Please provide the following information in its entirety Network Security write
ID: 3830914 • Letter: P
Question
Please provide the following information in its entirety
Network Security
write a paper regarding the development of an efficient approach to network security within the project organization. Be sure to cover the following topics:
1.Analyze attack types specific to network security.
2.Describe tools and controls that are available to mitigate risks to network security.
3.Evaluate a request to implement IPSec.
4.Develop recommendations related to a request to implement IPSec.
5.Document a position on regulating encryption use by international governments.
references and citations.
Explanation / Answer
1)
Networks and data are vulnerable to any of the following types of attacks if you do not have a security plan in place.
a)Eavesdropping
the majority of network communications occur in an unsecured or "cleartext" format, which allows an attacker who has gained access to data paths in your network to "listen in" or interpret (read) the traffic. When an attacker is eavesdropping on your communications, it is referred to as sniffing or snooping. The ability of an eavesdropper to monitor the network is generally the biggest security problem that administrators face in an enterprise. Without strong encryption services that are based on cryptography, your data can be read by others as it traverses the network.
b) Data Modification
After an attacker has read your data, the next logical step is to alter it. An attacker can modify the data in the packet without the knowledge of the sender or receiver. Even if you do not require confidentiality for all communications, you do not want any of your messages to be modified in transit. For example, if you are exchanging purchase requisitions, you do not want the items, amounts, or billing information to be modified.
c) Password-Based Attacks
This means your access rights to a computer and network resources are determined by who you are, that is, your user name and your password.Older applications do not always protect identity information as it is passed through the network for validation. This might allow an eavesdropper to gain access to the network by posing as a valid user.When an attacker finds a valid user account, the attacker has the same rights as the real user. Therefore, if the user has administrator-level rights, the attacker also can create accounts for subsequent access at a later time.
d) Identity Spoofing (IP Address Spoofing)
Most networks and operating systems use the IP address of a computer to identify a valid entity. In certain cases, it is possible for an IP address to be falsely assumed— identity spoofing. An attacker might also use special programs to construct IP packets that appear to originate from valid addresses inside the corporate intranet.
e) Denial-of-Service Attack
Unlike a password-based attack, the denial-of-service attack prevents normal use of your computer or network by valid users.
After gaining access to your network, the attacker can do any of the following:
2)
Randomize the attention of your internal Information Systems staff so that they do not see the intrusion immediately, which allows the attacker to make more attacks during the diversion.
Send invalid data to applications or network services, which causes abnormal termination or behavior of the applications or services.
Flood a computer or the entire network with traffic until a shutdown occurs because of the overload.
Block traffic, which results in a loss of access to network resources by authorized users
Sometimes clients ask to build custom plugins to facilitate additional functionality they need. They also have us to maintain those sites once they’re built. 90% of these web apps are public facing, where customers login to create small profiles and then connect socially with other individuals. Whether you’re building your own site, or having a developer build one for you, we recommend the following IT security best practices:
4)
The proper method depends on what type of systems make up your network.I will assume that you have all Windows 2000 and Windows 2003 servers with workstations running a wide variety of operating systems.
That way every machine capable of running IPSec would request IPSec encryption for every session.he Server policy offers no guarantees. If a computer refuses to use IPSec encryption then the session will be unencrypted. It would be nice to have some guarantees.
The procedure for creating such policies is fairly straight forward. The Active Directory already has container objects for servers, domain controllers and computers. Simply create two different group policy objects, one based on the Secure Server policy and one based on the Server policy. The group policy object based on the Server policy can be applied to the computer container without modification.
3)
Create a custom MMC console
From the Windows desktop, click Start, click Run, and in the Open textbox type mmc. Click OK.
On the Consolemenu, click Add/Remove Snap-in.
In the Add/Remove Snap-in dialog box, click Add.
In the Add Standalone Snap-in dialog box, click Computer Management, and then click Add.
Verify that Local Computer is selected, and click Finish.
In the Add Standalone Snap-in dialog box, click Group Policy, and then click Add.
Verify that Local Computer is selected in the Group Policy Object dialog box, and click Finish.
In the Add Standalone Snap-in dialog box, click Certificates, and then click Add.
Select Computer Account, and click Next.
Verify that Local Computer is selected, and click Finish.
To close the Add Standalone Snap-in dialog box, click Close.
To close the Add/Remove Snap-in dialog box, click OK.
Enabling Audit Policy for Your Computer
o enable audit policy
In the MMC console, select Local Computer Policy from the left pane and click + to expand the tree. Navigate to Computer Configuration, to Windows Settings, to Security Settings, then to Local Policies, and select Audit Policy
From the list of Attributes displayed in the right pane, double-click Audit Logon Events. The Audit Logon Events dialog box appears.
In the Audit Logon Events dialog box, click to select both the Audit these attempts: Success and Failed check boxes, and click OK.
Repeat steps 2 and 3 for the Audit Object Access attribute.
Configuring the IP Security Monitor
To monitor the successful security connections that the IPSec policy will create, use the IP Security Monitor tool. Before creating any policies, first start and configure the tool.
To start and configure the IP Security Monitor
To start the IP Security Monitor tool, click Start, click Run, and type ipsecmon into the Open text box. Click OK.
Click Options in the IP Security Monitor tool, and change the default value for Refresh Seconds from 15 to 1. Click OK.
Minimize the IP Security Monitor window.
To create an IPSec Policy
5)
As information technology products and services begin to account for larger shares of international trade, and as companies engaging in foreign direct investment begin to focus more on high-technology areas with attendant risks to intellectual property, the importance of information security will continue to grow. A key component of any robust information security system is cryptography. Cryptography allows for the protection of sensitive information, either in storage or in communication, and is a necessary feature of any secure e-commerce or electronic communication system (including secure email and voice communication). In the United States, there are few restrictions on the use of cryptography. When operating overseas, however, companies must grapple with a bewildering array of regulations and restrictions on the use of cryptography. Some countries restrict the import or export of cryptographic technology, others restrict the import of encrypted data, and still others restrict or prohibit the use of encryption within their borders. These regulations create immense difficulties for firms attempting to operate overseas, especially where prohibitions on the use of encryption force them to put their intellectual property at risk of compromise. Furthermore, the United States places restrictions on the export of encryption technology, and these restrictions can place companies operating overseas at risk of severe penalties if cryptography systems are exported to prohibited countries or entities. With the meteoric rise of the Internet and e-commerce in the 1990s came great attention to the problems and opportunities associated with cryptography. Throughout that decade, the United States and many foreign countries debated and experimented with various forms of cryptography regulation, and attempts were made at international harmonization. Since then, however, policy-making activity around cryptography has slowed, if not halted altogether, leaving individuals and companies to face a bewildering array of regulations—or, in many cases, to face regulations that are extraordinarily unclear and haphazardly applied.
Using HQ-RES-WRK-01, in the left pane of the MMC Console, right-click IP Security Policies on Local Machine, and then click Create IP Security Policy. The IP Security Policy Wizard appears.
Click Next.
Type Partner as the name of your policy, and click Next.
Clear the Activate the default response rule check box, and then click Next.
Make sure the Edit Properties check box is selected (it is by default), and then click Finish.
In the Properties dialog box for the policy you have just created, ensure that Use Add Wizard check box in the lower-right corner is selected, and then click Add to start the Security Rule Wizard.
Click Next to proceed through the Security Rule Wizard, which you started at the end of the previous section.
Select This rule does not specify a tunnel, (selected by default) and then click Next.
Select the radio button for All network connections, (selected by default) and click Next.
Related Questions
drjack9650@gmail.com
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.