Page 1

SEC 572 Week 1 iLab Denial of Service Attacks

For more course tutorials visit uophelp.com is now newtonhelp.com www.newtonhelp.com

Please check the Details Below SEC 572 Week 1 iLab Denial of Service Attacks In this lab, you will discover and analyze one of two different real network attacks. This will give you insight into the motivation, vulnerabilities, threats, and countermeasures associated with your selected network attack. There are two categories of network attacks you will be concerned with this week. The first is a network denial of service (DoS) attack, and the second is a targeted attack on a network device connected to the network. You will also discover the distributed denial of service (DDoS) attack and you may use that one as well. The key difference between a DoS and a DDoS attack is that the DDoS attack is launched towards the target from numerous source locations. A botnet attack is an example of a DDoS attack.


Your goal is to select a specific instance of one type of attack and provide a managerial-style awareness document. Assume that you are delivering your analysis to business or government managers who have a general understanding of network communications. The reason for the choice of two different attacks is to allow you to select a broad or narrow focus for your work. This will also give you a high probability of discovering a very current attack. In general, the network denial of service attack may significantly diminish the network's ability to properly communicate. The result will be a loss of service, such as the inability to access a website's home page. The DoS attacks have ranged from a large global footprint to a specific target network endpoint. For example, the SQL slammer worm was a global DoS attack, lasting for days and requiring server modifications. In contrast, selected websites were shut down by hacker groups, such as the hacktivist collective Anonymous, requiring support from the ISPs and firewall vendors. The targeted attack on a network device can result in a DoS as well, but it uses the current network to deliver the destructive payload to the target system. For example, a SQL injection attack's target is the database server, with the Internet and the corporate network actually delivering the destructive payload to the target. Furthermore, this type of attack may leave the network functional because it uses it to propagate to other devices or uses the victim's network to launch other attacks.


Each section of your report may require 1–6 sentences to properly address the topic. For example, the attack discovery and resolution dates will be one sentence, whereas the synopsis of the attack will require about six sentences. Your primary goal is to provide the reader valuable information about the attack. Lab Document Framework • Name of the attack • Attack discovery and resolution dates • Synopsis of the attack • Vulnerable target(s) for the attack and likely victims • Probable motivation(s) of the attack • Probable creators of the attack • Deployment, propagation, or release strategy of the attack • Published countermeasures against the attack • Published recovery techniques used to return to normal operations after the attack • Recommended incident reporting measures • Citations and resources used in this report

============================================== SEC 572 Week 2 Network Security


For more course tutorials visit uophelp.com is now newtonhelp.com www.newtonhelp.com

Please check the Details Below SEC 572 Week 2 Network Security ============================================== SEC 572 Week 3 iLab MD5 Best and Worst Use Cases

For more course tutorials visit uophelp.com is now newtonhelp.com www.newtonhelp.com

Please check the Details Below SEC 572 Week 3 iLab MD5 Best and Worst Use Cases


In this lab, you will explore the best and worst use of a popular message digest algorithm. For this one, we shall focus on MD5, but all of this can be applied to the other ones, such as SHA-1. In the best use portion, you will discover and outline a specific implementation of the MD5 algorithm, where it provides high value and a very low security risk. In contrast, in the worst use portion, you will attempt to crack an MD5 hash (this is ethical hacking) and suggest a scenario where the worst use practice may actually be implemented. The reason for this lab is to give you an understanding of how cryptography can be properly and improperly used and how changes in technology may serve to weaken trusted cryptographic applications.

Best Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA-1 algorithms are put to good and proper use. Start by stating what the algorithm does and give a use case where either MD5 or SHA-1 has a best fit condition. It is generally about 5– 10 sentences. Ethical Hacking of MD5: Copy the following text into your lab document and fill in the blanks.


MD5 Hash 1: 4eefef62c45d66f55d89c515d8352c5c Input was: _____ MD5 Hash 2: 5f4dcc3b5aa765d61d8327deb882cf99 Input was: _____ MD5 Hash 3: d6a6bc0db10694a2d90e3a69648f3a03 Input was: _____

Worst Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA-1 algorithms are put to poor or improper use. Start by stating what improper assumptions were made and how it did (or could) lead to a security compromise. It is generally about 5– 10 sentences. Citations and Resources Used in This Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct.

============================================== SEC 572 Week 4 iLab Intrusion Detection Systems

For more course tutorials visit uophelp.com is now newtonhelp.com


www.newtonhelp.com

Please check the Details Below SEC 572 Week 4 iLab Intrusion Detection Systems

Lab Document Framework The Target Network: Indicate the type of activities and data that it supports in a few sentences. For example, it is the website for an educational institution that holds personal academic and financial information, or it is the network used to control devices in a chemical plant. Use your imagination, but select something that is real and meaningful to you. The Protection System: Select one from the presented list (Step 2), or choose your own protection technology, if it is highly relevant. The Body of the Management Briefing Document: See the guidance in Step 3. It is generally about 4 to 10 paragraphs. Citations and Resources Used in this Report: Tell us where you received external guidance and ideas. If you have presented


original ideas, then give yourself credit, and tell us why you believe it is correct. Step 1 Broadly outline the target network. Indicate the type of activities and data that it supports in a few sentences. Step 2 Select the protection system. Choose from one of the following. Intrusion detection system (IDS) Intrusion protection system (IPS) Research honeypot Active honeypot Offensive honeypot Step 3 Create a management briefing document that will inform senior decision makers about their options, vendors, products, relevant examples, and issues associated with your selected protection (from Step 2). If cost can be identified, then please include that information as well. It is generally about 4 to 10 paragraphs.


