Cybersecurity: Short Answer Questions Assignment Solution

Verified

Added on 2022/08/13

AI Summary

This document provides comprehensive solutions to a cybersecurity assignment comprising five short-answer questions. The first question explores wireless security, advocating for WPA2-Enterprise and detailing its configuration while explaining the drawbacks of other protocols like WEP, WPA-Personal, and WPA2-Personal. The second question delves into contributing factors to cyber threats beyond the internet's growth, encompassing ransomware, blockchain, IoT threats, AI expansion, and serverless application vulnerabilities. The third question outlines a vulnerability remediation strategy post-intrusion, emphasizing risk assessment, a vulnerability management system, and automated remediation techniques. The fourth question addresses two-factor authentication, defining its factors (knowledge, possession, inherence, location, and time) and recommending a knowledge and possession factor approach, while also discussing privacy implications. Finally, the fifth question examines the connections between virtualization and cloud computing, comparing the security implications of virtual network infrastructure in the cloud versus physical network infrastructure, highlighting potential threats in both scenarios. The assignment is well-researched and cited using APA format.

Running head: CYBERSECURITY
CYBERSECURITY
Name of the Student
Name of the university
Author note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1CYBERSECURITY
1. A colleague asks for your assistance to further secure a department wireless network.
Which of the following wireless security measures would you configure (WPA2-
Enterprise, WEP, WPA-Personal, WPA2-Personal, WPA-Enterprise) and why?
Describe in detail the security configuration settings you would use. Also describe why
you did NOT choose the others.
Ans1. WPA2-Enterprise will be suggested as it is one of the latest security protocols that are
developed by Wi-Fi Alliance. It uses Advanced Encryption Standard or AES and provides
enterprise-grade authentication. WPA2-Enterprise is appropriate for use in organizations.
This security measure is a combination of good password habits and in WPA2-Enterprise
individual users’ access can be abrogated as and when required and the others users are not
affected with this. It is more secure than all of the other mentioned security measures (Bartoli
et al., 2018). The configuration settings to be used are as follows:
a) Setting up the new network
b) Modifying the Wi-Fi connection
c) Certification Authentication configured
d) Authentication with EAP-TLS (method of authentication that is made use of to
authenticate the certificates)
e) Enabling certificate enrolment
In WPA2-Enterprise password used by the user to authenticate him remains same but the key
generated by the password is different for each of the sessions. WPA2-Enterprise was chosen
as it is laced up with advanced authentication as well as encryption techniques. This security
measure was chosen and not the others because the encryption technique used in this is more
updated and appropriate for organizations (Kim, Tague, Lee & Kim 2015). WPA2 Enterprise
uses IEEE 802.1X that provides enterprise-grade authentication.
2. The rapid growth of the Internet is a contributing factor to the security threat of
cyberspace. Discuss other contributing factors to the overall security threat of
cyberspace.

2CYBERSECURITY
Ans2. Cybersecurity is being considered as the key component for national security as well
as economic security of a country. Other than Internet, ransomeware evolution, revolution
blockchain, threats related to Internet of Things, expansion of AI and serverless applications
vulnerabilities can be the contributing factors to security threat of cyberspace. Ransomeware
is classified under malware and in this data on the computer system of the victim is locked
and the cyber criminal demands for ransom. The victim is given access to the system only
when the amount demanded by the cyber criminal is provided to him. There have always
been security threats to businesses but at present it has shifted from being physical to
cyberspace. Business are adopting new technologies like AI and in this information driven
age there are high chances that data can be misused by cyber criminals. The data in this age
of artificial intelligence is the greatest weapon for anyone who wants to disrupt operations of
a business (Tankard 2015). Hackers are able to break through the programming and
manipulate artificial intelligence. It can be made used of by the hackers to launch
sophisticated attacks on various operations. Thus, other than the growing use of internet these
can be said to be as the possible contributing factors to the overall security threat of
cyberspace.
3. Your organization has just recovered from an intrusion, and as a proactive measure
your CISO has mandated all vulnerabilities be located and remediated in the network.
Describe in detail how you would go about doing this, ie, software, procedures, policies?
Is it even possible?
Ans3. This can be done by risk assessment which is the perfect process that can be made use
of in this context. This will help the business to gather information related to potential
vulnerabilities in the systems along with the operations. The primary areas that need to be
considered for this purpose are third party vendors, regulations and policy, security
management, emerging technologies, incident and crisis management, awareness and

