La Trobe University, CSE5NSF: Network Security Fundamentals Analysis

Verified

Added on 2023/01/19

AI Summary

This report provides an analysis of network security fundamentals, addressing current issues and mitigation strategies. It begins with an introduction highlighting the significance of network security in protecting confidential information from attacks like ransomware and DDoS. The report identifies current network security issues, including ransomware attacks and distributed denial-of-service (DDoS) attacks, detailing their impact and providing examples. It then outlines mitigation strategies such as incident response plans, anti-virus solutions, software patching, proxy servers, and network segmentation. The report also discusses common network vulnerabilities, including missing data encryption, SQL injection, and OS command injection, and presents remedies such as software security tools and filtering internet activity. The report concludes with a reference list, and aligns with the requirements of the CSE5NSF Network Security Fundamentals course at La Trobe University, focusing on the analysis of security issues and the design of effective mitigation strategies through technical and business processes. This assignment is available on Desklib which provides students with access to past papers and solved assignments.

Running head: NETWORK SECURITY FUNDERMENTALS
NETWORK SECURITY FUNDAMENTALS
(Student’s Name)
(Professor’s Name)
(Course Title)
(Date of Submission)

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

NETWORK SECURITY FUNDAMENTALS 2
Introduction
Every day, attackers release network attacks crafted to steal confidential information.
According to the 2015 Verizon data breach investigation report, the primary targets for these
attacks are the organization’s database servers as they are the heart of the organization. This
paper presents some of the security issues and mitigation strategies.
Current network security issues
One of the current security issues which have become significant to individuals and to
organizations is Ransomware attack. The current ransomware attack encrypts files on the
infected network or system. In mid-2017 ransomware attack spread like wildfire in Ukraine and
led to shutting down of lots of hospitals. This type of attack also led to shutting down of lots of
radio stations in California. The second security issue is DDoS and DoS type of attack. One of
the common type of DoS type of attack is teardrop; this where the attacker sends a crafted packet
to the victim. One of the victims which have ever been hit by DoS type of attack is Github, a
popular developer platform. The company was hit by a sudden onslaught of traffic which
resulted in inaccessible services. In mid-2014, CloudFlare was slammed by 400 gigabits per
second traffic, a form of DoS attack (Nassiri, 2018).
Mitigation strategies
To mitigate these forms of attacks organizations need to first have an incident response
plan. This includes what to do when faced with any security issue. Second, an organization
needs to use anti-virus and anti-spam solutions such as Norton or Kaspersky’s anti-virus. These
applications have the ability to stop phishing form of attacks as they are able to detect malicious
links. Third an organization need to keep all its software and operating system patched. Forth,
organizations need to restrict internet access by using a proxy server for internet access. A proxy

NETWORK SECURITY FUNDAMENTALS 3
server also has the ability to restrict common entry ransomware entry points like social
networking websites and personal email accounts. Lastly, organizations need to apply the
principle of least privilege and network segmentation (Kraus, 2015).
Network vulnerabilities
Some of the common network vulnerabilities include missing data encryption, SQL
injection, and missing authorization, use of broken algorithms, buffer overflow, OS command
injection, and missing authorization. SQL injection is a type of vulnerability which makes it
possible to execute malicious SQL statements thus able to control an organization database. OS
command injection is widely known as web security which allows a hacker to execute arbitrary
operating system. Cross-site request forgery is a type of vulnerability where unauthorized
commands are transmitted from a user which web application trusts.
Remedies to network vulnerabilities
Software security tools can help an organization can assists users find architectural
vulnerability. Example SolarWinds MSP initially known as LOGICNow combines the use of
web Protection with managed anti-virus, patch management, and MailProtection. Other remedies
filtering internet activity, applying web bandwidth checks, blocking users from visiting
confirmed unsafe sites, setting white lists, and identifying risks with iScan online software; this
enables organizations to identify any form of data breach (Kraus, 2015).

NETWORK SECURITY FUNDAMENTALS 4
References
Kraus. (2015). On the Regulation of Personal Data Flows in Europe and the United States.
Computer Security, II(1), 59-63.
Nassiri, A. (2018, August 5th). 5 Most Famous DDoS Attacks. Retrieved from Technical Articles
: https://www.a10networks.com/resources/articles/5-most-famous-ddos-attacks