as a trustworthy person and damages the recipient by installing malware their personal device by accessing their financial information. In 2016, John Podesta’s gmail account was shared by this attack (CBS, 2016).

Some preventive security technologies are:

Password of a smartphone is protected by using Two Factor Authentication through two methods of identification confirmation.

AI tools, machine learning and NLP are implemented in Email Filters to signal high-risk email messages.

Phishing is prevented by using Augmented password logins to save user’s personal information like their images, identity, security skins, etc.

Man in the middle attack:

Here the attackers break the network traffic. It modifies the network connection. Attackers discover the way to damage network security, by stealing data, by gathering users’ credentials and hijack their sessions. (CyberEdu, 2020). The websites or web applications are affected by this attack.

The primary factors to avoid the MITM attack are:

We should be careful about links that are clicked while avoiding the phishing attempts.
We may constrain the use of our sensitive activity on public networks by using VPN.
We must be aware of the security on routers and DNS servers.

DDoS (distributed DoS attack). This attackis happened in case of multiple botnets flood the resources of targeted network systems like web server, bandwidth with traffic overwhelmed by large volume of SYN or ACK packets and perfoming complex SQL queries.

To prevent this attack we can take preventive measures such as by developing DoS response plan with a team, by creating a system checklist, by setting a notification and escalation procedure by the team, etc. (DOBRAN, 2018)

Network Vulnerabilities: It is a fault or error in network which happen in physical, software process, and through which security breach is broken. Sometimes network vulnerabilities engross software data. Thus cost and acceptable loss is assessed by risk management in vulnerability. The common network vulnerabilities are:

System when infected by Malwares like virus, worms, Trojan, rootkits make devices running slower, executing unknown processes, sending unnecessary emails..

In Social engineering attacks, username or password is stolen by accidentally clicking a link or downloading an attachment unknowingly.

Using or running Expired or Outdated software exposes the systems or the entire network.

Network spy can steal data through Misconfigured firewalls.

Network security threat in simulated RTOs: In Real-Time-System operating system such as in the embedded systems in Stuxnet attack in 2010, showed us that the attack was caused in Iranian microcontroller. A proprietary network was connected in this attack in a locked-down facility. The system was running down and a virus was targeted at the microcontroller’s specific application. USB stick and phishing emails damaged the target. (RTOSPlatform, 2018)

Develop a Network Security Plan

As our business communication expands rapidly and digitally, we need to implement some digital security postures over network or data communication. Therefore it is obvious to provide protection the underlying network infrastructures against malicious attack, virus, theft, unauthorized access. We need to rely on network daily basis so that hackers cannot be able to damage the internet connection, steal our private information.

Challenges of network security plan

To implement a cyber security within a manageable budge we must consider

vulnerability aspects of a network
regulations of government and industry
network security plan
tools to detect security breaches

Steps

The following steps are most important to develop a network security plan:

Network examination
Planning
Installation
Constant monitoring is used to review audit logs to find potential threats.

The following methods are needed to implement network security issues

Segmentation of Networks

Building sub networks allows us to protect sensitive information by hindering users. This isolation provides breach to relevant sub-network and cancelling the threat.

Security-Focused Culture

Suspected phishing attempts and social engineering attacks are reported by this.

Secure Wireless Networks

SSID passwords are masked to make network safe from access by outsiders to make profit from bad sectors, by using two-factor authentication protocols in wireless access points.

A Brief Summary of the Assets of our network

Our organization is a multi-disciplinary Engineering College offering BTech. Degrees in CS.E.(Computer Science and Engineering), E.C.E. (Electronics and Communication Engineering), E.E. (Electrical Engineering) and I.T. (Information Technology). Currently, we are proposed to device & implement a network security plan for our laboratory of computers for the Computer Science & Engg. Department.

Our Existing computer lab consists of 200 computers and one HP ML30 server with Oracle 11g database server installed in it. The computers operate via a LAN which is a traditional switched full duplex Ethernet and the communication occurs using the Client-Server paradigm. Also we have a managed switch and a gateway computer in the lab. Through the managed switch we can interact with the other computer laboratories of various other departments and the gateway computer connects our college computer network to the internet.

