Cloud Computing and Network Security

Verified

Added on 2020/05/11

AI Summary

This assignment delves into the concepts of cloud computing, highlighting its advantages and various deployment models like IaaS, PaaS, and SaaS. It compares popular network firewalls (Fortinet, Cisco, FireEye) based on their features and costs. The assignment also discusses key management practices encompassing generation, distribution, encryption, storage, monitoring, rotation, expiration, archival, and removal.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running Head: COMPUTER SECURITY AND OTHER ISSUES 1
Title: Computer Security and other issues
Name:
Institution:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

COMPUTER SECURITY AND OTHER ISSUES 2
Case Project 1-2 Attack Experiences
A friend described to me an instance when the bank he was working for was hit by a
cyber attack two years ago. The criminals posed as clients, who wanted to open a bank account.
They persuaded the accounts opening officer to plug in a disk drive in to his computer so that he
could download the clients documents and images. The flash disk was infected with a virus
which quickly spread to the other computers in the organization, attempting to hijack core
banking credentials and other information. The attack did not inflict any type of damage since
the IT department was fast in arresting its spread. At the same time, the bank was hesitant to
divulge any details because they feared it would affect the trust customers had in them.
The attack was mainly successful because the customer service agent was not following
the company policy regarding the use of disk drives, regardless of whether they were personal or
from third parties. The company could have blocked disk drive access from the computers to
further ensure that people who failed to follow policy did not hurt the company’s interests. The
computers which were affected by the attack were quarantined and taken off the network, as IT
auditors ascertained the extent of the spread. Thereafter, an antivirus capable of neutralizing the
threat was procured and applied on the infected computers, as well as the network. The security
system used by the company was also reviewed. Had the employee in question and other
received thorough training on the danger that such devices posed, it is likely that the attack could
have been prevented. The attack could also have been prevented through the use of software that
blocks disk drive access to the computer, requiring the customers to bring their documents in
hard copy or have photos taken at the bank.
Case Project 2-5: Ransomware Attacks

COMPUTER SECURITY AND OTHER ISSUES 3
The Wannacry, Petya and NotPetya ransomware attacks have recently hit the global
computer networks, affecting systems from Ukraine to the United States and Australia. The
attacks were able to get into the computer systems of government bodies and companies, lock
them and demand payment to reopen them or decrypt data they held. The payment demand was
in terms of bitcoins, to reduce the chances of being tracked down. The ransomware was highly
successful, at least in terms of how fast and wide they spread. It was aided in this by the fact that
it was highly sophisticated, the tools used to make it being stolen from the NSA. They used the
vulnerabilities found in Microsoft Windows to bypass security systems, and used emails as one
of the tools of spreading, making its pace fast and not easily detectable.
According to information released by Kaspersky after the third attack, NotPetya, all
companies were advised to update their security systems and operating systems. This was based
on the belief that vulnerabilities which had since been fixed (before the attack) were used to
hijack computers. Users were also warned not to open any emails they found suspicious while
reviewing their security setup frequently. The perpetrators of the attacks demanded a payment in
bitcoins be sent to them o that they could then give the victim a code to decrypt the files in their
computers. Kaspersky and other computer systems security companies soon issued decryption
tools to get rid of the ransomware. The decryption tool would roll back the effects of the
ransomware, though this is an extensive process owing to the complex nature of the attack itself.
Case Project 3-4: Zero-Day Attacks
The ransom ware described above – Wannacry, Petya and others can also qualify as
being zero-day attacks. The attacks were able to find vulnerabilities in Windows operating
systems, which had not been patched before. The vulnerabilities were discovered by research
going into years, and initially performed by the NSA. The NSA later lost these tools and

COMPUTER SECURITY AND OTHER ISSUES 4
information on the vulnerabilities, which were then used to fashion highly complex hacking tools
in the form of the afore-mentioned ransomware. Other software has also come under attack. For
instance, adobe flash player was the victim of attacks which had discovered a weakness in its
code, which was then exploited before a patch could be developed by the company. The malware
was discovered by actions of hackers who must have spent a considerable amount of time
examining the code looking for possible loopholes to exploit.
In early 2017, FireEye discovered an attack used to attack computer systems using
vulnerabilities in Microsoft office. This attack was addressed in conjunction with Microsoft to
coordinate a response. In 2015, FireEye also discovered an attack directed at Windows to steal
credentials, the malware would hijack the system and encrypt data with a financial objective. To
defend against zero-day attacks, computer services companies such as Adobe and Microsoft
frequently release patches so as to address any vulnerability. Upon release, it is the duty of the
user or company to ensure the patches have been run. Organizations can also do frequent checks
on their computer systems with the aim of discovering any vulnerabilities, or attacks being
perpetrated with the use of these vulnerabilities.
Case Project 4-1: Antivirus Comparison
Antivirus comparison
Antivirus Provider
Feature
s
Mcfe
e
Mcfee
(free)
Norto
n
bit
defender
Firewall Yes Yes Yes Yes
antispam Yes Yes Yes Yes
parental
control NO Yes Yes Yes
Backup NO NO Yes no
Currently, I use a free antivirus, AVG< it has a few features which I admire, and work for
me. The antivirus I use is light on the computer. It does not affect the normal operations of the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

