Which of the following account lockout policy modifications could you make to ensure that user passwords cannot be intercepted by analyzing captured packets? (D) Disable the Store Passwords Using Reversible Encryption policy 2. Which of the following mechanisms is most often used in firewall rules to allow traffic on to the network? (D) Port numbers 3. Which of the following NTFS features is incompatible with EFS encryption?
The risks that exist would come from a suspecting end-user, potentially some form of malware, that would be installed through an open port, thus causing the integrity of a machine on that network to be severely compromised (Lawrence, 2000). Ping sweeps and port scans are two direct unsuspecting threats that, like other cyber threats, are not to be ignored. The ease of gaining access by using these threat sources is something that a business should be aware of and be prepared to address when faced with being at the end of a cyber-attack. Implementing appropriate policy to counteract such a malicious and serendipitous attack on network vulnerabilities should be considered as an additional failsafe. Protection is the key and showing extra caution can at least reduce the
Unit 32 Networked Systems Security Name: P1 | describe how networks can be attacked | Attacks: types e.g. denial of service, back door, spoofing, mathematical, brute force, software exploitation, viruses, rootkits, worms, Trojans, spyware, adwareSources of attacks: internal e.g. disaffected staff; external e.g. via internet connections or through unsecured wireless access point, viruses introduced by email | U4U8 P3 | P2 | describe how networked systems can be protected | Email systems: security features e.g. secure MIME, spam, hoaxing, relay agentsWireless systems: security features e.g.
Malicious damage: Examples can be Viruses, Worms or Trojans a. Internal attacks come from within the organisation by disaffected staff. Individuals or a group have authorised access and privileges to the organisations network. They may use their knowledge on the organisations network to exploit or interrupt its functions. Internal attacks can be more difficult to find as attackers have the potential to remove any evidence of the attack more easily as they have more knowledge or access rights on the system as opposed to an outside attack.
Attackers are always looking for devices and software that are newly added to a system and not updated correctly with the security measures in place already. This is the door they look for to get in. A method to avoid such opportunities is to deploy an automated asset inventory discovery tool and use it to build a preliminary asset inventory of systems connected to an organization's public and private network. This will help make the system capable of identifying any new unauthorized devices that are connected to the network within 24 hours, and of alerting or sending e-mail notification to a list of enterprise administrative personnel. Without such a tool in place an attacker will use the unpatched device or software to gain access and manipulate the network how they please.
Port scan is as the name implies, a scan of the open ports on each computer of the network to define which ports are open and what services are running on them. This information can be used to set up an attack on the network by allowing the hacker to bypass vulnerability in the software being run or on any open ports that can be used to gain deeper access to the network. With a port scan the probe sends information to each port on the network and the open ones respond back, this data can be used to determine the easiest way to infiltrate the network. The safest way to defend against this type of probe is using a firewall. Just as in a ping sweep, if you deny access to a port scan requesting information from the network you render them
I would implement firewalls, cryptography, antispyware, antivirus, and content filtering. These will be installed in various levels of our network infrastructure including, our mail servers, gateways, laptops and desktops. When these security technologies are in place a threat may be able to bypass on level of security but will be detected and eradicated at another. Layering our security in this manner will mitigate the risks of an employee disabling their protection on the workstations. Our mail servers which send, receive and store emails must be secured as well.
Explain Server Manager, the new role-based management tool for Windows Server 2008, and describe the tools it was designed to replace. 3. Define the Windows System Resource Manager (WSRM) and how it gives the administrator greater control over the allocation of system resources. 4. Explain how Network Access Protection (NAP) creates a security architecture that allows administrators to control access to critical resources and assist users in meeting security requirements.
The combination of public and secret key technology to secure access to websites is how this protocol works. Microsoft NTLM is an authentication that Windows NT servers use for clients to be authenticated to an NT domain (Shinder, 2014). PAP and SPAP are similar, but SPAP is the upgraded version of PAP, and they are used for remote access control authentication. It is recommended that PAP only be used if there is a compatibility issue as PAP transmits user passwords across the network to authenticate which can be captured by unauthorized users. SPAP encrypts the password and then sends it and the username across the network (Shinder, 2014).
The TCP/IP Guide, Retrieved March 15, 2008 From http://www.tcpipguide.com/ Juniper (ND) Leveraging MPLS to Enable Deterministic Services in the Cable Core, Retrieved March 13, 2008, From: http://www.juniper.net/solutions/literature/white_papers/200228.pdf Shinoda, Yoichi. (2002). The MPLS advantages. Retrieved March 16, 2007 From http://www.soi.wide.ad.jp/class/20010022/slides/02/47.html Greg, T. Tittel, E. & Johnson, G. (2004) Guide to networking essentials [Electric version] Course Technology; Ch 2 - 14 pp 71-528; Retrieved from University of Phoenix eResource website, Aug. 26,