Widget Warehouse is a medium sized e-commerce company that supports 200 customers daily. The student has been hired to assist in the development of a new security policy. An assignment has been received to analyse the current network of Widget Warehouse. The Widget Warehouse network is comprised of an intranet with 200 users, and a public Web server that processes the company e-commerce traffic. The internal network is logically divided into an information technology (IT) department branch, an accounting branch, a customer service branch, a sales branch, and an inventory branch.
a. The IT department for Widget Warehouse has a general understanding of security but they are very inexperienced with the various attacks an intruder can use to exploit their network resources. Create a list of various attacks intruders can use maliciously against the Widget Warehouse network. Also, provide a brief description of possible attacks, including their purpose.
Brute force attack This attack uses a specific character set (such as A-Z, 0-9) and computes the hash for every possible password made up of those characters.
Eavesdropping When an attacker is eavesdropping on our communications, it is referred to as sniffing or snooping. The ability of an eavesdropper to monitor the network is generally the biggest security problem that administrators face in an enterprise. Without strong encryption services that are based on cryptography, our data can be read by others as it traverses the network.
Denial-of-Service Attack The denial-of-service attack prevents normal use of your computer or network by valid users. After gaining access to the network the attacker can send invalid data to applications or network services, which causes abnormal termination or behaviour of the applications or services, attacker can flood a computer or the entire network with traffic until a shutdown occurs because of the overload, attacker can Block traffic, which may result in loss of access our network resources by the users.
Data Modification After an attacker has read our data, the next logical step is to alter it. An attacker can modify the data in the packet without the knowledge of the sender or receiver. Even if we do not require confidentiality for all communications or we do not want any of the messages to be modified in transit. For example, if one is exchanging purchase requisitions, he does not want the items, amounts, or billing information to be modified.
Identity Spoofing (IP Address Spoofing)
Most networks and operating systems use the IP address of a computer to identify a valid entity. In certain cases, it is possible for an IP address to be falsely assumed— identity spoofing. An attacker might also use special programs to construct IP packets that appear to originate from valid addresses inside the corporate intranet. After gaining access to the network with a valid IP address, the attacker can modify, reroute, or delete your data.
Password-Based Attacks A common denominator of most operating system and network security plans is password-based access control. Thus the access rights to a computer and network resources are determined by the person, the user name and the password.
Older applications do not always protect identity information as it is passed through the network for validation. This might allow an eavesdropper to gain access to the network by posing as a valid user.
Sniffer Attack A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunnelled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key.
Man-in-the-Middle Attack The man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. For example, the attacker can re-route a data exchange. When computers are communicating at low levels of the network layer, the computers might not be able to determine with whom they are exchanging data.
Trojan horses and worms Trojan horses are often associated with viruses which are they are dangerous programs that masquerade as benign programs.
a. One of the first steps in creating a security policy is gathering the requirements for the company. Create a list of questions to ask the Widget Warehouse executives, in order to better understand their security requirements and business goals.
1. Widget Warehouse requirements:
a) What are the specifications required for the network operation?
b) What access controls are needed to be applied on the users?
c) Which departments are needed to be interconnected?
d) What are the login policies and to which extent are they needed to be applied? (day, time range etc)
e) A list of various applications which are required for the different branches?
f) To what extent the policies are to be applied on the users?
g) How group policies should be applied on the server which allows the users to access information?
h) What are the policies to be implied on the web access?
i) Specifications of file policies to all the users?
j) What are the password policies needed to be applied on the users?
a. Based on the questions, it is discovered that mission-critical information is passed between remote departments in the company over the LAN and the Internet. What security implementation could be used to keep this information out of unauthorized hands? Provide a brief explanation with each answer.
Company will have the information about their employees, customers, products, sales, and financial status. Most of this information is now collected, processed and stored on electronic computers and transmitted across networks to other computers. Should confidential information about businesses customers or finances or new product line fall into the hands of a competitor, such a breach of security could lead to lost business, law suits or even bankruptcy of the business. Protecting confidential information is a business requirement, and in many cases also an ethical and legal requirement. In the company one department is needed to access the information of another department. We should maintain a firewall to the server. And we have to give the access between the departments where it is required.
Authorization addresses the question: what can you do? It is the process that governs the resources and operations that the authenticated client is permitted to access. Resources include files, databases, tables, rows, and so on, together with system-level resources such as registry keys and configuration data. Operations include performing transactions such as purchasing a product, transferring money from one account to another, or increasing a customer’s credit rating.
One of the most important solutions to viruses and hackers threats is VPN [4] that makes the network between companies and users secured; it is also authenticated and encrypted for security. VPNs provide the ability for two offices to communicate with each other in such a way that it looks like they’re directly connected over a private leased line. Basically, a VPN is a private network that uses a public network “usually the Internet” to connect remote sites or users together. Instead of using a dedicated, real world connection such as leased line, a VPN [11] uses “virtual” connections routed through the Internet from the company’s private network to the remote site or employee.
IPSec [3] is defined as a set of standards that verifies, authenticates, and encrypts data at the IP packet level. It is used to provide data security for network transmissions. IPSec is a suite of protocols that allows secure, encrypted communication between two computers over an unsecured network. It has two goals: to protect IP packets, and to provide a defense against network attacks.
a. The Widget Warehouse executives do not completely understand the continual process of security. They appear to be under the impression that once a security policy is implemented it will be sufficient for an extended period of time. Create a description of the security wheel and discuss the benefits of such a model.
The network security wheel is a methodology of how the network security of an enterprise is maintained. Here the notion of ‘wheel’ is a depiction that says that network security is a continuous process. In other words, in order to keep the wheel rolling have a continual security policy, the security engineers in an enterprise should always maintain four steps:
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more