Wireless and BYOD Security Plan
Added on 2022-10-12
22 Pages4308 Words96 Views
|
|
|
COMPUTER INFORMATION SYSTEM
STUDENT NAME
PROFESSOR’S NAME
DATE
STUDENT NAME
PROFESSOR’S NAME
DATE
![Wireless and BYOD Security Plan_1](/_next/image/?url=https%3A%2F%2Fdesklib.com%2Fmedia%2Fimages%2Fwz%2Feaf8f89f03314ffb8575448014936294.jpg&w=3840&q=10)
Executive Summary
The attacks which comes with BYOD is both passive and active attacks.The passive
attacks are the attacks whereby the person who is not authorized monitors the communication
which takes place in the WLAN. The passive attacker doesn’t alter, generate or rather disrupt the
Wireless Local Area Network Connection. In the passive attacks, it is also categorized into two
type which includes the following, (“NIST Special Publication 800-94, Guide to Intrusion
Detection and Prevention Systems”, n.d);
Eavesdropping: this is the attacker that monitors the data which is being transmitted over
the WLAN in order to get the content of the message.
Traffic Analysis: This is where the attacker just creates an intelligent platform of
monitoring the pattern at which the transmission over the WLAN is done
The active attacks are where the person who is not authorized alters, generates and disrupt
the communication over the WLAN network. In the active security threats, the following are its
sub categories;
Masquerading: this is where the attacker will impersonate as the authorized user of the
system in order to gain access to the privileges which are not authorized.
Replay: This is where the attackers’ monitors data transmission and in turn retransmits the
same data as legitimate user in the network.
Message modification: this is where the attacker recreates the original message by either
adding, changing, editing or deleting the message which was original.
The attacks which comes with BYOD is both passive and active attacks.The passive
attacks are the attacks whereby the person who is not authorized monitors the communication
which takes place in the WLAN. The passive attacker doesn’t alter, generate or rather disrupt the
Wireless Local Area Network Connection. In the passive attacks, it is also categorized into two
type which includes the following, (“NIST Special Publication 800-94, Guide to Intrusion
Detection and Prevention Systems”, n.d);
Eavesdropping: this is the attacker that monitors the data which is being transmitted over
the WLAN in order to get the content of the message.
Traffic Analysis: This is where the attacker just creates an intelligent platform of
monitoring the pattern at which the transmission over the WLAN is done
The active attacks are where the person who is not authorized alters, generates and disrupt
the communication over the WLAN network. In the active security threats, the following are its
sub categories;
Masquerading: this is where the attacker will impersonate as the authorized user of the
system in order to gain access to the privileges which are not authorized.
Replay: This is where the attackers’ monitors data transmission and in turn retransmits the
same data as legitimate user in the network.
Message modification: this is where the attacker recreates the original message by either
adding, changing, editing or deleting the message which was original.
![Wireless and BYOD Security Plan_2](/_next/image/?url=https%3A%2F%2Fdesklib.com%2Fmedia%2Fimages%2Fzg%2F432ad36473e84e93a6a7b0f0a574b874.jpg&w=3840&q=10)
Table of Contents
Executive Summary......................................................................................................... 2
Introduction................................................................................................................... 5
Wireless and BYOD Security Plan...................................................................................... 5
Threats of Rogue Access Points............................................................................... 5
Detecting Rogue and authorized Access Points......................................................5
Cyber Kill Chain........................................................................................................ 5
Tracking Suspicious behavior............................................................................................ 6
How to track location of company asset..................................................................6
Identity Theft and MAC Spoofing in workplace.........................................................7
How to prevent Identity Theft and MAC spoofing.....................................................7
Legal issues for the investigation action..................................................................8
Pre- investigation..................................................................................................... 8
Authorization............................................................................................................ 8
Continuous Improvement Plan........................................................................................ 10
Wired Equivalent Privacy (WEP)............................................................................. 10
Wi- Fi Protected Access Network............................................................................10
Remote Configuration Management................................................................................. 14
Removing unauthorized person from the network.................................................14
Employee Misconduct.................................................................................................... 16
Ad Hoc wireless network........................................................................................ 16
Ad Hoc Threats and Vulnerability to the company.................................................17
Ad hoc threats prevention...................................................................................... 17
Self-configuring dynamic networks on open access architecture..........................18
SSID....................................................................................................................... 19
Conclusion................................................................................................................... 20
References............................................................................................................. 21
Table Of Figures
Executive Summary......................................................................................................... 2
Introduction................................................................................................................... 5
Wireless and BYOD Security Plan...................................................................................... 5
Threats of Rogue Access Points............................................................................... 5
Detecting Rogue and authorized Access Points......................................................5
Cyber Kill Chain........................................................................................................ 5
Tracking Suspicious behavior............................................................................................ 6
How to track location of company asset..................................................................6
Identity Theft and MAC Spoofing in workplace.........................................................7
How to prevent Identity Theft and MAC spoofing.....................................................7
Legal issues for the investigation action..................................................................8
Pre- investigation..................................................................................................... 8
Authorization............................................................................................................ 8
Continuous Improvement Plan........................................................................................ 10
Wired Equivalent Privacy (WEP)............................................................................. 10
Wi- Fi Protected Access Network............................................................................10
Remote Configuration Management................................................................................. 14
Removing unauthorized person from the network.................................................14
Employee Misconduct.................................................................................................... 16
Ad Hoc wireless network........................................................................................ 16
Ad Hoc Threats and Vulnerability to the company.................................................17
Ad hoc threats prevention...................................................................................... 17
Self-configuring dynamic networks on open access architecture..........................18
SSID....................................................................................................................... 19
Conclusion................................................................................................................... 20
References............................................................................................................. 21
Table Of Figures
![Wireless and BYOD Security Plan_3](/_next/image/?url=https%3A%2F%2Fdesklib.com%2Fmedia%2Fimages%2Ffr%2F54b5d376a74d446ea07b5ab2f05b01c0.jpg&w=3840&q=10)
Figure 1: Cyber Kill Chain.................................................................................................. 6
Figure 2: Ad Hoc Network diagram..................................................................................... 16
Figure 3: SSID Name...................................................................................................... 19
Figure 4: SSID enabling and disabling................................................................................. 20
Figure 2: Ad Hoc Network diagram..................................................................................... 16
Figure 3: SSID Name...................................................................................................... 19
Figure 4: SSID enabling and disabling................................................................................. 20
![Wireless and BYOD Security Plan_4](/_next/image/?url=https%3A%2F%2Fdesklib.com%2Fmedia%2Fimages%2Fil%2F206f6e0051ab41db88dc0c651997a4e1.jpg&w=3840&q=10)
Introduction
The Bring Your Own Device has come with a lot of security threats as each employee in a
company make connection using their own devices.
