Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

1- Suppose you are a systems analyst developing a detailed test plan. Explain te

ID: 3670989 • Letter: 1

Question

1- Suppose you are a systems analyst developing a detailed test plan. Explain testing strategies you will use in your plan.

Will you use live or simulated data?

2-What are the most important security issues facing companies today? Have these changed in the last five years. How should companies prepare themselves for security threats and problems in the future?

1- Suppose you are a systems analyst developing a detailed test plan. Explain testing strategies you will use in your plan.

Will you use live or simulated data?

2-What are the most important security issues facing companies today? Have these changed in the last five years. How should companies prepare themselves for security threats and problems in the future?

Explanation / Answer

Advantages of VPN

The advantages of having IP VPN are found primarily in cost savings and security. IP VPNs are easy to use and support rapid VPN deployment. IP VPNs are scalable, that is, IP VPNs has the capability to handle dramatic traffic fluctuations and add new users. IP VPN servers provide a hardware upgrade path to increase capacity and scalability. The placement of a VPN gateway in relation to firewalls, routers, and extranet/intranet connections directly affects the level of scalability, manageability and security it offers.

Performance gets improved, but it heavily depends on packet size, encryption algorithm, number of concurrent connections, packet loss and operating system. Performance also relies on the size of CPUs, as security functions such as encryption are processor-intensive.

IP VPN supports centralized, policy-based management from a single point of administration, which ensures that remote clients and firewalls are installed and configured properly. Also Client hosts using the VPN connection to access the corporate network are being protected against attacks.

Others include flexible communications and simplified network design. An IP VPN server eliminates long distance charges for dialing directly into the corporate network and government network allowing low-cost access to business-critical applications. It provides a secure link between remote workers and branch offices or external parties over the Internet, allowing companies to deploy core applications across global networks. The primary applications of a VPN are remote access, site-to-site connectivity and extranets.

Summary on IP VPNs

For IP VPNs to flourish, there arises a strong need for appropriate tools and technologies. For example, tools such as bandwidth managers, traffic shapers, content network delivery and caching schemes to cope with network bottlenecks are urgently needed. Cost is by far the biggest reason that companies are using a service provider’s IP VPN. IP VPN solution providers are moving to offer additional security solutions such as IPsec, intrusion detection and key management.

VPN solutions now have the ability to simplify the corporate network and make it more effective part of a company’s business. VPNs today are about enabling leading business practices and managing policy relationships between enterprises, their associates, partners and customers.

Since most can not stop an attack, IDS should not be considered a

Wireless Security

As world is becoming wireless, wireless communication devices and products are penetrating into every one’s daily life. Unauthorized users may be lurking on wireless local area network (WLAN). The enthusiasm for 802.11b wireless networking has been dampened by reports of vulnerabilities in the protocol’s WEP algorithm, an algorithm that is supposed to protect wireless communication from eavesdropping and unauthorized access. There are a number of potential security problems posed by WLANs such as eavesdropping, tampering with transmitted messages, defeating access control measures and denials of service. Though these security threats are looming around, wireless systems are becoming a hot commodity among businesses and consumers. This propels security experts to think about devising mechanisms and tools for WLAN security.

A wireless network uses radio waves to transmit data to every one within range. So special precautions need to be taken to ensure that those signals cannot be intercepted in their movement. WEP relies on a secret key that is shared between a mobile station and an access point. The secret key is used to encrypt packets before they are transmitted and an integrity check is used to ensure that packets are not modified in transit. However, it becomes easier for hackers to break into wireless systems by using off-the-shelf equipment and positioning themselves within transmitting range of a WLAN due to some potential flaws in WEP. As a result, the WLAN is susceptible for the following types of attacks:

Passive attacks to decrypt traffic based on statistical analysis

Active attacks to inject new traffic from unauthorized mobile stations based on known plain text

Active attacks to decrypt traffic based on tricking the access point

Dictionary-building attacks that, after an analysis of a day’s worth of traffic, allow real-time automated decryption of all traffic

Thus it is wise not to depend solely on WEP and to use other security mechanisms for enhancing WEP and WLAN security.

Here come a couple of security procedures to be followed when companies set up wireless LAN. The first one is wireless networks should be WEP-enabled due to the facts that WEP contains a encryption system and deploying wireless networks without any encryption brings out serious repercussions. The second step is to isolate the WLAN and enhance encryption. That is, after enabling WEP, we should also consider other security measures in order to compensate for its vulnerabilities.