3CYBERSECURITY
education, threat and vulnerability management along with emerging technologies (Nye
2017). A vulnerability management system can be deployed that can help in prioritizing the
risks so that the company can protect all the important assets first. This can be done by
making use of vulnerability management system that can actively monitor the risks as well as
responds to various threats (Gunkel 2018). Active network monitoring for security of
network involves collecting and examining data related to security along with escalation for
remediation if required. The data related to security come in the form of warnings of some
potential vulnerability. Below given are certain examples of automated vulnerability
remediation:
a) Providing prioritized to-do lists
b) Identification and closure of blind spots
c) Patching of vulnerable software as well as network devices
d) Changes in the configurations
e) Removing the connections
f) Bringing in changes in workflows as well as rules
g) Integrating with different programs as well as protocols offering full protection
4. Your enterprise security director has recently mandated two-factor authentication
for your critical network systems. Describe in detail all the factors of authentication and
how you would implement a two-factor system. What factors would you choose? What
do you think about the privacy (personal intrusiveness) implications of some
authentication factors?
Ans4. The authentication factors are:
Knowledge factor: This is the factor of PIN and passwords or any shared secret.
Possession factor: In this factor, the user has the security token, ID card, smartphone app,
mobile device for approving the authentication requests (Velásquez, Caro & Rodríguez,
2018).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4CYBERSECURITY
Inherence factor: This factor is the personal attributes that is mapped from the physical
characteristics like fingerprint authentication.
Location factor: This factor is denoted by location from where the authentication process is
being made, which is enforced by limiting the authentication process.
Time factor: This factor restricts the authentication of the user for particular time window.
The chosen factors are Knowledge Factor and Possession Factor.
The privacy implication of the Knowledge factor can be loss of the log in credential
of the user (Khan & Akbar, 2015). If the PIN or password is hacked by any intruders, then
the hacker can steal the confidential or sensitive data stored in any online platform. This can
hamper the privacy of the user.
The privacy implications of the possession factor can cause the damage or attack to
the security token, ID card, smartphone app, mobile device. By using these security aspects,
the hackers can misuse the mobile device, security token or ID card and using the smartphone
app, multiple information can be stolen which can cause breach.
5. Virtualization and cloud computing are rapidly expanding into the enterprise as
viable solutions. Discuss the connections between these two technologies and the
security implications of a virtual network infrastructure in the cloud vs. a physical
network infrastructure onsite.
Ans5. Virtualization helps in reducing the cost of the resources and it provides for the
effective utilization of the resources. If the cloud platform provides the necessary elements
such as reliability, security and cost effectiveness, then the technology of the virtualization
becomes secondary (Swathi, Srikanth & Reddy, 2014). The entire appeal of the cloud system
is separated from the underlying platform from users. If the user goes down to the PaaS or
IaaS path, then the technology of virtualization would be the factor.

5CYBERSECURITY
The security implications found in the virtual network infrastructure are common the risks
and threats, which the user can face in physical machines. The followings can be some of the
security implications, which can be found in virtual network infrastructure.
 Attack among the virtual machines
 Data leakage
 Denial of service attack (Almorsy, Grundy & Müller, 2016)
 Outflow of virtual machine
The security implications of the physical network infrastructure can be:
Software vulnerabilities: If the software in any organization is not updated properly and
regularly, then there can be risk of software vulnerabilities.
Breach done by employees: The trustworthy staffs of the organization may pose the threat to
the security of the network. This may not be intentional but the lack of knowledge regarding
the security practices can cause data breach.
Hacker: The computer hackers or intruders can cause the devastating damage to the system
from anywhere.

6CYBERSECURITY
References
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Bartoli, A., Medvet, E., De Lorenzo, A., & Tarlao, F. (2018, August). (In) Secure
Configuration Practices of WPA2 Enterprise Supplicants. In Proceedings of the 13th
International Conference on Availability, Reliability and Security (pp. 1-6).
Gunkel, D. J. (2018). Hacking cyberspace. Routledge.
Khan, S. H., & Akbar, M. A. (2015, November). Multi-factor authentication on cloud.
In 2015 International Conference on Digital Image Computing: Techniques and
Applications (DICTA) (pp. 1-7). IEEE.
Kim, Y. S., Tague, P., Lee, H., & Kim, H. (2015). A jamming approach to enhance enterprise
Wi-Fi secrecy through spatial access control. Wireless Networks, 21(8), 2631-2647.
Nye Jr, J. S. (2017). Deterrence and dissuasion in cyberspace. International security, 41(3),
44-71.
Swathi, T., Srikanth, K., & Reddy, S. R. (2014). Virtualization in cloud
computing. International Journal of Computer Science and Mobile Computing, 3(5),
540-546.
Tankard, C. (2015). The security issues of the Internet of Things. Computer Fraud &
Security, 2015(9), 11-14.
Velásquez, I., Caro, A., & Rodríguez, A. (2018). Authentication schemes and methods: A
systematic literature review. Information and Software Technology, 94, 30-37.