Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Fully answer the following questions using complete sentences and proper English

ID: 3587875 • Letter: F

Question

Fully answer the following questions using complete sentences and proper English grammar, punctuation, and spelling.

Please include your name, class number, and assignment number on your paper.

1) Distinguish between EAP, TACACS+, and RADIUS in terms of functionality.

2) What wireless LAN security threats do 802.11i and WPA not address?

3) Provide at least three security measures for a Wide Area Network (WAN). How do they increase protection for the network? Provide at least 2 references.

4) Explain how an Intrusion Detection System (IDS) works on a network. Provide at least 1 additional reference

5) Could malware rename or change itself in order to get through a firewall? Is this possible? Justify your answer.

6) How does the use of border, internal, and host firewalls provide defense in depth?

Explanation / Answer

1) Distinguish between EAP, TACACS+, and RADIUS in terms of functionality.

- The entire contents of the packet body will be encrypted by TACACS+ And also by leaving simple TACACS+ header.

- For the potential attackers they can lisen the message exchange between two devices with help of TACACS+.

- The security things like authorization,creating account and authentication also implemented by the TACACS+.

- The integration with Cisco devices also done by the TACACS+

- TACACS+ supports multiple protocols in the network but not only the IP


- RADIUS is designed to perform AAA for dial-in modem users since long time.

- RADIUS send out authorization policy information when user dail access in server and the server verify the user and his authentication.

- The Latest RADIUS uses User Datagram Protocol ports 1812 which is used for authentication and The port 1813 which is used for the accounting and also for the communications.

- The ports 1645 which is also used for authentication and 1646 port for the accounting by the old RADIUS.

- RADIUS encrypted only the authentication information along the traffic path because security is not important considerations.

- The advantage of RADIUS is that its vendor agnostic and supported on almost all modern platforms.



2) What wireless LAN security threats do 802.11i and WPA not address?

- The 802.11i and WPA cannot protect the company personnels which as the rogue access point and if the 802.11i and WPA are implemented poorly then it will completely circumvent proper protections.

- We must know that the evil twin access point is one of the most serious threat in the wireless LAN security and 802.11i and WPA will not protect against man in the middle attacks.

3) Provide at least three security measures for a Wide Area Network (WAN). How do they increase protection for the network? Provide at least 2 references.

- If the companies are located in several continents and locations in that case the wide area network is a viable option in order to increase the productivity and also to increase the internal communications.

So there are many advantage by using the WAN in the large network and company:

- By using the WAN we can centralizes IT infrastructure and also the WAN eliminates the need to buy email or file servers for each office.

- By using the WAN we can increase the privacy Setting and we can also share the sensitive data and we can send the information over the Internet.

- By using the WAN we can increases the bandwidth of the network and it can form the backbone of their networks.

- By using the WAN we can cut the costs by eliminating rented expensive ISDN circuits for phone calls because the we can use the WAN.

- By using the WAN we can also eliminate the need for ISDN, WANs which help us to cut costs and increase profits in a wide variety of other ways.

4) Explain how an Intrusion Detection System (IDS) works on a network. Provide at least 1 additional reference

- The Intrusion detection systems are used to detect anomalies which is done the hackers and it will catch them before they do damage to our network.

- We are having two kinds of networks which are network based or host-based. The host based intrusion detection system is installed on the client computer When the network based intrusion detection system resides on the network.

- The intrusion detection systems work by look at the signatures of attacks or by deviations of activity.

- The deviations or anomalies are pushed up the stack and examined at the protocol and application layer.

- The intrusion detection systems can be very effective in detect things like Xmas tree scans, DNS poisonings, and other malformed packets.

- So a good network based intrusion detection systems is SNORT. It is free and will run on Linux and Windows computers.

- The best way to set up the intrusion detection systems by span a port and allow that port to capture all traffic that traverses that node of the network.

- We can Install the SNORT on our OS and connect it to that portion of the network with a receive only network cable once we configure our rules set.

5) Could malware rename or change itself in order to get through a firewall? Is this possible? Justify your answer.

- Yes..!! The malware can rename itself and this can be done by not makeing though the firewall.

- So it depends on the type of firewall and functionality of that firewall.

- If a firewall is set up to block Port 20 which is used for FTP and a user can tunnel the FTP session by using a different port.

- If suppose an application layer firewall is configured to block all Microsoft databases. A malware writer and change the database file extension to get through the firewall.

- So Finaly we can say that the firewall could have antivirus filtering capabilities or it can work with another AV appliance.

- So in this case the malware could make it through since the AV appliance would be looking for a specific signature

  

6) How does the use of border, internal, and host firewalls provide defense in depth?

The use of border, internal, and host firewalls provide defense in depth because if the main border firewall or an internal firewall has an ACL configuration error, individual hosts will be protected.

Related Questions

Full disclosure principle. Going concern assumption. Monetary unit assumption. T
Question #2493010
Full documentation here: http://cs.boisestate.edu/~cs121/projects/p4/ I don\'t k
Question #3731854
Full employment is A. the unemployment level when the normal friction in the eco
Question #1163675
Full explanation would be appreciated! ANOVA Ms cance F Regression Residual Tota
Question #2948169
Full moons are traditionally associated with temporal insomnia, insanity (hence
Question #3237981
Full moons are traditionally associated with temporal insomnia, insanity (hence
Question #3252709
Full name 2/14/2018 Test 2 4. (10 points) A 3 kg crate slides down a ramp. The r
Question #1580068
Full name 2/14/2018 Test 2 4. (10 points) A 3 kg crate slides down a ramp. The r
Question #1876482

Navigate

Previous
Fully answer each part of each question that follows. Be sure to give your reaso
Next
Fully answer the following questions using complete sentences and proper English

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.