Wireless and BYOD Security Plan
Threats of Rogue Access Points
Rogue access points are the wireless network which has been set by the attacker with core
intentions of having unauthorized access to the main network. Rogue access point in the company
it regarded as the silent killer of the security in the company premise. The access point opens a
platform for unauthorized parties to gain access to the network system of the company. The
attacker is able of runner different type of the vulnerability scanners which enables them to attack
the system remotely without being inside the company premise (Beyah & Venkataraman, 2011).
Detecting Rogue and authorized Access Points
Rogue networks can be detected by the use of the netstumbler software where the admin
will run the software on the laptop in order to detect all the wireless networks which are available
in the broadcasting area. The software has the GPS integration which identifies the location
where the rogue access point is coming from. This is the most common way of detecting the
rogue Access Points (Beyah & Venkataraman, 2011).
Authorized access point have got identified names when the scanner is done, all the
networks will be listed and the admin will be able to know the rogue and the right access points.
The Bring Your Own Device has come with a lot of security threats as each employee in a
company make connection using their own devices.
Wireless and BYOD Security Plan
Threats of Rogue Access Points
Rogue access points are the wireless network which has been set by the attacker with core
intentions of having unauthorized access to the main network. Rogue access point in the company
it regarded as the silent killer of the security in the company premise. The access point opens a
platform for unauthorized parties to gain access to the network system of the company. The
attacker is able of runner different type of the vulnerability scanners which enables them to attack
the system remotely without being inside the company premise (Beyah & Venkataraman, 2011).
Detecting Rogue and authorized Access Points
Rogue networks can be detected by the use of the netstumbler software where the admin
will run the software on the laptop in order to detect all the wireless networks which are available
in the broadcasting area. The software has the GPS integration which identifies the location
where the rogue access point is coming from. This is the most common way of detecting the
rogue Access Points (Beyah & Venkataraman, 2011).
Authorized access point have got identified names when the scanner is done, all the
networks will be listed and the admin will be able to know the rogue and the right access points.
![Wireless and BYOD Security Plan_5](/_next/image/?url=https%3A%2F%2Fdesklib.com%2Fmedia%2Fimages%2Fxa%2F1b2580ec1b74404c81769c7aa132e678.jpg&w=3840&q=10)
Cyber Kill Chain
This is described by the below diagram.
Figure 1: Cyber Kill Chain
The response time can be improved using the cyber kill chain since through the kill chain,
it is possible to detect the cyber attack at its initial stage all through the exfiltration stage hence
helping us knowing more about the combat ransomware as well as security breaches.
Tracking Suspicious behavior
In this scenario where the employee of the company is suspected of transacting suspicious
business over the internet
How to track location of company asset.
Tracking asset involves the whole process of tracking the physical assets of the company
by using of different techniques and tool. Some of the tools which can be used for the tracking of
the company assets includes the barcode scanning, using the RFID technique, Using BLE for
scanning and many other methods that broadcast the location of the assets.
This is described by the below diagram.
Figure 1: Cyber Kill Chain
The response time can be improved using the cyber kill chain since through the kill chain,
it is possible to detect the cyber attack at its initial stage all through the exfiltration stage hence
helping us knowing more about the combat ransomware as well as security breaches.
Tracking Suspicious behavior
In this scenario where the employee of the company is suspected of transacting suspicious
business over the internet
How to track location of company asset.
Tracking asset involves the whole process of tracking the physical assets of the company
by using of different techniques and tool. Some of the tools which can be used for the tracking of
the company assets includes the barcode scanning, using the RFID technique, Using BLE for
scanning and many other methods that broadcast the location of the assets.
![Wireless and BYOD Security Plan_6](/_next/image/?url=https%3A%2F%2Fdesklib.com%2Fmedia%2Fimages%2Fbu%2F77e6885c8eea431683b890a59fcd74a5.jpg&w=3840&q=10)
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Wireless Network Vulnerabilities and Security Measures - Deskliblg...
|7
|1988
|258
Wireless Network Security and Preventive Techniqueslg...
|10
|2595
|348
Wireless Networking Assignment - (Power Point Presentation)lg...
|14
|1583
|77
Wireless Network Security: Challenges and Prevention Methodslg...
|12
|2771
|266
Wireless Network Securitylg...
|12
|3480
|114
Home Network Vulnerabilitieslg...
|5
|858
|297