Remote Access Attacks Essay

984 words - 4 pages

1. Analyze the Quick Finance Company Network Diagram and describe the assumptions you will need to make in order to identify vulnerabilities and recommend mitigation techniques as there is no further information from this company. The company does not wish to release any security related information per company policy.

Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw (U.S. Airforce) therefore my assumptions on the network diagram shows that there are vulnerabilities that may exist as a weakness in the automated systems, security procedures, administrative controls, and /or ...view middle of the document...

3. Evaluate and describe the vulnerabilities of the Quick Finance Company’s network based on the network design.

The vulnerabilities of the system will probably arise with Dos attacks compromising services provided by the VPN server, the 3-Cisco IDS sensors IDS monitor and the 2-file servers with the UNIX system, there could also exist spyware, software bugs and OS flaws not to mention more physical connections, privileges, ports, protocols, and services and each time there are accessible they increase (Risk Management Insight) vulnerability of the network system .

4. Rank the top three (3) most likely network-based attacks in the order they are likely to occur and suggest countermeasures for each.

The top three (3) most likely network-based attacks in the order they are likely to occur and countermeasures for each are;
a) Attacks launched by trusted (inside)users are the most common cause of damage to networks and these attacks can be perpetuated (Saadat) by an unintentional inside attacker where the network damage is done by inside individuals who have no real intent of causing harm to the network, but who manage to cause significant damage by their acts an example is an individual who open a suspicious internal email or memo (attachment) exposing the whole network as well as organization to a virus attack the countermeasure of this form of attack is to give staff proper security awareness training and install appropriate malware, antivirus software in user systems.

b) Attacks launched by experienced hackers who are generally well versed in writing various types of code, they have substantial expertise in TCP/IP protocol suite and deep knowledge of operating systems, where they conduct attacks after doing research on the company’s network, they often conduct corporate espionage, a counter measure is to install intrusion detection software.

c) Attacks launched by inexperienced hackers where they get scripts that launch attacks at the click of a button use various tools to start a DoS attack to discover the...

Other Papers Like Remote Access Attacks

Student Sscp Domain Research Paper

1032 words - 5 pages company’s progress without having to physically being there. The system needs to have a set up to prevent multiple login retries and access control attacks. To prevent unauthorized remote access to IT system, applications and data the requirements for access should be heightened. System/Application domain holds all the mission-critical systems, applications and data. Only authorized users can access this area of data. It may also require a secondary

It-255 Study Guide Flash Cards Essay

635 words - 3 pages Major Categories: • Private data • Confidential • Internal use only • Public domain data  White-hat hackers Ethical hacking...Intending to be helpful.  Vulnerabilities and Threats any weakness in a system that makes it possible for a threat to cause harm.  Remote Access Domain Primarily affected by endpoint security on VPN clients.  Risk Refers to the likely hood of exposure to

Common Forms of Attacks on Microsoft Systems

600 words - 3 pages , Modifying, and Copying data. Backdoor- which is any hidden method for obtaining remote access to a computer or other system? Denial of service- this is an attack that is intended to completely shut down a machine or network, which in-turn makes it inaccessible to its intended users (2014). No matter which virus an attacker decides to use, all of them can have devastating impacts on the network in question. For example, a Trojan horse virus

Vpn For Information Technology

3446 words - 14 pages various remote locations. Typically, a corporation that wishes to set up a large remote−access VPN provides some form of Internet dial−up account to their users using an Internet service provider (ISP). The telecommuters can then dial a 1−800 number to reach the Internet and use their VPN client software to access the corporate network. A good example of a company that needs a remote−access VPN would be a large firm with hundreds of sales people in

Security Policy Document

2165 words - 9 pages Policy GDI will implement physical and environmental security to protect buildings and systems such as, application mainframes and DS, central data processing, remote warehouses, FTP/SMTP bridgehead, workgroup servers, microcomputer cluster, and IMB mainframes from individual and environmental threats. The use of a Physical Access Control Systems (PACs) is to be implemented to protect these areas. All employees will be issued personal

