SEC 572 Week 1 iLab Denial of Service Attacks

For more course tutorials visit

uophelp.com is now newtonhelp.com
www.newtonhelp.com
Please check the Details Below
SEC 572 Week 1 iLab Denial of Service Attacks
In this lab, you will discover and analyze one of two different real
network attacks. This will give you insight into the motivation,
vulnerabilities, threats, and countermeasures associated with your
selected network attack.
There are two categories of network attacks you will be concerned
with this week. The first is a network denial of service (DoS) attack,
and the second is a targeted attack on a network device connected to
the network. You will also discover the distributed denial of service
(DDoS) attack and you may use that one as well. The key difference
between a DoS and a DDoS attack is that the DDoS attack is launched
towards the target from numerous source locations. A botnet attack is
an example of a DDoS attack.
Your goal is to select a specific instance of one type of attack and
provide a managerial-style awareness document. Assume that you are
delivering your analysis to business or government managers who
have a general understanding of network communications.
The reason for the choice of two different attacks is to allow you to
select a broad or narrow focus for your work. This will also give you
a high probability of discovering a very current attack.
In general, the network denial of service attack may significantly
diminish the network's ability to properly communicate. The result
will be a loss of service, such as the inability to access a website's
home page. The DoS attacks have ranged from a large global
footprint to a specific target network endpoint. For example, the SQL
slammer worm was a global DoS attack, lasting for days and
requiring server modifications. In contrast, selected websites were
shut down by hacker groups, such as the hacktivist collective
Anonymous, requiring support from the ISPs and firewall vendors.
The targeted attack on a network device can result in a DoS as well,
but it uses the current network to deliver the destructive payload to
the target system. For example, a SQL injection attack's target is the
database server, with the Internet and the corporate network actually
delivering the destructive payload to the target. Furthermore, this type
of attack may leave the network functional because it uses it to
propagate to other devices or uses the victim's network to launch other
attacks.
Each section of your report may require 16 sentences to properly
address the topic. For example, the attack discovery and resolution
dates will be one sentence, whereas the synopsis of the attack will
require about six sentences. Your primary goal is to provide the
reader valuable information about the attack.
Lab Document Framework
Name of the attack
Attack discovery and resolution dates
Synopsis of the attack
Vulnerable target(s) for the attack and likely victims
Probable motivation(s) of the attack
Probable creators of the attack
Deployment, propagation, or release strategy of the attack
 Published countermeasures against the attack
Published recovery techniques used to return to normal operations
after the attack
Recommended incident reporting measures
Citations and resources used in this report
------------------------------------------------------------------------------------

SEC 572 Week 2 Network Security

For more course tutorials visit

uophelp.com is now newtonhelp.com
www.newtonhelp.com
Please check the Details Below
SEC 572 Week 2 Network Security
------------------------------------------------------------------------------------

SEC 572 Week 3 iLab MD5 Best and Worst Use Cases

For more course tutorials visit

uophelp.com is now newtonhelp.com
www.newtonhelp.com
Please check the Details Below
SEC 572 Week 3 iLab MD5 Best and Worst Use Cases
In this lab, you will explore the best and worst use of a popular
message digest algorithm. For this one, we shall focus on MD5, but
all of this can be applied to the other ones, such as SHA-1.
In the best use portion, you will discover and outline a specific
implementation of the MD5 algorithm, where it provides high value
and a very low security risk.
In contrast, in the worst use portion, you will attempt to crack an
MD5 hash (this is ethical hacking) and suggest a scenario where the
worst use practice may actually be implemented.
The reason for this lab is to give you an understanding of how
cryptography can be properly and improperly used and how changes
in technology may serve to weaken trusted cryptographic
applications.
Best Use of MD5 or SHA-1: Outline a scenario where the MD5 or
SHA-1 algorithms are put to good and proper use. Start by stating
what the algorithm does and give a use case where either MD5 or
SHA-1 has a best fit condition. It is generally about 510 sentences.
Ethical Hacking of MD5: Copy the following text into your lab
document and fill in the blanks.
MD5 Hash 1: 4eefef62c45d66f55d89c515d8352c5c Input was: _____
MD5 Hash 2: 5f4dcc3b5aa765d61d8327deb882cf99 Input was:
_____
MD5 Hash 3: d6a6bc0db10694a2d90e3a69648f3a03 Input was:
_____
Worst Use of MD5 or SHA-1: Outline a scenario where the MD5 or
SHA-1 algorithms are put to poor or improper use. Start by stating
what improper assumptions were made and how it did (or could) lead
to a security compromise. It is generally about 510 sentences.
Citations and Resources Used in This Report: Tell us where you
received external guidance and ideas. If you have presented original
ideas, then give yourself credit, and tell us why you believe it is
correct.
------------------------------------------------------------------------------------

