ITNE2005R Network Security Implementation Assignment 1 - Analysis

Verified

Added on 2022/09/26

AI Summary

This assignment solution for ITNE2005R Network Security Implementation analyzes the cyber security of FunTech, a fast-growing company. It begins with a risk assessment, identifying vulnerabilities such as data breaches, ransomware attacks, and network compromise. The solution then explores threats, highlighting software and hardware weaknesses, and abnormal network traffic patterns. Countermeasures are proposed, including integrated systems for threat detection, data encryption, and access control. The assignment also addresses Denial-of-Service (DoS) attacks, detailing their impact and mitigation strategies, such as higher resource limits and intrusion detection systems. The solution incorporates references to support the analysis and recommendations.

ITNE2005R
NETWORK SECURITY
IMPLEMENTATION
Assignment 1
Student Name –
Student ID –

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Ans 1. There is risk assessment a conducted for the cyber security of FunTech private limited
company. This company is in the top most company which is growing fastest. Monitoring the
network traffic would help to identify the type of cyber security based attacks that are being
conducted upon the company of FunTech. In addition, to that, This company currently added
a hundred full time and fifty employees that are working as the part time employees. The risk
assessment of cyber security is mainly identifying the information for various assets. There is
some risk are identified in the FunTech company that is data breaching, the ransomware
attacks are also found in the network of the head office of the company, and there is also
found the risk for the network compromisation. The risk assessment of the organization for
ransomware message is also mitigated with the proper work. The ransomware is assessment
are the design survey which is for the assessment organization procedure, tools & entire
ability for mitigating and defend somewhere attacked impact. The risk found in the company
for the hardware of the company for major loopholes which is not secured much and this is
not expected from the company. The other risk is found in the company that is the network of
head office or constantly receiving the message of a Ransomware attack. There are also
found the patterns for strange network traffic or also seen in the network of a company. These
all are assessment which is found in the organization’s network.

Ans 2. The threats are exploited only the vulnerability & can destroy and damage the asset.
The vulnerability is always referring for the software, hardware, and procedure weakness of
the company. The risk is referring for the destruction, damage, and lost assets of the
company. The vulnerability in the FunTech company is found as the network of the company
or monitor some traffic patterns which is outgoing and incoming as abnormal. The risk found
in the FunTech company is for the database in which is not secured as much as for the
network of a company. The denial of service attack would be mitigated effectively through
the use of networking intrusion detection with the effect of detecting the malicious activity in
the network. The company network for the head office or constantly received the message
from then somewhere attack which is very risky for the data of a company. In the Funtech
company, there are some threads which is found as abnormal traffic that are very damaging.
The capacity for the server is observed by the company for network traffic patterns is 30
mails every seconds, but this server of the company is receiving sometimes 100 males in
every second which is performing an abnormal activity. The department for it is very
suspicious for the normal traffic of this network pattern. the implementation of a dedicated
team of cyber security employees working to search up on the vulnerabilities of the hardware
and software assets would be very helpful toward the company. Although this could be a bit
excessive or expensive. For which the utilization of automated solutions for searching the
malicious activities and traffic in the network and associated systems could be beneficial for
the company to find the sources of the cyber security attacks.

Ans 3. The counter measure is for the mitigation of current threats in a company and the
counter the same threat in the future. The implementation for us integrated system that could
detect the network traffic as well as the activities of individual systems of the company could
help in mitigating the threats and vulnerabilities that are associated with the assets of the
company. That attack based on the ransomware or the toolkit of ransomware could be
controlled and mitigated system's integration into the company's assets. The counter measures
work for the sensitive data encryption in the company database. There are applied required
permission and control for the database of the company. The counter measure on three types
which is classified as three categories as a method for intrusion detection, human factor, and
cryptography method. The database of the company is not secured as much as because of
this, there are data breaching is occurred that is very harmful for the data of the organization.
The meaning of the counter measure is for the mitigation of some potential risk that is
prevented in a company. Counter measure is mainly used in the risk reduction of threats. The
appropriate counter result mainly provides a better solution for security to find the problem in
the network of a company.
Ans 4. DoS (denial-of-service) is an attack that means shutting down the network or a
machine and making it in accessible to the intended user. DOS attacks completely by the
target of flooding with traffic to transfer the information that triggers a crash. A DOS attack
is the most common attack of buffer overflow. The basic concept of this is to transfer more
and more traffic in to a network address and the programmers have to develop a system to
handle it. As it is involved various kinds of attacks which will describe below. The victims of
attack DOS are at target of wax server in the organization of high profile media companies
banking commerce and government organization. The denial of service attack would be
mitigated effectively through the use of networking intrusion detection with the effect of
detecting the malicious activity in the network. The attacks of dos do not basically result in
the laws of important information and other assets that can cause the victims an excellent deal
of money and time to handle. The buffer overflow attack is considered as the most common
attack in DOS. The basic concept of this network of traffic. ICMP flood- the miss configured
beverages and the network devices send the spoofed packet that picks every computer as a
targeted network and not just a particular machine. That network is not triggered to amplify
the traffic.
Ans 5. The counter measure for the denial of service attack that has been observed for the
mail server as well as other systems of the FunTech company could be based upon the higher

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

overseas limit for the resources assigned to the mail server and other systems of the company.
This application of hardware, as well as software level integration, could lead to an effective
solution to the DOS based attack. A DOS attack is the most common attack of buffer
overflow. The basic concept of this is to transfer more and more traffic in to a network
address and the programmers have to develop a system to handle it. This would allow the
company to detect upon the changes associated with malicious activity of the cybersecurity
domain. The denial of service attack could be effectively enhanced in negative outcomes
through the combined effect of the Ransomware attack, and therefore, this mitigation should
reduce the efficiency of the cyberattacks on the network and resources of the company. NIDS
network-based intrusion detection system identifies the traffic that is malicious on the
network. NIDS generally requires the promises network to access in order to analyze all the
traffic that involves all unicast traffic. NIDS are passive device that does not interfere with
the monitoring of traffic. The system of intrusion detection primarily uses that intrusion
detection methods in two keys that is anomaly-based intrusion and signature based intrusion
detection. NIDS in either system set are based on two keys both are the mechanism that are
unique and begin the traffic from its breeder malicious. The potential issues of NIDS involve
network data of high speed and tuning difficulties signature development and encryption.

References
[1] Y. Li, G. Huang, C. Wang, and Y. C. Li. "Analysis framework of network security
situational awareness and comparison of implementation methods." EURASIP Journal on
Wireless Communications and Networking 2019, no. 1 (2019): 1-32.
[2] S. Wankhede, and D. Kshirsagar. "DoS attack detection using machine learning and
neural network." In 2018 Fourth International Conference on Computing Communication
Control and Automation (ICCUBEA), pp. 1-5. IEEE, 2018.
[3] Jalbani, Khuda Bux, Muhammad Yousaf, Muhammad Shahzad Sarfraz, Rozita Jamili
Oskouei, Akhtar Hussain, and Zojan Memon. "Poor Coding Leads to DoS Attack and
Security Issues in Web Applications for Sensors." Security and Communication
Networks 2021 (2021).
[4] Teimoor, Ramyar Abdulrahman. "A Review of Database Security Concepts, Risks, and
Problems." UHD Journal of Science and Technology 5, no. 2 (2021): 38-46.
[5] Keskin, Omer F., Kevin Matthe Caramancion, Irem Tatar, Owais Raza, and Unal Tatar.
"Cyber third-party risk management: A comparison of non-intrusive risk scoring
reports." Electronics 10, no. 10 (2021): 1168.