In this lab, you will explore at least one IDS, IPS, or Honeypot currently offered by product vendors and cloud service providers. You will be making a security recommendation, related to the protection of a target network of your choice. There are a few different paths you may take in this lab, so let's address some of the distinguishing features and definitions that are out there. IDS and IPS Overview An intrusion detection system (IDS) generally detects and logs known intrusions or anomalous network activity. Generally, no real-time protection actually occurs, therefore false-positives create little or no damage. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot. An intrusion protection system (IPS) generally detects, logs, and then blocks known intrusions or anomalous network activity. False-positives are an issue and will result in a self-inflicted denial of service condition. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot. Honeypot Overview Honeypots come in several broad categories. The most common labels we apply to them are research honeypots, active honeypots, and offensive honeypots. They are designed to do what their label suggests, and here is a brief summary.


Note: Seek qualified legal advice before deploying any type of honeypot. Research honeypots generally collect and analyze data about the attacks against a decoy-network. They can also route the attacker to new decoy-networks, to gather more details about the potential attacks. The data gathered are used to understand the attacks and strengthen the potential target networks. Active honeypots have many of the features found in a research honeypot, but they also hold special content that, once taken by the attackers, can be used as evidence by investigators and law enforcement. For example, active honeypots may have database servers containing a fake bank account or credit card information. Offensive honeypots are configured with many of the features of the active honeypots, with one interesting and dangerous addition: they are designed to damage the attacker. When used outside of your own network, this type of honeypot can result in vigilantism, attacks against false-targets, and may result in criminal charges against the honeypot operators. Offensive honeypots are not recommended for non-law-enforcement organizations. However, when used fully within your own network, this technique can detect and neutralize the attacker. Any of the above services can be implemented on a privately managed network, or through a cloud service. The selection of


one platform over another will generally determine where the specific protection occurs—on your network or in the cloud.

The reason for this lab is to give you an understanding of how special network technology can be used as a security research tool, while also providing varying degrees of protection.

Each section will vary in size based on the requirements. Drive yourself to create a useful document for the direction you have selected.

============================================== SEC 572 Week 5 iLab VPN

For more course tutorials visit uophelp.com is now newtonhelp.com www.newtonhelp.com

Please check the Details Below SEC 572 Week 5 iLab VPN


Lab Document Framework • Potentially Acceptable VPN Solution:State the general characteristics of one solution that meets the security and user requirements. Name the vendor(s) and VPN services. It is generally about 3 sentences. • VPN Solution Overview:Outline the technical functionality and customer requirements of your first choice for a VPN service. This may take the form of a feature chart that is mapped to the requirements. Include any special conditions, limitations, or exceptions that exist. It is generally about 2 pages. • Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your VPN solution. It is generally about 2 pages. • Citations and Resources Used in this Report:Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit and tell us why you believe it is correct.

============================================== SEC 572 Week 6 iLab

For more course tutorials visit uophelp.com is now newtonhelp.com


www.newtonhelp.com

Please check the Details Below SEC 572 iLab 6 Lab Document Framework • Requirements and Policies of the Secure Wireless Network:State the requirements and general security policies that will drive your design of a secure wireless network at the SOHO. It should be about 5–10 sentences or bullet points. • Secure Wireless Network Solution Overview:Outline the technical functionality and customer requirements of your secure wireless network. Tell us what the design can do. Include any special conditions, limitations, or exceptions that exist. It should be about 5–10 sentences or bullet points. • Secure Wireless Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your secure wireless network design. It should be about two pages. • Citations and Resources Used in This Report:Tell us where you received external guidance and ideas. If you have presented original ideas, give yourself credit, and tell us why you believe it is correct.


During Week 2, you should have completed iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines. In this lab, you will explore, select, and justify the selection of a secure wireless network for that (iLab 2) SOHO environment. You shall actually identify the hardware and software needed to support the network security policies and user requirements. The reason for this lab is to allow you to experience the wireless network technology selection process while working with a typical set of requirements and the current industry offerings. Basic Wireless Network Requirements and Assumptions Consult your iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines for a foundation to your design requirements. Create your own user requirements that are reasonable and typical for a SOHO.

==============================================


SEC 572 A Guide to career/newtonhelp.com  

For more course tutorials visit uophelp.com is now newtonhelp.com www.newtonhelp.com Please check the Details Below SEC 572 Week 1 iLab De...

SEC 572 A Guide to career/newtonhelp.com  

For more course tutorials visit uophelp.com is now newtonhelp.com www.newtonhelp.com Please check the Details Below SEC 572 Week 1 iLab De...

Advertisement