IS Security and Risk Management
Added on 2023-01-17
13 Pages3368 Words81 Views
Professional Development
|
|
|
Running head: IS SECURITY AND RISK MANAGEMENT
IS SECURITY AND RISK MANAGEMENT
Name of the Student
Name of the Organization
Author Note
IS SECURITY AND RISK MANAGEMENT
Name of the Student
Name of the Organization
Author Note
IS SECURITY AND RISK MANAGEMENT1
Task 1
Answer to (1)
It has been well known that several devices of network are hugely vulnerable and can be
highly exposed. It has been noticed that there are two different kinds of threats which are being
faced against all the network routers or rather all the switches of First Focus. The two kinds of
threats are SYNful Knock and attacks of Denial of Service.
It has been observed that a particular attack named SYNful knock has been disclosed
recently. The SYNful Knock has been seen to be currently changing the operating systems image
of the router and this has been allowing several attackers for gaining a specific foothold on the
network of the victim. This kind of malware can be both updated as well as customized when
embedded (Johansson 2016). Whenever the malicious image which is uploaded is changed, it
then provides with a specific backdoor into the network of the victim. By utilising a packet of
TCP SYN which is crafted, a type of channel of communication has been established in between
the device which has been compromised, the server of control and the malicious command
(Swinkels et al. 2015). The huge impact of this specific infection to a particular network or rather
a device is very much severe and indicated most likely that there may be an extra backdoors or
rather several devices which are compromised upon the network. This particular foothold will be
giving any particular attacker with the capability of manoeuvring as well as infecting all other
hosts and accessing all the data which are sensitive.
Attacks of DoS are among those attacks which are the easiest to understand (Edge and
Wachter 2015). They are mainly seen to be working upon the particular principle of making
networking devices like routers very much busy that they are not capable of performing their
Task 1
Answer to (1)
It has been well known that several devices of network are hugely vulnerable and can be
highly exposed. It has been noticed that there are two different kinds of threats which are being
faced against all the network routers or rather all the switches of First Focus. The two kinds of
threats are SYNful Knock and attacks of Denial of Service.
It has been observed that a particular attack named SYNful knock has been disclosed
recently. The SYNful Knock has been seen to be currently changing the operating systems image
of the router and this has been allowing several attackers for gaining a specific foothold on the
network of the victim. This kind of malware can be both updated as well as customized when
embedded (Johansson 2016). Whenever the malicious image which is uploaded is changed, it
then provides with a specific backdoor into the network of the victim. By utilising a packet of
TCP SYN which is crafted, a type of channel of communication has been established in between
the device which has been compromised, the server of control and the malicious command
(Swinkels et al. 2015). The huge impact of this specific infection to a particular network or rather
a device is very much severe and indicated most likely that there may be an extra backdoors or
rather several devices which are compromised upon the network. This particular foothold will be
giving any particular attacker with the capability of manoeuvring as well as infecting all other
hosts and accessing all the data which are sensitive.
Attacks of DoS are among those attacks which are the easiest to understand (Edge and
Wachter 2015). They are mainly seen to be working upon the particular principle of making
networking devices like routers very much busy that they are not capable of performing their
IS SECURITY AND RISK MANAGEMENT2
respective jobs. Networking devices like the routers or switches within First Focus are seen to
have been possessing with a certain capacity level that they are capable of using whenever
connected. A successful DoS attack is seen to have been happening whenever the ability of all
the routers or the switches to perform has been hindered or prevented. The simple attack of DoS
has been known to be performed by a single networked device belonging to the third party by
focusing all of the available capacity of the network onto some other device which is networked
possessing less capacity (Lipstone 2014). First Focus is seen to have a huge amount of capacity
which is networked a type of attack from a single device which is networked is not putting a dent
in that particular capacity. Due to all such attacks of DoS, instead of utilising own networking
device for sending traffic, the hacker or attacker is seen to have been taking control of the entire
group of all the networked devices like routers which are exploited which is mainly it mainly
utilises for performing the task. Such an attack is seen to be costing First Focus both huge money
as well as time whenever all the services become inaccessible.
Answer to (2)
There are mainly two kinds of network security devices which can be utilised for
controlling security as well as mitigating several threats related to all the web and the email
servers. A WAF or rather Web Application Firewall is particularly one which helps a lot in
protecting several applications of web by directly filtering as well as monitoring the traffic of
HTTP in between an application of web and the internet (Thomas et al. 2016). It is capable of
typically protecting several applications of web from several attacks like cross-site forgery,
inclusion of file and injection of SQL among several others. A particular Web Application
Firewall is mainly a 7 defense layer of protocol and it is not at all designed for defending against
several types of attacks. This particular method of the mitigation of attack is mainly a part of a
respective jobs. Networking devices like the routers or switches within First Focus are seen to
have been possessing with a certain capacity level that they are capable of using whenever
connected. A successful DoS attack is seen to have been happening whenever the ability of all
the routers or the switches to perform has been hindered or prevented. The simple attack of DoS
has been known to be performed by a single networked device belonging to the third party by
focusing all of the available capacity of the network onto some other device which is networked
possessing less capacity (Lipstone 2014). First Focus is seen to have a huge amount of capacity
which is networked a type of attack from a single device which is networked is not putting a dent
in that particular capacity. Due to all such attacks of DoS, instead of utilising own networking
device for sending traffic, the hacker or attacker is seen to have been taking control of the entire
group of all the networked devices like routers which are exploited which is mainly it mainly
utilises for performing the task. Such an attack is seen to be costing First Focus both huge money
as well as time whenever all the services become inaccessible.