COMPUTER SECURITY AND OTHER ISSUES 5
computer, though it extends the switch off time and reboots too. It has capabilities to protect
against many forms of malware, including phishing and other malicious attacks, while also
having an easy-to-reach support center. It does not have a parental control or backup mechanism,
which I think is a disadvantage. I have to run back-up manually, as opposed to Norton which
enables this remotely.
I would recommend Norton to users. It costs around 50 dollars for an annual subscription.
It has several features which I think are great to have on a computer, while the price is not
prohibitive. The free Mcfee also comes with several features, all for free. It is important to note
that free antivirus has several limitations, especially when it comes to online protection. Again,
Norton is best equipped to handle such threats.
Case Project 5-3: Blowfish
Blowfish has held the reputation as one p0of the few whose code has never been cracked,
since it was first launched in 1993. Blowfish has several strengths apart from this. Blowfish is
designed to use a 448-bit key. The key can be cracked. However, it would take an impractical
amount of resources, including time and equipment to break it. According to some estimates,
millions of years would pass before the code is cracked. The only other avenue is trying lucky
numbers, which is not an effective method of trying to break the code.
By comparison, most browsers use keys which are either 40-bit or 128 bit. While the
128-bit key is considerably strong and hard to break, the 40bit key can be cracked through the
use of a personal computer, and within hours. While other block ciphers are patented and sold,
Blowfish is free, meaning that it is easier to access and use. This has helped enhance its spread
among users around the world.

COMPUTER SECURITY AND OTHER ISSUES 6
Blowfish has its weaknesses. It is an old code, having been designed in the pre-2000 era.
It was not made for some of the modern threats that computer advances have brought about. The
creator of the tool has since been able to create a replacement, Twofish. The cipher is more
difficult to crack, especially in instances where previous versions of Blowfish, such as the 40 and
64-bit version were susceptible to attack. The cipher is used currently to secure browsers among
other security applications.
Case Project 6-2: Key Management Life Cycle
Key Management Life Cycle diagram
The Key Management Life Cycle includes the steps outlined in the diagram and better
annotated below. A key should be valid depending on its length. The longer it is, the longer the
lifespan. Both the organization and the user have a shared responsibility to secure the keys.
Creation - A key is generated by the key manager or a trusted third party. The attributes of the
key are then stored in a special database, which is also encrypted. A key’s activation happens
automatically or manually, or it can be timed to activate at a point in time.
Backup – This involves storing a copy of the key in case of future loss or other instances. The
process also includes encryption and storage.
Archival
Destruction
Expiration
Rotation
CREATION
Backup
Monitoring
Deployment

COMPUTER SECURITY AND OTHER ISSUES 7
Deployment – Deployment refers to the time when the key is being applied to secure the device
in question. Prior to deployment, the key is additionally tested to ensure operations are
compatible with other system properties, and avoid data loss or theft.
Monitoring – Monitoring the key is necessary to assess its success for the role it is supposed to
perform.
Rotation – During rotation, the key encrypts all the data it should, this process is intensive and
very important.
Expiration – Key rotation completion may signal the start of the end for use of the key. This also
depends on the life cycle of encrypted information. Highly sensitive data also force keys to be in
operation for a shorter time.
Archival – Archival of the key happens after it has been expired. This is done to for record
keeping and for future instances when the encrypted information may be needed
Removal form service – the life of a key ends when it is destroyed, deleted or terminated.
Case Project 7-4: Network Firewall Comparison
Fortinet Cisco FireEye
Rule-based or application-
aware
Application-
aware
Application-
aware
Application-
aware
stateless or stateful filtering stateless stateless stateful
Content filtering yes yes no
IDS/IPS IPS IDS IDS
Costs 1195 1500 9600
In view of the information outlined below, Cisco may be the best buy. It has a recognized
name in the market and offers competent support. While FireEye also does the same, its price
range is too high; though it could also be attributed to the value it brings the user, in terms of

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

COMPUTER SECURITY AND OTHER ISSUES 8
enhanced security, ease of use and ability to understand t more swiftly than the other two
options.
Case Project 8-5: Cloud Computing Benefits
Cloud computing benefits
Cloud computing is becoming more common in organizations. It allows for efficiency,
while saving costs, especially since organizations no longer need to have physical servers to
store and process information
Vendors features and costs
Vendor IaaS PaaS SaaS Storage
Amazon
EC2 (Elastic
Cloud
Compute)
Amazon Web
Services*
Amazon Web
Services*
S3 (Simple Storage
Service)
Google n/a
Google App Engine
(Python, Java, Go) Google Aps Google Cloud Storage
HP
Enterprise
Services
Cloud –
Compute
Cloud Application
Delivery
HP Software
as a Service
Enterprise Services
Cloud – Compute
IBM
SmartCloud
Enterprise
SmartCloud
Application
Services SaaS products
SmartCloud Enterprise
– object storage
Cloud computing and storage of learning material
Cloud computing and storage can be applied in the storage and processing of academic
material such as lectures and notes. The information would be quickly accessed by both lecturers
and the students through protected accounts to the system. Cloud computing is feasible in this
case because it may not be possible to store the information locally and have students access it
through an intranet or specific computers. It is therefore important for the school to enhance
efficiency by adopting cloud computing.

1 out of 8

+13062052269

info@desklib.com

Cloud Computing and Network Security

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

WannaCry Ransomware Attack Analysis

WannaCry Ransomware Attack Analysis

WannaCry Ransomware Attack Analysis

Security and Risk Management Assignment 2022

Potential Threats and Mitigation Tools for Ransomware

Ransomware Attacks: WannaCry and NotPetya