Each of our client computers costs approximately Rs.25000/- and the server costs Rs. 110000/-. The managed switch costs around Rs.70000/- and the gateway computer around Rs.50000/-.

Currently we are having no security system implemented in the above described computer lab and so our lab is vulnerable to the following types of security threats & attacks.

Threats:

Virus: A computer boot sector or document is affected by a computer program called virus, it can replicate itself to another computer program, so it is malicious. We should implement security devices such as firewalls, install anti-virus software, we must scan our file systems located on disk, computers on regular basis to protect our system. Other computer resources re modified when it is executed by replicating itself. Thus it hides in unusual and unsuspected places, such as the bad sector list on the disk or the Windows registry.

Types of Viruses:

Encrypted Virus
Stealth Virus
Tunneling Virus
Multipartite Virus
Armored Virus

Worm: It is another threat to computer or network at a swift place when a computer program replicates itself. In contrast to virus, it does not propagate itself in another part of a computer program.
Trojan Horse: A Trojan horse is a type of malicious code which can damage, break security and steal, also impose some harmful action on network.

Proposed Risk Management Plan

First of all, we need to configure our gateway computer to act like a proxy server so as to relieve the burden of our database server computer of introspecting every packet of data that comes from the other department labs or from the rest of the world.
We need to install firewall software in the gateway computer, and properly configure it as per our required security policies.
Also, we need to install a fourth generation anti-virus software in the gateway computer and also in the database server computer.

Proposed Router Configuration;

We need to have a packet filter software installed as a network layer firewall that can filter packets based on IP addresses & Port Numbers.
We need to have a Screen Host Firewall, Dual-Homed Bastion so that we can have network level Packet Filter as well as Application Gateway(Application level firewall) at the same machine as well as direct connection between the internal hosts and the packet filter could be avoided.

Bibliography for Network Security

C21 Video. (2020). Video Conferencing Standards and Terminology. Retrieved June 02, 2020, from C21Video: https://www.c21video.com/technical-papers/videoconferencing/videoconferencing-standards---terminology

CBS. (2016, October 28). The phishing email that hacked the account of John Podesta. Retrieved June 02, 2020, from CBSNews: https://www.cbsnews.com/news/the-phishing-email-that-hacked-the-account-of-john-podesta/

CyberEdu. (2020). What is Phishing? Retrieved 2020, from Forcepoint: www.forcepoint.com/cyber-edu/phishing-attack

Cynet. (2020). By providing threat protection across the entire environment – hosts, network, files and users, Cynet provides protection against the widest set of cyber attacks. Retrieved June 02, 2020, from CyberAttack: https://www.cynet.com/cyber-attacks/network-attacks-and-network-security-threats/

DOBRAN, B. (2018, September 10). 7 Tactics To Prevent DDoS Attacks & Keep Your Website Safe. Retrieved June 04, 2020, from phoenixNAP: https://phoenixnap.com/blog/prevent-ddos-attacks

ICT. (2020). INFORMATION | COMMUNICATION | TECHNOLOGIES | SECURITY. Retrieved JUNE 2, 2020, from ICT Network Systems: http://www.ictnetworksystems.ca/

RTOSPlatform. (2018, May 01). Built-in RTOS Security for Connected Embedded Devices. Retrieved June 04, 2020, from IntervalZero: https://www.intervalzero.com/embedded/built-in-rtos-security-for-connected-embedded-device/

The phishing email that hacked the account of John Podesta. (2016, October 28). Retrieved June 02, 2020, from CBSNEWS: https://www.cbsnews.com/news/the-phishing-email-that-hacked-the-account-of-john-podesta/

TurboSMTP. (2020). How to configure an SMTP server. Retrieved June 02, 2020, from TurboSMTP: https://serversmtp.com/smtp-configuration/

Remember, at the center of any academic work, lies clarity and evidence. Should you need further assistance, do look up to our Computer Science Assignment Help