SEC 572 Week 4 iLab Intrusion Detection Systems

For more course tutorials visit

uophelp.com is now newtonhelp.com
www.newtonhelp.com
Please check the Details Below
SEC 572 Week 4 iLab Intrusion Detection Systems
Lab Document Framework
The Target Network: Indicate the type of activities and data that it
supports in a few sentences. For example, it is the website for an
educational institution that holds personal academic and financial
information, or it is the network used to control devices in a chemical
plant. Use your imagination, but select something that is real and
meaningful to you.
The Protection System: Select one from the presented list (Step 2), or
choose your own protection technology, if it is highly relevant.
The Body of the Management Briefing Document: See the guidance
in Step 3. It is generally about 4 to 10 paragraphs.
Citations and Resources Used in this Report: Tell us where you
received external guidance and ideas. If you have presented original
ideas, then give yourself credit, and tell us why you believe it is
correct.
Step 1
Broadly outline the target network. Indicate the type of activities and
data that it supports in a few sentences.
Step 2
Select the protection system. Choose from one of the following.
Intrusion detection system (IDS)
Intrusion protection system (IPS)
Research honeypot
Active honeypot
Offensive honeypot
Step 3
Create a management briefing document that will inform senior
decision makers about their options, vendors, products, relevant
examples, and issues associated with your selected protection (from
Step 2). If cost can be identified, then please include that information
as well. It is generally about 4 to 10 paragraphs.
In this lab, you will explore at least one IDS, IPS, or Honeypot
currently offered by product vendors and cloud service providers.
You will be making a security recommendation, related to the
protection of a target network of your choice.
There are a few different paths you may take in this lab, so let's
address some of the distinguishing features and definitions that are
out there.
IDS and IPS Overview
An intrusion detection system (IDS) generally detects and logs known
intrusions or anomalous network activity. Generally, no real-time
protection actually occurs, therefore false-positives create little or no
damage. Optionally, suspicious network traffic can be routed to an
alternate network, such as a honeypot.
An intrusion protection system (IPS) generally detects, logs, and then
blocks known intrusions or anomalous network activity. False-
positives are an issue and will result in a self-inflicted denial of
service condition. Optionally, suspicious network traffic can be routed
to an alternate network, such as a honeypot.
Honeypot Overview
Honeypots come in several broad categories. The most common
labels we apply to them are research honeypots, active honeypots, and
offensive honeypots. They are designed to do what their label
suggests, and here is a brief summary.
Note: Seek qualified legal advice before deploying any type of
honeypot.
Research honeypots generally collect and analyze data about the
attacks against a decoy-network. They can also route the attacker to
new decoy-networks, to gather more details about the potential
attacks. The data gathered are used to understand the attacks and
strengthen the potential target networks.
Active honeypots have many of the features found in a research
honeypot, but they also hold special content that, once taken by the
attackers, can be used as evidence by investigators and law
enforcement. For example, active honeypots may have database
servers containing a fake bank account or credit card information.
Offensive honeypots are configured with many of the features of the
active honeypots, with one interesting and dangerous addition: they
are designed to damage the attacker. When used outside of your own
network, this type of honeypot can result in vigilantism, attacks
against false-targets, and may result in criminal charges against the
honeypot operators. Offensive honeypots are not recommended for
non-law-enforcement organizations. However, when used fully within
your own network, this technique can detect and neutralize the
attacker.
Any of the above services can be implemented on a privately
managed network, or through a cloud service. The selection of one
platform over another will generally determine where the specific
protection occurson your network or in the cloud.
The reason for this lab is to give you an understanding of how special
network technology can be used as a security research tool, while also
providing varying degrees of protection.
Each section will vary in size based on the requirements. Drive
yourself to create a useful document for the direction you have
selected.
-----------------------------------------------------------------------------------

SEC 572 Week 5 iLab VPN

For more course tutorials visit

uophelp.com is now newtonhelp.com
www.newtonhelp.com
Please check the Details Below
SEC 572 Week 5 iLab VPN
Lab Document Framework
Potentially Acceptable VPN Solution:State the general
characteristics of one solution that meets the security and user
requirements. Name the vendor(s) and VPN services. It is generally
about 3 sentences.
 VPN Solution Overview:Outline the technical functionality and
customer requirements of your first choice for a VPN service. This
may take the form of a feature chart that is mapped to the
requirements. Include any special conditions, limitations, or
exceptions that exist. It is generally about 2 pages.
Network Design Illustration:Using a graphic illustration tool, such
as Visio, document the logical design of your VPN solution. It is
generally about 2 pages.
Citations and Resources Used in this Report:Tell us where you
received external guidance and ideas. If you have presented original
ideas, then give yourself credit and tell us why you believe it is
correct.
------------------------------------------------------------------------------------

SEC 572 Week 6 iLab

For more course tutorials visit

uophelp.com is now newtonhelp.com
www.newtonhelp.com
Please check the Details Below
SEC 572 iLab 6
Lab Document Framework
Requirements and Policies of the Secure Wireless Network:State the
requirements and general security policies that will drive your design
of a secure wireless network at the SOHO. It should be about 510
sentences or bullet points.
Secure Wireless Network Solution Overview:Outline the technical
functionality and customer requirements of your secure wireless
network. Tell us what the design can do. Include any special
conditions, limitations, or exceptions that exist. It should be about 5
10 sentences or bullet points.
Secure Wireless Network Design Illustration:Using a graphic
illustration tool, such as Visio, document the logical design of your
secure wireless network design. It should be about two pages.
Citations and Resources Used in This Report:Tell us where you
received external guidance and ideas. If you have presented original
ideas, give yourself credit, and tell us why you believe it is correct.
During Week 2, you should have completed iLab 2 of 6: Best
Practices for Securing a Wireless Network in a SOHOThe Policy
Statement, Processes, and Procedures Guidelines. In this lab, you will
explore, select, and justify the selection of a secure wireless network
for that (iLab 2) SOHO environment. You shall actually identify the
hardware and software needed to support the network security
policies and user requirements.
The reason for this lab is to allow you to experience the wireless
network technology selection process while working with a typical set
of requirements and the current industry offerings.
Basic Wireless Network Requirements and Assumptions
Consult your iLab 2 of 6: Best Practices for Securing a Wireless
Network in a SOHOThe Policy Statement, Processes, and
Procedures Guidelines for a foundation to your design requirements.
Create your own user requirements that are reasonable and typical for
a SOHO.
------------------------------------------------------------------------------------