Which of the following account lockout policy modifications could you make to ensure that user passwords cannot be intercepted by analyzing captured packets? (D) Disable the Store Passwords Using Reversible Encryption policy 2. Which of the following mechanisms is most often used in firewall rules to allow traffic on to the network? (D) Port numbers 3. Which of the following NTFS features is incompatible with EFS encryption?
The fact that an attacker can strike remotely makes a Web server an appealing target. Understanding threats to a Web server and being able to identify appropriate countermeasures permits us to anticipate many attacks and prevent the ever-growing numbers of attackers. The main threats to a Web server are: * Profiling * Denial of service * Unauthorized access * Arbitrary code execution * Elevation of privileges * Viruses, worms, and Trojan horses 1) Profiling: Profiling, or host enumeration, is an exploratory process used to gather information about the Web site. An attacker uses this information to attack known weak points. Vulnerabilities: • Unnecessary protocols • Open ports •Web servers providing configuration information in banners Attacks: • Port scans • Ping sweeps • NetBIOS and server message block (SMB) enumeration Countermeasures: Include blocking all unnecessary ports, blocking Internet Control Message Protocol (ICMP) traffic, and disabling unnecessary protocols such as NetBIOS and SMB.
Sequence number – hijacked or interrupted TCP/IP sessions via injected packets that disguises its origination from one of the two computers in a session. Spam, and phishing attacks. Vulnerabilities of these types of attacks include: unnecessary open ports, unpatched systems, poor or outdated configurations, and exposed cabling. Countermeasures to safeguard these risks and vulnerabilities include: Access control lists, firewalls, intrusion detection systems, intrusion prevention systems, protecting network cabling, utilizing anti-virus software, private addressing, closing unnecessary ports and services, and installing security patches as necessary. • Suggest security devices or configurations that should be employed to mitigate risks existing in telecommunications.
Permissions are based on what the user or group is allowed to do with the data that they have accessed. This includes the ability to alter, add, or delete data. Usernames, passwords, and encryption keys will be used to limit access to the network and to help the IT team keep track of who has used the network and when. This will help reduce the risk of unauthorized access. Gaining access to the network will be done using IPv4 and Mobile IPv4 (MIPv4) protocols.
Spyware is almost exactly as it sounds, a spying program. This type of malware will record the users input and transmit it back to the hacker to access at his leisure. This type of spyware is called a key logger and can capture interesting information such as user names, passwords, credit card numbers and email addresses. The more advanced versions of spyware can siphon off network data that will allow the hacker access to files, encryption keys, and other sensitive information. The final malware I will cover is the zombie.
3. If the company is looking into using laptops and Internet access in the field, then it must consider encryptions. According to Pfleeger & Pfleeger, “encryption is powerful for providing privacy, authenticity, integrity, and limited access to data” (p. 444). I would suggest “end-to-end encryption” this is known to provide encryption from one end of transmission to the other” (p. 446). This way, information transmitted from the field would be in encrypted throughout the network.
Is this the same thing as a Public Key Infrastructure (KI) server? The Public Key Infrastructure creates encryption keys and manages certificate requests while the storage location is called the certificate store. 7. What do you need if you want to decrypt encrypted messages and files from a trusted sender? You need the sender’s private key to decrypt the message.
To begin with, the definition of a port scan is, “The examination of TCP and UDP ports to determine which are open and what services are running. (Conklin 659) “The method used by intruders to discover the services running on the target machine. The intruder can then plan an attack on any vulnerable service that he or she finds for example, if the intruder finds that port 143 is open here she may proceed to find out what version of IMAP is running on the target machine if the version is vulnerable she may be able to gain superuser access to the machine using exploit (a program that exploits a security hole).” (Teo, 2000) To put the definition of the port scan into simpler terms it is a way for intruders to scan the network of the company for a way into the company records and programs. A port scan can tell an intruder what port is open, where it leads to, and what programs, files, passwords are on the machine that they have found access. Ping sweeps are used to identify the path a host ID uses in a given subnet.
Under large bussiness corporations, the scope expands to include other factors such as safe-guarding business legal and transactional interests. The integral part of AUP is the cde of conduct the the users need to display when using the internet or internet. Code of conduct stipulates that the users have to what extent to use the network, the language that uses when they are online especially on social sites and avoid illegal activities that the organisations doesn’t allow. The company or the organisation offering internet have the consequences on the violation of AUP. This may include