Answer to (2)
There are mainly two kinds of network security devices which can be utilised for
controlling security as well as mitigating several threats related to all the web and the email
servers. A WAF or rather Web Application Firewall is particularly one which helps a lot in
protecting several applications of web by directly filtering as well as monitoring the traffic of
HTTP in between an application of web and the internet (Thomas et al. 2016). It is capable of
typically protecting several applications of web from several attacks like cross-site forgery,
inclusion of file and injection of SQL among several others. A particular Web Application
Firewall is mainly a 7 defense layer of protocol and it is not at all designed for defending against
several types of attacks. This particular method of the mitigation of attack is mainly a part of a
IS SECURITY AND RISK MANAGEMENT3
particular suite of tools which is capable of creating a defense mainly a holistic one against a
huge range of several vectors of attacks. With the help of the deployment of a particular WAF in
front of the application of web, a kind of shield is seen to have been placed in between the
internet and the application of web. While a particular proxy server is capable of protecting the
identity of the machine of the client by utilising a particular intermediary, a WAF is a kind of
reverse proxy which is mainly capable of protecting the server from any kind of exposure by
possessing several clients pass through the Web Application Firewall before the server is finally
reached.
On the other hand, Edge Transport Sever is a particular type of server for all the several
external mail which are both incoming as well as outgoing (Wang, Xu and Gu 2015). This
particular server is capable of working in a great manner for several companies with a specific
infrastructure of network which has been divided into an internet network which is totally
protected and also a perimeter or rather a zone which is demilitarized. This particular Edge
Transport Server is seen to be located within the particular zone which is mainly demilitarized
while the Mail box is seen to be situated within the particular network which is private. The Edge
Transport Sever is also capable of providing an extra or additional defense layer for any kind of
messages (Yabusaki and Matsubara 2014). With the help of such a way, the server of mail will
be highly experiencing very few attacks which are external. Actually Edge Transport Servers are
specifically designed for sitting on a network of perimeter for properly sanitizing the mail of
SMTP both in and out of the organization. Since the ISA Server 2006 is seen to be typically
utilised as a firewall belonging to the back end with some other firewall at the perimeter’s front
end, the particular server of ISA is seen to be sitting in between the Edge server and the Local
Area Network which is mainly internal. But the Edge Transport is totally optional during the
particular suite of tools which is capable of creating a defense mainly a holistic one against a
huge range of several vectors of attacks. With the help of the deployment of a particular WAF in
front of the application of web, a kind of shield is seen to have been placed in between the
internet and the application of web. While a particular proxy server is capable of protecting the
identity of the machine of the client by utilising a particular intermediary, a WAF is a kind of
reverse proxy which is mainly capable of protecting the server from any kind of exposure by
possessing several clients pass through the Web Application Firewall before the server is finally
reached.
On the other hand, Edge Transport Sever is a particular type of server for all the several
external mail which are both incoming as well as outgoing (Wang, Xu and Gu 2015). This
particular server is capable of working in a great manner for several companies with a specific
infrastructure of network which has been divided into an internet network which is totally
protected and also a perimeter or rather a zone which is demilitarized. This particular Edge
Transport Server is seen to be located within the particular zone which is mainly demilitarized
while the Mail box is seen to be situated within the particular network which is private. The Edge
Transport Sever is also capable of providing an extra or additional defense layer for any kind of
messages (Yabusaki and Matsubara 2014). With the help of such a way, the server of mail will
be highly experiencing very few attacks which are external. Actually Edge Transport Servers are
specifically designed for sitting on a network of perimeter for properly sanitizing the mail of
SMTP both in and out of the organization. Since the ISA Server 2006 is seen to be typically
utilised as a firewall belonging to the back end with some other firewall at the perimeter’s front
end, the particular server of ISA is seen to be sitting in between the Edge server and the Local
Area Network which is mainly internal. But the Edge Transport is totally optional during the
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
An Active Defense Mechanism for TCP SYN flooding attackslg...
|6
|3528
|82
The Shellshock Vulnerability- Doclg...
|7
|1825
|99
Wireless Technology Securitylg...
|20
|4914
|323
Cyber Security: Attacks and Mitigation Techniqueslg...
|11
|2291
|301
Speaking Cyber With Reference to Security Theorieslg...
|25
|4562
|16
IS security and Risk Managementlg...
|16
|4607
|284