Cloud Computing

1372 words - 6 pages capabilities. Benefits of Amazon Web Services (AWS) Ericsson has benefited from utilizing Amazon Web Services in costs, software updates, remote access, and on-demand availability. AWS has shown a better quality in service with solid management and they have a proven track record (Ericsson, 2013). AWS offers Ericsson advanced automation services with global hosting. AWS allows Ericsson to have hosting centers in various regions. AWS is also

Building An Access Control System

996 words - 4 pages attackers exploit the user to gain access to the system. Gaining access is where most of the damage is done to the device and is the crux of the system. For instance external denial-of-service attacks could stop services from running and shut down your computer systems. Another technique attacker’s use is called spoofing in order to exploit your system and pretending to be a legitimate user. Maintaining access to the system is vital once the

Heart Healthy Information Security Policy

540 words - 3 pages Heart-Healthy employees requesting remote access or dial-in-services must sign the acknowledgement of understanding and accept the use policy and rules of behavior before access is granted. The request must be made by the requestor’s Manager and approved by the Information Security Department. • All Heart-Healthy employees will be assigned distinctive user credentials in order to be linked to and will be accountable for their activities. • It is

Specifications For The Director

1856 words - 8 pages . For the operating system, it comes with Windows 7 and a license for Windows 8.1 Pro. It protects our data by encrypting it with BitLocker & Access one PC from another with Remote Desktop. It allows access to photos & files virtually anywhere with SkyDrive built-in. Windows 8.1 Pro offers enhanced features to help us easily connect to company networks and access one PC from another, encrypt your data, and more. This is the best machine

It Security

2097 words - 9 pages same system, meaning payroll department will have access to the same system but will be able to access employee personal information, while the accounting department can have access but will only have access to company financial documents but not the employee personal records. Remote access Remote access policies will include a good encryption policy, a VPN policy, wireless communication policy, and a Use policy. This will include password

Data Breaches Research

699 words - 3 pages . Apply Mobile device security Mobile devices create significant security and management challenges, especially when they hold confidential and sensitive information or can access the corporate network. There should be reporting procedures for lost or stolen equipment and where possible remote wiping functionalities to delete all company information from lost or stolen devices. Users must also be aware they have to adopt reflexes to check their

Related Essays

Security Plan Essay

521 words - 3 pages 1.0 Overview This remote access policy defines standards for connecting to the organizational network and security standards for computers that are allowed to connect to the organizational network. It also specifies how remote users can connect to the main organizational network and the requirements for each of their systems before they are allowed to connect. The remote access policy defines the method users can use to connect remotely such

Term Paper

601 words - 3 pages access, denial of service attacks, brute-force attacks on access and private data are all examples of vulnerabilities within the seven domains of IT infrastructure which are User, Workstation, LAN, LAN-to WAN, WAN, Remote Access, and System/Application Domains (Kim & Solomon, 2012). Threats can cause great harm or damage to computer systems through their vulnerabilities, there are many types of threats such as natural threats like floods

Is4550 Week 5 Lab Essay

1642 words - 7 pages software vulnerability | Threat Assessment & Management Policy | Unauthorized access to organization owned workstations | Risk management Policy | Loss of production data | Backup Recovery Policy | Denial of service attack on organization e-mail server | IRT Policy | Remote communications from home office LAN server OS has a known software vulnerability | UAP/Remote Access Policy | User downloads an unknown e –mail attachment

Ftp File Transfer Protocol Essay

755 words - 4 pages .    File Transfer Protocol The File Transfer Protocol (FTP) allows clients to access remote file servers, list remote directories, and move files to or from remote hosts. FTP understands basic file formats and can transfer files in ASCII character or binary format. Defined in STD 9/RFC 959, FTP provides a standard UNIX-like user interface, regardless of the actual underlying operating system. FTP allows a client to upload a file to a remote host