There are two other security measures as follows. One is, we need to place our wireless network outside of the firewall and treat it just like we would treat the rest of Internet. That is, we have to recognize that it can’t be trusted and anything could happen on it and hence we should firewall it off from all of our sensitive corporate assets. The second suggestion is to use a virtual private network (VPN) for all traffic on the WLAN. The VPN will do its own end-to-end encryption on top of WEP. We can use such popular VPN protocols as PPTP and IPSec to accomplish this and finally set up a VPN server/router that connects the WLAN segment to our LAN segment.

There is one another alternative, but cheaper one. There is a signal encryption key that is configured identically for every one who is supposed to have access to the wireless network. Usually this key is set up once when the password is handed out and often stays the same for months or even years. The suggestion is that the wireless system should employ extensions to WEP that perform dynamic key changes and modify the wireless encryption key once every 10 minutes. Thus by changing the key once every 10 minutes, we may lose 10 minutes of data and changing the key frequently makes it hard to mount WEP attacks.

A number of new products are attempting to rally support by providing additional measures of security and control. Microsoft has thrown its considerable weight behind 802.11b. Microsoft has incorporated a host of wireless-related features to the Windows XP OS. These include new driver support and client association tools, but the most significant feature is the integration of the nascent 802.1x standard, a move toward user-authenticated network access control. As part of the 802.1x standard, the Windows XP client natively supports Extensible Authentication Protocol (EAP), which provides dynamic, session-specific wireless encryption keys, central user administration via specialized third party Remote Authentication Dial-in User service (RADIUS) servers, and mutual authentication between client and Access point (AP) and AP to RADIUS server.

As 802.11b authenticates the hardware, not the user, stolen laptops or forged media access control (MAC) addresses can be used to infiltrate the network. With EAP, the RADIUS server will authenticate the user, not just the hardware, providing a scalable, centrally managed authentication solution. Also, EAP’s dynamic WEP keys reduce the exposure of the same WEP key over multiple transmissions, reducing the risk of the latest cryptographic vulnerabilities.

Cisco also became a vendor for a wireless-ready RADIUS serve through its Cisco Secure Access Control Server. This can be used with Cisco’s proprietary Lightweight Extensible Authentication Protocol implementation and it already interoperates with 802.1x. Additionally, Funk Software is bringing its own wireless-ready solution, Steel-Belted RADIUS.

Another hurdle to corporate wireless networking is a lack of centralized management, making it difficult to implement and update a wireless security policy across the enterprise. Wavelink corp. has stepped into the void by releasing Mobile Manager 5.0, which centralizes the discovery, monitoring and configuration of access points across the network.

Securing Laptops

Laptops nowadays have become the handy and highly portable device for executives and other important people in enterprises. A stolen laptop can invalidate an enterprise’s effort to secure its infrastructure from external threats. Laptop computer theft, and the subsequent loss of sensitive data, has become the Achilles heel of any enterprise’ efforts to protect its intellectual property and the privacy of its clients and business partners. There are methods that allow a single user to encrypt files on laptops or desktops. However as the encryption methods are often flawed and the encrypted files cannot be recovered under worst-case scenarios, there arises a strong need for viable mechanisms that can protect the confidential and sensitive information stored on laptops.

Any enterprise with potentially sensitive information on laptop systems should protect those assets with a solution that prevents access to the operating system and applications as well as the data created by those applications. Typically, this solution involves selecting a vendor application that encrypts the entire hard drive or just files. Thus security managers tasked with developing and implementing enterprise-level policies and procedures for laptop protection have to think seriously about the following questions before embarking on choosing an viable vendor and his solution product.  

Related Questions

1- Pure software working on full population: For the given set of stock market d
Question #3398171
1- Pure software working on full population: For the given set of stock market d
Question #3773675
1- Rank each of the following sets of acids in order of increasing acid strength
Question #1030135
1- Rank the following compounds in order of increasing strength of intermolecula
Question #905123
1- Rather than use focus groups to test its branding and messaging, New Belgium
Question #371405
1- Read and state why no new products are being researched and developed. I want
Question #331481
1- Read the following siatuation:\" You are the assistant sales manager for Broa
Question #2595593
1- Regression analysis can be described as ________. A. a statistical hypothesis
Question #2948643

Navigate

Previous
1- Suppose the jumbo jet of mass 30000 kg flies against an air resistance of 850
Next
1- Suppose you are the manager of a shoe store. Your software team has been work

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.